Attack types Flashcards
Steals data from Bluetooth-enabled devices
Bluesnarfing
Takes over a user’s session by obtaining or predicting a valid session token
Session Hijack
Sends unsolicited messages over Bluetooth to nearby devices
Bluejacking
Chains multiple SQL commands with a delimiter to execute them sequentially
Stacked Queries
Increases the volume of an attack by using network resources to magnify traffic
Amplification Attack
Intercepts network handshakes to crack wireless encryption keys
Handshake capture
Intercepts data on a network by linking an attacker’s MAC to a legitimate IP address
ARP Poisoning
Fakes a login or splash page to capture user credentials
Captive PortalS
Sets up a rogue WiFi access point to intercept wireless communications
Evil Twin
Impersonates devices by mimicking their MAC addresses
MAC Spoofing
Deceives a user into submitting a malicious request via image tags, hidden forms, etc
CSRF
Bypasses network segmentation by sending packets to a switch that forwards them to other VLANs
VLAN Hopping
Reflects a malicious script off of a web application to the user’s browser
XSS - Reflected
Masquerades as a legitimate entity by falsifying data to gain an advantage
Spoofing
Reuses valid data transmission to fraudulently or maliciously repeat or delay operations
Session Replay