Taking over the account of a legitimate user, sometimes denying the rightful user access to his or her account.
Manipulating an existing authentication token to gain access to another user’s account.
Brute Force Attack
The process of discovering user credentials by trying every possible character combination. Brute force attacks can be optimized by first trying dictionary words, common passwords, or predictable character combinations.
Backdoor Attack
Exploiting poorly implemented protection mechanisms by circumventing authentication or accessing content directly.
Banner Grabbing
The process of connecting to TCP ports and reading return banners to determine the type of service and software platform.
Overwriting a buffer by sending more data than a buffer can handle, resulting in the application crashing or executing code of the attacker’s choice.
Buffer Overrun
See Buffer Overflow.
Injecting special shell metacharacters or otherwise manipulating input to cause the server to run shell commands or other code of the attacker’s choice.
Console Attack
An attack launched physically from the system’s local console.
Content Spoofing
Creating fake web content that mimics a web site to deceive a user into revealing login credentials or other sensitive information.
Cookie Manipulation
Modifying a browser cookie to exploit a security flaws in a web application.
Cookie Hijacking
Stealing the authentication cookie of a legitimate user to authenticate as and impersonate that user.
Cross-Site Request Forgery (CSRF)
Exploiting a site’s trust of a user to perform a transaction in behalf of the user. Usually involves tricking a user to click on a link or embedding a link in an HTML IMG tag.
An attack that involves injecting HTML or script commands into a trusted application with the purpose of hijacking a user’s cookie, session token, or account credentials.
Causing an application to excessively consume system resources or to stop functioning altogether.
Accessing files outside the bounds of the web application by manipulating input with directory traversal characters also known as the double dot attack
Manipulating input to read, write, or delete protected files on disk.
Revealing or failing to protect information that an attacker can use to compromise a system.
Luring Attack
Tricking a victim to run code or take actions in behalf of the attacker.
Intercepting web traffic in such a way that the attacker is able to read and modify data in transit between two systems.
A form of man-in-the-middle attack where the attacker lures a legitimate user to enter a password through a fake e-mail or web form designed to look like that of a legitimate web site.
Allowing an attacker to gain the access privileges of a higher level account.
The ability for a user to deny having taken an action or performed a transaction.
Resource exhaustion
Revealing the content of server-side code or configuration files by manipulating input to disguise the true file extension.
Providing another user with a known fixed token to authenticate and then gaining access to that user’s session.
Using a network monitoring utility to intercept passwords or other sensitive information that traverses a network.
Using a hacker’s social skills to extract information from or otherwise manipulate employees or other trusted individuals at a target organization.
Manipulating user input to construct SQL statements that execute on the database server.
Token brute force attacks
Discovering a valid session token by submitting all possible combinations within the token’s key space.
Being able to access another user’s token and potentially gain access to their account.
The process of periodically sending web requests to keep a session token from expiring, often used with session fixation attacks.
Modifying a token on the URL or in a cookie to gain unauthorized access to an application.
Guessing or predicting a valid session token because the token scheme uses a sequential or predictable pattern.
Gaining access to restricted content or data without the consent of the content owner.