Classes of Attack
We will be covering the following classes of attack:
- Authentication
- Brute Force
- Insufficient Authentication
- Weak Password Recovery Validation
- Authorization
- Credential/Session Prediction
- Insufficient Authorization
- Insufficient Session Expiration
- Session Fixation
- Client-Side Attacks
- Content Spoofing
- Cross-site Scripting
- Command Execution
- Buffer Overflow
- Format String Attack
- LDAP Injection
- OS Commanding
- SQL Injection
- SSI Injection
- XPath Injection
- Information Disclosure
- Directory Indexing
- Information Leakage
- Path Traversal
- Predictable Resource Location
- Logical Attacks
- Abuse of Functionality
- Denial of Service
- Insufficient Anti-Automation
- Insufficient Process Validation
Threat Format
The format of the sections is as follows.
Definition
This will provide detailed information as to the scope of the attack and what factors may be involved for an attacker to attempt to exploit a specific vulnerability.
Example
This section will provide some examples of how an attack may work, including possible example code of either an attack script or vulnerable program.
Apache Countermeasures
This section provides example mitigation options utilizing Apache capabilities, and associated modules. The countermeasure sections of this document are not official WASC-supported recommendations. For the initial release of the Threat Classification, it was decided to omit the mitigations section due to the multitude of possible solutions based on the technologies being used. Because we are focusing on Apache as our application of choice, I thought that I would put much of this data back in, with some updates. The recommendations presented are based on my own experiences and lessons learned while teaching the Web Intrusion Detection and Prevention with Apache class for the SANS Institute.
References
This section lists links to further information on the subject.