Common Terms Flashcards
Hack Value
A term of describing how willing a hacker would be to invest their time/energy to crack a system, file, etc. and whether or not it’d be worth attempting.
(a file containing absolutely atrocious amounts of porn (low hack value/not hack value (probably; depending on the perpetrator) vs. a file containing someone’s passport and credit card information (high hack value/hack value)).
Vulnerability
A weakness that could compromise a system (system: not just referring to a computer system, but any system. Corporation, household, government, etc.) and could be used as a possible means of attack.
Exploit
A piece of code that takes advantage of a vulnerability to deliver malicious code.
Can also be defined as any way to take advantage of a vulnerability to attack a system.
Payload
A malicious piece of code delivered through an exploit.
R.A.T.
Remote Access Trojan
A program used by an intruder to take control of a victim’s computer remotely, giving them access to the computer’s files, allowing covert surveillance and a backdoor for administrative control
ISP
Internet Service Provider
NSP
Network Service Provider
Hash
a hash is a function that converts one value to another.
Example:
keys-v/hash function-v/hash-v
John Smith ----\ [/---- ]-- 00
Chad Hecks ---/ \[/---- ]-- 01
Dirk McFunkle -/ [\ ] 02
[ \---]-- 03
Security Threat
A security - threat - is anything that has a potential of causing damage to a system/network.
Security Attack
A security -attack - is an attempt to gain unauthorized access to a system/network.
Attack Vector
An attack vector is a means by which a hacker delivers a payload to a system/network.
DOS
Disk Operating System
CPU
Central Processing Unit
GPU
Graphics Processing Unit
WPA
Wi-Fi Protected Access
The “IP” in IP address
Internet Protocol
SQL
Structured Query Language
IDS
Intrusion Detection System
DNS
Domain Name System
ARP
Address Resolution Protocol
IPS
Intrusion Prevention System
Array
An array is a data structure, which can store a fixed-size collection of elements of the same data type. An array is used to store a collection of data, but it is often more useful to think of an array as a collection of variables of the same type.
DDoS
Distributed Denial of Service
PCI DSS
Payment Card Industry Data Security Standard
HIPAA
Health Insurance Portability and Accountability Act
SOX
Sarbanes Oxley Act
DMCA
Digital Millennium Copyright Act
WIPO
World Intellectual Property Organization
FISMA
Federal Information Security Management Act
DMZ
Demilitarized Zone
Nonrepudiation
Nonrepudiation is the assurance that someone cannot deny something. Typically, nonrepudiation refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. To repudiate means to deny.
NDA
Non-disclosure Agreement
VPN
Virtual Private Network
Risk
Refers to the threat of damage or loss
RAID
Redundant array of inexpensive(/independent) disks
RAID works by placing data on multiple disks and allowing input/output (I/O) operations to overlap in a balanced way, improving performance.
OS
Operating System
ROSI
Return Of Security Investment
ICMP
ICMP (Internet Control Message Protocol) is an error-reporting protocol network devices like routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets.
Dictionary Attack
A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. … Dictionary attacks work because many computer users and businesses insist on using ordinary words as passwords.
ACE
In computer security, arbitrary code execution (ACE) is used to describe an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. … A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit.
Buffer Overflow Attack:
Attackers exploit buffer overflow issues by overwriting the memory of an application. This changes the execution path of the program, triggering a response that damages files or exposes private information.
The Difference Between DoS and DDos Attacks:
The DoS attack typically uses one computer and one Internet connection to flood a targeted system or resource. The DDoS attack uses multiple computers and Internet connections to flood the targeted resource. DDoS attacks are often global attacks, distributed via botnets.
Trojan:
A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.
Registry
The registry or Windows registry is a database of information, settings, options, and other values for software and hardware installed on all versions of Microsoft Windows operating systems. When a program is installed, a new subkey is created in the registry. This subkey contains settings specific to that program, such as its location, version, and primary executable.
Rootkit
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
Spyware
software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive (most often without the user’s consent),
Keylogger
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keylogger can be either software or hardware.
While the programs themselves are legal,[1] with many of them being designed to allow employers to oversee the use of their computers, keyloggers are frequently used for stealing passwords and other confidential information.
Security Audit:
Inspects if an organization is following security standards and policies.
Vulnerability assessment:
Deals (only) with finding the vulnerabilities of a network.
Penetration Testing:
Encompasses both security audit and vulnerability assessment. It also demonstrates how attackers can exploit the identified vulnerabilities.
Blue team (red team vs. blue team):
Blue team is defender team and its role is to detect attackers and predict possible attacks.
