AI Agent Threat Matrix
Matrix/Reconnaissance/T-1001
T-1001observedactive

Endpoint Enumeration

Discover exposed API endpoints, health checks, and information disclosure routes on target agents

Tactic

Reconnaissance (Stage 1)

Map the target agent's attack surface, capabilities, and behavioral boundaries

Attack Class

RETROACTIVE-PRIV

Exploiting previously granted access or cached credentials to gain unauthorized capabilities

Evidence

observed

Confirmed in real-world production systems or internet-wide exposure assessments.

DVAA Validation

All agents expose /health and /info

Honeypot Coverage (AgentPwn)

Liveagentpwn.com/api/threats

An AgentPwn trap page produces a payload tagged with this technique class. Following the AgentPwn taxonomy of trap pages shows what an agent encounters.

Public API and trap routes are themselves enumerable signal.

Detection (HackMyAgent)

Live3 live · 0 queued
WEBEXPOSE-001WEBEXPOSE-002MCP-011
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live5 live · 0 queued
OASB 1.1OASB 1.2OASB 1.3OASB 1.4OASB 10.5
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-1001 (Endpoint Enumeration). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-1001
← Back to Matrix