• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • You already know Dokkio is an AI-powered assistant to organize & manage your digital files & messages. Very soon, Dokkio will support Outlook as well as One Drive. Check it out today!

View
 

Threat Classification Enumeration View

This version was saved 14 years, 3 months ago View current version     Page history
Saved by Robert Auger
on December 31, 2009 at 10:01:30 pm
 

Project: WASC Threat Classification

 

WASC Threat Classification 'Enumeration View'

This view enumerates the attacks, and weaknesses that can lead to the compromise of a website, its data, or its users. This serves as the base view for the WASC Threat Classification.

 

Grid Representation:

 

Attacks Weaknesses Appendix
Abuse of Functionality Application Misconfiguration Authors and Contributors
Brute Force Directory Indexing Using the Threat Classification
Buffer Overflow Improper Filesystem Permissions Threat Classification Glossary
Content Spoofing Improper Input Handling The Threat Classifications Evolution
Credential/Session Prediction

Improper Output Handling

Threat Classification FAQ
Cross-Site Scripting Information Leakage Threat Classification Reference Grid
Cross-Site Request Forgery

Insecure Indexing

Threat Classification Views
Denial of Service Insufficient Anti-automation  
Fingerprinting Insufficient Authentication  
Format String Insufficient Authorization  
HTTP Response Smuggling Insufficient Process Validation  
HTTP Response Splitting Insufficient Session Expiration  
HTTP Request Smuggling Insufficient Transport Layer Protection  
HTTP Request Splitting Server Misconfiguration  
Integer Overflows Weak Password Recovery Validation  
LDAP Injection    
Mail Command Injection    
Null Byte Injection    
OS Commanding

 

 
Path Traversal    
Predictable Resource Location    
Remote File Inclusion (RFI)    
Routing Detour
 
Session Fixation    
SOAP Array Abuse    
SSI Injection    
SQL Injection    
URL Redirector Abuse    
XPath Injection    
XML Attribute Blowup    
XML External Entities    
XML Entity Expansion    
XML Injection    
XQuery Injection    

 

 

Tree Representation:

 

Attacks

 

Weaknesses

Comments (0)

You don't have permission to comment on this page.