This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User talk:Anishnath

From OWASP
Jump to: navigation, search

Welcome to OWASP! We hope you will contribute much and well. You will probably want to read the help pages. Again, welcome and have fun! KateHartmann (talk) 13:48, 19 November 2014 (CST)

Threats on Applications,Hosts and Networks

Overview of Threat category on Applications,Hosts and Networks


Application Threats

1.Poor Input/Data Validation can cause the following problems like Buffer Overflow, Cross-site Scripting,SQL Injections, XPATH.Xquery Injection,Directory Path traversal attack, Canonicalization attacks,Query string manipulation, HTTP header manipulation,Cookie manipulation

2. Poor Authentication can lead to the following attacks, Network eavesdropping,Brute force attacks,Dictionary attacks,Cookie replay attacks,Credential theft

3. Poor Authorization can lead to Elevation of privilege, Data tampering,Luring attacks,Token Stealing.

4. Poor Session Management can lead to Session hijacking,Session replay,Session fixation,Cross-site request forgery,MITM

5 Poor Exception Management can lead to Revealing sensitive system or application details, DoS


Hosts Threats

1. Virus

2. Footprinting

3. Password Cracking

4. Dos

5. Unauthorized Access


Network Threats

1. Phising

2. Port scanning

3. Sniffing

4. IP spoofing

5. DNS spoofing

6. ARP spoofing

7. MITM

8. SYn Flood

Retrieved from "https://wiki.owasp.org/index.php?title=User_talk:Anishnath&oldid=186109"