Attack-Techniques

Credential stuffing is an automated attack technique where attackers use previously leaked username and password combinations to attempt login across multiple services. This SECMONS glossary entry explains how credential stuffing works, why password reuse fuels it, and how defenders can detect and mitigate it.

A drive-by compromise is an attack technique where a victim’s system is compromised simply by visiting a malicious or compromised website. This SECMONS glossary entry explains how drive-by attacks work, how they relate to browser vulnerabilities and zero-days, and what defenders should monitor.

Lateral Movement is a post-compromise attack technique where an adversary moves from one compromised system to others within the same network. This SECMONS glossary entry explains how lateral movement works, why it is operationally critical, and how defenders should detect and contain it.

A Man-in-the-Middle (MitM) attack occurs when an attacker intercepts, monitors, or alters communication between two parties without their knowledge. This SECMONS glossary entry explains how MitM attacks work, common techniques, real-world impact, and how defenders should mitigate interception risks.

Privilege Escalation is an attack technique where a user or process gains higher permissions than originally granted. This SECMONS glossary entry explains vertical and horizontal privilege escalation, common exploitation paths, and defensive mitigation strategies.