Types of Attacks Quick Reference
Everything you need day‑to‑day – attack vectors, impacts, and defences.
Attack Classifications
By Target
- Web Applications (XSS, SQLi, CSRF)
- Network (MITM, DDoS, Sniffing)
- Endpoint (Malware, Ransomware)
- Human (Phishing, Social Engineering)
- Cryptographic (Brute Force, Hash Collision)
By Goal
- Data Theft / Exfiltration
- Denial of Service (DoS/DDoS)
- Privilege Escalation
- Information Disclosure
- System Compromise
- Financial Fraud
Web Application Attacks
Cross-Site Scripting (XSS)
- Injects malicious scripts into web pages
- Types: Stored, Reflected, DOM-based
- Steals cookies, session tokens, user data
- Prevention: Input sanitisation, CSP, HTML encoding
<script>alert('XSS')</script>
// Prevention: HTML encode
<script>alert('XSS')</script> → <script>alert('XSS')</script>
SQL Injection (SQLi)
- Injects malicious SQL queries via input
- Bypasses authentication, extracts data
- Can delete or modify database
- Prevention: Parameterised queries, ORM, input validation
// Example: SQLi ' OR '1'='1' -- // Query becomes: SELECT * FROM users WHERE username='' OR '1'='1' --' AND password='' // Prevention: Parameterised queries (JDBC) PreparedStatement stmt = conn.prepareStatement( "SELECT * FROM users WHERE username = ? AND password = ?" ); stmt.setString(1, username); stmt.setString(2, password);
Cross-Site Request Forgery (CSRF)
- Forces authenticated user to perform unwanted actions
- Exploits trust of web application
- Changes password, funds transfer, etc.
- Prevention: CSRF tokens, SameSite cookies, re‑authentication
Command Injection
- Executes arbitrary system commands
- Input passed to shell without sanitisation
- Can compromise entire server
- Prevention: Avoid system() calls, sanitise input, use APIs
Path Traversal / Directory Traversal
- Accesses files outside web root
- Uses ../ sequences to navigate
- Exposes configuration, source code, passwords
- Prevention: Validate file paths, use whitelisting, chroot
Server-Side Request Forgery (SSRF)
- Abuses server to make requests to internal resources
- Accesses internal services, cloud metadata
- Can lead to data exfiltration
- Prevention: Validate URLs, block internal IPs, network segmentation
XML External Entity (XXE)
- Exploits XML parsers with external entities
- Reads local files, performs SSRF
- Can cause DoS
- Prevention: Disable external entities, use secure parsers
Insecure Deserialization
- Exploits deserialisation of untrusted data
- Leads to remote code execution
- Common in Java, PHP, Python, Ruby
- Prevention: Avoid deserialising untrusted data, use allowlists, integrity checks
Network Attacks
Denial of Service (DoS / DDoS)
- Overwhelms system with traffic/requests
- Makes service unavailable
- Distributed (DDoS) uses multiple sources
- Prevention: Rate limiting, load balancing, CDN, WAF, traffic filtering
- Types: Volumetric, Protocol, Application layer
Man-in-the-Middle (MITM)
- Intercepts communication between two parties
- Eavesdrops, modifies, or impersonates
- ARP spoofing, DNS spoofing, SSL stripping
- Prevention: TLS/SSL, certificate validation, VPN, secure DNS
ARP Spoofing / Poisoning
- Falsifies ARP responses on local network
- Redirects traffic to attacker's MAC
- Used in MITM attacks
- Prevention: Dynamic ARP inspection, static ARP, network segmentation
DNS Spoofing / Cache Poisoning
- Falsifies DNS responses
- Redirects users to malicious sites
- Can lead to credential theft
- Prevention: DNSSEC, encrypted DNS (DoH/DoT), validate responses
Packet Sniffing
- Passively captures network packets
- Extracts sensitive data (passwords, tokens)
- Works on unencrypted or insecure protocols
- Prevention: Encryption (TLS), VPN, secure protocols (SSH, HTTPS)
IP Spoofing
- Forges source IP address
- Bypasses IP‑based authentication
- Used in DoS and MITM attacks
- Prevention: Ingress/egress filtering, authentication, cryptographic validation
Cryptographic Attacks
Brute Force Attack
- Tries all possible combinations
- Targets passwords, encryption keys
- Time‑consuming for strong keys
- Prevention: Strong passwords, rate limiting, account lockout, MFA
Dictionary Attack
- Uses wordlist of common passwords
