Questions about this topic? Sign up to ask in the talk tab.


From NetSec
Jump to: navigation, search

A glossary is a list of terms and definitions. This is a list of terms and definitions for words used within this wiki.

Term Definition
AJAX AJAX is a way to request information from web servers without the need of having to refresh the webpage.
API An API is a component for a specific piece of software which enables other software to communicate with it.
ARP ARP is used to resolve a network layer address to a link layer address, typically resolving a MAC address to an IP address.
ASCII ASCII codes represent text and is used by computers or other devices that use text.
ASLR A runtime security measure that randomizes the memory addresses that programs load data and code into.
ASP ASP is a server-side interpreted language used mostly in web applications.
Administration In the context of information technology, administration typically refers to system administration or network administration.
Application An application is a software program in any form.
Assembly Assembly is a low-level computer language.
Availability Availability is the assurance that data will be accessible by those authorized to receive it when the data is needed.
BGP BGP is the underlying dynamic routing protocol of the entire Internet.
Bash Bash is the linux command line utility similar to MS-DOS.
Binary Binary is machine-readable code consisting of 0s and 1s
Biometric In the scope of security, biometrics may be used to authenticate users based on unique physical traits, such as fingerprints or retina scans.
Bitwise Math Bitwise math is the foundation of all binary math and most mathematic operations performed in assembly.
Boolean enumeration Boolean enumeration is used to discover data when you can only ask the an information system yes or no questions about a value.
Bootloader A bootloader is the code that runs prior to the loading of the operating system.
Botnet A botnet is a collection of computers under the control of an entity.
Brute force A brute force attack is a highly primitive method used to obtain authentication credentials by repeatedly guessing based on set parameters such as estimated length and characters used.
Buffer A Data Buffer is a space in computer memory, where data is stored to prevent the program or resource that requires either hardware or software, to run out of data during a transfer.
Buffer overflow Buffer overflow, or Buffer Overrun is a software error triggered when a program does not adequately control the amount of data that is copied over the buffer, if this amount exceeds the preassigned capacity, remaining bytes are stored in adjacent memory areas by overwriting its original content.
Byte A byte represents (most often) 8 (can be 10, 12, 15... depending on the architecture) bits of data.
C C is a high-level programming language which allows you to construct programs writing in a syntactical form.
C++/CPP C++ is a compiled low-level programming language. It is an enhancement of the language C.
CFM ColdFusion Markup Language is an interpreted language utilizing a Java backend.
CGI CGI is a way for HTTP servers to serve interpreted languages and compiled languages using a binary file.
Clients A client is generally a program which connects to a server, then requests, receives and processes data from that server, giving feedback to a user.
CSA CSA is an Operating-System level application that functions as a HIPS for Microsoft Windows.
CSRF CSRF is a common web vulnerability.
CSS CSS is used to format everything from text, images, and links to tables, headers, and layout data rendered by a web browser and is referred to by the HTML code that the browser receives.
Cellular Security Cellular Security is the area of security involved with mobile communication networks.
Command Injection A Command Injection vulnerability is an escape string or format string vulnerability that occurs when unsanitized user input is passed to a system shell (system(), exec() etc.)
Compiler A compiler is a piece of software that converts programming language (i.e. C) into machine-readable code.
Computer Forensics Computer forensics is a process used to find infringing evidence of cyber crime occuring.
Cookies Cookies are used to pass information transparently between the client and server, emulating a "state".
Database Usually refers to a SQL or MS-Access database.
Ddos attack A DOS attack is an attack that denies a service to a user.
Debugging Debugging is the process of interacting with an application's code at runtime to determine changes in variables, reverse engineer functions, or solve other bugs with the application.
DNS DNS resolves hostnames to IP addresses and vice versa.
E-mail Spoofing Email spoofing is when you send an email "spoofed" to be someone elses address.
Ethical hacker An ethical hacker, also known as a "white hat", works by finding vulnerabilities for businesses and organisations and patches their systems to prevent exploitation of the vulnerabilities.
Exploitation Exploitation is taking advantage of a vulnerability in a foreign system to gain access or absolute control over the foreign host(s) or network(s).
FTP A simple plaintext protocol used for transferring files from server to client and vice-versa.
Facebook Facebook is the biggest social network on the internet.
File Inclusion File inclusion refers to the process of manipulating unsanitised inputs that make use of PHP's include() function into including files that were not intended to be included.
Filter bypass Filter evasion is the process of crafting payloads or strings that bypass or evade improper, partial, or incomplete sanitizing methods put in place for security purposes on different types of user inputs.
