Here's a small classification of Types Of Threats In Application Threat Modeling. This was earlier presented in SACON (International Security Architecture Conference) by Nilanjan De [Multiple patents, Zero Day Discovery, Co-Founder at FireCompass]
Types Of Threats :
- Network
- Host
- Application
Threat Against The Network
- Information Gathering
- Port Scanning
- Using trace routing to detect network topologies
- Using broadcast requests to enumerate subnet hosts
- Eavesdropping
- Using packet sniffers to steal passwords
- Denial Of Service (DoS)
- SYN floods
- ICMP echo request floods
- Malformed packets
- Spoofing
- Packets with spoofed source addresses
Threats Against The Host
- Arbitrary Code Execution
- Buffer Overflows In ISAP DLLs (eg. MS01-033)
- Directory Traversal Attacks (MS00-078)
- File Disclosure
- Malformed HTR requests (MS01-031)
- Virtualized UNC share vulnerability (MS00-019)
- Denial Of Service (DoS)
- Malformed SMTP requests (MS02-012)
- Malformed WebDAV requests (MS01-016)
- Malformed URLs (MS01-012)
- Brute-force file uploads
- Unauthorized access
- Resources with insufficiently restrictive ACLs
- Spoofing with stolen login credentials
- Exploitation of open ports & protocols
- Use NetBIOS and SMB to enumerate hosts
- Connecting remotely to SQL Server
Threats Against The Application
- SQL Injection
- Including a DROP TABLE command in text typed into an input field
- Cross-site scripting
- Using malicious client-side script to steal cookies
- Hidden-field tampering
- Maliciously changing the value of a hidden field
- Eavesdropping
- Using a packet sniffer to steal passwords and cookies from traffic on unencrypted connections
- Session hijacking
- Using a stolen session ID cookie to access someone else's session state
- Identity Spoofing
- Using a stolen forms authentication cookie to pose as another user
- Information Disclosure
- Allowing client to see a stack trace when an unhandled exception occurs
References:
You can view the full presentation here
SACON is the only International Conference On Security Architecture in the region. Who attends : CISO, CRO, CIO, Information Security Experts, IT Risk Professionals, Appsec professionals. Agenda includes SOC, Incident Response, Security Architecture Workshops, Cyber Range Drills, Threat Hunting, IoT Security, Forensics, AI & Machine Learning, Deception & much more. Click here to Pre-Register.
Comments