- More efficient than brute force
- Prevention: Password policies, MFA, salted hashing
Hash Collision Attack
- Finds two different inputs with same hash
- Compromises integrity and signatures
- Weak hash algorithms (MD5, SHA‑1) are vulnerable
- Prevention: Use SHA‑256, SHA‑3, strong hashing
Replay Attack
- Captures and resends valid data transmission
- Replays authentication, transactions
- Prevention: Nonces, timestamps, session tokens, TLS
Side‑Channel Attack
- Exploits physical implementation
- Timing, power consumption, electromagnetic leaks
- Spectre, Meltdown, timing attacks
- Prevention: Constant‑time algorithms, masking, hardware mitigations
Birthday Attack
- Exploits birthday paradox to find hash collisions
- Compromises digital signatures
- Prevention: Use larger hash output (SHA‑256/384/512)
Social Engineering
Phishing
- Fake emails/websites pretending to be legitimate
- Steals credentials, personal information
- Types: Spear phishing (targeted), Whaling (executives), Vishing (voice), Smishing (SMS)
- Prevention: User education, email filtering, MFA, verify URLs
Pretexting
- Creates a fabricated scenario to extract info
- Impersonates authority figures, IT support
- Prevention: Verify identity, follow procedures, employee training
Baiting
- Offers something attractive to lure victim
- USB drives, downloads, free software
- Installs malware when used
- Prevention: Security awareness, USB lockdown, software sources
Tailgating / Piggybacking
- Follows authorised person into restricted area
- Physical security breach
- Prevention: Access control, security awareness, badge checks
Malware Attacks
Ransomware
- Encrypts files, demands ransom for decryption
- WannaCry, Ryuk, LockBit
- Spreads via phishing, exploits, RDP
- Prevention: Backups, updates, email filtering, network segmentation
Virus
- Self‑replicating, attaches to files
- Requires host file to spread
- Prevention: Anti‑virus, software updates, safe downloads
Worm
- Self‑replicating, spreads across network
- Does not need host file
- Conficker, Morris worm
- Prevention: Network segmentation, patch management, security monitoring
Trojan Horse
- Disguised as legitimate software
- Contains malicious code
- Prevention: Download from trusted sources, antivirus, code signing
Spyware / Adware
- Monitors user activity, steals information
- Displays unwanted ads
- Prevention: Antispyware tools, browser extensions, safe browsing
Rootkit
- Hides malicious code from detection
- Maintains privileged access
- Prevention: Security software, patch management, regular scans
Mitigation Strategies Summary
| Attack Type | Primary Defence | Secondary Defence |
|---|---|---|
| XSS | Input Sanitisation | CSP, Output Encoding |
| SQL Injection | Parameterised Queries | ORM, Input Validation |
| CSRF | CSRF Tokens | SameSite Cookies, Re‑auth |
| DDoS | Rate Limiting | CDN, WAF, Load Balancing |
| MITM | TLS/SSL Encryption | Certificate Pinning, VPN |
| Phishing | User Education | Email Filtering, MFA |
| Brute Force | Strong Passwords | Rate Limiting, Account Lockout, MFA |
| Ransomware | Regular Backups | Patch Management, Email Filtering |
| ARP Spoofing | Dynamic ARP Inspection | Network Segmentation, Static ARP |
| DNS Spoofing | DNSSEC | Encrypted DNS, Response Validation |
📌 Quick Reference
Web: XSS (sanitise), SQLi (param queries), CSRF (tokens), SSRF (validate URLs)
Network: DDoS (rate limit), MITM (TLS), ARP/DNS spoofing (DNSSEC, ARP inspection)
Crypto: Brute force (strong passwords, MFA), Hash collisions (SHA‑256+), Replay (nonces)
Social: Phishing (education, MFA), Pretexting (verify identity), Baiting (awareness)
Malware: Ransomware (backups), Viruses/Worms (patches), Trojans (trusted sources)
Defence in depth: Never rely on a single layer – use multiple defences.
Network: DDoS (rate limit), MITM (TLS), ARP/DNS spoofing (DNSSEC, ARP inspection)
Crypto: Brute force (strong passwords, MFA), Hash collisions (SHA‑256+), Replay (nonces)
Social: Phishing (education, MFA), Pretexting (verify identity), Baiting (awareness)
Malware: Ransomware (backups), Viruses/Worms (patches), Trojans (trusted sources)
Defence in depth: Never rely on a single layer – use multiple defences.