ENGIMY.IO - CHEATSHEET
ATTACKS × QUICK REFERENCE
REFERENCE v1.0

Types of Attacks Quick Reference

Everything you need day‑to‑day – attack vectors, impacts, and defences.

Attack Classifications

By Target
  • Web Applications (XSS, SQLi, CSRF)
  • Network (MITM, DDoS, Sniffing)
  • Endpoint (Malware, Ransomware)
  • Human (Phishing, Social Engineering)
  • Cryptographic (Brute Force, Hash Collision)
By Goal
  • Data Theft / Exfiltration
  • Denial of Service (DoS/DDoS)
  • Privilege Escalation
  • Information Disclosure
  • System Compromise
  • Financial Fraud

Web Application Attacks

Cross-Site Scripting (XSS)

  • Injects malicious scripts into web pages
  • Types: Stored, Reflected, DOM-based
  • Steals cookies, session tokens, user data
  • Prevention: Input sanitisation, CSP, HTML encoding
<script>alert('XSS')</script>

// Prevention: HTML encode
<script>alert('XSS')</script> → &lt;script&gt;alert('XSS')&lt;/script&gt;

SQL Injection (SQLi)

  • Injects malicious SQL queries via input
  • Bypasses authentication, extracts data
  • Can delete or modify database
  • Prevention: Parameterised queries, ORM, input validation
// Example: SQLi
' OR '1'='1' --

// Query becomes:
SELECT * FROM users WHERE username='' OR '1'='1' --' AND password=''

// Prevention: Parameterised queries (JDBC)
PreparedStatement stmt = conn.prepareStatement(
    "SELECT * FROM users WHERE username = ? AND password = ?"
);
stmt.setString(1, username);
stmt.setString(2, password);

Cross-Site Request Forgery (CSRF)

  • Forces authenticated user to perform unwanted actions
  • Exploits trust of web application
  • Changes password, funds transfer, etc.
  • Prevention: CSRF tokens, SameSite cookies, re‑authentication

Command Injection

  • Executes arbitrary system commands
  • Input passed to shell without sanitisation
  • Can compromise entire server
  • Prevention: Avoid system() calls, sanitise input, use APIs

Path Traversal / Directory Traversal

  • Accesses files outside web root
  • Uses ../ sequences to navigate
  • Exposes configuration, source code, passwords
  • Prevention: Validate file paths, use whitelisting, chroot

Server-Side Request Forgery (SSRF)

  • Abuses server to make requests to internal resources
  • Accesses internal services, cloud metadata
  • Can lead to data exfiltration
  • Prevention: Validate URLs, block internal IPs, network segmentation

XML External Entity (XXE)

  • Exploits XML parsers with external entities
  • Reads local files, performs SSRF
  • Can cause DoS
  • Prevention: Disable external entities, use secure parsers

Insecure Deserialization

  • Exploits deserialisation of untrusted data
  • Leads to remote code execution
  • Common in Java, PHP, Python, Ruby
  • Prevention: Avoid deserialising untrusted data, use allowlists, integrity checks

Network Attacks

Denial of Service (DoS / DDoS)

  • Overwhelms system with traffic/requests
  • Makes service unavailable
  • Distributed (DDoS) uses multiple sources
  • Prevention: Rate limiting, load balancing, CDN, WAF, traffic filtering
  • Types: Volumetric, Protocol, Application layer

Man-in-the-Middle (MITM)

  • Intercepts communication between two parties
  • Eavesdrops, modifies, or impersonates
  • ARP spoofing, DNS spoofing, SSL stripping
  • Prevention: TLS/SSL, certificate validation, VPN, secure DNS

ARP Spoofing / Poisoning

  • Falsifies ARP responses on local network
  • Redirects traffic to attacker's MAC
  • Used in MITM attacks
  • Prevention: Dynamic ARP inspection, static ARP, network segmentation

DNS Spoofing / Cache Poisoning

  • Falsifies DNS responses
  • Redirects users to malicious sites
  • Can lead to credential theft
  • Prevention: DNSSEC, encrypted DNS (DoH/DoT), validate responses

Packet Sniffing

  • Passively captures network packets
  • Extracts sensitive data (passwords, tokens)
  • Works on unencrypted or insecure protocols
  • Prevention: Encryption (TLS), VPN, secure protocols (SSH, HTTPS)

