๐ŸŽฏ New! Master certifications with Performance-Based Questions (PBQ) โ€” realistic hands-on practice for CompTIA & Cisco exams!

AiCybr
โš”๏ธ

Attack Types Cheat Sheet

Cyber attack types, methods, and prevention techniques

๐Ÿ”Œ Network Ports๐Ÿ“š OSI Model๐Ÿงฎ Subnetting๐Ÿ”ข IPv4 vs IPv6๐Ÿ›œ Routing Protocols
Attack Category Target Method Prevention
PhishingSocial EngineeringUsersFraudulent emails/sitesTraining, email filters
Spear PhishingSocial EngineeringSpecific individualsPersonalized phishingMFA, awareness training
WhalingSocial EngineeringExecutivesHigh-value phishingVerification procedures
VishingSocial EngineeringPhone usersVoice phishing callsCall verification
SmishingSocial EngineeringMobile usersSMS phishingLink verification
DDoSNetworkServers/NetworksTraffic floodingCDN, rate limiting
DoSNetworkSingle targetResource exhaustionFirewalls, IPS
Man-in-the-MiddleNetworkCommunicationsIntercept trafficTLS, certificate pinning
DNS SpoofingNetworkDNS resolutionFake DNS responsesDNSSEC
ARP PoisoningNetworkLocal networkFake ARP repliesStatic ARP, DAI
SQL InjectionWebDatabasesMalicious SQL queriesParameterized queries
XSSWebWeb browsersInject malicious scriptsInput sanitization, CSP
CSRFWebAuthenticated usersForged requestsCSRF tokens
Buffer OverflowApplicationMemoryExceed buffer boundsASLR, DEP, safe coding
RansomwareMalwareFiles/SystemsEncrypt and extortBackups, EDR, patching
TrojanMalwareSystemsDisguised as legitimateAntivirus, app whitelisting
RootkitMalwareOS kernelHide malicious activitySecure boot, integrity checks
KeyloggerMalwareKeyboardsRecord keystrokesAnti-malware, virtual keyboards
Brute ForcePasswordAuthenticationTry all combinationsAccount lockout, MFA
Password SprayingPasswordMultiple accountsCommon passwordsPassword policies, MFA
Credential StuffingPasswordBreached credentialsReuse stolen loginsMFA, breach monitoring
Zero-DayExploitUnpatched systemsUnknown vulnerabilityDefense in depth, EDR
Privilege EscalationExploitPermissionsGain higher accessLeast privilege, patching
Supply Chain AttackAdvancedSoftware/HardwareCompromise vendorsVendor vetting, SBOMs