Lesson 11: Anatomy of a Cyberattack — From XSS to Identity Theft
So far we've seen how attackers exploit weaknesses in the network and its protocols. This lesson goes up a layer: how attackers hit applications and users directly — through code injected into a browser, a database fed foreign commands, memory that overflows, and a password that gets guessed. This i
In brief: XSS injects code into someone else's browser, SQL injection injects commands into a database, buffer overflow writes past memory boundaries to hijack the program — and all three, in different ways, hand the attacker control they were never supposed to have.
- Cross-Site Scripting (XSS)
- Injecting malicious JavaScript into a legitimate user's browser through a vulnerable site; three main types: Stored, Reflected, and DOM-based.
- Cookie Theft & Session Hijacking
- Stealing a victim's session ID and injecting it into the attacker's browser (pass-the-cookie), granting full account access and completely bypassing MFA — because authentication already happened.
- SQL Injection
- Injecting SQL commands into an unsanitized input field, sometimes using an expression like ' OR '1'='1 to bypass authentication checks.
- Buffer Overflow
- Writing data past the boundaries of its allocated memory buffer, up to overwriting the return address and transferring control to malicious shellcode the attacker planted.
- Credential-Based Attacks
- A family of password-exploiting attacks: Brute Force (trying every combination), Dictionary Attack (a list of common passwords), Credential Stuffing (reusing leaked pairs), and Password Spraying (one password against many usernames).