You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Owasp_zap111 <Ow...@protonmail.com.INVALID> on 2020/05/08 08:50:30 UTC

Offensive Penetration Attacks

Letsencrypt.org  .... please save me from all these
attacks.
https://owasp.org/www-community/attacks/

List of Attacks

- [Binary Planting](https://owasp.org/www-community/attacks/Binary_planting)

- [Blind SQL Injection](https://owasp.org/www-community/attacks/Blind_SQL_Injection)

- [Blind XPath Injection](https://owasp.org/www-community/attacks/Blind_XPath_Injection)

- [Brute Force Attack](https://owasp.org/www-community/attacks/Brute_force_attack)

- [Buffer Overflow via Environment Variables](https://owasp.org/www-community/attacks/Buffer_Overflow_via_Environment_Variables)

- [Buffer Overflow Attack](https://owasp.org/www-community/attacks/Buffer_overflow_attack)

- [CORS OriginHeaderScrutiny](https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny)

- [CORS RequestPreflighScrutiny](https://owasp.org/www-community/attacks/CORS_RequestPreflighScrutiny)

- [CSV Injection](https://owasp.org/www-community/attacks/CSV_Injection)

- [Cache Poisoning](https://owasp.org/www-community/attacks/Cache_Poisoning)

- [Cash Overflow](https://owasp.org/www-community/attacks/Cash_Overflow)

- [Clickjacking](https://owasp.org/www-community/attacks/Clickjacking)

- [Code Injection](https://owasp.org/www-community/attacks/Code_Injection)

- [Command Injection](https://owasp.org/www-community/attacks/Command_Injection)

- [Comment Injection Attack](https://owasp.org/www-community/attacks/Comment_Injection_Attack)

- [Content Security Policy](https://owasp.org/www-community/attacks/Content_Security_Policy)

- [Content Spoofing](https://owasp.org/www-community/attacks/Content_Spoofing)

- [Cornucopia - Ecommerce Website Edition - Wiki Deck](https://owasp.org/www-community/attacks/Cornucopia_-_Ecommerce_Website_Edition_-_Wiki_Deck) by DarĂ­o De Filippis
- [Credential stuffing](https://owasp.org/www-community/attacks/Credential_stuffing)

- [Cross-User Defacement](https://owasp.org/www-community/attacks/Cross-User_Defacement)

- [Cross Site Scripting (XSS)](https://owasp.org/www-community/attacks/xss/) by KirstenS
- [Cross Frame Scripting](https://owasp.org/www-community/attacks/Cross_Frame_Scripting)

- [Cross Site History Manipulation (XSHM)](https://owasp.org/www-community/attacks/Cross_Site_History_Manipulation_(XSHM))

- [Cross Site Tracing](https://owasp.org/www-community/attacks/Cross_Site_Tracing)

- [Cryptanalysiss](https://owasp.org/www-community/attacks/Cryptanalysis)

- [Custom Special Character Injection](https://owasp.org/www-community/attacks/Custom_Special_Character_Injection)

- [Denial of Service](https://owasp.org/www-community/attacks/Denial_of_Service)

- [Direct Dynamic Code Evaluation - Eval Injection](https://owasp.org/www-community/attacks/Direct_Dynamic_Code_Evaluation_Eval%20Injection)

- [Embedding Null Code](https://owasp.org/www-community/attacks/Embedding_Null_Code) by Nsrav
- [Execution After Redirect (EAR)](https://owasp.org/www-community/attacks/Execution_After_Redirect_(EAR)) by Robert Gilbert (amroot)
- [Forced browsing](https://owasp.org/www-community/attacks/Forced_browsing)

- [Form action hijacking](https://owasp.org/www-community/attacks/Form_action_hijacking) by Robert Gilbert (amroot)
- [Format string attack](https://owasp.org/www-community/attacks/Format_string_attack)

- [Full Path Disclosure](https://owasp.org/www-community/attacks/Full_Path_Disclosure)

- [Function Injection](https://owasp.org/www-community/attacks/Function_Injection)

- [HTTP Response Splitting](https://owasp.org/www-community/attacks/HTTP_Response_Splitting)

- [LDAP Injection](https://owasp.org/www-community/attacks/LDAP_Injection)

- [Log Injection](https://owasp.org/www-community/attacks/Log_Injection)

- [Man-in-the-browser attack](https://owasp.org/www-community/attacks/Man-in-the-browser_attack)

- [Man-in-the-middle attack](https://owasp.org/www-community/attacks/Man-in-the-middle_attack)

- [Mobile code invoking untrusted mobile code](https://owasp.org/www-community/attacks/Mobile_code_invoking_untrusted_mobile_code)

- [Mobile code non-final public field](https://owasp.org/www-community/attacks/Mobile_code_non-final_public_field)

- [Mobile code object hijack](https://owasp.org/www-community/attacks/Mobile_code_object_hijack)

- [Parameter Delimiter](https://owasp.org/www-community/attacks/Parameter_Delimiter)

- [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal)

- [Qrljacking](https://owasp.org/www-community/attacks/Qrljacking)

- [Reflected DOM Injection](https://owasp.org/www-community/attacks/Reflected_DOM_Injection)

- [Regular expression Denial of Service - ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)

- [Repudiation Attack](https://owasp.org/www-community/attacks/Repudiation_Attack)

- [Resource Injection](https://owasp.org/www-community/attacks/Resource_Injection)

- [Reverse Tabnabbing](https://owasp.org/www-community/attacks/Reverse_Tabnabbing)

- [SQL Injection](https://owasp.org/www-community/attacks/SQL_Injection)

- [Server-Side Includes (SSI) Injection](https://owasp.org/www-community/attacks/Server-Side_Includes_(SSI)_Injection)

- [Server Side Request Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)

- [Session Prediction](https://owasp.org/www-community/attacks/Session_Prediction)

- [Session fixation](https://owasp.org/www-community/attacks/Session_fixation)

- [Session hijacking attack](https://owasp.org/www-community/attacks/Session_hijacking_attack)

- [Setting Manipulation](https://owasp.org/www-community/attacks/Setting_Manipulation)

- [Special Element Injection](https://owasp.org/www-community/attacks/Special_Element_Injection)

- [Spyware](https://owasp.org/www-community/attacks/Spyware)

- [Traffic flood](https://owasp.org/www-community/attacks/Traffic_flood)

- [Trojan Horse](https://owasp.org/www-community/attacks/Trojan_Horse)

- [Unicode Encoding](https://owasp.org/www-community/attacks/Unicode_Encoding)

- [Web Parameter Tampering](https://owasp.org/www-community/attacks/Web_Parameter_Tampering)

- [XPATH Injection](https://owasp.org/www-community/attacks/XPATH_Injection)

- [XSRF](https://owasp.org/www-community/attacks/XSRF)

- [XSS in subtitle](https://owasp.org/www-community/attacks/Xss_in_subtitle) by Mohammad MortazaviZade
- [Cross Site Request Forgery (CSRF)](https://owasp.org/www-community/attacks/csrf) by KirstenS