You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Owasp_zap111 <Ow...@protonmail.com.INVALID> on 2020/05/08 08:50:30 UTC
Offensive Penetration Attacks
Letsencrypt.org .... please save me from all these
attacks.
https://owasp.org/www-community/attacks/
List of Attacks
- [Binary Planting](https://owasp.org/www-community/attacks/Binary_planting)
- [Blind SQL Injection](https://owasp.org/www-community/attacks/Blind_SQL_Injection)
- [Blind XPath Injection](https://owasp.org/www-community/attacks/Blind_XPath_Injection)
- [Brute Force Attack](https://owasp.org/www-community/attacks/Brute_force_attack)
- [Buffer Overflow via Environment Variables](https://owasp.org/www-community/attacks/Buffer_Overflow_via_Environment_Variables)
- [Buffer Overflow Attack](https://owasp.org/www-community/attacks/Buffer_overflow_attack)
- [CORS OriginHeaderScrutiny](https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny)
- [CORS RequestPreflighScrutiny](https://owasp.org/www-community/attacks/CORS_RequestPreflighScrutiny)
- [CSV Injection](https://owasp.org/www-community/attacks/CSV_Injection)
- [Cache Poisoning](https://owasp.org/www-community/attacks/Cache_Poisoning)
- [Cash Overflow](https://owasp.org/www-community/attacks/Cash_Overflow)
- [Clickjacking](https://owasp.org/www-community/attacks/Clickjacking)
- [Code Injection](https://owasp.org/www-community/attacks/Code_Injection)
- [Command Injection](https://owasp.org/www-community/attacks/Command_Injection)
- [Comment Injection Attack](https://owasp.org/www-community/attacks/Comment_Injection_Attack)
- [Content Security Policy](https://owasp.org/www-community/attacks/Content_Security_Policy)
- [Content Spoofing](https://owasp.org/www-community/attacks/Content_Spoofing)
- [Cornucopia - Ecommerce Website Edition - Wiki Deck](https://owasp.org/www-community/attacks/Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck) by DarĂo De Filippis
- [Credential stuffing](https://owasp.org/www-community/attacks/Credential_stuffing)
- [Cross-User Defacement](https://owasp.org/www-community/attacks/Cross-User_Defacement)
- [Cross Site Scripting (XSS)](https://owasp.org/www-community/attacks/xss/) by KirstenS
- [Cross Frame Scripting](https://owasp.org/www-community/attacks/Cross_Frame_Scripting)
- [Cross Site History Manipulation (XSHM)](https://owasp.org/www-community/attacks/Cross_Site_History_Manipulation_(XSHM))
- [Cross Site Tracing](https://owasp.org/www-community/attacks/Cross_Site_Tracing)
- [Cryptanalysiss](https://owasp.org/www-community/attacks/Cryptanalysis)
- [Custom Special Character Injection](https://owasp.org/www-community/attacks/Custom_Special_Character_Injection)
- [Denial of Service](https://owasp.org/www-community/attacks/Denial_of_Service)
- [Direct Dynamic Code Evaluation - Eval Injection](https://owasp.org/www-community/attacks/Direct_Dynamic_Code_Evaluation_Eval%20Injection)
- [Embedding Null Code](https://owasp.org/www-community/attacks/Embedding_Null_Code) by Nsrav
- [Execution After Redirect (EAR)](https://owasp.org/www-community/attacks/Execution_After_Redirect_(EAR)) by Robert Gilbert (amroot)
- [Forced browsing](https://owasp.org/www-community/attacks/Forced_browsing)
- [Form action hijacking](https://owasp.org/www-community/attacks/Form_action_hijacking) by Robert Gilbert (amroot)
- [Format string attack](https://owasp.org/www-community/attacks/Format_string_attack)
- [Full Path Disclosure](https://owasp.org/www-community/attacks/Full_Path_Disclosure)
- [Function Injection](https://owasp.org/www-community/attacks/Function_Injection)
- [HTTP Response Splitting](https://owasp.org/www-community/attacks/HTTP_Response_Splitting)
- [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection)
- [Log Injection](https://owasp.org/www-community/attacks/Log_Injection)
- [Man-in-the-browser attack](https://owasp.org/www-community/attacks/Man-in-the-browser_attack)
- [Man-in-the-middle attack](https://owasp.org/www-community/attacks/Man-in-the-middle_attack)
- [Mobile code invoking untrusted mobile code](https://owasp.org/www-community/attacks/Mobile_code_invoking_untrusted_mobile_code)
- [Mobile code non-final public field](https://owasp.org/www-community/attacks/Mobile_code_non-final_public_field)
- [Mobile code object hijack](https://owasp.org/www-community/attacks/Mobile_code_object_hijack)
- [Parameter Delimiter](https://owasp.org/www-community/attacks/Parameter_Delimiter)
- [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal)
- [Qrljacking](https://owasp.org/www-community/attacks/Qrljacking)
- [Reflected DOM Injection](https://owasp.org/www-community/attacks/Reflected_DOM_Injection)
- [Regular expression Denial of Service - ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
- [Repudiation Attack](https://owasp.org/www-community/attacks/Repudiation_Attack)
- [Resource Injection](https://owasp.org/www-community/attacks/Resource_Injection)
- [Reverse Tabnabbing](https://owasp.org/www-community/attacks/Reverse_Tabnabbing)
- [SQL Injection](https://owasp.org/www-community/attacks/SQL_Injection)
- [Server-Side Includes (SSI) Injection](https://owasp.org/www-community/attacks/Server-Side_Includes_(SSI)_Injection)
- [Server Side Request Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)
- [Session Prediction](https://owasp.org/www-community/attacks/Session_Prediction)
- [Session fixation](https://owasp.org/www-community/attacks/Session_fixation)
- [Session hijacking attack](https://owasp.org/www-community/attacks/Session_hijacking_attack)
- [Setting Manipulation](https://owasp.org/www-community/attacks/Setting_Manipulation)
- [Special Element Injection](https://owasp.org/www-community/attacks/Special_Element_Injection)
- [Spyware](https://owasp.org/www-community/attacks/Spyware)
- [Traffic flood](https://owasp.org/www-community/attacks/Traffic_flood)
- [Trojan Horse](https://owasp.org/www-community/attacks/Trojan_Horse)
- [Unicode Encoding](https://owasp.org/www-community/attacks/Unicode_Encoding)
- [Web Parameter Tampering](https://owasp.org/www-community/attacks/Web_Parameter_Tampering)
- [XPATH Injection](https://owasp.org/www-community/attacks/XPATH_Injection)
- [XSRF](https://owasp.org/www-community/attacks/XSRF)
- [XSS in subtitle](https://owasp.org/www-community/attacks/Xss_in_subtitle) by Mohammad MortazaviZade
- [Cross Site Request Forgery (CSRF)](https://owasp.org/www-community/attacks/csrf) by KirstenS