Overview#
Attack is an intentional act by which an attacker attempts to violate another entity's privacy or security. RFC 4949.Attacks Classifications#
All? Attacks may be broadly classified as either: Classification of the Attack is a useful first step in understanding and responding to an information security incident.Attack types#
- Birthday Attacks (Cryptographic Collision Attack)
- Password Spraying (Password Guessing)
- Meet-in-the-Middle Attack
- Phishing
- Side-channel attacks
- Pass-the-ticket
- Pass-the-hash
- Code injection
- IP spoofing
- Key Reinstallation AttaCKs (KRACKs)
- Malicious PAC
- Malicious Endpoint
- SIM Swap
- Homograph attack
- Length extension attack
Some Attack Examples:
More Information#
There might be more information for this subject on one of the following:- AWS Shield
- Active attacker
- Advanced Persistent Threat
- Attack Effort
- Attack Orchestrator
- Attack Service
- Attack Surface
- Attribution
- BCP 36
- Best Practices OpenID Connect
- Best Practices for LDAP Security
- Birthday Attack
- Bot
- Botnet
- CIA
- Certificate Algorithm ID
- Certificate Validation
- Cipher Block Chaining
- Cloud Native
- Code injection
- Computational Hardness Assumption
- Content-Security-Policy
- Covert Redirect Vulnerability
- Credential Leakage
- Credential Leaked Databases
- Credential stuffing
- Cross-site request forgery
- Cross-site scripting
- Cryptanalysis
- CryptoAPI
- Cryptographic Collision
- Cryptographic Key
- Cryptographic Primitive
- Cyber Attack as a Service
- DNS cache poisoning
- Deprecating Secure Sockets Layer Version 3.0
- Domain-based Message Authentication, Reporting & Conformance
- Elliptic Curve
- Elliptic Curve Menezes-Qu-Vanstone
- Encrypted Server Name Indication
- Explicit Endpoint
- Exploit
- Exploitability Metrics
- Extended Protection for Authentication
- FAPI Read Write API Security Profile
- FREAK
- Glossary Of LDAP And Directory Terminology
- Golden Ticket
- Heuristic Attacks
- How To Crack SSL-TLS
- IDN homograph attack
- IDSA Integration Framework
- IP spoofing
- Impersonation-resistant
- Internationalized Resource Identifiers
- Issues and Requirements for SNI Encryption in TLS
- Kerberos
- Kerberos Forged Ticket
- Kerberos Pre-Authentication
- Key Reinstallation AttaCKs
- Key size
- LONGHAUL
- Length extension attack
- LibraBFT
- Logjam
- Lucky 13
- MD5
- Malicious Endpoint
- Malicious PAC
- Man-In-The-Middle
- Meet-in-the-Middle Attack
- Multi-Factor Authentication
- NIST Cybersecurity Framework
- NIST.SP.800-53
- NIST.SP.800-63B
- NIST.SP.800-63C
- NIST.SP.800-70
- OAuth 2.0 Mix-Up Attack
- OAuth 2.0 Security Best Current Practice
- OAuth 2.0 Threat Model and Security Configurations
- OAuth 2.0 Vulnerabilities
- Offset Codebook Mode
- OpenID Connect Back-Channel Logout
- Operation Aurora
- Pass-the-hash
- Pass-the-ticket
- Password Anti-Pattern
- Password Authentication is Broken
- Password Reuse
- Password Spraying
- Password Validator
- Perfect Security
- Perspectives Project
- Phishing
- Presentation Attack Detection
- Prevention
- Privacy Considerations
- Privacy Policy
- Proxy Auto-Config
- Public Key Infrastructure Weaknesses
- Public Key Pinning Extension for HTTP
- Punycode
- QUANTUM
- RFC 7672
- Record Protocol
- Relative IDentifier
- Reputation System
- Risk Assessment
- Rowhammer
- Runtime Application Self-Protection
- SIM Swap
- SQL Injection
- SS7 hack
- SSL-TLS Interception
- Same-site Cookies
- Secure by design
- Session Management
- Side-channel attacks
- Social Engineering Attack
- State of the Internet-Security Report
- Strength of Function for Authenticators - Biometrics
- TLS 1.2
- TLS 1.3
- TURBINE
- Tailgating
- Ten Hundred Words
- Threat Model
- Token Binding Protocol
- Transport Layer Security
- United States Office of Personnel Management
- Universal Declaration of Human Rights
- Unvalidated redirects and forwards
- Verizon Data Breach Investigations Report
- Vulnerability
- Web Blog_blogentry_030817_1
- Web Blog_blogentry_150617_1
- Web Blog_blogentry_190617_1
- Web Blog_blogentry_230418_1
- Web Blog_blogentry_241018_1
- Web Proxy Auto-Discovery Protocol
