Please enable JavaScript.
Coggle requires JavaScript to display documents.
web and database attacks - Coggle Diagram
web and database attacks
Server administrator
Network administrator
end user
categories of Risk
server defects and misconfiguration risks
browser or client side risk
browser and network based risk
vulnerabilities of web servers
improper or poor web design
Buffer overflow
Denial of service (DoS) attack
Distributed Denial of service (DDoS) attack
ping flooding attack
smurf attack
SYN flooding
internet protocol (IP) fragmentation attack
Banner Information
permissions
structured query language(SQL) Injections
Error messages
Unnecessary Features
User Accounts
Language
Platform
Input validation
system crashes
Database manipulation
database corruption
Buffer Overflows
Cross-site scripting (XSS) attack
anatomy of web applications
insecure Logon Systems
availability
reliability
loss of control
Scripting errors
upload bombing
poison null byte attack
defaults scripts
sample scripts
poorly written or questionable scripts
session management issues
long-lived sessions
logout features
insecure or weak sessions identifers
granting sessions IDS to unauthorized users
absent or inadequate password change controls
inclusion of unprotected information in cookies
weak ciphers
vulnerable software
database types
relational database
nonrelational/NoSQL database
record/row/ tuple
column/field/attribute
Locating database on the network
Database server password cracking
locating vulnerabilities in database
cloud computing