Glossary
Glossary
Discover the ultimate Ethical Hacking Glossary from A to Z
Ethical Hacking & Countermeasures Glossary
A
ACK Flag Probe Scan
Sending TCP packets with an ACK flag to a device and analyzing the response to check if a port is open or closed.Access Point (AP)
A device that connects wireless devices to a wired network.Active Attacks
Hackers messing with data in transit or disrupting services to break into secure systems.Active Footprinting
Gathering info about your target through direct interaction. Not sneaky, but effective.Active Sniffing
Injecting ARP packets to flood the network switch, so you can grab sensitive data like a boss.Adversary Behavioral Identification
Spotting the common methods hackers use to launch attacks on your network.Address Resolution Protocol (ARP)
A protocol that helps translate IP addresses to MAC addresses so devices can talk to each other.Adware
Software that spams you with ads and popups you never asked for.Agent Smith Attack
Sneaky attacks where users download malicious apps disguised as legit ones, usually from third-party stores.Advanced Encryption Standard (AES)
A top-level encryption standard developed by NIST to protect electronic data.Advanced Persistent Threats (APTs)
Advanced attacks where hackers gain access to your network and stay hidden for long periods.Anomaly Detection
Spying out weird behaviour that doesn’t fit the usual patterns to catch potential threats.Angler Phishing
Scammers use social media to target unhappy users and lure them into phishing traps.Anonymizer
A server that hides your real identity, letting you browse the web untraceable.Application Blacklisting
Keeping a list of known bad apps that are blocked from running anywhere on your system.Application Flaws
Vulnerabilities in apps that attackers can easily exploit.Application-Level Firewall
Filters traffic at the app layer, providing extra protection on top of network-layer defences.Application-Level Hijacking
Taking control of an app's session by hijacking the session ID. Sneaky.Application Proxy
A middleman server that filters connections for specific services to keep things secure.Application Whitelisting
Only allowing trusted apps to run. If it's not on the list, it doesn't get in.API DDoS Attack
Flooding an API with massive traffic from a botnet, choking the service for legitimate users.ARP Ping Scan
Sending ARP requests to see if hosts are active. If you get a reply, the host’s alive.ARP Spoofing Attack
Creating forged ARP packets to overload the switch and mess with network communications.Asymmetric Encryption
Encryption that uses two keys – one to lock (public) and one to unlock (private).Association
The process of connecting a wireless device to an AP (Access Point).Audio Steganography
Hiding secret data inside audio files like MP3s, WAVs, or RM. Who says music can't hold secrets?Automated Web App Security Testing
Automating the security testing process during development to catch vulnerabilities early.Antivirus Sensor System
Software that detects and analyzes malicious code threats like viruses, worms, and Trojans.Authenticity
Make sure your data or communication is legit and real, not fake.Availability
Your systems need to be there when authorized users need them. Period. No downtime, no excuses.
---
B
Baiting
A technique where attackers lure victims with something tempting to steal sensitive info.Bandwidth
How much data can be sent over a connection? Think of it as your network’s capacity.Base64 Encoding
A method to represent binary data using only printable ASCII characters, useful for storing or transmitting data.Basic Process Control System (BPCS)
Responsible for process control and monitoring in industrial setups.Basic Service Set Identifier (BSSID)
The MAC address of an access point (AP) or base station in a wireless network.Behavioral Indicators
Telltale signs of malicious activity, like red flags for shady behaviour.BGP (Border Gateway Protocol)
A protocol that exchanges routing info between different networks on the Internet.Big Data
Massive data sets that are analyzed to uncover trends and patterns, are often used for predictive analysis.Black Hats
Hackers who use their skills for illegal or malicious purposes. The bad guys in the hacker world.Blacklist Validation
Rejecting all malicious inputs that have been marked as dangerous. No bad guys allowed.Blind/Inferential SQL Injection
An SQL injection where the attacker asks true/false questions to determine if an app is vulnerable.Blowfish
A symmetric encryption algorithm designed to replace older ones like DES or IDEA.Bluetooth
A short-range wireless tech that connects devices without cables while keeping things secure.BlueBorne Attack
An attack on Bluetooth devices to gain full control of the target.Bluebugging
Remotely accessing and using a Bluetooth device’s features without the victim knowing.BlueJacking
Sending anonymous messages to Bluetooth-enabled devices, like laptops and phones.Bluesmacking
An attack where the attacker sends oversized ping packets to cause a buffer overflow on the target’s device.BlueSnarfing
Stealing info from a Bluetooth-enabled device like a phone or laptop, typically done over Bluetooth connections.BlueSniff
A tool for scanning and finding Bluetooth devices during wardriving.Blueprinting
A technique used to figure out the make and model of a Bluetooth-enabled device.Botnet
A huge network of compromised systems controlled by attackers, often used for DDoS attacks.Broken Access Control
When attackers find flaws in access control, bypass authentication, and compromise the network.Brute-Force Attack
Attackers try every possible combination of characters until they crack your password.Buffer Overflow
When a program gets more data than it can handle, leading to crashes or hacks.Bug Bounty Program
Companies challenge hackers to find bugs in their systems, rewarding them for discovering vulnerabilities.Business Network
A network that provides the information infrastructure for a business.BYOD (Bring Your Own Device)
A policy allowing employees to use their personal devices (like laptops and phones) to access company resources.
