Overview#

Attacker is an entity trying cause you or yours encounter an unfortunate event

Attacker typically takes advantage of a vulnerability to perform an exploit or to cause an unfortunate event

There are two general type of Attackers:

• active attacker - attempts to violate the Integrity or Availability of resources.
• passive attacker - is an Observer attempts to violate the Confidentiality of data but does not affect resources. (E.g., wiretapping.)

Attacker may be referred to as a Bad Actor

Attacker may be an Internal Attacker

Classifications[1]#

• White hat
• Black hat
• Grey hat
• Elite hacker
• Script kiddie
• Neophyte
• Blue hat
• Hacktivist
• Nation state
• Organized criminal gangs

AKA#

• Hacker
• Security Hacker[1]

Attack Groups#

Attack Groups are is a common name applied to a group of Attackers  by the security community.

More Information#

There might be more information for this subject on one of the following:

• Account Lockout
• Active Directory Account Lockout
• Active attacker
• Anonymity Set
• Arbitrary code execution
• Attack
• Attack Effort
• Attack Groups
• Attack Surface
• Attack vectors
• Attacker
• Authentication intent
• Authenticator App
• Bad Actor
• Best Practices Password
• Biometric Data Challenges
• Biometric Presentation
• Breach
• Brute-Force
• Buffer overflow
• Byzantine Fault Tolerance
• CAPTCHA
• Cell-Site Simulators
• Certificate Pinning
• Certificate Validation
• Certificate-based Authentication
• Channel Binding
• Class-Break
• Code injection
• Computational Hardness Assumption
• Cookie
• Covert Redirect Vulnerability
• Craig
• Credential Leakage
• Credential Leaked Databases
• Credential Management
• Credential Recovery
• Credential Reuse
• Cross-site scripting
• CryptoAPI
• Cryptographic Collision
• Cryptography
• Cybercriminals
• DNS cache poisoning
• Delegation vs Impersonation
• Distributed Consensus
• Draft-behera-ldap-password-policy
• Eve
• Exploit
• Exploitability Metrics
• Extended Protection for Authentication
• Fingerprinting
• Fraud
• Golden Ticket
• Heuristic Attacks
• Hijack
• Homograph attack
• How To Crack SSL-TLS
• Identifiable
• Implicit Grant
• Internal Attacker
• Internet Threat Model
• Item of Interest
• Kerberos
• Kerberos Authentication Service
• Kerberos Forged Ticket
• Kerberos Pre-Authentication
• Key Reinstallation AttaCKs
• Key Verification
• Knowledge-Based Authentication
• LDAP Signing
• LOA 2
• LOA 3
• Length extension attack
• Logjam
• Malfeasance
• Malicious Endpoint
• Malicious PAC
• Malicious Software
• Mallory
• Man-In-The-Middle
• Meet-in-the-Middle Attack
• Mix-up attacks
• Multi-Factor Authentication
• Multiple-channel Authentication
• OAuth 2.0 Security Best Current Practice
• OAuth 2.0 Threat Model and Security Configurations
• OAuth 2.0 Vulnerabilities
• Opportunistic Attack
• Oracle
• Oscar
• Padding oracle
• Pass-the-hash
• Passive attacker
• Password Authentication is Broken
• Password Dictionary
• Password Quality
• Password Reuse
• Password Spraying
• Password-authenticated Key Exchange
• Penetration Test
• Perfect Security
• Perspectives Project
• Phishing
• Phone Number Portability
• Poodle
• Premaster Secret
• Presentation Attack
• Presentation Attack Detection
• Pretexting
• Privacy Considerations
• Privacy Policy
• Privileged Identity
• Proof-of-Possession
• Public Wi-Fi
• Record Protocol
• Replay attack
• Risk Assessment
• SIM Swap
• SQL Injection
• Server-Side Login throttling schemes
• Session Management
• Spoofing Attack
• Swirlds hashgraph consensus algorithm
• Sybil
• Tailgating
• Targeted Attack
• Threat Model
• Token Binding Protocol
• Transport Layer Security
• Triple DES
• USB Attack
• Undetectability
• Unfortunate event
• Unlinkability
• Unvalidated redirects and forwards
• Verizon Data Breach Investigations Report
• Vulnerability
• Zero Trust

---

• [#1] - Security_hackerContent unavailable! (broken link)https://ldapwiki.com/wiki/images/out.png - based on information obtained 2017-05-10-