IP Spoofing

  • Forges source IP address
  • Bypasses IP‑based authentication
  • Used in DoS and MITM attacks
  • Prevention: Ingress/egress filtering, authentication, cryptographic validation

Cryptographic Attacks

Brute Force Attack

  • Tries all possible combinations
  • Targets passwords, encryption keys
  • Time‑consuming for strong keys
  • Prevention: Strong passwords, rate limiting, account lockout, MFA

Dictionary Attack

  • Uses wordlist of common passwords
  • More efficient than brute force
  • Prevention: Password policies, MFA, salted hashing

Hash Collision Attack

  • Finds two different inputs with same hash
  • Compromises integrity and signatures
  • Weak hash algorithms (MD5, SHA‑1) are vulnerable
  • Prevention: Use SHA‑256, SHA‑3, strong hashing

Replay Attack

  • Captures and resends valid data transmission
  • Replays authentication, transactions
  • Prevention: Nonces, timestamps, session tokens, TLS

Side‑Channel Attack

  • Exploits physical implementation
  • Timing, power consumption, electromagnetic leaks
  • Spectre, Meltdown, timing attacks
  • Prevention: Constant‑time algorithms, masking, hardware mitigations

Birthday Attack

  • Exploits birthday paradox to find hash collisions
  • Compromises digital signatures
  • Prevention: Use larger hash output (SHA‑256/384/512)

Social Engineering

Phishing

  • Fake emails/websites pretending to be legitimate
  • Steals credentials, personal information
  • Types: Spear phishing (targeted), Whaling (executives), Vishing (voice), Smishing (SMS)
  • Prevention: User education, email filtering, MFA, verify URLs

Pretexting

  • Creates a fabricated scenario to extract info
  • Impersonates authority figures, IT support
  • Prevention: Verify identity, follow procedures, employee training

Baiting

  • Offers something attractive to lure victim
  • USB drives, downloads, free software
  • Installs malware when used
  • Prevention: Security awareness, USB lockdown, software sources

Tailgating / Piggybacking

  • Follows authorised person into restricted area
  • Physical security breach
  • Prevention: Access control, security awareness, badge checks

Malware Attacks

Ransomware

  • Encrypts files, demands ransom for decryption
  • WannaCry, Ryuk, LockBit
  • Spreads via phishing, exploits, RDP
  • Prevention: Backups, updates, email filtering, network segmentation

Virus

  • Self‑replicating, attaches to files
  • Requires host file to spread
  • Prevention: Anti‑virus, software updates, safe downloads

Worm

  • Self‑replicating, spreads across network
  • Does not need host file
  • Conficker, Morris worm
  • Prevention: Network segmentation, patch management, security monitoring

Trojan Horse

  • Disguised as legitimate software
  • Contains malicious code
  • Prevention: Download from trusted sources, antivirus, code signing

Spyware / Adware

  • Monitors user activity, steals information
  • Displays unwanted ads
  • Prevention: Antispyware tools, browser extensions, safe browsing

Rootkit

  • Hides malicious code from detection
  • Maintains privileged access
  • Prevention: Security software, patch management, regular scans

Mitigation Strategies Summary

Attack Type Primary Defence Secondary Defence
XSS Input Sanitisation CSP, Output Encoding
SQL Injection Parameterised Queries ORM, Input Validation
CSRF CSRF Tokens SameSite Cookies, Re‑auth
DDoS Rate Limiting CDN, WAF, Load Balancing
MITM TLS/SSL Encryption Certificate Pinning, VPN
Phishing User Education Email Filtering, MFA
Brute Force Strong Passwords Rate Limiting, Account Lockout, MFA
Ransomware Regular Backups Patch Management, Email Filtering
ARP Spoofing Dynamic ARP Inspection Network Segmentation, Static ARP
DNS Spoofing DNSSEC Encrypted DNS, Response Validation
📌 Quick Reference
Web: XSS (sanitise), SQLi (param queries), CSRF (tokens), SSRF (validate URLs)
Network: DDoS (rate limit), MITM (TLS), ARP/DNS spoofing (DNSSEC, ARP inspection)
Crypto: Brute force (strong passwords, MFA), Hash collisions (SHA‑256+), Replay (nonces)
Social: Phishing (education, MFA), Pretexting (verify identity), Baiting (awareness)
Malware: Ransomware (backups), Viruses/Worms (patches), Trojans (trusted sources)
Defence in depth: Never rely on a single layer – use multiple defences.
← Back to All Cheatsheets