Attacks & Threats
Replay Attack
Also known as: Replay
Definition
An attack that captures legitimate network traffic — typically authentication tokens or transactions — and retransmits it later to impersonate the original sender.
Examples
- Replaying a captured Kerberos ticket or NTLMv1 hash to access a service as the original user.
- Replaying a recorded keyfob radio frame to open a car or garage door (in systems without rolling codes).
Related terms
Relay Attack
An attack that forwards an authentication exchange in real time between two parties, so the attacker is authenticated without ever knowing the credentials.
Session Hijacking
An attack that takes over a victim's authenticated session by stealing or forging the session identifier so the attacker can act as the user without their credentials.
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
Nonce
A "number used once" supplied to a cryptographic algorithm to guarantee freshness and prevent replay or key/IV reuse.
Broken Authentication
A category of vulnerabilities where flaws in authentication or session management let attackers impersonate legitimate users or take over accounts.
Perfect Forward Secrecy
A protocol property ensuring that the compromise of long-term keys does not allow decryption of past session traffic.