---
C
Cache Poisoned Denial of Service (CPDoS)
An attack that tricks a web server into caching malicious or error responses, causing a denial of service.Camellia
A symmetric block cypher offering high levels of security with either 18 or 24 rounds, depending on the key size.Camfecting Attack
Taking control of a victim’s webcam without their knowledge, turning it into a spying device.CASB (Cloud Access Security Brokers)
Solutions that enforce security, compliance, and governance for cloud applications.CAST-128
A symmetric block cypher that uses 12-16 rounds of encryption to secure data.CEH Hacking Methodology (CHM)
The step-by-step process created by the EC-Council for ethical hacking, covering the whole hacking cycle.Chain Letters
Emails promising free gifts in exchange for forwarding them to others. Classic scam move.Circuit-Level Gateway Firewall
Monitors session requests and decides whether to allow or deny the session based on predefined rules.Clickjacking Attack
An attack where users are tricked into clicking on something they didn’t intend, usually by placing hidden elements over a legit web page.Cloud Application Security
The rules and techniques used to secure data exchange between cloud platforms.Cloud Auditing
Analyzing and verifying cloud services to ensure they comply with privacy and security requirements.Cloud-Based Assessment
Assessing the security of cloud infrastructure based on best practices and guidelines set by the provider.Cloudborne Attack
An attack that implants a backdoor in the firmware of a cloud server to compromise it.Cloud Broker
Manages cloud services for clients, ensuring everything works smoothly between cloud providers and consumers.Cloud Carrier
Provides connectivity between cloud consumers and cloud providers.Cloud Consumer
An individual or organization that uses cloud services.Cloud Cryptojacking
Stealing your computer’s power to secretly mine cryptocurrency without your consent.Cloud Integration
The process of connecting multiple cloud environments together, creating a unified public or hybrid cloud.Cloud Provider
The entity that offers cloud services to consumers.Cloud Security Alliance (CSA)
A nonprofit organization that promotes best practices and awareness to secure cloud environments.Cluster
A group of connected computers (nodes) working together to complete tasks faster.Common Vulnerabilities and Exposures (CVE)
A free, publicly available list that identifies common software vulnerabilities.Common Vulnerability Scoring System (CVSS)
A standardized way to measure and communicate the severity of IT vulnerabilities.Common Weakness Enumeration (CWE)
A system that categorizes software vulnerabilities and weaknesses, helping developers fix them.Competitive Intelligence Gathering
The process of gathering and analyzing information about your competitors from publicly available sources.Computer Worms
Malicious programs that spread across networks on their own, consuming resources without needing human intervention.Confidentiality
Keeping data and info accessible only to those who are authorized. No snoopers allowed.Container
A package that includes everything needed to run the software: app code, libraries, and dependencies.Container-as-a-Service (CaaS)
A service that manages the virtualization of containers and apps through a web portal or API.Container Orchestration
Automating the management, scaling, and operation of containers to ensure they run efficiently in the cloud.Cookie Poisoning
Altering cookie data to gain unauthorized information or steal a user’s identity.Cookie Replay
Reusing stolen cookies to impersonate a legitimate user as long as they’re still logged in.Cookie Sniffing
Intercepting cookies that contain session IDs, allowing the attacker to hijack user sessions and bypass authentication.CRIME Attack
An attack that exploits vulnerabilities in the data compression feature of SSL/TLS protocols, leaking sensitive data.Cross-Site Request Forgery (CSRF) Attack
An attack that tricks users into performing actions they didn’t intend by sending malicious requests on their behalf.Cross-Site Scripting (XSS) Attacks
Attackers inject malicious scripts into web pages that execute in the browser of unsuspecting users.Crypter
Software that hides malware, making it harder to detect and reverse engineer.Cryptanalysis
The study of breaking cyphers, finding weaknesses in cryptosystems and cracking encrypted messages.Cryptography
The art of converting data into secret code to protect it when being transferred over a network.