Firewall A firewall implements traffic filtering by blocking traffic for designated hosts or networks at the network layer, before the data is interpreted by the protocol handler.
Fuzzing Fuzzing is the process of penetration testing an application for security-related bugs.
Gateway A gateway acts as an entrance to another network.
HIDS A Host-based Intrusion Detection System focuses on performing several intrusion detection mechanisms in a single host or computer, ensuring the integrity of it by searching for malicious or anomalous activity.
HIPS HIPS operate at the host layer and is used to prevent and monitor attacks against the local machine.
HTML HTML is the basic building blocks of webpages.
HTTP HTTP is an Plaintext application level Protocols. It is used for distributing, collaborative, hyper media information.
HTTPS HTTPS operates in a similar way to HTTP, however, it provides transport layer encryption with TLS.
HTTP referrer The HTTP referrer is part of the HTTP header.
Hackers The term hacker originally meant software programmer. Now, it means a "computer security" specialist.
Hacking Hacking is the art of taking advantage over the way that computer systems communicate with one another and handle errors within their components.
Hardware Hardware refers to a physical device, component or appliance.
Host A host is a single machine on one or more networks that may have one or more IP addresses
IP Address An IP (Internet Protocol) address is 32 bit, or four byte, address assigned to a specific machine that enables it to utilize the TCP/IP transport layer.
Information Security Information Security is the practice of protecting the confidentiality, integrity and availability of information assets through the application of risk management.
Input Inputs are anything read by the application.
Integrity Integrity is the concept of trust in the accuracy and completeness of data.
Interpreted languages Interpreted languages are programming languages that are interpreted at runtime, rather than compiled to machine code and then simply executed.
Iptables The iptables command is a piece of software that filters packets at the kernel stack layer.
JQuery jQuery is a JavaScript library that simplifies HTML document traversing, event handling, animating, and AJAX interactions.
JavaScript JavaScript is one of many interpreted languages that is interpreted by a web browser.
Keylogger A keylogger is a program that records a persons keystrokes and send the logs of those keystrokes back to the the hacker by either email of FTP.
Keypair In public-key cryptography, a keypair is a pair of a public and a private key. The public key is used to encrypt messages which then can only be decrypted using the private key.
Keypool A keypool or keyserver is a server which hosts PGP public keys.
LAN A LAN is a network of machines that are relatively near each other in terms of physical location - often, but not always in the same building.
LD Preload LD_PRELOAD, in simple terms, is a way to "preload" a shared library. It's an option you pass to ld either using a config file or environment variable.
LUA Lua is a portable interpreted language. It is mainly used in games, however it is also used by NMAP's Scripting Engine.
Linux Linux is an Operating System developed by Linus Torvalds. It is compatible with any bootloader.
Lisp Lisp is one of the oldest group of programming languages, characterized by its strength, dynamism, and parenthesized syntax.
MAC A MAC address is a unique identifier in hexadecimal that is assigned to network devices.
Machine code Machine code is binary that interfaces with the microcode on a processor.
Malware Malware is short for malicious software and refers to any software that has malicious intentions. This includes RATs, viruses, keyloggers, adware, rootkits and worms.
Memory addresses Memory addresses are typically a 32-bit or 64-bit hexadecimal number referring to a region of random access memory (RAM).
MITM attack A MITM attack is a method to forcibly route the traffic between two hosts so that it can be sniffed between them.
MS-DOS MS-DOS is Microsoft's older Operating Systems.
MSSQL Microsoft's SQL databasing engine.
NetBIOS This is a binary protocol used for file sharing on a windows network.
Network A network is a collection of machines usually using the internet protocol for addressing and may utilize many protocols for communication.
Network Administrators A network administrator is a person responsible for the maintenance of a network.
Nmap NMAP is a network recon tool widely used in the security community. It offers everything from port scanning, to OS detection and more.
Null-free shellcode Null-free shellcode is a beginner-type shellcode used for exploitation of the executable stack during a buffer overflow attack.
OllyDBG OllyDBG is an x86 program used for userland (ring 3) debugging of applications.
Open relay An open relay typically refers to a proxy or SMTP server improperly configured to let anyone send e-mail or access the internet without validating proper authentication credentials.
Operating System An operating system is a piece of software that runs applications on a computer system.
Out of Order Code Execution Out of Order Execution occurs when an in-line assembler interprets the instructions as if they are right next to each other when in fact the instructions may never be executed to begin with.
Overflow Fuzzing Stack overflows can be fuzzed, simply by throwing more than 16 megabytes of null-free data at the target input. If there is a vulnerability, this should result in a segmentation fault or other unpredictable behavior.
Packet A packet is a formatted group of data that is used to transmit data over a network.
