AttackerTypes
Type: Array of Objects
Description: A list of attacker profiles used to support Attack Potential or Likelihood Estimation or CVSS. Each attacker type describes a typical attacker capability and may predefine scoring assumptions.
Possible values:
|
Keys |
Type |
Description |
Example |
|---|---|---|---|
|
Id |
Integer |
A unique identifier for the attacker type (consistent sequence numbering) |
Integer values such as 0, 1, 2, 3, 4, 5 |
|
Name |
String |
The name of the attacker type |
None, Remote script kiddy, Local layman, Professional workshop, Advanced attacker, Expert attacker |
|
ShortName |
String or Null |
Short representation of the attacker type |
String or null |
|
Definition |
String |
Detailed attacker profile description |
Free text |
|
Prerequisites |
String |
Conditions required for this attacker type |
Free text |
|
Examples |
String |
Example persons or groups matching this type |
Free text |
|
Scores |
Object |
Score mapping for category IDs |
Object with numeric values |
Effect:
- Defines attacker profiles used in the methodology.
- Can predefine scores for categories such as expertise, knowledge, and equipment.
- Supports consistent and repeatable scoring.
Constraints:
- IDs must be unique and stable.
- Scores must reference valid likelihood category IDs.
- Attacker type definitions must align with the selected methodology.