This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User talk:Anishnath"
KateHartmann (talk | contribs) m (Welcome!) |
(→Threats on Applications,Hosts and Networks: new section) |
||
| Line 3: | Line 3: | ||
You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages]. | You will probably want to read the [https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Contents help pages]. | ||
Again, welcome and have fun! [[User:KateHartmann|KateHartmann]] ([[User talk:KateHartmann|talk]]) 13:48, 19 November 2014 (CST) | Again, welcome and have fun! [[User:KateHartmann|KateHartmann]] ([[User talk:KateHartmann|talk]]) 13:48, 19 November 2014 (CST) | ||
| + | |||
| + | == Threats on Applications,Hosts and Networks == | ||
| + | |||
| + | |||
| + | |||
| + | == '''Overview of Threat category on Applications,Hosts and Networks''' == | ||
| + | |||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | |||
| + | |||
| + | == '''Application Threats''' == | ||
| + | |||
| + | |||
| + | 1.'''''Poor Input/Data Validation''''' can cause the following problems like Buffer Overflow, Cross-site Scripting,SQL Injections, XPATH.Xquery Injection,Directory Path traversal attack, Canonicalization attacks,Query string manipulation, HTTP header manipulation,Cookie manipulation | ||
| + | |||
| + | 2. '''''Poor Authentication''''' can lead to the following attacks, Network eavesdropping,Brute force attacks,Dictionary attacks,Cookie replay attacks,Credential theft | ||
| + | |||
| + | 3. '''Poor Authorization''' can lead to Elevation of privilege, Data tampering,Luring attacks,Token Stealing. | ||
| + | |||
| + | 4. '''Poor Session Management''' can lead to Session hijacking,Session replay,Session fixation,Cross-site request forgery,MITM | ||
| + | |||
| + | 5 '''Poor Exception Management''' can lead to Revealing sensitive system or application details, DoS | ||
| + | |||
| + | ---- | ||
| + | |||
| + | |||
| + | == '''Hosts Threats''' == | ||
| + | |||
| + | |||
| + | 1. '''Virus''' | ||
| + | |||
| + | 2. '''Footprinting''' | ||
| + | |||
| + | 3. '''Password Cracking''' | ||
| + | |||
| + | 4. '''Dos''' | ||
| + | |||
| + | 5. '''Unauthorized Access''' | ||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | '''Network Threats''' | ||
| + | |||
| + | 1. '''Phising''' | ||
| + | |||
| + | 2. '''Port scanning''' | ||
| + | |||
| + | 3. '''Sniffing''' | ||
| + | |||
| + | 4. '''IP spoofing''' | ||
| + | |||
| + | 5. '''DNS spoofing''' | ||
| + | |||
| + | 6. '''ARP spoofing''' | ||
| + | |||
| + | 7. '''MITM''' | ||
| + | |||
| + | 8. '''SYn Flood''' | ||
Latest revision as of 07:41, 28 November 2014
Welcome to OWASP! We hope you will contribute much and well. You will probably want to read the help pages. Again, welcome and have fun! KateHartmann (talk) 13:48, 19 November 2014 (CST)
Threats on Applications,Hosts and Networks
Overview of Threat category on Applications,Hosts and Networks
Application Threats
1.Poor Input/Data Validation can cause the following problems like Buffer Overflow, Cross-site Scripting,SQL Injections, XPATH.Xquery Injection,Directory Path traversal attack, Canonicalization attacks,Query string manipulation, HTTP header manipulation,Cookie manipulation
2. Poor Authentication can lead to the following attacks, Network eavesdropping,Brute force attacks,Dictionary attacks,Cookie replay attacks,Credential theft
3. Poor Authorization can lead to Elevation of privilege, Data tampering,Luring attacks,Token Stealing.
4. Poor Session Management can lead to Session hijacking,Session replay,Session fixation,Cross-site request forgery,MITM
5 Poor Exception Management can lead to Revealing sensitive system or application details, DoS
Hosts Threats
1. Virus
2. Footprinting
3. Password Cracking
4. Dos
5. Unauthorized Access
Network Threats
1. Phising
2. Port scanning
3. Sniffing
4. IP spoofing
5. DNS spoofing
6. ARP spoofing
7. MITM
8. SYn Flood
