Types of Web Application Attacks

Learn Cybersecurity for FREE

Server-Side Attacks

  • Server side request forgery (SSRF)
  • RCE: Remote Code Execution
  • Shell injection
  • LFI: Local File Inclusion
  • RMI: Remote File Inclusion
  • Path Traversal / Arbitrary
  • SQL injection, REST injection
  • LDAP injection
  • Server-side Template Injection (SSTI)
  • XXE: XML External Entities
  • File Upload: https://github.com/almandin/fuxploider, https://imagetragick.com/
  • De-serialization
  • JSON: JWS/JWE weaknesses
  • HTTP request smuggling
  • Brute-forcing
  • Broken Session management (login/cookie bypass, impersonation, …)
  • Logical flaws (IDOR, …)

Client-Side Attacks

  • XSS (Cross-Site Scripting)
  • CSRF (Cross-Site Request Forgery)

HTTP headers security

  • HSTS (HTTP Strict Transport Security) Protects against Man-in-the-Middle, downgrade attacks and cookie hijacking in the webbrowser
  • CORS (Cross-origin resource sharing) Protects cross-domain XHR calls to prevent XSS in the webbrower
  • CSP (Content Security Policy) https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy Controls which origins and scripts the user agents loads to prevent XSS in the webbrowser

Authentication protocols

  • HTTP Auth Basic
  • OAUTH1.0
  • OAUTH2.0 https://tools.ietf.org/html/rfc6749
  • OpenID Connect (OIDC) https://auth0.com/docs/protocols/oidc Based on OAUTH2 + JWT
  • SAML (Security Assertion Markup Language) https://developers.onelogin.com/saml Uses XML and X.509 certificate validation

About me

I have a Master’s Degree in Computer Science and specialized in cybersecurity in 2001. Back then, I was an independent security researcher. I have worked from 2009 as a cybersecurity consultant, specializing in penetration testing for the banking and financial services industry in 2015.

I hold Certified Ethical Hacker (CEH) and Offensive Security Certified Professional (OSCP) certifications.

    

© 2021 DEFENSAHACKER