---
D
DCSync Attack
An attack where hackers use domain replication rights to create a fake domain controller and gain access to sensitive data.Database Honeypots
Fake databases set up to lure attackers, helping identify vulnerabilities like SQL injection attempts.Data Encryption Standard (DES)
An encryption standard used to secure data, is now considered weak compared to modern encryption.Data Protection API (DPAPI)
Windows' unified storage for cryptographically protected files, browser passwords, and other sensitive data.Deepfake Attack
Using AI to create fake videos or audio that impersonate someone to trick targets into giving up sensitive info.Deep Web
Web content that’s hidden and not indexed by regular search engines. You need special tools to find it.Defense-in-Depth
A security strategy where multiple layers of protection are spread throughout your systems. Think of it as a security onion.Demilitarized Zone (DMZ)
A part of your network that acts as a neutral zone between your internal network and the outside world. Keeps outsiders from getting too close.Denial-of-Service (DoS) Attack
An attack that overwhelms a system or network, making it unusable for legitimate users.DHCP Starvation Attack
A DoS attack where hackers use up all available IP addresses on a network by flooding it with DHCP requests.Diamond Model
A framework that helps identify clusters of related security events across a system, helping you connect the dots.Dictionary Attack
An attack where a hacker uses a pre-made dictionary of passwords to crack user accounts.Diffie-Hellman
A cryptographic protocol that lets two parties establish a shared key over an insecure channel.Digital Signature
Using asymmetric cryptography to create a secure, digital version of a handwritten signature.Digital Signature Algorithm (DSA)
A government-standard encryption algorithm used to create digital signatures.Direct-Sequence Spread Spectrum (DSSS)
A technique that spreads a data signal over a wider frequency band, making it harder to intercept.Directory Traversal
Attackers access restricted directories by manipulating URLs and gaining access to sensitive system files.Distributed Control System (DCS)
A system used for controlling processes in industries, often handling critical infrastructure.Distributed Denial-of-Service (DDoS) Attack
A coordinated attack where many compromised systems flood a target with traffic, taking it offline.Distributed Network Attack (DNA)
Hackers harness unused processing power across multiple systems to crack passwords faster.Distributed Reflection Denial-of-Service (DRDoS) Attack
An attack where multiple intermediary machines send reflected traffic to a target, amplifying the attack.DNS Cache Poisoning
Altering a DNS server’s cache with fake DNS records, so users get sent to malicious sites when they think they’re visiting legit ones.DNS Cache Snooping
An attacker checks a DNS server’s cache to see if certain DNS records are there, potentially revealing what sites were visited.DNS Poisoning
Attackers trick DNS servers into accepting fake records, leading users to malicious sites instead of the real ones.DNS Rebinding Attack
Attackers use DNS rebinding to bypass same-origin policies, allowing malicious web pages to communicate with local domains.DNSSEC Zone Walking
If DNSSEC isn’t configured correctly, attackers can extract internal DNS records by walking through the DNS zone.Docker
A technology for creating and managing containers that run the software and all its dependencies in isolated environments.Document Steganography
Hiding secret messages inside documents, making them invisible to anyone who doesn’t know they’re there.Downloader
A Trojan designed to download more malware once it gains access to your system.Dropper
A Trojan that silently installs other malware onto a system, usually without detection.DUHK Attack
A vulnerability that lets attackers recover hard-coded encryption keys, putting VPNs and web sessions at risk.Dumpster Diving
Attackers go through your trash, literally, to find sensitive info. Not glamorous, but it works.DROWN Attack
An attack that exploits a weakness in SSL/TLS to break encryption, even if the server uses modern versions of SSL.Dynamic Application Security Testing (DAST)
Black-box testing that’s done on running code to find issues with requests, responses, and code injections.Dynamic Malware Analysis
Running malware to see how it behaves and how it affects the host system.
