Manifest Inspection

Manifest inspection is a sub-technique within the Reconnaissance phase's Application Dependencies Mapping technique where adversaries systematically analyze manifest files found in applications to enumerate dependencies, versions, and configurations. These manifest files (such as package.json, gemfile.lock, requirements.txt, pom.xml, or AndroidManifest.xml) contain valuable metadata that reveals the application's architecture, component relationships, and third-party dependencies. By examining these files, attackers can identify outdated libraries with known vulnerabilities, permission requirements, API endpoints, and service configurations without requiring direct access to source code. This reconnaissance activity enables adversaries to construct a comprehensive dependency graph of the target application, prioritize potential attack vectors based on known CVEs in specific dependency versions, and develop targeted exploitation strategies that leverage weaknesses in the application's supply chain or component interdependencies.