Phishing: Attacker kisi trustworthy entity ka impersonation karke victims ko sensitive information jaise passwords ya credit card details reveal karne ke liye confuse karta hai.
Denial of Service (DoS): Ek system ya network ko excessive traffic ya requests se overload karke legitimate users ke liye unavailable bana dena.
Distributed Denial of Service (DDoS): DoS jaise hi, lekin attack multiple sources se simultaneously hota hai, jo impact ko amplify karta hai.
Man-in-the-Middle (MitM): Do parties ke beech communication ko intercept karke modify karna, jisse attacker data ko manipulate ya eavesdrop kar sake.
SQL Injection: Web application ke database layer ki vulnerabilities ka fayda uthana, jisse malicious SQL commands execute karke unauthorized access ya data manipulation ho sake.
Cross-Site Scripting (XSS): Web pages mein malicious scripts inject karna, jo victims ke browsers mein execute hoti hai, jisse attacker sensitive information chura sakta hai ya user session control kar sakta hai.
Cross-Site Request Forgery (CSRF): Victim ke browser ko unauthorized requests bhejne ke liye force karna, jo unke behalf pe actions perform kar sakte hain bina unki consent ke.
Brute Force: Alag-alag combinations of usernames aur passwords ko repeatedly try karke unauthorized access hasil karna.
Social Engineering: Logon ki psychology ko manipulate karke unse sensitive information ya actions lene ka process.
Ransomware: Malicious software jo victims ke files ko encrypt karke ransom demand karta hai decryption key ke liye.
Malware: Malicious software ka general term, jaise viruses, worms, trojans, aur spyware, jo systems ko harm karte hain ya information chura lete hain.
Zero-Day Exploit: Aise vulnerabilities ka fayda uthana jo developer ko pata nahi hoti, attacker ko patch ya fix available hone se pehle advantage milta hai.
Buffer Overflow: Program ki memory buffer ko overload karke arbitrary code execute karna, jisse attacker system pe control le sakta hai.
Eavesdropping: Network communications ko intercept karke sensitive information obtain karna.
Pharming: Fake websites pe redirect karna, mostly DNS poisoning ke through, taaki victims apna credentials ya financial information enter karein.
Clickjacking: Users ko hidden ya disguised elements pe click karne ke liye trick karna, jo unintended actions ya sensitive information reveal kar sakte hain.
Password Cracking: Various techniques ka use karke passwords discover ya guess karna, jaise brute force, dictionary attacks, ya rainbow table lookups.
Keylogging: User ke keystrokes ko covertly record karna taaki passwords ya sensitive information capture ki ja sake.
Malvertising: Legitimate online advertisements ke through malware distribute karna, ad networks ya users ke browsers ke vulnerabilities ka fayda uthana.
DNS Spoofing: DNS responses ko tamper karke users ko malicious websites pe redirect karna ya unke communications intercept karna.
Session Hijacking: User ke session identifier ko steal ya impersonate karna taaki web application mein unauthorized access mil sake.
Wireless Sniffing: Wireless networks pe network traffic capture aur analyze karke sensitive information obtain karna, jaise passwords ya account credentials.
Insider Threat: Authorized user ka internal access ka misuse karna taaki systems ko compromise ya sensitive data chura sake.
Watering Hole Attack: Target audience ke frequently visited websites ko infect karna, taaki unke devices ya network ko exploit kiya ja sake.
Advanced Persistent Threat (APT): Skilled adversary ka prolonged aur targeted attack, jo unauthorized access ya sensitive information churaane ka aim rakhta hai.
File Inclusion Exploits: File inclusion mechanisms ki weaknesses ka fayda uthana, taaki malicious files include ki ja sake ya arbitrary commands execute ki ja sake.
Click Fraud: Online advertisements pe fraudulent clicks generate karke advertisers ko deceive karna ya pay-per-click revenue manipulate karna.
DNS Tunneling: Network security measures ko bypass karne ke liye DNS packets ke andar non-DNS traffic encapsulate karna, taaki data exfiltrate ya unauthorized communication channels establish kiya ja sake.
Smishing: SMS ya text messages ke through phishing attacks, jisme recipients ko sensitive information reveal karne ya malware download karne ke liye trick kiya jata hai.
Vishing: Voice calls ke through phishing attacks, jisme social engineering techniques ka use karke victims se sensitive information collect kiya jata hai.
Cryptojacking: Victims ke computing resources ko bina unki knowledge ya consent ke cryptocurrencies mine karne ke liye illegally use karna.
Trojan Horse: Malicious software jo legitimate software ki tarah dikhta hai, aur users ko trick karke install karwaya jata hai, taaki attacker unauthorized access ya control le sake.
Keystroke Injection: Target system mein keystrokes inject karna, typically specialized hardware ya malicious firmware ka use karke, unauthorized actions perform karne ke liye.
Logic Bomb: Malicious code jo system mein dormant rehta hai jab tak specific conditions ya events trigger na ho, phir damage ya unauthorized actions karta hai.
Fileless Malware: Aisa malware jo memory mein operate karta hai bina file system pe traces chhode, jisse detect aur eradicate karna mushkil ho jata hai.
DNS Amplification: Misconfigured DNS servers ka use karke target ke IP address pe large volume ka traffic generate karna, jo network resources ko overwhelm kar de.
Password Spraying: Commonly used passwords ko multiple accounts ya systems pe attempt karna, taaki unauthorized access ka chance badhe.
Session Replay: User ke web application ke interaction ko record aur replay karke sensitive information ya credentials expose karna.
USB-based Attacks: USB devices ki vulnerabilities ka fayda uthana ya social engineering ka use karke users ko malicious code execute karne ke liye trick karna.
Reverse Engineering: Software ya systems ke inner workings ko analyze aur understand karna taaki vulnerabilities identify ki ja sake ya sensitive information extract ki ja sake.
DNS Hijacking: DNS settings ko manipulate karna ya DNS servers ko compromise karna taaki users ko malicious websites pe redirect ya communications intercept kiya ja sake.
IoT (Internet of Things) Exploitation: Internet-connected devices jaise smart home devices ya industrial systems ki vulnerabilities target karna taaki unauthorized access ya disruption ho sake.
Eavesdropping: Wireless devices ke beech communication ko intercept aur monitor karna, jaise Wi-Fi ya Bluetooth, taaki sensitive information obtain ho sake.
Insider Data Theft: Kisi employee ya contractor jaise authorized individual dwara sensitive data ka unauthorized access aur theft.
Supply Chain Attacks: Software supply chain ki vulnerabilities target karna taaki trusted applications ya components ko compromise karke widespread exploitation ho sake.
DNSSEC Attack: DNS Security Extensions (DNSSEC) protocol ki weaknesses ka fayda uthana taaki uske security measures ko bypass ya undermine kiya ja sake.
Side Channel Attacks: Unintended channels ke through leaked information ka fayda uthana, jaise power consumption ya electromagnetic radiation, taaki sensitive data extract ho sake.
Physical Attacks: Hardware ko physically tamper karna, devices ko chura lena, ya physical vulnerabilities ka fayda uthana taaki systems ya data pe unauthorized access mil sake.
Voice Assistant Exploitation: Voice-controlled assistant devices mein vulnerabilities ka fayda uthana taaki unauthorized access ya sensitive information extract kiya ja sake.
AI-based Attacks: Artificial intelligence techniques ka use karke attacks ko enhance ya automate karna, jaise convincing phishing emails generate karna ya detection systems ko evade karna.