Skip to content

Index

☠️ Vulnerabilities🔗

#️⃣ Name 📖Definition ✨Example 🛡️Remediation
1 Brute Force An automated program that tries all possible combinations to guess sensitive information Guessing passwords,hashes or api secrets Rate limiting
2 Privilege Escalation Someone gains unauthorized access with higher privileges than they were initially granted Becoming admin from a regular user Least privilege, proper access control, and employee awareness
3 Impersonation This is a type of phishing attack where an attacker pretends to be someone else in order to steal data, gain unauthorize access, or disrupt operations Sending email as your manager at your employer Employee awareness, proper identity and access management
4 Denial of Service A malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of Internet traffic such as bogus packets, requests for connections, or malformed messages Making countless requests to a web server until its resources are exhausted Rate limiting
5 SQL Injection Malicious SQL code for backend database manipulation to access information that was not intended to be displayed Extracting username and passwords from the database Input validation escaping and sanitization, stored procedures, prepared statement with parameterized queries
6 Weak Encryption Use of encryption algorithms that are not robust enough to withstand attacks Insufficient key length which makes brute forcing easy or outdated encryption algorithms with known vulnerabilities Secure encryption algorithms
7 Weak Hashing Use of hashing algorithms that are not robust enough to withstand attacks Outdated hashing algorithm which produces collisions Secure hashing algorithms
8 Credential Theft Credential theft occurs when malicious actors steal login details and use them to access services or applications to steadily elevate their privileges Stolen API key is used to perform malicious API calls to withdraw customer account funds Secure storage and secure transportation
9 Cookie Poisoning Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account Steal session cookie through Cross-Site Scripting HTTPS, secure and httpOnly flags are set on cookie, Cookie expiration
10 Logic Error Flaws in the design and implementation of an application that allow an attacker to elicit unintended behavior Accepting negative values when a customer is transferring funds Testing all edge cases
11 Host Header Injection Attackers exploit this vulnerability to manipulate the Host header and cause the application to behave in unexpected ways Redirecting users to malicious sites for phishing or malware distribution Input validation and sanitization
12 Referrer Leakage When sensitive information is inadvertently included in the HTTP referrer header and sent to external sites If session IDs in the referrer header are leaked, attackers might gain unauthorized access to user accounts Avoid Sensitive Data in URLs, No Referrer tag is set
13 Insufficient Logging Attackers rely on insufficient logging to achieve their goals without being detected An attacker brute forces passwords without being detected and stopped Proper logging and monitoring
14 Information Leakage When a website unintentionally reveals sensitive information to its users A server reveals passwords in error messages Employee awareness, sanitize output
15 Eavesdropping An eavesdropping attack occurs when a attacker intercepts, deletes, or modifies data that is transmitted between two devices An attacker is able to transmit and modify login credentials being sent on unencrypted HTTP network HTTPS, HTTP Strict Transport Security
16 Website Defacement Website defacement is the unauthorized alteration of the visual appearance or content of a website by a malicious actor Attacker published profanity, hate speech, politically motivated messages, or even links to malicious websites Content moderation, community guidelines
17 Vulnerable Dependency Libraries or dependencies used by your application which has known vulnerabilities that can impact your application. An attacker steals funds by exploiting a remote code execution vulnerability in a database library used by an application Dependency scans, regularly updating, stay up to date with new vulnerabilities in used libraries
18 Injection An umbrella term used for injections based attacks where an attacker injection malicious input to manipulate your application logic. (SQL injection, header injection, cross-site scripting, LDAP injection etc.) An attacker uses SQL injection to steal password hashes from the database Input validation and sanitization
19 Misconfiguration When a system or application configuration settings are missing or are erroneously implemented, allowing unauthorized access An admin account for AWS is using a default password Least privilege, employee awareness, automated scans
20 Path Traversal Path traversal is a type of security vulnerability that can occur when a web application or service allows an attacker to access server files or directories that are outside the intended directory structure. This can lead to the unauthorized reading or modification of sensitive data Admin route is left unchecked and can be accessible publicly Input validation and sanitization
21 Location Spoofing Manipulate the location data shared by their device Attacker located across the globe spoofs their location to avoid suspicion IP verification, Browser location API
22 Insecure Direct Object Reference when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly An attacker changes the id parameter in the URL (e.g., to id=admin) to access another user's profile without authorization Proper access control, input validation and sanitization
23 Man in the Middle Communications between two parties is intercepted by an attack and data is either stolen or modified The attacker gains access to a user's email account and intercepts emails between the user and their contacts. The attacker can alter the contents of these emails or use the information for malicious purposes HTTPS
24 Roll Your Own Code Developers writing their own encryption algorithms or session management mechanisms, instead of using established, thoroughly tested libraries or frameworks Writing your own encryption algorithm which is not thoroughly tested Use popular well tested frameworks, libraries or algorithms
25 Cross-Site Request Forgery An attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated If a social media site doesn't properly verify requests, an attacker could create a malicious site that posts unwanted content or spam on the victim's social media profile when they visit the malicious site CSRF token, SameSite cookie, check Referrer Header
26 Session Hijacking The malicious act of taking control of a user's web session An attacker steals a user's session cookie through XSS (Cross-Site Scripting) attacks, packet sniffing, or other methods. Once the attacker has the cookie, they can use it to impersonate the user on the web application Secure cookies, SameSite cookies, httpOnly cookies, cookie expiration
27 Replay Attack It involves an attacker capturing a valid web request and retransmitting it one or more times. This can lead to unauthorized actions or access If a Two-Factor Authentication system doesn't properly validate the uniqueness or time sensitivity of the authentication codes, an attacker could intercept and reuse these codes to gain unauthorized access HTTPS, rate limiting, input validation