Network
Web
Wireless
Forensics
Container
Exploit
Injection
Cryptography
Threat
Security
Cloud
NameDescriptionType
WiresharkWireshark is a powerful open-source network protocol analyzer used for troubleshooting, analysis, development, and education. It allows users to inspect and capture data traveling back and forth on a network in real-time. It supports hundreds of protocols and is an essential tool for network professionals.Network Analysis
NmapNmap, or Network Mapper, is a versatile open-source tool designed for network exploration and security auditing. It discovers hosts and services on a computer network, finding open ports and mapping the network topology. Nmap is commonly used by penetration testers and network administrators.Network Scanning
MetasploitMetasploit is a comprehensive penetration testing framework that facilitates the discovery, development, and verification of security vulnerabilities. It includes tools for exploiting, post-exploitation, and creating custom payloads. Metasploit is widely used by security professionals and ethical hackers.Exploitation
SnortSnort is an open-source intrusion detection system (IDS) and intrusion prevention system (IPS). It analyzes network traffic in real-time, detecting and preventing attacks based on predefined rules. Snort is modular, extensible, and widely used for network security monitoring.IDS/IPS
Burp SuiteBurp Suite is a web application security testing platform. It includes tools for various phases of web application security testing, such as scanning for vulnerabilities, crawling content, and manipulating HTTP requests. Burp Suite is crucial for web security professionals and ethical hackers.Web Application
OSSECOSSEC, or Open Source Host-based Intrusion Detection System, is a host-based intrusion detection system that monitors logs, file integrity, and system changes. It provides real-time analysis and active response to security events, enhancing the security of Unix/Linux systems.Host-based IDS
SuricataSuricata is a high-performance Network IDS, IPS, and Network Security Monitoring (NSM) engine. It is capable of real-time intrusion detection and prevention, supporting multi-threading and signature language for efficient network security analysis.IDS/IPS
Aircrack-ngAircrack-ng is a suite of tools used for assessing and analyzing wireless network security. It includes tools for capturing packets, cracking WEP and WPA/WPA2 keys, and performing other wireless security tasks. Aircrack-ng is valuable for wireless security assessments.Wireless Security
HashcatHashcat is a robust password recovery tool that supports various hashing algorithms and attack modes. It is widely used for recovering lost passwords, conducting penetration testing, and assessing the strength of password security in systems.Password Cracking
John the RipperJohn the Ripper is a versatile password cracking software that uses dictionary attacks, brute force attacks, and hybrid attacks to crack password hashes. It is a valuable tool for penetration testers, password auditors, and security professionals.Password Cracking
MaltegoMaltego is an open-source intelligence and forensics application. It provides a graphical interface for link analysis and data mining, assisting in the visualization of complex relationships in various data sets. Maltego is commonly used for digital forensics and threat intelligence.Forensics
OWASP ZAPOWASP ZAP (Zed Attack Proxy) is an open-source web application security scanner. It helps find vulnerabilities in web applications during development and testing. ZAP provides automated scanners and tools for manual testing, making it a crucial part of the OWASP project.Web Application
YARAYARA is a pattern matching tool designed for malware researchers, analysts, and security professionals. It allows the creation of custom rules to identify and classify malware based on specific characteristics or behavioral patterns. YARA is used in threat hunting and incident response.Malware Analysis
SysdigSysdig is an open-source tool that provides deep container visibility, security monitoring, and troubleshooting for containerized environments. It captures system calls, network activity, and performance metrics, aiding in container security and troubleshooting.Container Security
Bro (Zeek)Bro, now known as Zeek, is an open-source network analysis framework. It monitors network traffic, extracts meaningful information, and generates detailed logs. Zeek is valuable for network security monitoring and threat detection.Network Analysis
GhidraGhidra is a software reverse engineering framework developed by the National Security Agency (NSA). It assists in analyzing and understanding the functionality of binary executables. Ghidra is an essential tool for reverse engineers and security researchers.Reverse Engineering
OpenVASOpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanning tool. It performs comprehensive scans to identify vulnerabilities in networks and systems, providing detailed reports for remediation. OpenVAS is widely used for vulnerability management.Vulnerability Scanning
tcpdumptcpdump is a command-line packet analyzer that captures and displays network packets. It is a versatile tool for network troubleshooting, packet inspection, and protocol analysis. tcpdump is commonly used for monitoring network traffic in real-time.Network Analysis
NessusNessus is a widely used vulnerability, configuration, and compliance assessment tool. It scans networks and systems for security vulnerabilities, helping organizations identify and address potential risks. Nessus is a cornerstone in vulnerability management programs.Vulnerability Scanning
ShodanShodan is a search engine designed for discovering Internet-connected devices. It provides information about open ports, services, and vulnerabilities associated with devices connected to the Internet. Shodan is utilized for passive reconnaissance and information gathering.Information Gathering
MalwarebytesMalwarebytes is an anti-malware and anti-spyware software that protects systems from malicious software. It scans and removes malware, adware, and other threats, providing real-time protection against online threats. Malwarebytes is commonly used as an antivirus solution.Antivirus
WiFiteWiFite is an automated wireless attack tool that streamlines the process of auditing wireless networks. It automates tasks such as capturing handshakes, de-authenticating clients, and performing dictionary attacks on WPA/WPA2-protected networks.Wireless Security
