Types of Security Attacks

Below is the list of security attacks that might happen.

  1. Cross site scripting (XSS) – Injecting malicious Java script code into the web pages.
  2. CSRF – Cross Site Request Forgery
  3. Session hijacking attack – by stealing the session Id
  4. DoS – Denial of Service
  5. SQL injection
  6. Code injection – Making malicious code execute by the application.
  7. Malware injection
  8. Phishing – Posing a fake site for actual site in an attempt to steal confidential data. For example – sending an email with fake website link to potential victims. Victims complete the transaction on the fake website without noticing that the site is fake.
  9. Brute Force attack – exhaustive attack by trying all possible combinations of input values. For example – trying to find the password of the site by trying a lot of combinations of the passwords.
  10. Cache poisoning – inserting malicious data into browser cache
  11. DNS Poisoning – tampering with DNS records on DNS Server.
  12. Account lockout attack – locking the account of given user by entering the wrong password more than maximum allowed times deliberately. It is a kind of DoS attack where valid users won’t get access to the information due to locked out account.
  13. Malware
  14. Stealing plain text data (Unencrypted)
  15. Cross site request forgery

Web development and Automation testing

solutions delivered!!