Get Started. It's Free
or sign up with your email address
Rocket clouds
Attack by Mind Map: Attack

1. Wireless hacking technique

1.1. a. cracking encryption and authentication mechanisms

1.2. b. eavesdropping or sniffing

1.3. c. denial of service

1.4. d. AP masquerading or spoofing

1.5. e. MAC Spoofing

2. Web application vuelnerabilities and countermeasure

2.1. a. Sql injection

2.1.1. Inserting SQL commands into the URL gets the database server to dump, alter, delete, or create information in the database.

2.1.2. To avoid SQL injection flaws is simple. Developers need to either: a) stop writing dynamic queries; and/or b) prevent user supplied input which contains malicious SQL from affecting the logic of the executed query.

2.2. b. Command injection

2.2.1. The hacker inserts programming commands into a web form.

2.2.2. Use language-specific libraries for the programming language.

2.3. c. Cookie poisoning and snooping

2.3.1. The hacker corrupts or steals cookies.

2.3.2. Don’t store passwords in a cookie. Implement cookie timeouts, and authenticate cookies.

2.4. d. Buffer overflow

2.4.1. Huge amounts of data are sent to a web application through a web form to execute commands.

2.4.2. eliminating them from a code base requires consistent detection as well as a familiarity with secure practices for buffer handling.

2.5. e. Authentication hijacking

2.5.1. The hacker steals a session once a user has authenticated.

2.5.2. Use SSL to encrypt traffic.

2.6. f. Directory traversal/Unicode

2.6.1. The hacker browses through the folders on a system via a web browser or Windows explorer.

2.6.2. Define access rights to private folders on the web server. Apply patches and hotfixes.

3. Trojan Horse

3.1. A program that claims to rid user's computer of viruses but instead introduces viruses onto the computer.

3.2. A Trojan Horse is a program that gives a hacker or cracker power over your computer.

3.3. Type of trojan attack

3.3.1. Backdoor

3.3.1.1. A backdoor Trojan gives malicious users remote control over the infected computer.

3.3.2. Exploit

3.3.2.1. Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

3.3.3. Rootkit

3.3.3.1. Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected

3.4. Effect and countermeasures

3.4.1. By installing effective anti-malware software, you can defend your devices – including PCs, laptops, Macs, tablets and smartphones – against Trojans.

4. Worm

4.1. A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

4.2. Type of computer worms

4.2.1. Virus/worm hybrid :- a piece of malware that spreads like a worm, but that also modifies program code like a virus

4.2.2. Bot worm:- may be used to infect computers and turn them into zombies or bots, with the intent of using them in coordinated attacks through botnets

4.3. Effect:- Devices will hanging

5. Virus

5.1. A computer virus is a type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code.

5.2. Types of virus

5.2.1. File infector

5.2.1.1. Few file infector viruses come attached with program files, such as .com or .exe files. Some file infector viruses infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files.

5.2.2. Encrypted virus

5.2.3. Polymorphic virus

5.2.3.1. These type of viruses are difficult to identify with a traditional anti-virus program. This is because the polymorphic viruses alters its signature pattern whenever it replicates.

5.2.4. Overwrite virus

5.2.4.1. This type of virus deletes all the files that it infects. The only possible mechanism to remove is to delete the infected files and the end-user has to lose all the contents in it. Identifying the overwrite virus is difficult as it spreads through emails.

5.2.5. Boot sector virus

5.2.5.1. This type of virus infects the master boot record and it is challenging and a complex task to remove this virus and often requires the system to be formatted. Mostly it spreads through removable media.

5.2.6. Directory virus

5.2.6.1. This is also called non-resident virus, it gets installed or stays hidden in the computer memory. It stays attached to the specific type of files that it infect. It does not affect the user experience and system’s performance.

5.3. Countermeasures

5.3.1. Installed anti-virus

5.3.2. Setting firewall

6. Backdoor

6.1. A backdoor is a malicious computer program that is used to provide the attacker with unauthorized remote access to a compromised PC system by exploiting security vulnerabilities.

6.2. Backdoors are not capable of propagating themselves and infecting systems without user’s knowledge. The most of such parasites must be manually installed in a bundle with other software.

6.3. Type of backdoor attacks

6.3.1. FinSpy

6.3.1.1. FinSpy was designed as a legitimate program which was developed and distributed by Gamma International as a law enforcement tool that can be used for monitoring computers and collecting various information.

6.3.2. Tixanbot

6.3.2.1. Tixanbot can initiate various diverse activities on a contaminated computer. Unfortunately, but none of its performances could be ignored or tolerated because they can lead to serious privacy-related issues.

6.3.3. Briba

6.3.3.1. Briba backdoor is considered to be a serious cyber threat since it can initiate really fraudulent activities. In fact, it can open the backdoor to the infected computer, what means that infections like spyware, ransomware, rogue anti-spyware, etc. can settle down on your PC’s system with no difficulties.

6.4. Attack using open port.

6.5. Countermeasure

6.5.1. Close the open port

7. Common type network attack

7.1. DOS/DDOS

7.2. BOTs/BOTNETs

7.3. Smurf

7.4. SYN flood

7.5. Session Hijacking