Client Server Architecture #

The internet uses a client-server architecture, where the browser is the client and the web server is the server. The client sends a request to the server, which then responds with the requested resource.

Web Threats #

Compromise #

Inject Code: Injecting code refers to the process of inserting malicious code into a legitimate program or website.

Malware: Installing malware refers to the act of installing harmful software on a victim’s device, which can be used to gain access to sensitive information or take control of the device.

Theft #

Data Theft: Data theft refers to the unauthorized access and exfiltration of sensitive information, such as credit card numbers or personal data.

Session Hijacking: Session hijacking refers to the act of taking over an active session, such as a logged-in account, by intercepting and using session cookies or other information.

Manipulation #

Phishing: Phishing refers to the use of social engineering tactics, such as email or social media, to trick individuals into revealing sensitive information or visiting a malicious website.

Spoofing: Spoofing refers to the act of disguising oneself as another entity, such as an email sender or website, to gain access to sensitive information or resources.