---
E
Eavesdropping
Secretly listening to conversations (like phone calls or video chats) without permission. Creepy and illegal.Edge Computing
A distributed model where data is processed close to where it’s generated (near-edge devices) instead of relying on centralized servers.Egress Filtering
Scanning outgoing IP packet headers to ensure nothing malicious is leaving your network.Elliptic Curve Cryptography (ECC)
Modern cryptography uses smaller key sizes for stronger encryption, avoiding the need for massive keys.Email Honeypots
Fake email addresses set up to catch malicious emails and monitor attack attempts.Email Indicators
Clues are hidden in emails that hackers use to deliver malicious data to a target.Electronic Security Perimeter
The boundary that separates secure and insecure zones of a system.Elicitation
Getting sensitive info from someone by casually chatting with them. Social engineering at its finest.Enumeration
Extracting usernames, machine names, network resources, and services from a system or network.Error-Based SQL Injection
An attack that forces a database to make an error, revealing vulnerabilities.Ethical Hacking
Using hacking tools, tricks, and techniques for good – to find vulnerabilities and secure systems.Exploit
A piece of malicious code that takes advantage of software vulnerabilities to breach security.Exploit Chaining
Combining multiple exploits to dig deeper into a system and take control.Exploit Kit
A crimeware toolkit that delivers payloads like Trojans, spyware, and backdoors through vulnerabilities.
---
F
Fault Injection Attacks
Injecting faulty or malicious code into a system to break its security. Also called Perturbation attacks.Federal Information Security Management Act (FISMA)
A comprehensive framework for ensuring security controls over information resources that support federal operations and assets.File Fingerprinting
Creating a hash value for a binary file to uniquely identify it.Fileless Malware
Malware that infects legitimate software or apps without needing a file to operate. It's sneaky, running straight in memory.Fingerprint Attack
Breaking down passwords into simpler, smaller character combinations to crack complex passwords.Firewalking
Using TTL values to figure out gateway ACL filters and map the network by analyzing IP responses.Firewall
Hardware or software designed to block unauthorized access to or from your network. Your first line of defence.Flooding
Sending massive amounts of traffic to create noise, confusing intrusion detection systems so real attacks go unnoticed.Folder Steganography
Hiding and encrypting files inside a folder, making them invisible in normal Windows applications like Explorer.Footprinting
The first step in any attack, where an attacker gathers info about the target network to find ways in.Function-as-a-Service (FaaS)
A cloud service for running code without needing to manage servers. Serverless architecture at its finest.Fog Computing
A decentralized computing model where data and apps live between devices and the cloud, bringing processing closer to where data is generated.Frequency-Hopping Spread Spectrum (FHSS)
A method that rapidly switches radio signal frequencies to avoid interference or interception.
---
G
Gaining Access
The moment when an attacker successfully gets into the target system or network, whether it’s an app, OS, or something else.Ghostwriting
A bypass technique where malware code is modified without changing how it works, evading detection.Global System for Mobile Communications (GSM)
A universal mobile data transmission system used worldwide in wireless networks.GNSS Spoofing
An attack that messes with the Global Navigation Satellite System (GNSS) signals, tricking the target into receiving fake location and time data.Golden SAML Attack
An attack targeting cloud identity providers, like ADFS, that use SAML for user authentication and authorization.Golden Ticket Attack
A post-exploitation technique that lets hackers take full control over an Active Directory, owning the whole network.Google Hacking Database (GHDB)
An online resource filled with Google search queries that expose sensitive information or vulnerabilities indexed by the search engine.Gray Hats
Hackers who sometimes play on the defensive and sometimes on the offensive, depending on the situation.
