Welcome to Scribd!

Skip carousel

VULNERABILITIES

Uploaded by

traptanshparihar1

0% found this document useful (0 votes)

4 views2 pages

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

4 views2 pages

VULNERABILITIES

Uploaded by

traptanshparihar1

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 2

Search inside document

TYPES OF VULNERABILITIES

➢ Web-Based Vulnerabilities:

1. SQL Injection (SQLi): Exploiting vulnerabilities in database queries to

manipulate or extract data.

2. Cross-Site Scripting (XSS): Injecting malicious scripts into web pages

viewed by other users.

3. Cross-Site Request Forgery (CSRF): Forcing users to perform actions on a

web application without their consent.

4. Security Misconfigurations: Improperly configured security settings or

defaults.

5. Command Injection: Executing arbitrary commands on a host through a

vulnerable web application.

6. File Inclusion: Including files on a server through a web browser.

7. Unvalidated Redirects and Forwards: Redirecting users to malicious

websites or pages.

8. Insecure Direct Object References (IDOR): Accessing unauthorized data

by manipulating object references.

➢ Network-Based Vulnerabilities:

1. Man-in-the-Middle (MitM) Attacks: Intercepting and potentially altering

communication between two parties.

2. DNS Spoofing/Poisoning: Manipulating DNS responses to redirect users

to malicious sites.

3. Denial of Service (DoS) and Distributed Denial of Service (DDoS):

Overloading network resources to make a service unavailable.
4. ARP Spoofing/Poisoning: Associating a rogue MAC address with the IP
address of a legitimate network node.

5. Port Scanning: Identifying open ports on a system to find potential

vulnerabilities.

6. Packet Sniffing: Capturing and analyzing network traffic to obtain

sensitive information.

7. Network Eavesdropping: Listening to network communication without

authorization.

➢ Host-Based Vulnerabilities:

1. Weak Passwords: Using easily guessable or crackable passwords.

2. Outdated Software: Running software or operating systems with known

vulnerabilities.

3. Lack of Patch Management: Failing to apply security patches promptly.

4. Unnecessary Services and Ports: Running services or ports that are not
needed, increasing the attack surface.

5. Insecure Configurations: Poorly configured security settings on the host

system.

6. Privilege Escalation: Gaining unauthorized access to higher-level

permissions.

7. Malware: Installing malicious software on the host system.

8. Buffer Overflows: Exploiting programming errors to overwrite memory

and execute arbitrary code.

