Glossary Flashcards
Kismet/ Netstumbler
Detects wireless access points and analyzes network traffic. Useful for surveying a network to understand its wireless security footprint.
INMAP
Scans networks to identify active hosts and open ports. Employed for initial network reconnaissance and security auditing.
WireShark
A packet sniffer and protocol analyzer for realtime network monitoring. Ideal for diagnosing network issues or analyzing security incidents.
TCPDump
A Unix/Linux command-line packet capture tool. Helpful for real-time network troubleshooting and capturing packets for later analysis.
Honeypots
Decoy systems to lure attackers away from legitimate targets. Useful for studying attacker behaviors and tactics.
Hping3
Crafts custom ICMP, UP, and TCP packets to test firewalls. Employed to identify vulnerabilities or misconfigurations in firewall rules.
Intel Executable Disable (XD)
Provides hardware-level buffer overflow protection in Intel chipsets. Useful for preventing malicious code execution at the system level.
AMD Enhanced Virus Protection
Offers chipset-level buffer overflow protection for AMD processors. Acts as a hardware-level security feature against certain types of attacks.
Address Space Layout Randomization (ASLR)
Randomizes memory locations for process execution, offering buffer overflow protection. Effective against exploits aiming to predict memory addresses.
Nessus
A Tenable product for vulnerability assessment. it scans networks to identify security risks. Ideal for regular security audits.
Metasoloit
A penetration testing framework that includes tools and exploits for securitv assessments. Can be used to simulate cyber-attacks to test network resilience.
CANVAS
Vulnerability assessment tool by Immunity, designed for identifying network and system weaknesses. Useful for enterprise security audits.
Nikto and Wikto
analize what?
Analyzes web servers and identifies security issues like outdated software and misconfigurations. Effective for hardening web servers before deployment.
Burp Suite
A web security testing platform for web application vulnerabilities. Ideal for security assessments of web-based applications.
Fuzzers (MiniFuzz, Binscope, Regex Fuzzer)
Automated tools for identifying vulnerabilities by inputting unexpected data. Helpful for discovering unknown issues like crashes or security flaws in software.