WireSharkWireshark, a widely used open-source packet analyzer, allows users to capture and analyze network packets in real-time. It supports a vast array of protocols, making it a versatile tool for network troubleshooting, analysis, and protocol development.Network Analysis
OSQueryOSQuery is an open-source SQL-powered operating system instrumentation, monitoring, and analytics framework. It allows users to query system and security information using SQL-like syntax, aiding in monitoring and securing endpoints.Host Security
AIDEAIDE, or Advanced Intrusion Detection Environment, is an open-source host-based intrusion detection system. It monitors file integrity and system changes, alerting administrators to potential security incidents on Unix/Linux systems.Host-based IDS
Fail2BanFail2Ban is an intrusion prevention framework that protects Linux servers from brute-force attacks. It monitors log files for malicious activity and dynamically adjusts firewall rules to block IP addresses exhibiting suspicious behavior.Intrusion Prevention
Zeek (formerly Bro)Zeek, formerly known as Bro, is an open-source network security monitoring and traffic analysis platform. It passively monitors network traffic, generates logs, and provides insights into network activity. Zeek is valuable for incident detection and response.Network Analysis
LynisLynis is a security auditing tool designed for Unix/Linux systems. It performs a comprehensive security scan, evaluating system configurations, checking for vulnerabilities, and providing recommendations for improving security posture.System Auditing
Radare2Radare2 is a powerful open-source reverse engineering framework. It offers a set of tools for analyzing binary files, disassembling code, debugging, and patching binaries. Radare2 is a versatile tool for reverse engineers and malware analysts.Reverse Engineering
OWTFOWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
MaltrailMaltrail is a malicious traffic detection system designed for network security monitoring. It tracks and logs network traffic associated with malicious activity, aiding in the detection of potential threats and security incidents.Network Security
Security OnionSecurity Onion is an open-source Linux distribution used for network security monitoring and intrusion detection. It integrates various tools, including Snort, Suricata, Bro, and Elasticsearch, to provide a comprehensive platform for analyzing network security events.Security Information and Event Management (SIEM)
Wi-Fi PineappleWi-Fi Pineapple is a wireless penetration testing tool that allows security professionals to perform various wireless attacks, including rogue access point creation and man-in-the-middle attacks on Wi-Fi networks.Wireless Security
OWASP AmassOWASP Amass is an open-source tool for DNS enumeration and information gathering. It helps security professionals discover subdomains and related information about a target domain, aiding in the reconnaissance phase of security assessments.Information Gathering
Cuckoo SandboxCuckoo Sandbox is an open-source automated malware analysis system. It allows security researchers and analysts to execute and analyze potentially malicious files in a controlled environment to understand their behavior and impact.Malware Analysis
Sublist3rSublist3r is a Python-based tool designed for subdomain enumeration. It utilizes various search engines and online resources to discover subdomains associated with a target domain, aiding in the identification of potential entry points.Information Gathering
Docker Bench for SecurityDocker Bench for Security is a script that checks for common best practices in Docker container deployments. It assesses the security configuration of Docker containers and provides recommendations to enhance container security.Container Security
PowerSploitPowerSploit is a collection of Microsoft PowerShell modules designed for penetration testers and red teamers. It includes tools for post-exploitation, privilege escalation, and lateral movement in Windows environments.Exploitation
OWASP DirBusterOWASP DirBuster is a web application directory brute-forcing tool. It helps identify hidden directories and files on web servers by launching dictionary-based attacks. DirBuster is useful for discovering potential entry points in web applications.Web Application
OWASP Dependency-CheckOWASP Dependency-Check is an open-source tool that identifies project dependencies and checks them against a database of known vulnerabilities. It helps developers and security professionals identify and mitigate security risks in software dependencies.Software Security
PowerShell EmpirePowerShell Empire is a post-exploitation framework that leverages the PowerShell scripting language. It provides a range of tools for maintaining persistence, lateral movement, and executing various post-exploitation activities in Windows environments.Post-Exploitation
OWASP SeraphimdroidOWASP Seraphimdroid is an open-source mobile app security testing tool for Android applications. It identifies security issues in Android apps, including insecure data storage, insecure communication, and other vulnerabilities.Mobile Application
OWTFOWTF, or Offensive Web Testing Framework, is an open-source security framework designed for offensive web testing. It combines various tools and techniques to assess the security of web applications comprehensively.Web Application
XSStrikeXSStrike is an advanced cross-site scripting (XSS) detection suite. It automates the detection of XSS vulnerabilities in web applications and provides detailed reports to help developers and security professionals address security issues.Web Application
CrackMapExecCrackMapExec is a post-exploitation framework for penetration testers and red teamers. It automates common post-exploitation tasks, such as lateral movement, privilege escalation, and credential theft, in Windows environments.Post-Exploitation
OWASP Security Knowledge Framework (SKF)SKF is an open-source web application security knowledge base. It provides guidance, checklists, and best practices for secure web development, making it a valuable resource for developers focused on building secure web applications.Software Security
LynisLynis is an open-source security auditing tool designed for Unix/Linux systems. It performs a comprehensive security scan, evaluating system configurations, checking for vulnerabilities, and providing recommendations for improving security posture.System Auditing
OWASP OWTFOWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
BrakemanBrakeman is an open-source static analysis tool for Ruby on Rails applications. It identifies security vulnerabilities in Ruby on Rails code, including issues related to input validation, authentication, and authorization. Brakeman assists developers in building secure Rails applications.Software Security
