Attack patterns, Vulnerabilities, and Threats

Question 1

ACE

Answer 1

Arbitrary Code Execution

Question 2

AFR

Answer 2

Arbitrary File Read (AFR) is a vulnerability class that occurs when an application allows a user to read files form the server’s filesystem that they should not have access to. This flaw typically occurs when user-controlled input (such as file names or paths) is not properly validated before being used in file operations, allowing attackers to access sensitive configuration files, source code, credentials, or private data.

Question 2

CSRF

Answer 2

Cross-Site Request Forgery (CSRF or XSRF) is a web security vulnerability where an attacker tricks a victim’s browser into performing unwanted actions on a different website where the user is currently authenticated. It exploits the site’s trust in the user’s identity, often leading to state-changing requests like password changes, funds transfers, or data deletion.

Question 3

DC

Answer 3

Differential Cryptanalysis is a chosen-plaintext attack used primarily against block ciphers to recover secret keys by analyzing how specific input differences (XOR sum of two plaintexts) propagate to produce specific output differences (XOR sum of corresponding ciphertexts). Invented by Eli Biham and Adi Shamir in 1990, it exploits non-random, high-probability behavior within a cipher’s structure.

Question 4

LC

Answer 4

Linear Cryptanalysis is a powerful, known-plaintext statistical attack against symmetric block ciphers, introduced by Mitsuru Matsui in 1993. It finds linear approximations - high-probability XOR relations - between plaintext, ciphertext, and key bits to exploit non-randomness. The attack computes these approximations to recover secret key bits with lower complexity that brute force.

Question 5

DA

Answer 5

Davies Attack. In cryptography, the Davies attack is a dedicated statistical cryptanalysis method for attacking the Data Encryption Standard (DES).

Question 6

DoS

Answer 6

Denial of Service

Question 7

DDoS

Answer 7

Distributed Denial of Service

Question 8

LFI

Answer 8

Local File Inclusion (LFI) is a web vulnerability where an attacker manipulates an application to include files existing on the server, such as sensitive configuration or source code files. It occurs when unsanitized user input controls file paths, allowing directory traversal (../) to access unintended files.

Question 9

Malware

Answer 9

Malware, or “malicious software,” is any program designed to disrupt, damage, or gain unauthorized access to a computer system. It operates by exploiting system vulnerabilities through infected emails, malicious websites, or shady downloads. Common types include viruses, worms, and Trojans, which can steal data, cause system crashes, or hold files for ransom.

Question 10

MITM

Answer 10

Man-in-the-Middle (MITM) attack is a cyberthreat where an attacker secretly intercepts and relays messages between two parties (e.g., a user and a bank) who believe they are communicating directly. Attackers steal credentials, manipulate data, or hijack sessions, often resulting in significant financial loss and data breaches.

Question 11

RaaS

Answer 11

Ransomware as a Service (RaaS) is a business model where developers create and sell/lease malicious software to “affiliates” who execute the attacks. It lowers the barrier to entry for cybercrime, with profits shared between developers and affiliates, allowing for more widespread and frequent ransomware attacks.

Question 12

RAT

Answer 12

Remote Access Trojan (RAT) is a type of malware that provides an attacker with complete, unauthorized remote control over an infected computer or mobile device. Disguised as a legitimate file or application, a RAT creates a hidden “backdoor” into the system, allowing the cybercriminal to operate the device as if they were physically present, without the user’s knowledge.

Question 13

RCE

Answer 13

Remote Code Execution (RCE) is a critical vulnerability allowing attackers to execute arbitrary, malicious commands on a target system from a remote location. It enables complete system compromise, ransomware deployment, and data theft without physical access. Common causes include poor input validation, insecure deserialization, and unpatched software.

Question 14

SET

Answer 14

Social Engineering Toolkit (SET) is an open-source, Python-driven penetration testing framework designed to simulate various social engineering attacks. It is developed and maintained by the security firm TrustedSec and is a standard tool for security professionals to test an organization’s human and technical security posture.

Question 15

SQLi

Answer 15

SQL Injection (SQLi) is a critical web security vulnerability allowing attackers to interfere with database queries, often by injecting malicious SQL code into input fields. This enables unauthorized data viewing, modification, or deletion, potentially compromising entire systems. Effective prevention includes using parameterized queries, sanitizing inputs, and restricting database privileges.

Question 16

SSRF

Answer 16

Server-Side Request Forgery (SSRF) is a critical vulnerability where an attacker manipulates a server into making unauthorized requests to internal or external systems. By supplying malicious URLs, attackers bypass firewalls to read sensitive data, scan internal networks, and access metadata services (e.g., 169.254.169.254). Prevention requires strict input validation, allowlisting trusted domains, and segmenting networks.

Question 17

XFS

Answer 17

Cross Frame Scripting (XFS) is a high-severity, social-engineering-based attack where a malicious website uses a hidden <iframe> to load a legitimate, targeted site, allowing attackers to steal user keystrokes or credentials. the MITRE Corporation. Primarily affecting outdated browsers, it exploits vulnerabilities in the Same-Origin Policy. Protection involves using X-Frame-Options and Content-Security-Policy (CSP) headers.

Question 18

XSS

Answer 18

Cross Site Scripting (XSS) is a vulnerability where attackers inject malicious client-side scripts (usually JavaScript) into trusted websites, which then execute in the victim’s browser. It enables attackers to steal session cookies, hijack accounts, or deface websites. Key types include Stored, Reflected, and DOM-based XSS, prevented by input validation, output encoding, and CSP.