|
SQL Injection
|
' OR '1'='1 (bypasses authentication)
|
|
Cross-Site Scripting (XSS)
|
[script]alert('xss')[/script] (injected input reflected on page)
|
|
Command Injection
|
; cat /etc/passwd (appended to input field)
|
|
LDAP Injection
|
*)(uid=*))(&(uid=* (bypasses directory filters)
|
|
Directory Traversal
|
../../../etc/passwd (escaping web root)
|
|
Buffer Overflow
|
Input of 1000+ consecutive 'A' characters (overflows buffer)
|
|
Typosquatting
|
https://paypa1.com/login (numeric '1' replacing letter 'l')
|
|
Password Spraying
|
Password123 attempted against thousands of usernames
|
|
Pass-the-Hash
|
Authenticating with NTLM hash 31d6cfe0d16ae931b73c59d7e0c089c0
|
|
Man-in-the-Middle (MitM)
|
Sudden protocol downgrade from TLS 1.3 to SSL 3.0 in handshake
|
|
DDoS (SYN Flood)
|
High volume of TCP SYN packets with spoofed source IPs
|
|
Ransomware
|
Mass file renaming to .locked or presence of README_DECRYPT.txt
|
|
Logic Bomb
|
IF termination_date > NOW() THEN DELETE * FROM payroll
|
|
Fileless Malware (LoTL)
|
PowerShell encoded command: powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQB...
|