OWASP DefectdojoOWASP Defectdojo is an open-source application vulnerability management tool. It streamlines the process of managing and tracking security vulnerabilities in web applications, providing a centralized platform for collaboration between development and security teams.Vulnerability Management
SQLMapSQLMap is an open-source penetration testing tool that automates the detection and exploitation of SQL injection vulnerabilities in web applications. It supports a wide range of database systems and helps identify and remediate SQL injection issues.Web Application
OWASP Juice ShopOWASP Juice Shop is an intentionally insecure web application for security training and awareness. It includes various security vulnerabilities that users can exploit and fix, making it a practical learning tool for developers and security professionals.Training
RITARITA (Real Intelligence Threat Analytics) is an open-source framework for network traffic analysis and threat hunting. It assists security analysts in detecting and investigating potential threats in network traffic by identifying patterns and anomalies.Threat Hunting
OWASP AmassOWASP Amass is an open-source tool for DNS enumeration and information gathering. It helps security professionals discover subdomains and related information about a target domain, aiding in the reconnaissance phase of security assessments.Information Gathering
OSINT FrameworkOSINT Framework is a collection of various open-source intelligence (OSINT) tools and resources. It provides a centralized platform for security researchers and analysts to access OSINT tools for information gathering and analysis.OSINT
OWASP Dependency-TrackOWASP Dependency-Track is an open-source component analysis platform. It helps organizations identify and reduce risk in the software supply chain by continuously monitoring and analyzing components and their associated vulnerabilities.Software Security
BloodHoundBloodHound is an open-source tool for analyzing Active Directory security. It helps identify and visualize attack paths, privilege escalation opportunities, and potential security risks within complex AD environments.Active Directory
EmpireEmpire is a post-exploitation framework designed for offensive security operations. It provides a range of modules for maintaining persistence, lateral movement, and data exfiltration in Windows environments.Post-Exploitation
OWASP SonarQubeOWASP SonarQube is an open-source platform for continuous inspection of code quality and security. It identifies and tracks security vulnerabilities and code smells in source code, helping developers maintain secure coding practices.Software Security
FaradayFaraday is an open-source collaborative penetration testing platform. It provides a centralized hub for managing and sharing information related to penetration testing, allowing teams to collaborate effectively on security assessments.Collaboration
GhiroGhiro is an open-source digital image forensics tool. It helps analyze and investigate images for evidence of tampering, manipulation, or other suspicious activities. Ghiro is commonly used in digital forensics and incident response.Digital Forensics
CertbotCertbot is a free, open-source tool for automating the process of obtaining and renewing SSL/TLS certificates. It integrates with various web servers and certificate authorities, simplifying the deployment of secure websites.SSL/TLS
DumpsterDiverDumpsterDiver is an open-source tool for analyzing sensitive information in public source code repositories. It helps security professionals identify and assess potential exposure of credentials, API keys, and other sensitive data.Information Gathering
OWASP OWTFOWASP OWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
OWASP GlueOWASP Glue is an open-source framework designed for application security automation. It integrates various security tools into a cohesive pipeline, automating security testing and vulnerability management in the software development lifecycle.Automation
OWASP Security Knowledge Framework (SKF)SKF is an open-source web application security knowledge base. It provides guidance, checklists, and best practices for secure web development, making it a valuable resource for developers focused on building secure web applications.Software Security
WPScanWPScan is a black box WordPress vulnerability scanner. It identifies security issues in WordPress installations, including plugin vulnerabilities, weak passwords, and misconfigurations, helping administrators secure their WordPress sites.Web Application
The Sleuth KitThe Sleuth Kit is an open-source digital forensics toolkit. It provides a collection of command-line tools for analyzing disk images and file systems. The Sleuth Kit is widely used in digital forensics and incident response investigations.Digital Forensics
OSRFrameworkOSRFramework is an open-source OSINT (Open-source Intelligence) research framework. It aggregates various OSINT tools, allowing researchers to gather information from multiple sources and analyze data for intelligence purposes.OSINT
LaZagneLaZagne is an open-source password recovery tool that retrieves stored passwords from various software applications on a system. It supports multiple platforms and helps security professionals assess password security.Password Recovery
OWASP RatproxyOWASP Ratproxy is a passive web application security assessment tool. It intercepts and analyzes HTTP traffic, identifying security issues such as potential vulnerabilities and misconfigurations in web applications.Web Application
BeEF (Browser Exploitation Framework)BeEF is an open-source penetration testing tool that focuses on web browsers. It allows security professionals to assess and exploit vulnerabilities in web browsers, targeting client-side security weaknesses.Web Application
PyrePyre is a type checker for Python code. It helps identify and prevent type-related errors in Python programs, improving code quality and reducing the risk of security vulnerabilities related to type mismatches.Software Security
DumpsterFireDumpsterFire is an open-source information gathering and exploitation tool. It automates various tasks, including reconnaissance, data collection, and vulnerability scanning, to assist security professionals in ethical hacking activities.Information Gathering
OWASP ModSecurity Core Rule SetThe OWASP ModSecurity Core Rule Set (CRS) is a set of rules that can be used with the ModSecurity web application firewall. It provides protection against a range of common web application security threats, such as SQL injection and cross-site scripting.Web Application Firewall
