====== A Catalog of Security Attacks ====== Methods of attacking a web application from the attackers perspective and how to prevent each attack from the application developers perspective. ===== Information Gathering Attacks ===== * [[directory_scanning|Directory Scanning Attack]] - An attempt to discover the file structure of a web site in preparation for further attacks * [[link_crawl|Link Crawl Attack]] - Traversing application links attempting to discover the structure of the application * [[path_truncation|Path Truncation Attack]] - Examining directory listings by removing the filename portion of the URL * [[cgi_scanning|CGI Scanning Attack]] * [[file_system_scanning|File System Scanning Attack]] - Scan the local file system to match its structure and detect vulnerable files. ===== Injection Attacks ===== *[[global_variable_injection|Global Variable Injection Attack]] - Use parameters to inject arbitary values into uninitialized global variables in a PHP script. *[[remote_file_injection|Remote File Injection Attack]] - Convince a PHP script to use a remote file instead of a presumably trusted file from the local file system. *[[sql_injection|SQL Injection Attack]] - Attempt to get the database server to execute arbitrary SQL. *[[email_injection|Email Injection Attack]] - Attempt to get the program to send arbitrary emails. *[[command_injection|Command Injection Attack]] - Attempt to execute shell commands. *[[code_injection|Code Injection Attack]] - Attempt to execute arbitrary PHP code. *[[cross_site_scripting|Cross Site Scripting Attack]] - Attempt to coerce the program to outputing third party javascript. *[[cookie_tampering|Cookie Tampering Attack]] - Attempt to manipulate an application's cookie values. *[[parameter_manipulation|Parameter Manipulation Attack]] - Attempt to manipulate input to application validation and filtering. *[[ldap_injection|LDAP Injection Attack]] *[[globally_writable_file|Globally Writable File Attack]] - File based input can be injected into other applications. ===== Misc Attacks ===== * [[password_cracking|Password Cracking Attack]] - Brute force password guessing * [[denial_of_service|Denial of Service Attack]] - If you can't beat'em, shut them down. ===== Additional Information ===== * See [[security:risk:catalog|security vulnerability catalog]]. * See [[security:web application security]].