This project compares different web attack methods used today. How do they work, why do they work? How can a business or private person protect themselves from these attacks? What are the consequences when attacks like these are successful?
Examples of (Application layer) attack vectors:
- Cross site scripting
- SQL Injections
- DOS/DDOS
- Broken Authentication and Session Management
- Sensitive data exposure
- Cross site request forgery
- Social Engineering
- Malicious redirects