Reconnaissance attacks
Can be passive (OSINT) or active (network and port scans)
Basic Port scan
a scan that involves scanning a predetermined TCP/UDP port by sending specifically configured packets that contain the port number of the port that was elected
TCP scan
a scan of a series ports on a machine to determine port availability(i.e, TCP SYNCH)
TCP FIN scan
this technique jumps straight to the shutdown-sends FIN packet to the target port (usually only effective on UNIX devices)
ICMP scan
these scans are typically used for ping sweeps to discover what devices may be in network
phishing
a social engineering technique where the attacker presents a link that looks like a valid, trusted resource
spear phishing
a targeted attack that is constructed in a specific way and directly targeted at specific individuals
pharming
a method where a threat actor redirects a victim from a valid resource to a malicious resource that could be made to appear as the valid site for the user
Malvertising
the act of incorporating malicious ads on trusted websites
SMS Phishing
phishing through text message
what is the main purpose of a MiTM attack
eavesdropping so an attacker can see all the information
ARP poisining
A layer 2 attack, where the attacker spoofs the layer 2 MAC address to make the devices on a LAN believe that the layer 2 address of the attacker is the Layer 2 address of its default gateway
MiTM attack where the attacker places a rogue router on the network and then tricking the other routers into believing that this new router has a better path
A layer 3 attack
3 types of DDoS
DirectReflectionAmplification
Direct DoS attack
Also known as a SYN flood attackoccurs when the attacker directly launches a DoS to a web server (the victim) by sending numerous TCP SYN packets
Reflected DDoS attack
Occurs when the sources of the attack are sent spoofed packets that appear to be from the victim, and then the "sources" of the attack become unwitting participants in the DDoS attacks by sending the response traffic back to the intended victim
Amplification Attack
a type of reflected attack in which the response traffic (sent by the unwitting participant) is made up of packets that are much larger in size than those that were originally sent by the attacker (spoofing the victim)
SQL Injection
allow the attacker to view, insert, delete, or modify, records in a database
CSRF
forces the end user to execute malicious steps on a web application
XSS
this occurs when a malicious script is injected into legitimate and trusted websites
...
...