Vulnerability Türleri (Açık)
- Konuyu başlatan 25T0Lifel
- Başlangıç tarihi
Sana bir sürü açık yazdım, hepsini, "bwapp, dvwa, owasp mutillidae, webgoat" gibi güvenlik testleri scriptlerinde deneyip, geliştirebilirsin, kolay gelsin.
Kod:
OS Command İnjection
Php Code İnjection
Broken Authentication & Session Management
Server-Side İncludes İnjection
İnsecure Direct Object References(İDOR)
Remote & Local File İnclusion
Directory Traversal
Cross Site Request Forgery
HTTP Parameter Pollution
Click Jacking
► Abuse of Functionality (6 P)
D
► Data Structure Attacks (2 P)
E
► Embedded Malicious Code (3 P)
► Exploitation of Authentication (8 P)
I
► Injection (29 P)
P
► Path Traversal Attack (1 P)
► Probabilistic Techniques (4 P)
► Protocol Manipulation (1 P)
R
► Resource Depletion (2 P)
► Resource Manipulation (10 P)
S
► Sniffing Attacks (empty)
► Spoofing (4 P)
Pages in category "Attack"
The following 66 pages are in this category, out of 66 total.
B
Binary planting
Blind SQL Injection
Blind XPath Injection
Brute force attack
Buffer overflow attack
C
Cache Poisoning
Cash Overflow
Code Injection
Command Injection
Comment Injection Attack
Content Security Policy
Content Spoofing
Cornucopia - Ecommerce Website Edition - Wiki Deck
CORS OriginHeaderScrutiny
CORS RequestPreflighScrutiny
Credential stuffing
Cross Frame Scripting
Cross Site History Manipulation (XSHM)
Cross Site Tracing
Cross-Site Request Forgery (CSRF)
Cross-site Scripting (XSS)
Cross-User Defacement
C cont.
Cryptanalysis
Custom Special Character Injection
D
Denial of Service
Direct Dynamic Code Evaluation ('Eval Injection')
E
Execution After Redirect (EAR)
F
Forced browsing
Format string attack
Full Path Disclosure
Function Injection
H
HTTP Response Splitting
I
Inyección de Código
Inyección SQL
Inyección SQL Ciega
Inyección XPath
Inyección XPath Ciega
L
Log Injection
M
Man-in-the-browser attack
Man-in-the-middle attack
Mobile code: invoking untrusted mobile code
Mobile code: non-final public field
Mobile code: object hijack
O
One-Click Attack
O cont.
OWASP Cornucopia
P
Parameter Delimiter
Path Traversal
R
Reflected DOM Injection
Regular expression Denial of Service - ReDoS
Repudiation Attack
Resource Injection
S
Server-Side Includes (SSI) Injection
Session fixation
Session hijacking attack
Session Prediction
Setting Manipulation
Special Element Injection
Spyware
SQL Injection
T
Traffic flood
Trojan Horse
U
Unicode Encoding
W
Web Parameter Tampering
Windows :
ATA alternate data stream
X
XPATH Injection
XSRF
https://www.owasp.org/index.php/Category:Attack
D
► Data Structure Attacks (2 P)
E
► Embedded Malicious Code (3 P)
► Exploitation of Authentication (8 P)
I
► Injection (29 P)
P
► Path Traversal Attack (1 P)
► Probabilistic Techniques (4 P)
► Protocol Manipulation (1 P)
R
► Resource Depletion (2 P)
► Resource Manipulation (10 P)
S
► Sniffing Attacks (empty)
► Spoofing (4 P)
Pages in category "Attack"
The following 66 pages are in this category, out of 66 total.
B
Binary planting
Blind SQL Injection
Blind XPath Injection
Brute force attack
Buffer overflow attack
C
Cache Poisoning
Cash Overflow
Code Injection
Command Injection
Comment Injection Attack
Content Security Policy
Content Spoofing
Cornucopia - Ecommerce Website Edition - Wiki Deck
CORS OriginHeaderScrutiny
CORS RequestPreflighScrutiny
Credential stuffing
Cross Frame Scripting
Cross Site History Manipulation (XSHM)
Cross Site Tracing
Cross-Site Request Forgery (CSRF)
Cross-site Scripting (XSS)
Cross-User Defacement
C cont.
Cryptanalysis
Custom Special Character Injection
D
Denial of Service
Direct Dynamic Code Evaluation ('Eval Injection')
E
Execution After Redirect (EAR)
F
Forced browsing
Format string attack
Full Path Disclosure
Function Injection
H
HTTP Response Splitting
I
Inyección de Código
Inyección SQL
Inyección SQL Ciega
Inyección XPath
Inyección XPath Ciega
L
Log Injection
M
Man-in-the-browser attack
Man-in-the-middle attack
Mobile code: invoking untrusted mobile code
Mobile code: non-final public field
Mobile code: object hijack
O
One-Click Attack
O cont.
OWASP Cornucopia
P
Parameter Delimiter
Path Traversal
R
Reflected DOM Injection
Regular expression Denial of Service - ReDoS
Repudiation Attack
Resource Injection
S
Server-Side Includes (SSI) Injection
Session fixation
Session hijacking attack
Session Prediction
Setting Manipulation
Special Element Injection
Spyware
SQL Injection
T
Traffic flood
Trojan Horse
U
Unicode Encoding
W
Web Parameter Tampering
Windows :
ATA alternate data streamX
XPATH Injection
XSRF
Kod:
https://www.owasp.org/index.php/Category:Attack
