CyberBase
Step-by-step breakdowns of real-world attack patterns. Each flow shows what the attacker does, what the defender can do, and what the victim experiences — phase by phase.
All attack patterns
Social engineering attack that tricks victims into revealing credentials or installing malware through deceptive emails, messages, or websites.
Systematic attack that tries every possible password combination or uses common password lists to gain unauthorized access to accounts and systems.
Code injection technique that exploits vulnerabilities in database-connected applications to manipulate, extract, or destroy data by inserting malicious SQL statements.
Interception attack where the attacker secretly positions themselves between two communicating parties, reading and potentially altering all traffic in real time.
Devastating malware attack that encrypts the victim's files and demands payment for decryption, often spreading laterally across entire networks.
Post-compromise technique where attackers move through a network from one system to another, escalating privileges and expanding their access to reach high-value targets.
Sophisticated attack that compromises a trusted vendor, software package, or update mechanism to distribute malware to all downstream users and organizations.