n n n n n n n n n n n n n n n n n n n n n
*requiredinmostprogramminglanguages n n n n
* preventsbutter overflows n n
2. race conditions: A type of software development vulnerability that occurs when multiple processes or multiple threads
n n n n n n n n n n n n n n n
withinaprocesscontrolorshareaccesstoaparticularresource,andthe correcthandlingofthat resource depends on the
n n n n n n n n n n n n n n n n n n n n n
proper ordering or timing of transactions
n n n n n n
3. input validation: atypeofattackthatcanoccurwhenwefailtovalidatetheinputtoourapplications ortake
n n n n n n n n n n n n n n n n n n n n
steps to filter out unexpected or undesirable content
n n n n n n n
4. format string attack: a type of input validation attacks in which certain print functions within a program- ming
n n n n n n n n n n n n n n n n n
language can be used to manipulate or view the internal memory of an application
n n n n n n n n n n n n n n
5. authentication attack: A type of attack that can occur when we fail to use strong authentication mecha- nisms
n n n n n n n n n n n n n n n n n
forourapplications
n n n
6. authorization attack: A type of attack thatcan occur when wefailtouse authorization best practices for our
n n n n n n n n n n n n n n n n n n
applications
n
7. cryptographic attack: A type of attack that can occur when we fail to properly design our security
n n n n n n n n n n n n n n n n
mechanisms when implementing cryptographic controls in our applications
n n n n n n n n
8. client-side attack: Atypeofattackthattakesadvantageofweaknessesinthesoftwareloadedonclient
n n n n n n n n n n n n n n n n
machines or one that uses social engineering techniques to trick us into going along with the attack
n n n n n n n n n n n n n n n n n
9. XSS (Cross Site Scripting): an attack carried out by placing code in the form of a scripting language into a web
n n n n n n n n n n n n n n n n n n n n
page or other media that is interpreted by a client browser
n n n n n n n n n n n
10. XSRF (cross-site request forgery): anattackinwhichtheattackerplacesalinkonawebpagein such a way
n n n n n n n n n n n n n n n n n n n n
that it will be automatically executed to initiate a particular activity on another web page or application where the user is
n n n n n n n n n n n n n n n n n n n n n
currently authenticated
n n
11. clickjacking: Anattackthattakesadvantageofthegraphicaldisplaycapabilitiesofourbrowsertotrickusinto
n n n n n n n n n n n n n n n n n
clickingonsomethingwe mightnot otherwise
n n n n n n
n n
,12. server-side attack: A type of attack on the webserver that can target vulnerabilities suchaslackof input validation,
n n n n n n n n n n n n n n n n n n n
improper or inadequate permissions, or extraneous files left on the server from the development process
n n n n n n n n n n n n n n n
13. Protocol issues, unauthenticated access, arbitrary code execution, and priv-
n n n n n n n n
nilege escalation: Namethe4maincategoriesofdatabasesecurityissues
n n n n n n n n n n
14. web application analysis tool: A type of tool that analyzes web pages or web-based applications and
n n n n n n n n n n n n n n n
searches for common flaws such as XSS or SQL injection flaws, and improperly set permissions, extraneous files, outdated
n n n n n n n n n n n n n n n n n n
software versions, and many more such items
n n n n n n n
n n
, 15. protocol issues: unauthenticated flaws in network protocols, authenticated flaws in network protocols, flaws in
n n n n n n n n n n n n n
authentication protocols
n n
16. arbitrary code execution: An attack that exploits an applications vulnerability into allowing the attacker to
n n n n n n n n n n n n n n
execute commands on a user's computer.
n n n n n n
* arbitrary code execution in intrinsic or securable SQL elements
n n n n n n n n
17. PrivilegeEscalation:Anattackthatexploitsavulnerabilityinsoftwaretogainaccesstoresourcesthatthe user
n n n n n n n n n n n n n n n n n
normally would be restricted from accessing.
n n n n n n
* viaSQLinjectionorlocalissues
n n n n n
18. validating user inputs: a security best practice for all software n n n n n n n n n
* themostettectivewayofmitigatingSQLinjectionattacks
n n n n n n n n
19. Nikto (and Wikto): Awebserveranalysistoolthatperformschecksformanycommonserver-sidevulner- abilities
n n n n n n n n n n n n n n n n
& creates an index of all the files and directories it can see on the target web server (a process known as spidering)
n n n n n n n n n n n n n n n n n n n n n n n
20. burp suite: Awell-knownGUIwebanalysistoolthatottersafreeandprofessionalversion;theproversion
n n n n n n n n n n n n n n n n n
includes advanced tools for conducting more in-depth attacks
n n n n n n n
21. fuzzer: A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of
n n n n n n n n n n n n n n n n n n n n n n
sources, in the hope that we can cause the application to fail or to perform in unexpected ways
n n n n n n n n n n n n n n n n n n
22. MiniFuzz File Fuzzer: Atooldeveloped byMicrosofttofindflawsinfile-handlingsourcecode
n n n n n n n n n n n n n n
23. BinScope Binary Analyzer:AtooldevelopedbyMicrosofttoexaminesourcecodeforgeneralgood n n n n n n n n n n n n n n
practices
n
24. SDL Regex Fuzzer: A tool developed by Microsoftfor testing certain pattern-matching expressions for
n n n n n n n n n n n n n
potential vulnerabilities
n n
25. good sources of secure coding guidelines: CERT, NIST 800, BSI, an organization's internal coding
n n n n n n n n n n n n n
guidelines
n
26. OS hardening: the process of reducing the number of available avenuesthrough which our OS might be
n n n n n n n n n n n n n n n n
attacked
n
27. attack surface: The total of the areas through which our operating system might be attacked
n n n n n n n n n n n n n n
28. 6 main hardening categories: 1.Removingunnecessarysoftware
n n n n n n n
2. Removing or turning ott unessential services n n n n n
3. Making alterations to common accounts n n n n
4. Applying the principle of least privilege n n n n n
n n