SIFT (SANS Investigative Forensic Toolkit)SIFT is an open-source digital forensics and incident response toolkit. It includes various tools for analyzing disk images, memory, network traffic, and other artifacts, making it a comprehensive solution for digital investigations.Digital Forensics
OWTFOWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
OWASP Dependency-CheckOWASP Dependency-Check is an open-source tool that identifies project dependencies and checks them against a database of known vulnerabilities. It helps developers and security professionals identify and mitigate security risks in software dependencies.Software Security
CME (CrackMapExec)CrackMapExec (CME) is a post-exploitation framework that automates common penetration testing tasks in Windows environments. It includes modules for lateral movement, privilege escalation, and executing commands on compromised systems.Post-Exploitation
Sn1perSn1per is an automated penetration testing framework designed for reconnaissance and scanning. It includes various tools for information gathering, vulnerability scanning, and enumeration, streamlining the initial phases of security assessments.Reconnaissance
OWTFOWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
dnSpydnSpy is a powerful and open-source .NET debugger and assembly editor. It allows security professionals and developers to reverse engineer and analyze .NET assemblies, making it a valuable tool for understanding and auditing .NET applications.Reverse Engineering
Xposed FrameworkXposed Framework is an open-source framework for modifying Android applications' behavior without modifying their APKs. Security researchers use Xposed modules to analyze and manipulate the behavior of Android apps for testing and research purposes.Mobile Application
YARA-IDAYARA-IDA is a plugin for the IDA Pro disassembler that integrates the YARA pattern matching tool. It enables security researchers and analysts to apply YARA rules directly within the IDA Pro environment for malware analysis and reverse engineering.Reverse Engineering
OWASP CornucopiaOWASP Cornucopia is a card game and security knowledge framework designed for developers and security professionals. It provides guidance on secure coding practices and helps teams understand and address security challenges in software development.Software Security
CrackMapExecCrackMapExec is a post-exploitation framework for penetration testers and red teamers. It automates common post-exploitation tasks, such as lateral movement, privilege escalation, and credential theft, in Windows environments.Post-Exploitation
OWASP DefectdojoOWASP Defectdojo is an open-source application vulnerability management tool. It streamlines the process of managing and tracking security vulnerabilities in web applications, providing a centralized platform for collaboration between development and security teams.Vulnerability Management
WiFite2WiFite2 is an updated version of WiFite, an automated wireless attack tool. It simplifies the process of auditing wireless networks by automating tasks such as capturing handshakes, de-authenticating clients, and performing dictionary attacks on WPA/WPA2-protected networks.Wireless Security
VolatilityVolatility is an open-source memory forensics framework. It enables security analysts and forensic investigators to extract and analyze information from volatile memory (RAM) of a system, helping in the identification of security incidents and malware analysis.Memory Forensics
SubOverSubOver is a Python-based tool designed for subdomain takeover reconnaissance. It identifies potential subdomain takeover vulnerabilities by checking if a subdomain's DNS record points to an external service that the user does not control.Information Gathering
OWASP OWTFOWASP OWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
FaradayFaraday is an open-source collaborative penetration testing platform. It provides a centralized hub for managing and sharing information related to penetration testing, allowing teams to collaborate effectively on security assessments.Collaboration
SandcastleSandcastle is an open-source tool for automatic generation of documentation for .NET assemblies. While primarily a documentation tool, it aids security professionals in understanding the structure and behavior of .NET applications during security assessments.Documentation
BetterCAPBetterCAP is an open-source, modular, and portable framework for network penetration testing and security assessments. It provides various modules for MITM attacks, network reconnaissance, and traffic manipulation in both wired and wireless networks.Network Security
OletoolsOletools is a collection of tools to analyze Microsoft OLE2 files, including Microsoft Word and Excel documents. It helps security professionals and analysts identify and extract embedded objects, macros, and other potentially malicious elements.Document Analysis
OWASP OWTFOWASP OWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
CyberChefCyberChef is an open-source web application for analyzing and decoding data. It provides a visual interface for transforming and analyzing data through various operations, making it a versatile tool for data manipulation during security investigations.Data Analysis
SysmonSysmon (System Monitor) is a Windows system service that monitors and logs system activity to the Windows event log. It is commonly used by security professionals to enhance visibility and detection capabilities on Windows-based systems.Windows Security
Rastrea2rRastrea2r is an open-source tool designed for hunting attackers in memory images. It assists security professionals in analyzing memory dumps and identifying indicators of compromise (IoCs) related to malicious activities.Memory Forensics
BloodHoundBloodHound is an open-source tool for analyzing Active Directory security. It helps identify and visualize attack paths, privilege escalation opportunities, and potential security risks within complex AD environments.Active Directory
OWASP SeraphimdroidOWASP Seraphimdroid is an open-source mobile app security testing tool for Android applications. It identifies security issues in Android apps, including insecure data storage, insecure communication, and other vulnerabilities.Mobile Application
GRR (Google Rapid Response)GRR is an open-source incident response and forensics framework developed by Google. It provides remote live forensics and incident response capabilities, allowing security professionals to investigate and respond to security incidents on remote systems.Incident Response