---------------------------------------------END---------------------------------------------

Report For Foophones: by Utkarsh Munra
Document37 pages
Report For Foophones: by Utkarsh Munra
suraj fb
No ratings yet
2007 Subaru Forester Service Manual PDF Download
Document30 pages
2007 Subaru Forester Service Manual PDF Download
sen til
80% (5)
Holding Company Business Plan
Document59 pages
Holding Company Business Plan
Fayad Calú
No ratings yet
1620 - Central Gateway Fault Codes 6.0
Document4 pages
1620 - Central Gateway Fault Codes 6.0
Tobias Ken
No ratings yet
Rental Property Income Statement and Balance Sheet
Document1 page
Rental Property Income Statement and Balance Sheet
Century 21 Sweyer and Associates
71% (7)
Philippine Supreme Court Jurisprudence: Home Law Firm Law Library Laws Jurisprudence
Document43 pages
Philippine Supreme Court Jurisprudence: Home Law Firm Law Library Laws Jurisprudence
mae ann rodolfo
No ratings yet
COMPTIA Security Plus Master Cheat Sheet
Document33 pages
COMPTIA Security Plus Master Cheat Sheet
Tupa
No ratings yet
Excavation Inspection HSE Checklist
Document3 pages
Excavation Inspection HSE Checklist
Sarfraz Randhawa
No ratings yet
Security+ Notes v.2
Document70 pages
Security+ Notes v.2
sabiy
No ratings yet
Labour Management Using Android Application
Document3 pages
Labour Management Using Android Application
IJRASETPublications
No ratings yet
Terms of Reference
Document2 pages
Terms of Reference
Rahul Verma
No ratings yet
IB History Guide: Causes of The Great Depression
Document2 pages
IB History Guide: Causes of The Great Depression
Katelyn Cooper
No ratings yet
2.3 Various Types of Vulnerabilities
Document2 pages
2.3 Various Types of Vulnerabilities
Richie Nubi
No ratings yet
Miscellaneous
Document22 pages
Miscellaneous
prince tega
No ratings yet
Unit 4
Document23 pages
Unit 4
vinaykalva712
No ratings yet
Bug Bounty Assignment
Document2 pages
Bug Bounty Assignment
sosoca
No ratings yet
Security Architect
Document25 pages
Security Architect
oobidoo916
No ratings yet
Top 50 Attack 1702614908
Document4 pages
Top 50 Attack 1702614908
rotaractorsuhas
No ratings yet
3-UNIT
Document14 pages
3-UNIT
dhruvdixit8141
No ratings yet
2.4 Analyzing Indicators of Malicious Activity
Document4 pages
2.4 Analyzing Indicators of Malicious Activity
Richie Nubi
No ratings yet
PenTest Proposal
Document8 pages
PenTest Proposal
Tarique Mahmud
No ratings yet
Software Security
Document10 pages
Software Security
kavuru.abhijeet
No ratings yet
Web Application Pentest 101
Document121 pages
Web Application Pentest 101
Azlan Yatim
No ratings yet
Top 10 Web Application Security Risks
Document2 pages
Top 10 Web Application Security Risks
Ayaz Alam
No ratings yet
Lecture 10 Web App Security
Document43 pages
Lecture 10 Web App Security
fadila
No ratings yet
COMPTIA 501 Security Plus
Document41 pages
COMPTIA 501 Security Plus
Yovxy Ma
No ratings yet
EXPERIMENT
Document10 pages
EXPERIMENT
soni232vipin
No ratings yet
Application Threats
Document7 pages
Application Threats
sipra
No ratings yet
Ridho Abdul Majid
Document24 pages
Ridho Abdul Majid
Ridho Abdul Majid
No ratings yet
Openpalacy
Document4 pages
Openpalacy
RameshbabuKota
No ratings yet
Internet & E-Commerce: By: Prof. Riyaz A. Sheikh Lecturer & Academic Head (Comp. Appl.)
Document15 pages
Internet & E-Commerce: By: Prof. Riyaz A. Sheikh Lecturer & Academic Head (Comp. Appl.)
catchriyaz
No ratings yet
Unit-6 - Web Application Security
Document32 pages
Unit-6 - Web Application Security
yototi8935
No ratings yet
Attacks and Vulnerabilities: Ilya Chalyt Nicholas Egebo
Document46 pages
Attacks and Vulnerabilities: Ilya Chalyt Nicholas Egebo
Akash Agrawal
No ratings yet
Eh 1
Document6 pages
Eh 1
ifgabhay
No ratings yet
Top 30 Application Vulnerabilities and Definitions
Document5 pages
Top 30 Application Vulnerabilities and Definitions
SHOURYA BORDIA
No ratings yet
DeathStar Assignment
Document45 pages
DeathStar Assignment
annspervaiz8
No ratings yet
Api Owasp: 1.broken Object Authorization
Document4 pages
Api Owasp: 1.broken Object Authorization
hazel
No ratings yet
Security Threats MMJ
Document24 pages
Security Threats MMJ
A.F. Momin
No ratings yet
Securing Web Applications Against Xss and Sqli Attacks Using A Novel Deep Learning Approach
Document17 pages
Securing Web Applications Against Xss and Sqli Attacks Using A Novel Deep Learning Approach
fejese4188
No ratings yet
Web Security Testing
Document11 pages
Web Security Testing
Hritika Rawat
No ratings yet
SANGFOR NGAF V8.0.47 Associate 2022 07 Server Security
Document61 pages
SANGFOR NGAF V8.0.47 Associate 2022 07 Server Security
Amie Nursyal
No ratings yet
Injectiom
Document2 pages
Injectiom
Adu-Boahene Christian
No ratings yet
Ben's Security+ Notes
Document22 pages
Ben's Security+ Notes
IftaKharulIslamArnob
No ratings yet
Eh 1
Document6 pages
Eh 1
ifgabhay
No ratings yet
Discussion 3
Document2 pages
Discussion 3
qfjmmata
No ratings yet
VAPT General Questions
Document9 pages
VAPT General Questions
pepal38750
No ratings yet
Physical Layer Vulnerabilities
Document2 pages
Physical Layer Vulnerabilities