Password A password is an authentication credential most commonly used along side a username.
Patch A patch is an update to code or binary that fixes a bug, improves stability, or improves security.
Penetration Test A Penetration Test is a method by which controls surrounding an information asset are tested for effectiveness. This most commonly comes in the form of applying the same attack methods an adversary would use but in an authorized and controlled manner.
Penetration tester A Penetration Tester works by finding vulnerabilities for businesses and organisations and patches their systems to prevent exploitation of the vulnerabilities.
Perl Perl is the oldest of the interpreted languages, python being its 3 years younger sibling. It is flexible and can be used to write web applications, command line applications, or services.
PHP PHP is a server side interpreted language written in C that runs primarily on Linux environments. PHP scripts can be run directly or served as webpages.
Physical Security Physical security refers to the physical location and access level to servers, workstations, wiring and other electronics, or any other target that a corporation may have that an attacker may want to gain access to.
Ping Ping is a tool which "pings" an address to identify if an address is up or not. The usual response by the address is "pong"
Plaintext Term for information that is not encrypted before transmission, or not transmitted over a secure channel.
Polymorphic Polymorphic (adj.) refers to self-modifying code.
Port Knocking Port knocking is a simple way to obfuscate, or hide ports from the outside world but still give you the freedom to connect back to your computer without needing to filter by IP addresses.
Postfix Notation TO BE DEFINED!!!!!!!!!!!!!!!!!!!!!!!
Privilege escalation Privilege escalation occurs when an attacker is able to exploit a system to gain higher level privileges than already-obtained access.
Process A Process is an instance of an application currently being executed on a machine.
Production Production used in the context of this site describes systems which are live and currently providing services for customers or for a business itself.
Programmer Production used in the context of this site describes systems which are live and currently providing services for customers or for a business itself.
Programming Programming is the act of designing and inputting the source code for a given piece of computer software.
Python Python is a high-level interpreted language (originally written in C) designed around functionality and cleanliness. It is often compared to Perl in terms of functionality and usage.
RAT RATs are the most popular form of malware. They give the hacker complete control over the victims computer.
RFC A RFC is a document describing a protocol that sets the basis for daemons to interact with clients.
Race Condition A race condition is a situation in which two or more things are happening concurrently, and the final result depends on the precise timing of the events.
Reaver Reaver is a WPS brute forcing utility for Linux that exploits a feature-flaw in wireless access points that have the quick-setup hardware button (WPS) for "easy setup", allowing an attacker to retrieve a WPA or WPA2 key.
Reflected XSS Reflective XSS is the art of injecting code in to a web page for the purpose of social engineering usually for the purpose of getting one to run authorized code without consent or knowledge of the targeted user.
Regular expressions Regular Expressions (regex) are essentially a search engine for finding patterns in a text, useful in programming lanaguages. It is even possible to perform sql injection with regular expressions.
Remote file inclusion Remote file inclusion refers to inclusion of a file that is not located on the victim's server.
Return Oriented Programming (ROP) Return Oriented Programming is used in buffer overflow payloads to defeat DEP.
Router A router is a piece of hardware that manages network communication between computer systems.
Routing Definition needed!!!!!!!!!!!!!!!!
Ruby Ruby is an interpreted language, dynamically, reflective, semi-Functional and Object Orientated scripting language written in C.
Ruby2 Ruby is an object-oriented interpreted language. Several interpreters exist, the main one being written in C.
Ruby on Rails Ruby on Rails is a programming language framework built for rapid development and implementation of web applications developed in the late 90's. It has had known security problems with mass assignment.
SEO Search Engine Optimization is a term used to describe keyword setting and content writing in combination with proper visibility and backlink coverage to boost a site's appearance and visibility in search engines.
SIM Security Infrastructure Management Systems allow a user to see realtime correlated alerts from multiple components of security infrastructure, including but not limited to NIDS, NIPS, HIDS, and HIPS appliances and agents throughout a network.
SIP SIP is used by Voice Over IP to initiate phone calls. These packets can be modified, monitored, or overwritten during a Man in the Middle attack.
SMTP SMTP is a plaintext protocol that is used for email delivery.
SNMP SNMP allows administrators to collect information about a particular device, server, workstation, switch, router, or any other network-enabled device.
SQL Structured Query Language is a databasing language used to interface databases with most compiled and interpreted languages.
SQL injection SQL injection is a method of exploiting web applications performed over http or https to compromise the underlying database engine supporting dynamic content for the web application itself.
SQL backdoor SQL Malware affects a variety of database-driven applications, including but not limited to web applications, services, and desktop applications. This breed of malware is made possible by the SQL functionality for triggers and stored sub-procedures.