AngrAngr is an open-source binary analysis framework. It assists security researchers and analysts in analyzing binary code, including reverse engineering, symbolic execution, and program analysis tasks for understanding the behavior of compiled software.Binary Analysis
OWTFOWTF, or Offensive Web Testing Framework, is an open-source penetration testing toolkit specifically designed for web applications. It combines automated tools with manual testing techniques to identify and assess web application vulnerabilities.Web Application
SQL InjectionSQL Injection is a code injection technique that exploits a vulnerability in the interaction between web applications and databases. Attackers insert malicious SQL statements into user inputs, manipulating the database query to perform unauthorized actions. This can lead to data disclosure, unauthorized access, and in some cases, complete compromise of the underlying system.Injection
Cross-Site Scripting (XSS)Cross-Site Scripting involves injecting malicious scripts into web pages viewed by other users. By exploiting vulnerabilities in web applications, attackers can execute scripts in the context of a victim's browser, leading to theft of sensitive information, session hijacking, or defacement of web pages.Injection
Cross-Site Request Forgery (CSRF)CSRF forces users to unknowingly perform actions on a web application in which they are authenticated. Attackers trick users into executing malicious actions, potentially leading to unauthorized transactions, account manipulation, or unintended changes in the user's data.Web
Remote Code Execution (RCE)Remote Code Execution allows attackers to execute code on a remote server. Exploiting this vulnerability can lead to complete compromise of the target system, enabling unauthorized access, data exfiltration, or further attacks on other systems within the network.Code Execution
Buffer OverflowBuffer Overflow occurs when a program writes more data to a block of memory than it was allocated for, leading to the overwrite of adjacent memory. Attackers exploit this to inject malicious code into the program's memory, potentially enabling the execution of arbitrary commands.Memory Corruption
Man-in-the-Middle (MitM)Man-in-the-Middle attacks involve intercepting and potentially altering communication between two parties without their knowledge. This can lead to the theft of sensitive information, such as login credentials, and compromise the integrity and confidentiality of data exchanges.Interception
Denial of Service (DoS)Denial of Service aims to make a system or network unavailable to users by overwhelming it with traffic. Attackers flood the target with requests, consuming resources and causing services to become slow, unresponsive, or completely unavailable.Resource Exhaustion
Zero-Day VulnerabilityA Zero-Day Vulnerability refers to a software flaw that is unknown to the vendor or the public. Attackers exploit these vulnerabilities before a patch or mitigation is available, posing a significant threat as there is no defense against these initially undisclosed weaknesses.Unknown
ClickjackingClickjacking is a deceptive technique where attackers trick users into clicking on something different from what they perceive. By placing invisible or disguised elements on web pages, attackers can lead users to perform unintended actions, potentially leading to unauthorized actions.Deception
Security MisconfigurationSecurity Misconfiguration occurs when a system or application is not securely configured. Attackers exploit these misconfigurations to gain unauthorized access, expose sensitive information, or compromise the integrity of the system. Regular security reviews are essential to identify and rectify such issues.Configuration
Privilege EscalationPrivilege Escalation allows attackers to gain higher-level access privileges than originally intended. This vulnerability is often exploited after an initial compromise, enabling attackers to move laterally within a network and access sensitive resources or data.Authorization
File Inclusion VulnerabilityFile Inclusion Vulnerability allows attackers to include files with malicious code in web servers. Exploiting this vulnerability can lead to arbitrary code execution, unauthorized access, or disclosure of sensitive information stored on the server.File Manipulation
XML External Entity (XXE)XML External Entity (XXE) exploits vulnerabilities in the processing of XML inputs. Attackers can manipulate XML parsers to disclose internal files, execute remote requests, or launch denial-of-service attacks, depending on the context of the application.Injection
DNS SpoofingDNS Spoofing involves providing false DNS responses to redirect users to malicious websites. Attackers manipulate the DNS resolution process, leading users to unintended destinations, where they may unknowingly disclose sensitive information or fall victim to phishing attacks.Spoofing
Security BypassSecurity Bypass vulnerabilities allow attackers to circumvent security mechanisms and gain unauthorized access to systems or data. This can occur through flaws in authentication processes, enabling attackers to bypass login credentials or other access controls.Authentication Bypass
Command InjectionCommand Injection enables attackers to execute arbitrary commands on a system. Exploiting this vulnerability allows for unauthorized access, data manipulation, or the execution of malicious commands with the privileges of the compromised application or system.Injection
Session FixationSession Fixation involves attackers setting the session ID of a user's session to a known value. By forcing users to use a predetermined session ID, attackers may gain unauthorized access to the victim's account, leading to identity theft or unauthorized actions on behalf of the victim.Session Management
Unvalidated Redirects and ForwardsUnvalidated Redirects and Forwards occur when web applications allow user-controlled input to determine the destination of a redirect or forward. Attackers exploit this to redirect users to malicious sites, leading to phishing attacks or other malicious activities.Web
HeartbleedHeartbleed is a vulnerability in the OpenSSL cryptography library that allows attackers to read sensitive data from the memory of a targeted server. By exploiting this flaw, attackers can obtain cryptographic keys, user credentials, and other sensitive information.Cryptography
