Tuesday, March 6, 2012

Hackers Dictionary - Most used terms and definitions

I have put a small list of important terms together, which you should know.

0day exploit (zero day) - New exploit, that is not available publically.

JTR - John The Ripper

blackhat - Hackers, that do profit from their work and selling databases, credit cards, and other sensitive information.

greyhat - Hackers, that deface or show off their hacks.

whitehat - Hackers or Security Professionals that report vulnerabilities they found to the companies.

Bruteforce - Creating passwords and trying them. Mostly used in hash cracking.

DDoS - Distributed Denial of Service

DoS - Denial of Service

SQLi - SQL Injection, allows to spoof queries and get important data out of the database such as logins etc.


BSQLi - Blind SQL Injection, harder than the normal one and requires much more time.

XSS - Cross site scripting. Allows you to run CSS scripts on websites. Can be useful to steal cookies.

LFI - Local File Inclusion, allows to include a local page. Can be exploited and shell uploaded. Sometimes 
filtered, but you can bypass it using Null byte Injection .

RFI - Remote File Inclusion, allows you to include a page from a remote host. Usually parses the code into the .php file and executes it.

SSI - Server side includes, like code execution. Affected extensions: .shtm, .shtml and more.

RCE - Remote command/code execution, allows to execute code on the remote host.

Phishing - Creating a fake login page for commercial websites.

No comments:

Post a Comment