Please enable JavaScript.
Coggle requires JavaScript to display documents.
Common Attack Methods - Coggle Diagram
Common Attack Methods
Network/Wireless Attacks
DOS/DDOS
A denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users; A DDoS attack uses various sources of attack traffic, often in the form of a botnet.
Man-In-The-Middle
a form of cyber eavesdropping in which malicious actors insert themselves into a conversation between two parties and intercept data through a compromised but trusted system.
Amplification
Amplification happens when an attacker can send a little bit of data to some server that will respond with a lot more data.
DNS/ARP Poisoning
ADNS poisoning attack is an attack in which altered DNS records are used to redirect online traffic to a fraudulent website that resembles its intended destination; ARP Poisoning is a type of cyberattack that abuses weaknesses in the widely used Address Resolution Protocol to disrupt, redirect, or spy on network traffic.
Jamming
Jamming represents unlawful creation of interference within radio channels. It is used to prevent communication of alarms within wireless security systems.
Bluejacking
A hacking method that lets a person send unsolicited messages (typically flirtatious but can also be malicious) to any Bluetooth-enabled device within his own device's range.
Evil Twin
A spoofing cyberattack that works by tricking users into connecting to a fake Wi-Fi access point that mimics a legitimate network.
Rogue AP
A wireless access point that has been installed on a secure network without explicit authorization from a local network administrator
-
-
Cryptographic Attacks
Birthday
A type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory and uses it for communication manipulation
Brute Force
The repeated process of guessing passwords (either personally or via a program) in hopes to eventually guess the right phrase.
Pass the Hash
allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LanMan hash of a user's password, instead of requiring the associated plaintext password.
Rainbow Tables
a precomputed table for caching the output of cryptographic hash functions to crack password hashes.
Social engineering
Types: Phishing, Whaling, Vishing, Tailgating, Dumpster Diving, Shoulder surfing
Used to obtain valuable information regarding infiltrating accounts and gaining access to secured networks.