Comparing & Contrasting Attack Types

Comparing & Contrasting Attack Types

Social Engineering

  • Phishing
  • Spear Phishing
  • Whaling
  • Vishing
  • Tailgaiting
  • Impersonation
  • Dumpster Diving
  • Shoulder Surfing
  • Hoaxes
  • Watering Hole Attack

Principles

  • Authority and Intimidation
  • Consensus and Social Proof
  • Familiarity and Liking
  • Trust
  • Scarcity and Urgency

Application / Service Attacks

  • DDoS
  • Replay Attacks
  • Man in the Middle Attack
  • Buffer Overflow Attack
  • SQL Injection Attack
  • LDAP Injection Attack
  • XML Injection Attack
  • Cross Site Scription (XSS) and Cross Site Request Forgery (XSRF)
  • Privilege Escalation
  • ARP Poisoning
  • Smurf Attack (Amplification)
  • DNS Poisoning
  • Zero Day
  • Pass the Hash
  • Clickjacking
  • Session Hijacking
  • Typo Squatting and URL Hijacking
  • Shimming
  • Refactoring
  • IP/MAC Spoofing

Wireless Attacks

  • Replay Attacks (Wireless)
  • IV Attack
  • Rogue Access Points
  • WPS Attacks
  • Bluejacking and Bluesnarfing
  • NFC Attacks
  • Radio Frequency Identification (RFID)
  • Dissociation

Cryptographic Attacks

  • Password, Brute Force, and Dictionary Attacks
  • Birthday Attack
  • Rainbow Tables

Online Vs. Offline

  • Collision Attack
  • Downgrade Attack
  • Known Plain Text / Ciphertext
Show Comments