Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "User:D1551D3N7"

From NetSec
Jump to: navigation, search
(More stuff added)
(Glossary)
Line 154: Line 154:
 
| DNS resolves hostnames to IP addresses and vice versa.
 
| DNS resolves hostnames to IP addresses and vice versa.
 
|-
 
|-
| [[E-Mail Spoofing]]
+
| [[E-mail Spoofing]]
 
| Email spoofing is when you send an email "spoofed" to be someone elses address.
 
| Email spoofing is when you send an email "spoofed" to be someone elses address.
 
|}
 
|}

Revision as of 22:01, 16 August 2012

Template:Editrequest

Intro

Hey, Im D1551D3N7. I'm doing all my new articles on this page as I can't create pages and I will not accept an editor position until I trust myself with it . I'll do my best to be comprehensive :)

My Personal To-Do List

  • Finish Glossary and Abbreiviations.
  • Be active enough to trust myself to be an editor
  • Create wanted pages to the best of my abilities and add more content to existing pages.

Keyloggers

A keylogger is a program that records a persons keystrokes and send the logs of those keystrokes back to the the hacker by either email of FTP. Good keyloggers also detail what program the keystrokes were typed into. Note to self: Use stuff from my keylogger tutorial: http://hacksociety.net/Thread-Keyloggers-The-Complete-Tutorial

Google Dorks

Google dorks are search terms created to look for vulnerable websites using Google. They usually use the "inurl:" "intitle:" and "intext:" search operators. They are commonly used for web applications that exploits have been found in already and to find sites with the vulnerable version of that software.

  • Intitle searches for sites with the text after the colon in their page title. eg intitle:FuBar_V2.0 will bring up websites with FuBar_V2.0 as the page title.
  • Intext searches for site containing the text after the colon within the text. eg intext:Email_Administration_Panel_V3.0 will get results with that in the page.

Cybercrime

Cybercrime is a crime which involves the use of the computers, mobile phones, or any form of electronic device over the internet. Computer Forensics are used to collect incrimination data for use in court or by law enforcement, enforcing cyberlaw

Glossary

A glossary is a list of terms and definitions. This is a list of terms and definitions for words used within this wiki.

Term Definition
AJAX AJAX is a way to request information from web servers without the need of having to refresh the webpage.
API An API is a component for a specific piece of software which enables other software to communicate with it.
ARP ARP is used to resolve a network layer address to a link layer address, typically resolving a MAC address to an IP address.
ASCII ASCII codes represent text and is used by computers or other devices that use text.
ASLR A runtime security measure that randomizes the memory addresses that programs load data and code into.
ASP ASP is a server-side interpreted language used mostly in web applications.
Administration In the context of information technology, administration typically refers to system administration or network administration.
Application An application is a software program in any form.
Assembly Assembly is a low-level computer language.
Availability Availability is the assurance that data will be accessible by those authorized to receive it when the data is needed.
BGP BGP is the underlying dynamic routing protocol of the entire Internet.
Bash Bash is the linux command line utility similar to MS-DOS.
Binary Binary is machine-readable code consisting of 0s and 1s
Biometric In the scope of security, biometrics may be used to authenticate users based on unique physical traits, such as fingerprints or retina scans.
Bitwise Math Bitwise math is the foundation of all binary math and most mathematic operations performed in assembly.
Boolean enumeration Boolean enumeration is used to discover data when you can only ask the an information system yes or no questions about a value.
Bootloader A bootloader is the code that runs prior to the loading of the operating system.
Botnet A botnet is a collection of computers under the control of an entity.
Brute force A brute force attack is a highly primitive method used to obtain authentication credentials by repeatedly guessing based on set parameters such as estimated length and characters used.
Buffer A Data Buffer is a space in computer memory, where data is stored to prevent the program or resource that requires either hardware or software, to run out of data during a transfer.
Buffer overflow Buffer overflow, or Buffer Overrun is a software error triggered when a program does not adequately control the amount of data that is copied over the buffer, if this amount exceeds the preassigned capacity, remaining bytes are stored in adjacent memory areas by overwriting its original content.
Byte A byte represents (most often) 8 (can be 10, 12, 15... depending on the architecture) bits of data.
C C is a high-level programming language which allows you to construct programs writing in a syntactical form.
C++/CPP C++ is a compiled low-level programming language. It is an enhancement of the language C.
CFM ColdFusion Markup Language is an interpreted language utilizing a Java backend.
CGI CGI is a way for HTTP servers to serve interpreted languages and compiled languages using a binary file.
Clients A client is generally a program which connects to a server, then requests, receives and processes data from that server, giving feedback to a user.
CSA CSA is an Operating-System level application that functions as a HIPS for Microsoft Windows.
CSRF CSRF is a common web vulnerability.
CSS CSS is used to format everything from text, images, and links to tables, headers, and layout data rendered by a web browser and is referred to by the HTML code that the browser receives.
Cellular Security Cellular Security is the area of security involved with mobile communication networks.
Command Injection A Command Injection vulnerability is an escape string or format string vulnerability that occurs when unsanitized user input is passed to a system shell (system(), exec() etc.)
Compiler A compiler is a piece of software that converts programming language (i.e. C) into machine-readable code.
Computer Forensics Computer forensics is a process used to find infringing evidence of cyber crime occuring.
Cookies Cookies are used to pass information transparently between the client and server, emulating a "state".
Database Usually refers to a SQL or MS-Access database.
DDos Attacks A DOS attack is an attack that denies a service to a user.
Debugging Debugging is the process of interacting with an application's code at runtime to determine changes in variables, reverse engineer functions, or solve other bugs with the application.
DNS DNS resolves hostnames to IP addresses and vice versa.
E-mail Spoofing Email spoofing is when you send an email "spoofed" to be someone elses address.

Abbreviations

An abbreviation is when a long set of words is shortened into a few letters. This is a list of abbrieviations and their long format as used in this wiki.

Abbreviation In Full
AJAX Asynchronous JavaScript And XML
API Application Programmable Interface
ARP Address Resolution Protocol
ASCII American Standard Code for Information Interchange
ASLR Address Space Layout Randomization
AS Automonous System
ASN Autonomous System Number
ASP Active Server Pages
AST Abstract Syntax Tree
BGP Border Gateway Protocol
Bash Bourne-Again SHell
CC C Compiler
CEH Certified Ethical Hacker
CFM Cold Fusion Markup
CGI Common Gateway Interface
CISA Certified Information Systems Auditor
CISO Certified Information Security Officer
CISSP Certified Information Systems Security Professional
CPP C Plus Plus
CPU Central Processing Unit
CSA Cisco Security Agent
CSRF Cross-Site Referral Forgery
CSS Cascading Style Sheet
DEP Data Execution Prevention.
DIG Domain Information Groper
DNS Domain Name System
GCIA GIAC Certified Intrusion Analyst
GCIH GIAC Certified Incident Handler
GIAC Global Information Assurance Certification
GSEC GIAC Security Essentials Certification
IP Internet Protocol
IR Intermediate Representation
ISACA Information Systems Audit and Control Association
(ISCA)2 International Information Systems Security Certification Consortium
LFD Local File Disclosure
RPC Remote Procedure Call
SMTP Simple Mail Transfer Protocol
TCP Transmission Control Protocol
VOIP Voice Over Internet Protocol