Web applications can be attacked using different strategies:
- Denial of Service (DOS) where a large number of bad requests are made to a web application with the idea of causing a malfunction with the underlying software, thereby denying the service to its real users.
- Web service attacks where different layers of the application are attacked specifically. For example, a web service may have a vulnerability of not correctly handling very large requests, causing overruns in the memory and allowing the attacker to take control of the web application.
- Data theft. Many web applications incorrectly handle data entries, allowing for SQL injections, whereby the attacker can access all stored databases in an application.
- Political ...