From Wikipedia, the free encyclopedia
An automated threat is a type of computer security threat to a computer network or web application, characterised by the malicious use of automated tools such as Internet bots.[1] Automated threats are popular on the internet as they can complete large amounts of repetitive tasks with almost no cost to execute.[2]
The OWASP Automated Threat Handbook provides a threat ontology list for classifying automated threats, which are enumerated below.
Identity Code Name Defining characteristics OAT-020 Account Aggregation Use by an intermediary application that collects together multiple accountsand interacts on their behalf
OAT-019 Account Creation Create multiple accounts for subsequent misuse OAT-003 Ad Fraud False clicks and fraudulent display of web-placed advertisements OAT-009 CAPTCHA Bypass Solve anti-automation tests OAT-001 Carding Multiple payment authorisation attempts used to verify the validity of bulkstolen payment card data
OAT-010 Card Cracking Identify missing start/expiry dates and security codes for stolen payment carddata by trying different values
OAT-012 Cashing Out Buy goods or obtain cash utilising validated stolen payment card or other useraccount data
OAT-007 Credential Cracking Identify valid login credentials by trying different values for usernames and/orpasswords
OAT-015 Denial of Service Target resources of the application and database servers, or individual useraccounts, to achieve denial of service (DoS)
OAT-006 Expediting Perform actions to hasten progress of usually slow, tedious or time-consumingactions
OAT-004 Fingerprinting Elicit information about the supporting software and framework types andversions
OAT-018 Footprinting Probe and explore application to identify its constituents and properties OAT-005 Scalping Obtain limited-availability and/or preferred goods/services by unfair methods OAT-011 Scraping Collect application content and/or other data for use elsewhere OAT-016 Skewing Repeated link clicks, page requests or form submissions intended to alter somemetric
OAT-013 Sniping Last minute bid or offer for goods or services OAT-017 Spamming Malicious or questionable information addition that appears in public orprivate content, databases or user messages
OAT-002 Token Cracking Mass enumeration of coupon numbers, voucher codes, discount tokens, etc. OAT-014 Vulnerability Scanning Crawl and fuzz application to identify weaknesses and possible vulnerabilitiesRetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4