Salting Salting is used to further add security to a hash.
Sanitize To clean inputs before passing data to be executed.
Second-order-injection attack Second-order injection is typically used when a buffer is too small for a standard shellcode payload. Second-order injection allows for the attacker to place the payload in one input and the actual buffer overflow with a smaller shellcode that will locate the real payload in the buffer.
Security Commonly refers to ones ability to do business without being interfered with by criminals.
Segmentation fault Segmentation fault (segfault) or access violation is when an application tries to access a wrong or unauthorized memory location, and its stopped by the operating system, generating an error.
Server A server is a type of program which typically accepts a connection from a client and response with data based on what the client asks for OR a physical host in a datacenter with 24 hour uptime.
Session hijacking Session hijacking works when an attacker re-uses someone else’s HTTP or PHP session when the session has not expired yet, giving the attacker access to the session-based web site as the user that the hijacked session came from.
Sniffing Sniffing is basically electronic eavesdropping often used when talking about collecting others data on WiFi.
Social Engineering Social engineering is a term applied to the art of humans manipulation as a means to have a person divulge information or perform an action of the manipulator's choosing.
Spoofing Packet Injection is used for spoofing packets. Spoofing packets is forging internet traffic to make it look as if it were to come from a different computer.
Stack overflow Buffer overflow, or Buffer Overrun is a software error triggered when a program does not adequately control the amount of data that is copied over the buffer, if this amount exceeds the preassigned capacity, remaining bytes are stored in adjacent memory areas by overwriting its original content.
Static ARP configuration Static ARP Configuration refers to setting up a host with predefined ARP entries that can't be changed.
Syn-Cookies Syn-cookies are a section inside of a SYN packet that can cause a machine to keep a connection open or simply keep the socket threaded and wait for additional packets.
TCL TCL is a rather unpopular but still widely used interpreted language.
TCP-RST Injection TCP RST injection involves spoofing a TCP connection in place.
TCP/IP TCP/IP is part of the internet protocol suite, named after the two important layer protocols of the IP suite.
Telnet The `telnet' command line application is a simple TCP client that creates connections and sends and receives data for plaintext protocols.
Tor Tor is, to put it simply, the world's largest anonymity service.
Traceroute Traceroute is a command-line tool that can be used to identify all of the routing hops between two hosts by intentionally exceeding response time from every gateway to a destination.
Un-patched Un-patched is an adjective referring to operating systems, applications or firmware that means it has not been updated by programmers or by administrators for security threats.
Unsafe string replacement This is a programming language agnostic vulnerability, effecting any application which incorrectly uses string replacement to sanitize data.
User A user is a physical person who runs software on a computer system, usually vulnerable to social engineering.
Username A username is a unique identifier that represents a particular person, having to do with authentication credentials.
Variable Something that contains data, for example, if you declare a variable "int x = 1", the variable x will contain the integer value of 1.
Virtual machines A Virtual Machine, often abbreviated VM, is an isolated operating system, installed within an operating system called a Host Machine, or simply Host.
Viruses A virus is a program that's purpose is to exploit vulnerabilities, obtain unauthorized information, obstruct computer systems, and much more.
Vulnerability A vulnerability is any weakness in code or programming that allows cybercriminals or penetration testers to retrieve, modify, or execute existing data without proper authentication.
Web application A web application is usually written in one or more server side interpreted language combined with SQL and CSS, HTML, and JavaScript/JQuery/AJAX.
Whois Whois is a unix command that allows you to determine the ownership of a domain name.
Wireless Security Wireless Security refers to the security of wireless networks.
XSCF Cross-Site Content Forgery is a vulnerability class that entails malforming the server-side mimetype for a particular resource to make it appear as something else.
XSRF XSRF is a combination of an XSS attack and a CSRF attack. Typically the XSS contains code which would manipulate the user's browser in the context of an authenticated session with the actual appropriate http referrer in the HTTP request. This will bypass many form validation techniques.
XSS X(cross) Site Scripting is the injection of arbitrary HTML, CSS, or JavaScript into a page via an HTTP input or a SQL database.
Xor XOR is a bitwise comparison operator that returns a true bit if the compared bits in question are different. If they are the same, it returns a false bit.
Zero-day A zero-day attack, or 0day attack, occurs on the 0th day when a vulnerability is discovered and affects an application in such a way that the security industry has never seen before, attacking the application before it can be patched.
Zombies A zombie computer, often referred to as a zombie, is a computer that is connected to the Internet and has been compromised by a hacker, worm, trojan, or some other form of malware.

Pages in category "Glossary"

The following 6 pages are in this category, out of 6 total.