Broken AuthenticationBroken Authentication occurs when authentication mechanisms are implemented incorrectly, leading to vulnerabilities that attackers can exploit to gain unauthorized access. This can result from weak password policies, session management issues, or other authentication-related misconfigurations.Authentication
XML InjectionXML Injection involves manipulating XML input to execute unauthorized actions. Attackers may inject malicious XML content, leading to denial of service, information disclosure, or the execution of arbitrary code, depending on how the application processes XML data.Injection
LDAP InjectionLDAP Injection exploits vulnerabilities in applications that use LDAP for user authentication. Attackers manipulate LDAP queries by injecting malicious input, potentially leading to unauthorized access, information disclosure, or the compromise of user credentials.Injection
HTTP Header InjectionHTTP Header Injection occurs when attackers manipulate HTTP headers to inject malicious content. This can lead to various attacks, such as session hijacking, cross-site scripting, or redirecting users to malicious sites, depending on the context of the injection.Injection
Session HijackingSession Hijacking involves stealing a user's session token to impersonate them. Attackers can exploit vulnerabilities in session management or intercept session cookies to gain unauthorized access to user accounts without needing to know login credentials.Session Management
Security Token BypassSecurity Token Bypass vulnerabilities allow attackers to bypass security tokens, which are often used for authentication and authorization. Exploiting this vulnerability may enable unauthorized access or actions within an application or system.Authentication Bypass
Firmware VulnerabilityFirmware Vulnerabilities affect the embedded software on devices. Exploiting these vulnerabilities can lead to unauthorized access, device manipulation, or the compromise of sensitive information stored on the device's firmware. Regular firmware updates are crucial for mitigation.Device
Mobile Code ExecutionMobile Code Execution vulnerabilities involve executing arbitrary code on mobile devices. Attackers exploit flaws in mobile applications or operating systems, potentially leading to unauthorized access, data theft, or the compromise of sensitive information.Mobile
Race ConditionA Race Condition occurs when the behavior of a system depends on the timing of events. Attackers exploit this by manipulating the sequence of actions, potentially leading to unauthorized access, data corruption, or other unexpected outcomes. Proper synchronization mechanisms are crucial for mitigation.Timing
Cross-Site Request Forgery (CSRF) Token Not RotatedCSRF Token Not Rotated vulnerabilities occur when anti-CSRF tokens remain constant, making them predictable. Attackers can use this predictability to forge requests and perform unauthorized actions on behalf of authenticated users. Regularly rotating CSRF tokens enhances security.Web
DOM-based Cross-Site Scripting (DOM XSS)DOM-based Cross-Site Scripting involves the injection of malicious scripts that manipulate the Document Object Model (DOM) of a web page. This can lead to the execution of unauthorized actions, data theft, or other malicious activities directly within the user's browser.Injection
Binary Planting (DLL Preloading)Binary Planting, also known as DLL Preloading or DLL Hijacking, occurs when an application loads an attacker-controlled dynamic link library (DLL). Exploiting this vulnerability can lead to arbitrary code execution with the privileges of the application. Secure coding practices and proper DLL loading techniques are essential for mitigation.Code Execution
Insecure Direct Object References (IDOR)Insecure Direct Object References (IDOR) occur when an application provides access to sensitive objects without proper authorization. Attackers exploit this vulnerability to access unauthorized data, manipulate objects, or perform actions on behalf of other users. Proper access controls and validation are essential for mitigation.Authorization
Server-Side Template Injection (SSTI)Server-Side Template Injection occurs when user input is improperly embedded into server-side templates. Attackers can exploit this vulnerability to execute arbitrary code on the server, potentially leading to unauthorized access, data leakage, or system compromise.Injection
Data ExfiltrationData Exfiltration involves unauthorized transfer of sensitive data from a system or network. Attackers use various methods, such as exploiting vulnerabilities, malware, or social engineering, to steal and transmit sensitive information to external servers under their control.Data
XML-RPC and SOAP AttacksXML-RPC and SOAP Attacks exploit vulnerabilities in XML-based communication protocols. Attackers can manipulate XML data to perform actions such as remote code execution, unauthorized access, or service disruption, depending on the specific vulnerabilities present.Injection
Cross-Site FlashingCross-Site Flashing occurs when attackers manipulate Flash content on a web page to perform malicious actions. This can lead to the theft of sensitive information, session hijacking, or other attacks by exploiting vulnerabilities in Flash-based applications.Injection
MIME SniffingMIME Sniffing vulnerabilities arise when browsers interpret files differently from their declared MIME types. Attackers can exploit this to trick browsers into interpreting files as a different type, potentially leading to security bypass, data disclosure, or other unexpected behaviors.Web
HTTP Parameter Pollution (HPP)HTTP Parameter Pollution occurs when multiple values are assigned to the same parameter, leading to confusion in how web applications process the input. Attackers exploit this confusion to manipulate the application's behavior, potentially leading to unauthorized actions or information disclosure.Web
Command and Control (C2)Command and Control vulnerabilities involve attackers establishing a communication channel with compromised systems. This enables them to remotely control infected devices, execute commands, and exfiltrate data. Detecting and blocking C2 communications are crucial for mitigating these threats.Network
Click FraudClick Fraud involves generating fraudulent clicks on online advertisements to inflate costs for advertisers. Attackers use automated scripts or networks of compromised devices to simulate legitimate clicks, leading to financial losses for advertisers.Fraud
Password SprayingPassword Spraying is a technique where attackers attempt a few commonly used passwords against many user accounts. Unlike brute-force attacks, password spraying reduces the risk of account lockouts and aims to discover weak or reused passwords across multiple accounts.Authentication
