What are the Different Types of Exploits?

Exploits can be classified into five broad categories:

  1. Hardware: Poor encryption, lack of configuration management or firmware vulnerability.
  2. Software: Memory safety violations (buffer overflows, over-reads, dangling pointers), input validation errors (code injection, cross-site scripting (XSS), directory traversal, email injection, format string attacks, HTTP header injection, HTTP response splitting, [SQL injection], privilege-confusion bugs ([clickjacking], cross-site request forgery, FTP bounce attack), race conditions (symlink races, time-of-check-to-time-of-use bugs), side channel attacks, timing attacks and user interface failures (blaming the victim, race conditions, warning fatigue).
  3. Network: Unencrypted communication lines, [man-in-the-middle attacks], [domain hijacking], [typosquatting], poor [network security], lack of authentication or default passwords.
  4. Personnel: Poor recruiting policy and process, lack of security awareness training, poor adherence to [information security policy], poor password management or falling for common [social engineering] attacks like [phishing], [spear phishing], pretexting, honey trapping, smishing, waterholing or [whaling]
  5. Physical site: Poor physical security, tailgating and lack of keycard [access control]

In each of these categories, we can split vulnerabilities into two groups: known vulnerabilities and zero-day exploits:

  • Known vulnerabilities: Exploits security researchers know about and have documented. Exploits that target known [vulnerabilities] are often already patched but still remain a viable threat because of slow patching.
  • Zero-day exploits: Vulnerabilities that have not been reported to the public or listed on [CVE]. This means cybercriminals have found the exploit before developers have been able to issue a patch, in some cases the developer [may not even know of the vulnerability]