GUESS the attack?
A game to help you review different Cyber Security Attacks
The definitions included in the game have been obtained from NIST for education purposes.
Nist.gov. (2020). Glossary | CSRC. [online] Available at: https://csrc.nist.gov/glossary
Discover the attack with a few clues
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
"Enables unauthorized parties to cause client-side scripts to be executed by other users of the Web application."
Clue
CLUE - 1
5 Examples, accessed on 21 October 2022 https://websitesecuritystore.com/blog
Good luck!
In this kind of attack, the victim is the user, not the application. The target user's cookie is sent to an attacker's server.
Clue
Example XSS
Example, accessed on 13 July 2023 https://owasp.org/
Example XSS
Example, accessed on 13 July 2023 https://owasp.org/
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
An attack in which a subscriber currently authenticated to an RP and connected through a secure session browses to an attacker’s website, causing the subscriber to unknowingly invoke unwanted actions at the RP.
Clue
CLUE - 2
Good luck!
Example, accessed on 13 July 2023 NeuraLegion - https://www.neuralegion.com
For example, if a bank website is vulnerable to this attack, it may be possible for a subscriber to unintentionally authorize a large money transfer, merely by viewing a malicious link in a webmail message while a connection to the bank is open in another browser window.
Clue
Example CSRF
Example, accessed on 13 July 2023 https://owasp.org/
Example CSRF
Example, accessed on 13 July 2023 https://owasp.org/
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
"A method of overloading a predefined amount of memory storage in a buffer, which can potentially overwrite and corrupt memory beyond the buffer’s boundaries."
Clue
CLUE - 2
Good luck!
Example, accessed on 13 July 2023 https://www.wallarm.com/
A condition at an interface under which more input can be placed into a buffer or data holding area than the intended capacity allocated (due to insecure or unbound allocation parameters), which overwrites other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
congratulations!
Well done!
You have guessed the attack
Cool!
Who is this character?
Character name
You haven't guessed the character...
OOHH!
GUESS THE ATTACK - GAME
Zaira Martínez Delgado
Created on October 21, 2022
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Mental Agility Game
View
Image Matching Game
View
Guess the Hidden Image
View
Startup Speed Quiz
View
Corporate Memory Challenge
View
Higher Education Test Mobile
View
Flags Challenge
Explore all templates
Transcript
GUESS the attack?
A game to help you review different Cyber Security Attacks
The definitions included in the game have been obtained from NIST for education purposes.
Nist.gov. (2020). Glossary | CSRC. [online] Available at: https://csrc.nist.gov/glossary
Discover the attack with a few clues
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
"Enables unauthorized parties to cause client-side scripts to be executed by other users of the Web application."
Clue
CLUE - 1
5 Examples, accessed on 21 October 2022 https://websitesecuritystore.com/blog
Good luck!
In this kind of attack, the victim is the user, not the application. The target user's cookie is sent to an attacker's server.
Clue
Example XSS
Example, accessed on 13 July 2023 https://owasp.org/
Example XSS
Example, accessed on 13 July 2023 https://owasp.org/
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
An attack in which a subscriber currently authenticated to an RP and connected through a secure session browses to an attacker’s website, causing the subscriber to unknowingly invoke unwanted actions at the RP.
Clue
CLUE - 2
Good luck!
Example, accessed on 13 July 2023 NeuraLegion - https://www.neuralegion.com
For example, if a bank website is vulnerable to this attack, it may be possible for a subscriber to unintentionally authorize a large money transfer, merely by viewing a malicious link in a webmail message while a connection to the bank is open in another browser window.
Clue
Example CSRF
Example, accessed on 13 July 2023 https://owasp.org/
Example CSRF
Example, accessed on 13 July 2023 https://owasp.org/
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
"A method of overloading a predefined amount of memory storage in a buffer, which can potentially overwrite and corrupt memory beyond the buffer’s boundaries."
Clue
CLUE - 2
Good luck!
Example, accessed on 13 July 2023 https://www.wallarm.com/
A condition at an interface under which more input can be placed into a buffer or data holding area than the intended capacity allocated (due to insecure or unbound allocation parameters), which overwrites other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
Guess the attack
DDoS Distributed Denial of Service
XSS Cross-site scripting
CSRF Cross-site forgery
SQL Injection
DNS Poisoning
ARP Poisoning
Buffer- Overflow
TCP/IP hijacking
Good luck!
Clue
congratulations!
Well done!
You have guessed the attack
Cool!
Who is this character?
Character name
You haven't guessed the character...
OOHH!