HTTP Desync AttackHTTP Desync Attacks exploit inconsistencies in how web servers and proxies interpret HTTP headers. Attackers manipulate these inconsistencies to trick systems into processing requests differently, potentially leading to cache poisoning, request smuggling, or other security bypass scenarios.Web
EternalBlue (MS17-010)EternalBlue is a Microsoft Windows SMB (Server Message Block) protocol vulnerability exploited by the WannaCry ransomware. It allows remote code execution on vulnerable systems, enabling rapid lateral movement and the propagation of malware within networks. Regular patching is essential to prevent exploitation.Network
Unrestricted File UploadUnrestricted File Upload vulnerabilities allow users to upload malicious files to a web application. Attackers exploit this to execute arbitrary code, compromise the integrity of the server, or host malicious content. Proper file type validation and access controls are crucial for mitigation.File Manipulation
Hijacking of Session Tokens in URL (Session Riding)Session Riding involves attackers hijacking session tokens by manipulating URLs. If session tokens are transmitted in URLs, attackers can craft URLs to impersonate other users, potentially leading to unauthorized access and actions on behalf of the victim.Session Management
HTTP Host Header AttacksHTTP Host Header Attacks exploit misconfigurations in web servers that rely on the "Host" header to determine the destination. Attackers manipulate this header to perform various attacks, such as cache poisoning, phishing, or redirecting users to malicious sites.Web
DNS Cache PoisoningDNS Cache Poisoning involves attackers injecting malicious DNS records into a DNS cache. This can lead to redirecting users to malicious sites, intercepting communication, or performing man-in-the-middle attacks. Regular monitoring and DNS security practices are essential for mitigation.Spoofing
Bluetooth VulnerabilitiesBluetooth Vulnerabilities affect the security of Bluetooth-enabled devices. Attackers exploit these vulnerabilities to eavesdrop on communications, perform unauthorized pairing, or execute malicious actions on connected devices. Regular updates and secure pairing practices are essential for mitigation.Wireless
Insufficient Session ExpirationInsufficient Session Expiration vulnerabilities occur when session tokens remain valid for an extended period, exposing users to the risk of unauthorized access. Attackers may capture and reuse session tokens to impersonate users long after they should have expired. Proper session timeout configurations are crucial for mitigation.Session Management
HTTP Public Key Pinning (HPKP) BypassHPKP Bypass vulnerabilities allow attackers to bypass the protections provided by HTTP Public Key Pinning. Attackers exploit weaknesses in certificate handling to serve malicious certificates, potentially leading to man-in-the-middle attacks and unauthorized access to encrypted communications.Web
Directory Traversal (Path Traversal)Directory Traversal occurs when attackers manipulate file paths to access files or directories outside the intended scope. Exploiting this vulnerability can lead to unauthorized access, disclosure of sensitive information, or the execution of arbitrary commands on the server. Proper input validation and access controls are crucial for mitigation.File Manipulation
Fuzzing-based Vulnerability DiscoveryFuzzing is a testing technique where automated tools inject a large number of random or malformed inputs into a system to discover vulnerabilities. Fuzzing-based vulnerability discovery helps identify unforeseen issues, such as buffer overflows, input validation flaws, or other security weaknesses.Testing
Resource Exhaustion AttacksResource Exhaustion Attacks aim to deplete the resources of a target system. Attackers exploit vulnerabilities to consume system resources, leading to performance degradation, unresponsiveness, or even system crashes. These attacks can target CPU, memory, network bandwidth, or other resources.Resource Exhaustion
Universal XSS (UXSS)Universal Cross-Site Scripting (UXSS) vulnerabilities occur when attackers inject malicious scripts into web pages in a way that affects multiple users. Unlike traditional XSS, UXSS targets flaws in browser security models, potentially leading to widespread impact across different users and sessions.Injection
JWT (JSON Web Token) Signature BypassJSON Web Token (JWT) Signature Bypass vulnerabilities allow attackers to manipulate or bypass the signature verification process of JWTs. Exploiting this vulnerability may lead to the forging of tokens, unauthorized access, and the manipulation of user roles or privileges.Authentication
Race-to-Zero VulnerabilitiesRace-to-Zero vulnerabilities occur in software that relies on counters or timers. Attackers exploit the time window between a value reaching zero and being reset, potentially leading to unauthorized access, bypassing time-based security controls, or other security-related outcomes.Timing
Adversarial Machine Learning AttacksAdversarial Machine Learning Attacks involve manipulating input data to deceive machine learning models. Attackers tweak inputs in a way that causes misclassification or alters model behavior. Understanding and mitigating adversarial attacks are essential for maintaining the security of machine learning systems.Machine Learning
Credential StuffingCredential Stuffing involves attackers using previously leaked or stolen usernames and passwords to gain unauthorized access to user accounts on various platforms. Attackers rely on users reusing passwords across multiple sites, exploiting weak credentials.Authentication
Container EscapeContainer Escape vulnerabilities occur when attackers break out of containerized environments, such as Docker or Kubernetes, to gain unauthorized access to the underlying host system. Exploiting this vulnerability can lead to lateral movement within the infrastructure.Virtualization
Cross-Site WebSocket Hijacking (CSWSH)CSWSH vulnerabilities involve attackers hijacking WebSocket connections between a client and a server. By injecting malicious content into WebSocket messages, attackers can execute unauthorized actions, potentially leading to data manipulation or unauthorized access.Web
HTTP Response SplittingHTTP Response Splitting occurs when attackers manipulate HTTP responses to inject additional content. Exploiting this vulnerability can lead to security bypass, cache poisoning, or other attacks that manipulate the interpretation of HTTP responses by browsers or proxies.Web
