Difference between revisions of "Category:Attack"

From OWASP
Jump to: navigation, search
Line 11: Line 11:
 
*Brute Force: Is the analysis of remote server, checking characters password of the operating system (letters, numbers and symbol's) [[:Brute_force_attack|Brute_force_attack]]
 
*Brute Force: Is the analysis of remote server, checking characters password of the operating system (letters, numbers and symbol's) [[:Brute_force_attack|Brute_force_attack]]
 
*Cache Poisoning: Is the execution of malicious code in the browser to spy on their contents  [[:Cache_Poisoning|Cache_Poisoning]]
 
*Cache Poisoning: Is the execution of malicious code in the browser to spy on their contents  [[:Cache_Poisoning|Cache_Poisoning]]
*DNS Poisoning: Is the execution of malicious code on the DNS server by redirecting Web pages
+
*DNS Poisoning: Is the execution of malicious code on the DNS server by redirecting Web pages [[:Often_Misused:_Authentication|Often_Misused:_Authentication]]
* ... make sure the attack is listed for each [[:Often_Misused:_Authentication|Often_Misused:_Authentication]]
+
  
 
Note: many of the items marked vulnerabilities from CLASP and other places are really attacks. Some of the more obvious are:
 
Note: many of the items marked vulnerabilities from CLASP and other places are really attacks. Some of the more obvious are:

Revision as of 15:55, 13 September 2010

This category is for tagging common types of application security attacks.

What is an attack?

Attacks are the techniques that attackers use to exploit the vulnerabilities in applications. Attacks are often confused with vulnerabilities, so please try to be sure that the attack you are describing is something that an attacker would do, rather than a weakness in an application.

All attack articles should follow the Attack template.

Examples:

  • Brute Force: Is the analysis of remote server, checking characters password of the operating system (letters, numbers and symbol's) Brute_force_attack
  • Cache Poisoning: Is the execution of malicious code in the browser to spy on their contents Cache_Poisoning
  • DNS Poisoning: Is the execution of malicious code on the DNS server by redirecting Web pages Often_Misused:_Authentication

Note: many of the items marked vulnerabilities from CLASP and other places are really attacks. Some of the more obvious are:

Subcategories

This category has the following 12 subcategories, out of 12 total.

A

D

E

I

P

R

S

Pages in category "Attack"

The following 71 pages are in this category, out of 71 total.

A

B

C

C cont.

D

E

F

H

I

L

M

O

P

P cont.

R

S

T

U

W

X