---
H
Hacker
A person who breaks into systems or networks without permission, often for malicious reasons.Hacker Teams
A group of skilled hackers working together with funding and resources to research cutting-edge tech.Hacking
Exploiting system vulnerabilities to gain unauthorized access to resources or sensitive data.Hacktivist
Hackers with a political agenda, defacing or disabling websites to promote their cause.Hash Collision Attack
An attack where two different inputs result in the same hash output, potentially compromising the system’s integrity.Hash Injection/Pass-the-Hash (PtH) Attack
An attack where a compromised hash is injected into a session to access network resources without needing the original password.Hardware-Based Encryption
Using hardware instead of software to handle data encryption, often for better performance and security.Hardware Firewall
A physical device, often part of a router, designed to block unauthorized access to a network.Hardware Protocol Analyzer
A device used to capture and analyze signals without altering network traffic.Hardware Security Module (HSM)
An external security device that manages, generates, and securely stores cryptographic keys for systems.Hard Drive Encryption
Technology that encrypts data stored on a hard drive using various encryption methods to keep it safe.High-Interaction Honeypots
Honeypots that run real, vulnerable services and software, offering attackers a real environment to explore.Honey Trap
An attacker pretends to be an attractive person online, building a fake relationship to extract sensitive info from the target.Honeynet
A network of honeypots used to study an attacker’s full capabilities by observing their methods across a network.Honeypot
A system set up to lure attackers, helping to study their methods and trap them before they can cause real harm.Host-Based Indicators
Clues found by analyzing an infected system within a network, helping to trace malicious activity.Host Integrity Monitoring
Tracking changes made to a system by comparing its state before and after analysis.Hotfixes
Specific updates that address customer issues but aren’t always distributed widely.HTML Encoding
A method to represent unusual characters safely within an HTML document.HTML Smuggling
A web attack where malicious code is hidden in an HTML script to compromise a web page.HTTP GET/POST Attack
An attack that uses time-delayed HTTP headers to exhaust web server resources by keeping connections open for too long.HTTP Public Key Pinning (HPKP)
A technique that associates a specific public key with a server, helping to prevent MITM attacks using fake certificates.HTTP Response-Splitting Attack
An attack where hackers inject new lines and arbitrary code into a server’s response headers to manipulate HTTP responses.HTTP Strict Transport Security (HSTS)
A web security policy that ensures websites using HTTPS are protected against man-in-the-middle (MITM) attacks.
---
I
ICMP ECHO Ping Scan
Sending ICMP ECHO requests to see if a host is live. If it responds, it’s alive.ICMP ECHO Ping Sweep
Sending ICMP ECHO requests to a range of IPs to find out which hosts are live.ICMP Flood Attack
A DoS attack where attackers flood a victim’s system with large volumes of ICMP requests, overloading it.Identity Theft
A crime where someone steals personal information like your name, credit card number, or social security number to commit fraud.IEC 62443
A cybersecurity standard for industrial control systems, addressing secure design, risk assessment, and security management.IAM Misconfiguration
Mistakes in setting up Identity and Access Management (IAM) policies, often leading to security breaches.Indicators of Compromise (IoCs)
Clues or forensic data found on a network or system that hint at a possible breach or malicious activity.Industrial Control System (ICS)
A collection of control systems and equipment used to operate and automate industrial processes.Industrial Network
A network of automated control systems used in industrial environments.Injection Flaws
Web app vulnerabilities where untrusted data is executed as part of a command or query, leading to security breaches.In-band SQL Injection
An attack where the attacker uses the same communication channel to send malicious SQL queries and receive the results.Ingress Filtering
A technique that prevents attackers from using fake source addresses in Internet traffic.Insider Attack
An attack from within the organization, where someone with privileged access breaks the rules or intentionally harms the system.Integer Overflow
An error that happens when a value is too large for the allocated memory, leading to unexpected behavior or vulnerabilities.Integrity
Ensuring that data or resources are trustworthy, with no unauthorized changes.Intrusion Detection System (IDS)
Software or hardware that inspects network traffic to detect suspicious patterns that may indicate a security breach.Intrusion Prevention System (IPS)
Similar to an IDS, but with the added capability of blocking detected threats.IP Address Decoy
Using fake IP addresses to throw off an intrusion detection system (IDS) or firewall and hide the real attacker.IP Address Spoofing
Changing the source IP address in packets to make an attack look like it’s coming from someone else.
---
J
Jailbreaking
The process of installing modified kernel patches that let users run third-party apps not approved by the OS vendor.Jamming Attack
An attack where the communication between wireless IoT devices is jammed, disrupting their function and making them vulnerable.
---
K
Kerberos
A network authentication protocol that uses secret-key cryptography to provide strong authentication for client/server apps.Keylogger
Software or hardware that secretly records every keystroke typed by a user, logging it for later or sending it to a remote attacker.Key Stretching
_A technique to strengthen a weak cryptographic keyby making it longer and harder to crack._
KNOB Attack
A Bluetooth attack that weakens security during key negotiation, allowing an attacker to perform a man-in-the-middle (MITM) attack on paired devices.Kubernetes (K8s)
An open-source platform for managing containerized apps and microservices, originally developed by Google.
---
L
Lawful Interception
Legally intercepting data communication between two points for surveillance, covering everything from traditional telecoms to VoIP and data networks.LDAP (Lightweight Directory Access Protocol)
An Internet protocol used for accessing distributed directory services, like finding info on servers or networks.LDAP Injection Attack
An attack similar to SQL injection but targeting LDAP queries, exploiting user inputs to manipulate directory lookups.Low-Interaction Honeypots
Honeypots mimic only a few services or apps on a target system, giving attackers just enough to interact with but not the whole system.
