application attacks Flashcards
Privilege escalation
a cybersecurity technique that allows an attacker to gain more access or permissions to a system than they originally had
Cross-site scripting
an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website
Injections
Injection attacks occur when attackers exploit vulnerabilities in an application to send malicious code into a system
This type of exploit may allow them to execute unauthorized commands, access data, or manipulate the system’s operation
access protocol (LDAP)
a vendor-neutral protocol that allows users to access and search for information within a network.
t’s a directory service protocol that runs on top of the TCP/IP stack and is based on a client-server model. L
Structured query language (SQL)
a programming language for storing and processing information in a relational database.
Dynamic link library (DLL)
a file type containing code, data, and resources that can be shared among multiple programs to accomplish specific tasks.
Lightweight directory
a software protocol that can be used to securely access information and resources on a network
Extensible markup language (XML)
a standard markup language that allows users to define their own data formats and encode data
Pointer/object dereference
If an attacker can make an application point to a null section of memory where nothing exists rather than the part of memory where the application data might exist,
Directory traversal
a common and dangerous way for hackers to gain access to restricted files on a website or web application
Attackers manipulate variables that reference files using dot-dot-slash (../) sequences to navigate outside of the intended directory and access sensitive files
Buffer overflows
typically involves violating programming languages and overwriting the bounds of the buffers they exist on. Most buffer overflows are caused by the combination of manipulating memory and mistaken assumptions around the composition or size of data.
Time of check/time of use
a type of software bug or security vulnerability that occurs when a system checks the state of a part of itself before using the results of that check
Race conditions
occurs when attackers manipulate the timing or sequence of events in a multithreaded or asynchronous system to compromise security
Error handling
a programming technique that helps developers manage unexpected situations in a program’s execution
It’s a critical part of an application’s security, as improper error handling can lead to security vulnerabilities
Improper input handling
refers to the inadequate or incorrect validation, sanitization, filtering, or encoding and/or decoding of input data
It’s a common weakness in applications and a leading cause of critical vulnerabilities in today’s systems
Replay attack
a network attack where an attacker intercepts and retransmits data that was previously exchanged between two parties
The attacker can delay, redirect, or repeat the communication, and then pretend to be one of the legitimate parties.
Session replays
a cyber attack that involves an attacker intercepting network traffic and replaying it to gain unauthorized access to a website or service
The attacker can obtain session tokens or cookies that allow them to impersonate a legitimate user.
Request forgeries
- Server-side
- Client-side
- Cross-site
interface (API) attacks
is an attempt by a malicious actor to gain unauthorized access to an API to break into a system or network, or transfer data
When successful, attackers can disrupt business operations or steal data, money, or credentials. Most API attacks take advantage of security vulnerabilities within APIs themselves.
Resource exhaustion
a type of denial of service (DoS) attack in cybersecurity that occurs when an attacker intentionally consumes a system’s resources to make it unavailable or unusable
This can happen by depleting critical computing resources like memory, processing power, or network bandwidth.
Memory leak
an unintentional form of memory consumption whereby the developer fails to free an allocated block of memory when no longer needed.
The consequences of such an issue depend on the application itself.
Secure sockets layer (SSL) stripping
a type of cyberattack that forces a user’s browser to connect to an unprotected version of a website without SSL encryption
This attack is a form of Man-in-the-Middle (MITM) attack that exploits the way encryption protocols start connections.
Driver manipulation
a sophisticated technique used in application attacks to exploit vulnerabilities within a system.
This technique involves the manipulation of device drivers, which are software components that allow the operating system to interact with hardware devices.
Pass the hash
a stealthy cyber attack that allows cybercriminals to access secure systems without the actual password.
PtH attacks exploit how passwords are often stored as cryptographic hashes, which can be stolen and used to create a new user session on the same network.
- Shimming
a type of cyber threat that involves secretly installing malicious code into a system to access data and compromise information.
Shimming attacks can target vulnerabilities in software, hardware interfaces, or operating system APIs. They can be stealthy and go undetected because they manipulate how software components interact.
- Refactoring
a software engineering technique that involves restructuring code without changing its external behavior
The goal is to improve the code’s nonfunctional properties, such as readability, maintainability, and complexity.
