Web Service Attacks By Category
This wiki aims at listing all web service specific attacks. It includes attacks that are:
- based on flaws in standards
- implementation specific weaknesses across all major platforms
Attacks that are implementation specific for certain versions of certain frameworks are not included in this wiki to date.
The web service specific attacks are not listed alphabetically. Instead 4 different categories were created that are used to list the web service specific attacks. In order to view the attacks just click on one of the four categories, depending on your point of view. Each categorisation contains the same attacks.
- Attack Categorisation by violated security objective
- Attack Categorisation by number of involved parties
- Attack Categorisation by attacked web service component
- Attack Categorisation by attack spreading
List of all attacks
Attacks primarily violating the security objective “Availability”
Attacks primarily violating the security objective "Integrity"
- Malicious Morphing aka Message Tampering aka Content Tampering aka Message Alternation aka Data Tampering aka Falsified Message
Attacks primarily violating the security objective “Confidentiality”
Attacks primarily violating the security objective “Access Control”