---
M
MAC Flooding
Overloading a network switch’s CAM table with fake MAC addresses to cause a switch overflow.MAC Spoofing/Duplicating
An attack where an attacker copies a legitimate MAC address to bypass network security and impersonate a legitimate device.Maintaining Access
The phase where an attacker tries to keep their hold on a compromised system, ensuring continued control.Malicious Code
Code that defines the core functions of malware, like data theft or creating backdoors.Malicious Insider
A disgruntled employee who intentionally introduces malware or steals data from their company.Malware
Malicious software designed to damage or disable systems, or take control for theft or fraud.Malware Analysis
Reverse engineering malware to figure out its origin, functionality, and potential impact.Malware Honeypots
Honeypots are designed to trap malware campaigns by mimicking vulnerable systems.Man-in-the-Browser Attack
An attack where a Trojan intercepts communications between the browser and its security mechanisms, hijacking browser data.Man-in-the-Cloud (MITC) Attack
An attack that abuses cloud file services like Google Drive or Dropbox for data theft, remote access, or command-and-control operations.Man-in-the-Middle (MitM) Attack
An attack where the attacker intercepts communications between two systems, often without either party knowing.Markov-Chain Attack
Attackers break passwords into 2- or 3-character chunks and create new character sequences based on patterns in a password database.Memory Leak
An unintended consumption of memory that happens when a programmer forgets to release memory that’s no longer needed.MITRE ATT&CK Framework
A globally accessible knowledge base of real-world adversary tactics and techniques. A hacker’s playbook, based on actual observations.
---
N
National Vulnerability Database (NVD)
A U.S. government repository that holds vulnerability management data, represented using the Security Content Automation Protocol (SCAP).Negligent Insider
An insider who unintentionally causes security issues by skipping or ignoring security procedures, usually for convenience.Network Address Translation (NAT)
A method that separates IP addresses into two sets, allowing internal and external traffic to use different addresses.Network Indicators
Clues found in network traffic are used for malware detection, command and control tracking, OS identification, and more.Network Level Hijacking
Intercepting packets during transmission between a client and server in a TCP or UDP session, hijacks the communication.Network Perimeter
The outer boundary of a network, marking the edge of the protected zone.Network Scanning
A process of identifying hosts, ports, and services running on a network to map out the environment.Non-Repudiation
A guarantee that the sender of a message can’t deny sending it, and the recipient can’t deny receiving it.NTP (Network Time Protocol)
A protocol designed to sync the clocks of computers across a network, keeping everyone on the same time frame.
---
O
Obfuscating
An IDS evasion trick where attackers encode the attack payload so the target system can decode it but the IDS can’t.Obfuscator
A program that hides its code and purpose, making it hard for security tools to detect or remove.OAuth
An authorization protocol that lets users grant limited access to their data from one site to another site without sharing their login credentials.Omnidirectional Antenna
An antenna that radiates electromagnetic energy equally in all directions, like a big broadcasting beacon.Organized Hackers
Criminals who rent devices or botnets to carry out cyberattacks, usually to steal money from victims.Orthogonal Frequency-Division Multiplexing (OFDM)
A digital modulation method that splits a signal into multiple carrier frequencies that are orthogonal (at right angles) to each other.OS Discovery/Banner Grabbing
A technique used to figure out what operating system a remote target is running by grabbing info from system banners.Output Encoding
A technique used to sanitize input before sending it to a database, ensuring it’s safe and free from attacks like SQL injection.Overpass-the-Hash Attack
A credential theft attack where attackers reuse stolen hashes to perform malicious actions on compromised devices or environments.
