From: Dennis Groves [dwg@mac.com]
Sent: Tuesday, September 25, 2001 12:32 AM
To: Jon Embury; www mobile code
Cc: jeremiah@whitehatsec.com
Subject: Re: Attack Categories

* Community revisions added

Attack Categories
  Client side trust issues
      Input Validation
          Cross Site Scripting
          Client-Side Manipulation
          Path Traversal
          URL Encoded Attacks
          Buffer Overflows
      Parameter Tampering
          Cookie Poisoning
          URL Tampering
          Hidden Form Fields
      Authentication
          Cookie Poisoning
          Brute Force
          Session Hijacking
          * Client IP tracking
          * Timeout issues
      Browser Residue
          Comment
          Auto-Completes
          Cache
          History
  Transport issues
      Session Hi-Jacking
      Traffic Sniffing
      Replay attacks
      * Man in the middle attacks
  Server side issues
      Information Gathering
          Forced Browsing
          Directory Browsing
          Infrastructure Fingerprinting
          Technology Fingerprinting
      Mis-configuration
          Debug Options
          Samples hacking
          Directory Browsing
      Application Trojans
      Backdoors
      Buffer Overflows
      Unicode Attacks