Server Side Attacks – Request

HTTP Response Splitting
Information Leakage
Error messages dispaly
Session and cookies
Credential/Session Prediction
Non-HttpOnly Session Cookie
Unsecured Session Cookie
Insufficient Session Expiration
Session Fixation
Persistent Session Cookie
Fingerprinting
Directory guessing
Predictable Resource Location
Directory Traversal
Path Traversal
Buffer Overflow
SQL Injection
Improper Input Handling
Server Misconfiguration
OS Command Injection
RFI LFI
Web defacement
HTTP Request Splitting
HTTP smuggling
Server Side Attacks – Response
HTTP Response Splitting
Information Leakage
Error messages dispaly
Session and cookies
Credential/Session Prediction
Non-HttpOnly Session Cookie
Unsecured Session Cookie
Insufficient Session Expiration
Session Fixation
Persistent Session Cookie
Fingerprinting
Directory guessing
Predictable Resource Location
Directory Traversal
Path Traversal
Buffer Overflow
SQL Injection
Improper Input Handling
Server Misconfiguration
OS Command Injection
RFI LFI
Web defacement
HTTP Request Splitting
HTTP smuggling
Server Side Attacks – Response
HTTP Response Splitting
Information Leakage
Error messages dispaly
Session and cookies
Credential/Session Prediction
Non-HttpOnly Session Cookie
Unsecured Session Cookie
Insufficient Session Expiration
Session Fixation
Persistent Session Cookie

Server Side Attacks – Response

Client side attacks

  1. Autocomplete Attribute
  2. Cross Site Scripting
  3. Cross Site Request Forgery
  4. Weak Password Recovery Validation
  5. Click jacking

Business Attacks

  1. Web scarping
  2. Denial of Service
  3. Brute Force
  4. Credentials stuffing
  5. Bots

Slow attacks

  1. Slowloris
  2. Slow read
  3. Slow post

Protocols attacks

  1. Invalid HTTP Method Usage
  2. Null Byte Injection
  3. Format string attacks
  4. HTTP structure
  5. JSON stracture missuse
  1. HTTP Response Splitting
  2. Information Leakage
  3. Error messages dispaly

Session and cookies

  1. Credential/Session Prediction
  2. Non-HttpOnly Session Cookie
  3. Unsecured Session Cookie
  4. Insufficient Session Expiration
  5. Session Fixation
  6. Persistent Session Cookie
Menu