Content deleted Content added
Citation bot (talk | contribs) Added work. | Use this bot. Report bugs. | Suggested by Dominic3203 | Linked from User:LinguisticMystic/cs/outline | #UCB_webform_linked 693/2277 |
Tags: Mobile edit Mobile web edit Advanced mobile edit |
||
Line 43:
The classification of exploits based<ref>{{cite web |title=Exploits Database by Offensive Security |url=https://www.exploit-db.com/ |website=www.exploit-db.com}}</ref><ref>{{cite web |title=Exploit Database {{!}} Rapid7 |url=https://www.rapid7.com/db/modules/ |website=www.rapid7.com}}</ref> on the type of vulnerability they exploit and the result of running the exploit (e.g., Elevation of Privilege ([[Elevation of Privilege (computing)|EoP]]), Denial of Service ([[Denial of Service (computing)|DoS]]), [[Spoofing attack|spoofing]]) is a common practice in cybersecurity. This approach helps in systematically identifying and addressing security threats. For instance, the STRIDE threat model categorizes threats into six types, including Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.<ref>{{Cite web |title=What Is the STRIDE Threat Model? |url=https://www.purestorage.com/knowledge/stride-threat-model.html |access-date=2025-03-15 |website=www.purestorage.com |language=en-US}}</ref> Similarly, the National Vulnerability Database (NVD) categorizes vulnerabilities by types such as Authentication Bypass by Spoofing and Authorization Bypass.<ref>{{Cite web |title=National Vulnerability Database - Vulnerabilities |url=https://nvd.nist.gov/vuln/categories |access-date=2025-03-15 |website=nvd.nist.gov}}</ref>
''By Type of [[Vulnerability (computer security)|
* '''Code Execution Exploits:''' Allow attackers to execute arbitrary code on the target system, potentially leading to full system compromise.
| |||