Thursday, February 1, 2018

List of All Web Application Attacks

Hello my fellow noob! I have curated a list of nearly all possible attacks related to web applications.
First of all don’t get confused between a vulnerability and an attack. A vulnerability is a weakness, while an attack is something an attacker would do to exploit that weakness.
For example, if a web app isn’t filtering user input its a vulnerability but a attacker uses this to execute commands on the web server that would be a Remote Command Injection attack.
Making a list of vulnerabilities wasn’t easy for me so I just made a list of attacks. After all thats all you need right?

Web Application Attacks List

  • Arbitrary file access
  • Binary planting
  • Blind SQL Injection
  • Blind XPath Injection
  • Brute force attack
  • Buffer overflow attack
  • Cache Poisoning
  • Cash Overflow
  • Clickjacking
  • Command injection attacks
  • Comment Injection Attack
  • Content Security Policy
  • Content Spoofing
  • Credential stuffing
  • Cross Frame Scripting
  • Cross Site History Manipulation (XSHM)
  • Cross Site Tracing
  • Cross-Site Request Forgery (CSRF)
  • Cross Site Port Attack (XSPA)
  • Cross-Site Scripting (XSS)
  • Cross-User Defacement
  • Custom Special Character Injection
  • Denial of Service
  • Direct Dynamic Code Evaluation (‘Eval Injection’)
  • Execution After Redirect (EAR)
  • Exploitation of CORS
  • Forced browsing
  • Form action hijacking
  • Format string attack
  • Full Path Disclosure
  • Function Injection
  • Host Header injection
  • HTTP Response Splitting
  • HTTP verb tampering
  • HTML injection
  • LDAP injection
  • Log Injection
  • Man-in-the-browser attack
  • Man-in-the-middle attack
  • Mobile code: invoking untrusted mobile code
  • Mobile code: non-final public field
  • Mobile code: object hijack
  • One-Click Attack
  • Parameter Delimiter
  • Page takeover
  • Path Traversal
  • Reflected DOM Injection
  • Regular expression Denial of Service – ReDoS
  • Repudiation Attack
  • Resource Injection
  • Server-Side Includes (SSI) Injection
  • Session fixation
  • Session hijacking attack
  • Session Prediction
  • Setting Manipulation
  • Special Element Injection
  • SMTP injection
  • SQL Injection
  • SSI injection
  • Traffic flood
  • Web Parameter Tampering
  • XPATH Injection
  • XSRF or SSRF

3 comments:

  1. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete
  2. Thanks to you anonymousmaskhat@gmail.com for all the successfully hack you have done for me.

    ReplyDelete
  3. Hack into Paypal accounts, B logs,Professional hacking into institutional servers-keylogging -University grades
    changing / Admin(staff) account hack -Access/Password (Facebook, Instagram, bbm,Skype, snap chat, twitter, badoo, Word Press,zoosk, various blogs, icloud, apple accounts etc.)-You can also learn some basic shit you wouldn't think you'd need on your everyday basis but find out how important and helpful they really are. use random credit cards to shop online, hack iphones, tap into your friends cal and monitor conversations, email and text message interception

    Contact: ( hackingsetting50@gmail.com) for any hacking jobs

    ReplyDelete

Are you looking for most trusted hosting website?

What is Web Hosting? Web hosting is a service that allows organizations and individuals to post a website or web page onto the Internet. A...