Attacks

Web attacks cover techniques and tools that malicious hackers can use to exploit vulnerabilities, gain unauthorized access, or escalate and chain together other attacks. In rare cases, some of the methods described in this section could also be used for legitimate purposes, but most often they are used with malicious intent. Knowing these techniques is crucial for understanding how your websites and web applications could be attacked.

Here are the most common and dangerous web attack techniques at a glance – see the full index for more:

Privilege escalation

Privilege escalation means finding a way to access resources belonging to another user on a system. It is one of the primary methods that black-hat hackers use to expand their attacks.

Web shell

A web shell is a script that makes it possible to gain remote shell access to the web server’s operating system through an HTTP connection. Black hat hackers often use web shells as backdoors to send commands to a compromised system.

Reverse shell

A reverse shell is a script or executable program that makes it possible to gain interactive shell access to a system through an outgoing connection from that system. Malicious hackers often use reverse shells as a means to send commands to a compromised system.

Man-in-the-middle attacks

A man-in-the-middle attack (MITM) is a type of cyberattack that allows cybercriminals to eavesdrop on private communication between two or more endpoints and potentially modify the content of this communication.