---
P
Packet Filtering Firewall
A firewall that checks each packet against a set of rules before deciding whether to forward or block it.Packet Fragmentation
Splitting a large packet into smaller fragments to send across a network.Packet Sniffing
Capturing and monitoring all data packets passing through a network.Passive Attacks
Attackers quietly monitor and intercept network traffic without altering the data.Passive Footprinting
Collecting information about a target without interacting with it directly. A stealthy approach to info gathering.Password Cracking
Techniques used to recover passwords from systems, usually through brute force, dictionary attacks, or other methods.Password Guessing
Manually trying different passwords to log into a system, hoping to hit the right one.Password Salting
Adding a random string to passwords before hashing them, making brute-force attacks much harder.Password Spraying Attack
Attackers use a small set of commonly used passwords across multiple user accounts to find a weak point.Payload
Malicious software that executes after a system is compromised, allowing the attacker to control the system.Peer-to-Peer Attack
A DDoS attack where the attacker exploits vulnerabilities in peer-to-peer servers to initiate the attack.Pharming
A social engineering technique where victims are redirected to malicious websites, even though they typed the correct URL.Phishing
Sending fake emails pretending to be from legit sites to trick users into giving up personal or account information.Piggybacking
Gaining unauthorized physical access to a secure area by following an authorized person.Ping of Death Attack
An attack where the attacker sends oversized or malformed packets to crash or destabilize the target system.Pop-Up Windows
Unwanted windows that suddenly appear while browsing, are often used in phishing attempts to steal user info.Post-quantum Cryptography
Advanced cryptographic algorithms designed to protect against attacks from both traditional and quantum computers.Privilege Escalation
Gaining higher levels of access or permissions on a system than initially granted.Proxy Server
An intermediary server that connects users to other computers, hiding the user’s identity and improving security.Public Key Infrastructure (PKI)
The hardware, software, and policies needed to create, manage, and revoke digital certificates.
---
Q
Quantum Cryptanalysis
The process of breaking cryptographic algorithms using the power of quantum computers.Quantum Cryptography
Encryption based on quantum mechanics, using photons for secure communication instead of traditional mathematical methods. Quantum Key Distribution (QKD) is a key example.
---
R
Rainbow Table
A pre-computed table that stores word lists (like dictionaries or brute force lists) and their corresponding hash values.Ransomware
Malware that locks users out of their systems or files until a ransom is paid.Reconnaissance
The prep phase is where attackers gather info about a target before launching an attack.Replay Attack
Capturing and replaying authentication tokens or packets to gain unauthorized access to a system.Resource Exhaustion
An attack that overloads a system with resource requests, exploiting software bugs to crash or freeze the system.Return-Oriented Programming (ROP) Attack
An attack where malicious code is executed using existing code sequences, bypassing protections like executable space protection.Reverse Engineering
Analyzing and extracting the source code of software or applications to understand or modify them.Rich Text Format (RTF) Injection
An attack that exploits Microsoft Office’s RTF features by injecting malicious RTF templates.Risk Assessment
Evaluating the likelihood and impact of identified risks to determine the overall risk.Rootkits
Programs that hide malicious activities and give attackers full access to a compromised system.RSA (Rivest Shamir Adleman)
A public key cryptosystem for encrypting and authenticating data, created by Ron Rivest, Adi Shamir, and Leonard Adleman.
---
S
SaaS (Software-as-a-Service)
A cloud computing model where application software is provided to subscribers on-demand over the internet.Sarbanes-Oxley Act (SOX)
A U.S. law passed in 2002 to protect investors and the public by ensuring the accuracy of corporate disclosures.Script Kiddies
Unskilled hackers who use pre-made scripts and tools developed by real hackers to compromise systems.Scanning
The pre-attack phase where attackers scan networks for specific information using data from reconnaissance.Scareware
Malware that tricks users into visiting malicious sites or buying potentially harmful software by scaring them with fake alerts.Secure Hashing Algorithm (SHA)
A cryptographic hash function used to create secure one-way hashes.Secure Sockets Layer (SSL)
An application layer protocol developed by Netscape to secure data transmission over the internet.Security Groups
A basic cloud infrastructure security measure to protect virtual instances.Session Hijacking
Taking over a valid TCP communication session between two systems to steal or manipulate data.Shoulder Surfing
An attacker physically watches a victim’s keystrokes to steal sensitive data like usernames and passwords.Signature Recognition
Also called misuse detection, this identifies known patterns of misuse in network traffic or system activity.Spear Phishing
Targeted phishing attacks with custom content aimed at a specific individual or small group.SPIMming
A form of spam that spreads across instant messaging platforms, flooding users with unwanted messages.SQL Injection
An attack that exploits unsanitized inputs in web applications to execute SQL commands on a backend database.Stealth Scan (Half-Open Scan)
A scanning technique that resets the TCP connection before completing the three-way handshake, leaving the connection "half-open" to avoid detection.Steganography
Hiding a secret message within another message, keeping the message hidden even after transmission.Suicide Hackers
Hackers who aim to bring down critical infrastructure for a cause, without fear of jail time or punishment.Supervised Learning
An algorithmic learning technique that uses labelled training data to learn and predict outcomes.Symmetric Encryption
Encryption that uses the same key for encryption and decryption, also known as private-key encryption.
