Classification of attack paths and methods in cyber attacks.
Overview
Cyber Attack Vectors
Cyber attack vectors refer to the paths and methods used by attackers to infiltrate systems and networks, steal sensitive information, or disrupt operations. These are systematically classified in frameworks such as OWASP Top 10 and MITRE ATT&CK, encompassing various techniques including injection attacks, malware, phishing, DDoS, and authentication failures. Understanding these attack vectors is essential for building effective security countermeasures.
cybersecurity
attack methods
OWASP
MITRE ATT&CK
vulnerabilities
information security
| code | slug | name | description | category | mitreTechnique |
|---|---|---|---|---|---|
| A01 | broken-access-control | Broken Access Control | Vulnerability where restrictions on authenticated users are not properly enforced. | OWASP Top 10 | T1078 |
| A02 | security-misconfiguration | Security Misconfiguration | Security settings are defined, implemented, or maintained improperly. | OWASP Top 10 | T1562 |
| A03 | software-supply-chain-failures | Software Supply Chain Failures | Vulnerabilities from third-party components and build processes. | OWASP Top 10 | T1195 |
| A04 | cryptographic-failures | Cryptographic Failures | Failures related to cryptography leading to sensitive data exposure. | OWASP Top 10 | T1552 |
| A05 | injection | Injection | Untrusted data sent to interpreters as part of commands or queries. | OWASP Top 10 | T1059 |
| A06 | insecure-design | Insecure Design | Security issues from errors or omissions in application design and architecture. | OWASP Top 10 | T1071 |
| A07 | authentication-failures | Authentication Failures | Identity and authentication mechanisms implemented incorrectly. | OWASP Top 10 | T1078 |
| A08 | software-data-integrity-failures | Software or Data Integrity Failures | Code and infrastructure that fails to protect against integrity violations. | OWASP Top 10 | T1554 |
| A09 | logging-alerting-failures | Security Logging and Alerting Failures | Insufficient logging, detection, monitoring, and incident response. | OWASP Top 10 | T1562 |
| A10 | mishandling-exceptional-conditions | Mishandling of Exceptional Conditions | Errors, exceptions, and edge cases not handled securely. | OWASP Top 10 | T1499 |
| M01 | malware | Malware | System compromise through malicious software. | Malware | T1055 |
| M02 | ransomware | Ransomware | Malware that encrypts data and demands ransom. | Malware | T1486 |
| P01 | phishing | Phishing | Attack using deceptive communications to steal sensitive information. | Social Engineering | T1566 |
| D01 | ddos | DDoS Attack | Distributed Denial of Service attack that cripples systems. | Network Attack | T1498 |
| I01 | sql-injection | SQL Injection | Attack that injects malicious SQL into database queries. | Injection Attack | T1190 |
| I02 | xss | Cross-Site Scripting (XSS) | Attack that injects malicious scripts into web applications. | Injection Attack | T1189 |
| I03 | csrf | Cross-Site Request Forgery (CSRF) | Attack that forces authenticated users' browsers to send unintended requests. | Injection Attack | T1204 |
| N01 | man-in-the-middle | Man-in-the-Middle (MitM) | Attack that intercepts communications for eavesdropping or tampering. | Network Attack | T1557 |
| C01 | credential-theft | Credential Theft | Attack that steals passwords and authentication information. | Authentication Attack | T1555 |
| C02 | privilege-escalation | Privilege Escalation | Attack that escalates from low to high privileges. | Authentication Attack | T1068 |
- OWASP Top 10:2025 official
- MITRE ATT&CK official
- OWASP Top 10 2025 - Invicti reference
- The Top Ten MITRE ATT&CK Techniques - Picus Security reference
- What is SQL injection? - Cloudflare reference
- Cross-site scripting (XSS) - MDN reference