Marti Piciorus
No ratings yet
Cyber Security Workshop Syllabus
Document2 pages
Cyber Security Workshop Syllabus
piyushchaudharyc25
No ratings yet
Vulnerabilities and Attacks: Msc. Vuong Thi Nhung Faculty of Information Technology Hanoi University
Document50 pages
Vulnerabilities and Attacks: Msc. Vuong Thi Nhung Faculty of Information Technology Hanoi University
rooney ngô
No ratings yet
شو هو الفرق بين
Document5 pages
شو هو الفرق بين
oobaa bbbssa
No ratings yet
Case Project 8
Document2 pages
Case Project 8
khangpmse140793
No ratings yet
10-Security-Concepts-Lightning-Talk 2of2
Document8 pages
10-Security-Concepts-Lightning-Talk 2of2
Raul Coleto
No ratings yet
Assignment # 1 Penetration Testing
Document4 pages
Assignment # 1 Penetration Testing
Shakeeb Shah
No ratings yet
OWASP Top 10 Security Risk
Document9 pages
OWASP Top 10 Security Risk
Jorge Cañaveral
No ratings yet
Owasp 2021
Document48 pages
Owasp 2021
Sandeep Sagar
No ratings yet
Bug Report
Document2 pages
Bug Report
bixowujy
No ratings yet
100 Vulnerabilities
Document4 pages
100 Vulnerabilities
Huzaifa Top
No ratings yet
Hacking Web Servers
Document4 pages
Hacking Web Servers
Deandryn Russell
No ratings yet
Unit 1
Document59 pages
Unit 1
Chaudhari Pranali Bharat
No ratings yet
10a - Web Security
Document14 pages
10a - Web Security
Alif Faisal
No ratings yet
Hacking Web Applications
Document5 pages
Hacking Web Applications
Deandryn Russell
No ratings yet
IT4409: Web Technologies and E-Services
Document40 pages
IT4409: Web Technologies and E-Services
Binh Pham
No ratings yet
A N Tcybersecurity Awareness Jul 23
Document19 pages
A N Tcybersecurity Awareness Jul 23
Subramanian Ramakrishnan
No ratings yet
Introduction To WASP
Document44 pages
Introduction To WASP
Tzar Umang
No ratings yet
BSOTM Unit 4
Document12 pages
BSOTM Unit 4
Aditi Sharma
No ratings yet
Domain 4
Document8 pages
Domain 4
Hossam Eissa
No ratings yet
CSE2 Research
Document25 pages
CSE2 Research
DTCHAMENI WOKFA GREGORY ROMUALD
No ratings yet
INF 123 Lecture 15
Document45 pages
INF 123 Lecture 15
ramzi akkari
No ratings yet
Web Penetration Testing with Kali Linux - Second Edition
From Everand
Web Penetration Testing with Kali Linux - Second Edition
Ansari Juned Ahmed
No ratings yet
Sub Netting
Document1 page
Sub Netting
traptanshparihar1
No ratings yet
SQL Cheat Sheet
Document2 pages
SQL Cheat Sheet
traptanshparihar1
No ratings yet
Bug Bounty Roadmap
Document3 pages
Bug Bounty Roadmap
traptanshparihar1
No ratings yet
Before: Team Code: 27A
Document39 pages
Before: Team Code: 27A
traptanshparihar1
No ratings yet
MCQ in Machine Design and Shop Practice Part 8 ME Board Exam
Document12 pages
MCQ in Machine Design and Shop Practice Part 8 ME Board Exam
tagne simo rodrigue
100% (1)
Blank - Gold Maintenance Contract India PDF
Document5 pages
Blank - Gold Maintenance Contract India PDF
Jaganath Pani
No ratings yet
CC 2
Document43 pages
CC 2
iamsabaaly
No ratings yet
Openacc Online Course: Lecture 1: Introduction To Openacc
Document47 pages
Openacc Online Course: Lecture 1: Introduction To Openacc
Quant_Geek
No ratings yet
LKS1
Document34 pages
LKS1
Vijay Saroj
No ratings yet
Establishment of Profile Production Line For Shipbuilding in Shipyard (Paper)
Document5 pages
Establishment of Profile Production Line For Shipbuilding in Shipyard (Paper)
pal_malay
No ratings yet
1,000 Indie Posters PDF
Document325 pages
1,000 Indie Posters PDF
Mauricio Mesa Jaramillo
No ratings yet
Civ 2 Quiz Samplex Uribe
Document12 pages
Civ 2 Quiz Samplex Uribe
Duke Sucgang
No ratings yet
Assignment of Innovation and Entrepreneurship of Xiaomi
Document14 pages
Assignment of Innovation and Entrepreneurship of Xiaomi
Md Shoumik Hasan
No ratings yet
2020 CCUSA Work Experience USA Program Agreement - Colombia: CCUSA Inc., (CCUSA), Primavera Camping Tours
Document8 pages
2020 CCUSA Work Experience USA Program Agreement - Colombia: CCUSA Inc., (CCUSA), Primavera Camping Tours
Santiago Daza
No ratings yet
Your Card Already Registered and It Has Username and Password
Document4 pages
Your Card Already Registered and It Has Username and Password
Omar Yousuf
No ratings yet
Nature of Judicial Process
Document10 pages
Nature of Judicial Process
Sandesh Mishra
No ratings yet
AX284661889190en 000203
Document142 pages
AX284661889190en 000203
christian ruiz mosqueda
No ratings yet
Motorola Moto E4 Plus - Schematic Diagarm PDF
Document59 pages
Motorola Moto E4 Plus - Schematic Diagarm PDF
Roger Ardila
0% (1)
NXMS-630 - Datasheet
Document23 pages
NXMS-630 - Datasheet
Adrian Holotte
No ratings yet
Karhula - Model Z-Y100Z-2 - Manual.
Document8 pages
Karhula - Model Z-Y100Z-2 - Manual.
German Zuleta
No ratings yet
A4064-2 Datasheet en - 201003
Document1 page
A4064-2 Datasheet en - 201003
Khalid Elfiqy
No ratings yet
Sterling Selections Corp v. LLDA GR 171427, 2011
Document12 pages
Sterling Selections Corp v. LLDA GR 171427, 2011
doora keys
No ratings yet
NDT - Piping Guide
Document262 pages
NDT - Piping Guide
Carlos Castillo
No ratings yet
Passive: (With Present Simple)
Document2 pages
Passive: (With Present Simple)
Ale Alejandra
No ratings yet