Red team (red team vs. blue team):
Red team is the attacker team and its role is to find vulnerabilities in the system and check the security as real attackers would.
White box testing:
The penetration testers are given complete information about the client’s infrastructure.
(think “light vs. dark”. White = lots of information i.e. brighter/more visibility. Black = practically no information i.e. in the dark)
Black box testing:
The penetration testers are given very little information about the client’s infrastructure.
(think “light vs. dark”. White = lots of information i.e. brighter/more visibility. Black = practically no information i.e. in the dark)
Grey box testing:
This type of testing uses a combination of black box and white box testing and gives a full inspection of the system, simulating both outside and inside attacks.
Pre-attack phase:
The pre-attack phase mainly includes activities such as preparation and planning, and information gathering. The objective is to gather as much information about the target as possible.
Attack phase:
This is the phase where you compromise the target and exploit the vulnerabilities you’ve uncovered in the pre-attack phase using the information you’ve previously gathered.
Post-attack phase:
In this phase, the tester restores the system to the pretest state (the state the system was in prior to the penetration).
The tester then reports all flaws and vulnerabilities of the system that they’ve uncovered.
All activities and results must be thoroughly documented.
Steps to take when performing an attack:
- Penetrate perimeter
- Acquire target
- Escalate privileges
- Execute, implant, and retract
Evaluating IDS and protocol filter rules // Checking access controls:
Techniques used to bypass IDS and firewalls.
Reverse shell
A reverse shell is a shell initiated from the target host back to the attack box which is in a listening state to pick up the shell.
To gain control over a compromised system, an attacker usually aims to gain interactive shell access for arbitrary command execution. With such access, they can try to elevate their privileges to obtain full control of the operating system. However, most systems are behind firewalls and direct remote shell connections are impossible. One of the methods used to circumvent this limitation is a reverse shell.
In which activity do ICMP probes, checking access controls, evaluating protocol filtering rules, and evaluating IDS take place ?
Bypassing firewall.
Target acquisition:
Target acquisition involves vulnerability scans to find vulnerabilities which can be later exploited.
Perimeter penetration:
Perimeter penetration is an activity in which a pen tester uses social engineering to test out the boundaries and find a way into the system.
Footprinting:
The act of gathering information from and about a selected target.
fedora:
fedora is a Linux based operating system which is a spin-off of red hat, used as a testing ground for new technologies which are later applied in red hat.
“site:” means what in the Google browser ?
States that Google should search only within the confines of whichever domain follows “site:”. Ex: site:linuxacademy.com
“intext:” means what in the Google browser ?
States that Google should search in the text of the website.
When you place a term within quotation marks in the Google browser, what does the browser do ?
The Google browser searches only for sites that include that full term, and exactly that term (no modifications at all).
Ex: “please change your” will search only for websites that include the term “please change your”.
”|” means what in the Google browser ?
It means “or”, essentially.
Ex: searching “sapien | ape” will search for all websites containing either “sapien” OR “ape”.
”-“ means what in the Google browser ?
States that whatever follows “-“ will be excluded from search results.
Ex: searching “my pungent asshole -presence -of -god” will search for “my pungent asshole” and exclude any results including any presence of God.
“file:” means what in the Google browser ?
Specifies the type of file that should be searched for.
Ex: searching “lack of human decency file:pdf” will search for any pdf files displaying a lack of basic human decency.
Shodan
If you search a domain in Shodan, you might come across some good data (but Ermin doesn’t seem to approve) - IP’s in use, type of web server, what’s being hosted, what versions are being hosted, and which technologies are in use. “Keep in mind that these things can be fairly inaccurate”
- Ermin the all-knowing (not said with sass).
It’s usually going to be a better idea to conduct your own search with your own methods in order to get more consistent, reliable results.
Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. … It was launched in 2009 by computer programmer John Matherly, who, in 2003, conceived the idea of searching devices linked to the Internet.
Netcraft
Netcraft is a provider of cybercrime disruption services across a range of industries. In November 2016, Philip Hammond, Chancellor of the Exchequer, announced plans for the UK government to work with Netcraft to develop better automatic defences to reduce the impact of cyber-attacks affecting the UK.
Cloudflare
Companies might hide their web servers and web services (and other services) behind Cloudflare so that you only ever know the domain and never the actual IP address.
- useful for DDoS protection, prevention of direct access, hiding the geographic location of company/servers.
- you’ll see the IP address of Cloudflare, but not the company’s actual IP address being Cloudflare
DNS server (aka nameserver):
A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases serves to resolve, or translate, those names to IP addresses as requested. DNS servers run special software and communicate with each other using special protocols.