---
T
Tactics, Techniques, and Procedures (TTPs)
Patterns of activities and methods used by specific threat actors or groups of attackers.Tailgating
Gaining unauthorized access to a secure area by following an authorized person without consent.TCP/IP Hijacking
Using spoofed packets to take control of an active connection between a victim and a target machine.Threat Modeling
A risk assessment approach that analyzes an application’s security by gathering and organizing info about potential threats.Traceroute
A tool that uses ICMP packets to map the routers along the path to a target host.Trojan
Malicious software disguised as something harmless, designed to cause damage once executed.Two-Factor Authentication (2FA)
An extra layer of protection that requires a second method of authentication beyond just a password.
---
U
UDP Flood Attack
An attack where large volumes of spoofed UDP packets are sent to random ports on a target server at high speeds.UDP Hijacking
A network session hijacking where the attacker sends a fake server reply to a victim’s UDP request before the real server can respond.URL Encoding
The process of converting URLs into valid ASCII format so they can be safely transmitted over HTTP.Union SQL Injection
An SQL injection technique where an attacker combines a fake query with a legitimate one using the UNION clause.UTF-8
A variable-length encoding standard where each byte is expressed in hexadecimal, preceded by the % symbol.
---
V
Virus
A self-replicating program that copies itself by attaching to another program, boot sector, or document.Vishing
A phishing attack using voice technology (phone, VoIP) to trick people into giving up personal or financial information.Vulnerability Assessment
A deep dive into a system’s security measures to determine how well it can withstand attacks.Vulnerability Exploitation
Executing a series of complex steps to take advantage of vulnerabilities and gain access to a remote system.Vulnerability Research
The process of analyzing protocols, services, and configurations to uncover vulnerabilities and design flaws that attackers could exploit.Vulnerability Scanning
A method for identifying vulnerabilities and misconfigurations in web servers or networks.---
W
Web Application Fuzz Testing (Fuzzing)
A black-box testing method that helps identify coding errors and security vulnerabilities in web applications.Web API
An API that allows client-side applications to interact with online services to retrieve or update data.Web Server
A computer system that stores, processes, and delivers web pages via HTTP to clients.Web Shell
Malicious code written in server-side languages like PHP, ASP, or Python, is used to gain control of a compromised server.Whaling
A phishing attack targeting high-profile individuals like CEOs, CFOs, or politicians to steal sensitive info.White Hats
Ethical hackers who use their skills for defensive purposes, often as penetration testers.Whois
A protocol used to query databases for information about domain name registrations, IP addresses, and more.Wire Sniffing
Capturing internet packets to sniff credentials while they’re in transit, a form of packet sniffing or wiretapping.Wired Equivalent Privacy (WEP)
A security protocol for wireless LANs, designed to provide similar security to that of wired LANs but now considered outdated and insecure.Wireless Intrusion Prevention Systems (WIPS)
Systems that monitor wireless networks for threats and protect against wireless attacks.Wi-Fi
A wireless network based on the IEEE 802.11 standard, allowing devices to connect within an access point’s range.Wi-Fi Protected Access (WPA)
A security protocol that uses TKIP encryption and RC4 for stronger authentication and encryption in wireless networks.Wi-Fi Protected Access 2 (WPA2)
An upgrade to WPA that mandates AES-based encryption with CCMP for stronger security.
---
X
Xmas Scan
An inverse TCP scan where FIN, URG, and PUSH flags are set to send a TCP frame to a remote device, used to probe for open ports.XML External Entity (XXE) Attack
A server-side request forgery (SSRF) attack where a vulnerable XML parser processes input from an unreliable source, allowing attackers to access internal files or execute code remotely.
---
Y
Yagi Antenna
A unidirectional antenna, also called Yagi-Uda, is commonly used for communications in the 10 MHz to VHF and UHF frequency bands.YAK (Yet Another Key Exchange)
A public-key-based Authenticated Key Exchange (AKE) protocol used to securely exchange keys between parties.
---
Z
Zero Trust Network
A security model that treats every incoming connection as untrusted and requires verification before allowing access to the network.Zero-trust Principles
A security approach that requires every user to be authenticated and verified before accessing any resource, with no exceptions.Zones and Conduits
A network segregation technique that isolates networks and assets to enforce strict access controls.