I have put a small list of important terms together, which you should know.
0day exploit (zero day) - New exploit, that is not available publically.
JTR - John The Ripper
blackhat - Hackers, that do profit from their work and selling databases, credit cards, and other sensitive information.
greyhat - Hackers, that deface or show off their hacks.
whitehat - Hackers or Security Professionals that report vulnerabilities they found to the companies.
Bruteforce - Creating passwords and trying them. Mostly used in hash cracking.
DDoS - Distributed Denial of Service
DoS - Denial of Service
SQLi - SQL Injection, allows to spoof queries and get important data out of the database such as logins etc.
BSQLi - Blind SQL Injection, harder than the normal one and requires much more time.
XSS - Cross site scripting. Allows you to run CSS scripts on websites. Can be useful to steal cookies.
LFI - Local File Inclusion, allows to include a local page. Can be exploited and shell uploaded. Sometimes
filtered, but you can bypass it using Null byte Injection .
RFI - Remote File Inclusion, allows you to include a page from a remote host. Usually parses the code into the .php file and executes it.
SSI - Server side includes, like code execution. Affected extensions: .shtm, .shtml and more.
RCE - Remote command/code execution, allows to execute code on the remote host.
Phishing - Creating a fake login page for commercial websites.
0day exploit (zero day) - New exploit, that is not available publically.
JTR - John The Ripper
blackhat - Hackers, that do profit from their work and selling databases, credit cards, and other sensitive information.
greyhat - Hackers, that deface or show off their hacks.
whitehat - Hackers or Security Professionals that report vulnerabilities they found to the companies.
Bruteforce - Creating passwords and trying them. Mostly used in hash cracking.
DDoS - Distributed Denial of Service
DoS - Denial of Service
SQLi - SQL Injection, allows to spoof queries and get important data out of the database such as logins etc.
BSQLi - Blind SQL Injection, harder than the normal one and requires much more time.
XSS - Cross site scripting. Allows you to run CSS scripts on websites. Can be useful to steal cookies.
LFI - Local File Inclusion, allows to include a local page. Can be exploited and shell uploaded. Sometimes
filtered, but you can bypass it using Null byte Injection .
RFI - Remote File Inclusion, allows you to include a page from a remote host. Usually parses the code into the .php file and executes it.
SSI - Server side includes, like code execution. Affected extensions: .shtm, .shtml and more.
RCE - Remote command/code execution, allows to execute code on the remote host.
Phishing - Creating a fake login page for commercial websites.
No comments:
Post a Comment