MITRE ATT&CK / T1213.003
T1213.003
Code Repositories
Description
Adversaries may leverage code repositories to collect valuable information. Code repositories are tools/services that store source code and automate software builds. They may be hosted internally or privately on third party sites such as Github, GitLab, SourceForge, and BitBucket. Users typically interact with code repositories through a web application or command-line utilities such as git.Once adversaries gain access to a victim network or a private code repository, they may collect sensitive information such as proprietary source code or [Unsecured Credentials](https://attack.mitre.org/techniques/T1552) contained within software's source code. Having access to software's source code may allow adversaries to develop [Exploits](https://attack.mitre.org/techniques/T1587/004), while credentials may provide access to additional resources using [Valid Accounts](https://attack.mitre.org/techniques/T1078).(Citation: Wired Uber Breach)(Citation: Krebs Adobe)**Note:** This is distinct from [Code Repositories](https://attack.mitre.org/techniques/T1593/003), which focuses on conducting [Reconnaissance](https://attack.mitre.org/tactics/TA0043) via public code repositories.
Platforms
Mitigations
- M1017 — User Training
- M1047 — Audit
- M1018 — User Account Management
- M1032 — Multi-factor Authentication
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Our coverage
- TrustFall: AI Coding Agents Exploitable with One Enter Keypress
- ClaudeBleed: Flaw in Anthropic's Claude Chrome Extension Lets Any Plugin Hijack Your AI
- CISA/USCG Threat Hunt Finds Flat IT/OT Networks and Plain-Text Credentials at US Critical Infrastructure
- Braintrust AWS Breach Exposes AI Provider API Keys, All Customers Ordered to Rotate Secrets
- EDR Vendor Breach Downstream Risk: Responding When Your Security Tool Is Compromised
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →