attack list 

    Binary Planting
    Blind SQL Injection
    Blind XPath Injection
    Brute Force Attack
    Buffer Overflow via Environment Variables
    Buffer Overflow Attack
    CORS OriginHeaderScrutiny
    CORS RequestPreflighScrutiny
    CSV Injection
    Cache Poisoning
    Cash Overflow
    Clickjacking
    Code Injection
    Command Injection
    Comment Injection Attack
    Content Security Policy
    Content Spoofing by Andrew Smith
    Cornucopia - Ecommerce Website Edition - Wiki Deck by Darío De Filippis
    Credential stuffing
    Cross-User Defacement
    Cross Site Scripting (XSS) by KirstenS
    Cross Frame Scripting
    Cross Site History Manipulation (XSHM)
    Cross Site Tracing
    Cryptanalysiss
    Custom Special Character Injection
    Denial of Service
    Direct Dynamic Code Evaluation - Eval Injection
    Embedding Null Code by Nsrav
    Execution After Redirect (EAR) by Robert Gilbert (amroot)
    Forced browsing
    Form action hijacking by Robert Gilbert (amroot)
    Format string attack
    Full Path Disclosure
    Function Injection
    HTTP Response Splitting
    LDAP Injection
    Log Injection
    Man-in-the-browser attack
    Man-in-the-middle attack
    Mobile code invoking untrusted mobile code
    Mobile code non-final public field
    Mobile code object hijack
    Parameter Delimiter
    Path Traversal
    Qrljacking
    Reflected DOM Injection
    Regular expression Denial of Service - ReDoS
    Repudiation Attack
    Resource Injection
    Reverse Tabnabbing
    SQL Injection
    Server-Side Includes (SSI) Injection by Weilin Zhong, Nsrav
    Server Side Request Forgery
    Session Prediction
    Session fixation
    Session hijacking attack
    Setting Manipulation
    Special Element Injection
    Spyware
    Traffic flood
    Trojan Horse
    Unicode Encoding
    Web Parameter Tampering
    Windows ::DATA Alternate Data Stream
    XPATH Injection
    XSRF
    XSS in subtitle by Mohammad MortazaviZade
    Cross Site Request Forgery (CSRF) by KirstenS

https://owasp.org/www-community/attacks/

posted @   fndefbwefsowpvqfx  阅读(143)  评论(0编辑  收藏  举报
(评论功能已被禁用)
编辑推荐:
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
阅读排行:
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· Manus爆火,是硬核还是营销?
· 终于写完轮子一部分:tcp代理 了,记录一下
· 别再用vector<bool>了!Google高级工程师:这可能是STL最大的设计失误
· 单元测试从入门到精通
点击右上角即可分享
微信分享提示