// Level 4 · Control detail
T1552HighMITRE ATT&CK · Credential Access
Unsecured Credentials
Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. [Shell History](https://attack.mitre.org/techniques/T1552/003)), operating system or application-specific repositories (e.g. [Credentials in Registry](https://attack.mitre.org/techniques/T1552/002)), or other specialized files/artifacts (e.g. [Private Keys](https://attack.mitre.org/techniques/T1552/004)).(Citation: Brining MimiKatz to Unix)
Get AI-powered control detail
Plain-English explanation, CLI checks, portal steps, remediation, automation snippets, and cross-framework mappings.
3/3 free lookups remaining today
Related controls in other frameworks
finding related controls…