Insecure DeserializationInsecure Deserialization vulnerabilities occur when applications deserialize untrusted data without proper validation. Attackers exploit this to execute arbitrary code, perform denial of service, or manipulate the application's behavior. Proper input validation and secure coding practices are crucial for mitigation.Code Execution
Biometric Spoofing (Biometric Impersonation)Biometric Spoofing involves attackers using fake biometric data to impersonate legitimate users in systems that rely on biometric authentication. This can lead to unauthorized access, identity theft, or other security breaches in biometric-based authentication systems.Authentication
HTTP/2 and QUIC DoS AttacksDenial of Service (DoS) Attacks targeting HTTP/2 and QUIC exploit vulnerabilities in the protocols to overwhelm servers with malicious requests. These attacks can lead to service disruption, resource exhaustion, or impact the availability of web services.Resource Exhaustion
Side Channel AttacksSide Channel Attacks exploit information leaked through unintended channels, such as timing, power consumption, or electromagnetic emanations. Attackers use this leaked information to infer sensitive data, cryptographic keys, or other secrets without directly accessing the target system.Cryptography
Cross-Site Port Attacks (XSPA)Cross-Site Port Attacks occur when attackers manipulate client-side requests to communicate with services running on the victim's internal network. This can lead to unauthorized access to internal services or information disclosure, depending on the specific configuration.Web
Security Header MissingMissing Security Headers in web applications can expose them to various vulnerabilities. Proper security headers, such as Content Security Policy (CSP), Strict Transport Security (HSTS), and X-Frame-Options, help prevent attacks like cross-site scripting and clickjacking.Web
HMAC (Hash-based Message Authentication Code) SpoofingHMAC Spoofing vulnerabilities occur when attackers manipulate the hash-based message authentication code to forge or tamper with authenticated messages. Exploiting this vulnerability can lead to unauthorized access or the manipulation of data integrity in authenticated communications.Cryptography
Server-Side Request Forgery (SSRF)Server-Side Request Forgery involves attackers manipulating a server into making unintended requests to internal resources. Exploiting SSRF can lead to unauthorized access to internal systems, data disclosure, or performing actions on behalf of the server.Web
USB-based AttacksUSB-based Attacks exploit vulnerabilities in devices connected via USB ports. Attackers may use malicious USB devices to execute arbitrary code, extract sensitive data, or compromise the security of the host system. Disabling unnecessary USB functionalities helps mitigate these risks.Physical
Backdoor InsertionBackdoor Insertion vulnerabilities occur when attackers insert hidden backdoors into systems or applications. These backdoors provide unauthorized access, allowing attackers to maintain persistence, exfiltrate data, or execute malicious actions even after initial compromise.Code Injection
WebAssembly (Wasm) Security IssuesWebAssembly (Wasm) introduces new security considerations in web applications. Vulnerabilities in Wasm code can lead to various issues, such as code injection, privilege escalation, or unauthorized access. Proper security reviews and code audits are essential for Wasm-based applications.Web
HTTPoxy VulnerabilityHTTPoxy is a vulnerability that occurs when attackers manipulate HTTP request headers to redirect outgoing HTTP requests. Exploiting HTTPoxy can lead to unauthorized access to sensitive information or perform actions on behalf of the victim application.Web
DOM ClobberingDOM Clobbering vulnerabilities occur when attackers manipulate the Document Object Model (DOM) by injecting conflicting or malicious properties. Exploiting this can lead to unexpected behavior, security bypass, or unauthorized actions within the client-side environment.Injection
Virtual Host Confusion (VHC)Virtual Host Confusion occurs when attackers manipulate web servers by submitting requests with ambiguous or conflicting host headers. Exploiting this vulnerability can lead to security bypass, unauthorized access, or other attacks affecting web server configurations.Web
Cryptographic Key ExtractionCryptographic Key Extraction involves attackers extracting cryptographic keys from systems or devices. Exploiting this vulnerability can compromise the confidentiality and integrity of encrypted data, leading to unauthorized access or information disclosure.Cryptography
HTTP Parameter Pollution (HPP)HTTP Parameter Pollution involves attackers manipulating multiple parameters in web requests, leading to ambiguity in the way applications interpret the input. Exploiting HPP can result in security bypass, injection attacks, or other unexpected behaviors in the application.Web
HTTP Request SmugglingHTTP Request Smuggling vulnerabilities occur when attackers manipulate the interpretation of HTTP requests by exploiting inconsistencies between frontend and backend systems or proxies. Exploiting this can lead to security bypass, cache poisoning, or other attacks affecting HTTP request processing.Web
Bluetooth Low Energy (BLE) VulnerabilitiesBLE Vulnerabilities affect devices using Bluetooth Low Energy. Attackers exploit these vulnerabilities to launch attacks such as eavesdropping, unauthorized access, or injecting malicious data into BLE communication, compromising the security of connected devices.Wireless
Software Composition Analysis (SCA) VulnerabilitiesSCA Vulnerabilities arise from the use of insecure third-party libraries or components in software. Attackers exploit vulnerabilities in these dependencies, leading to security issues such as code execution, data breaches, or other compromise of the software's security.Code
Firmware ManipulationFirmware Manipulation involves attackers modifying the firmware of devices. Exploiting this vulnerability can lead to unauthorized access, data manipulation, or the compromise of the device's functionality. Regular firmware updates and secure firmware signing are crucial for mitigation.Device
AuthenticationThe process of verifying the identity of a user, system, or device, typically through the use of usernames and passwords, biometrics, or multifactor authentication.Access Control
AuthorizationThe process of granting or denying access rights and permissions to resources based on the authenticated user's identity and level of clearance.Access Control
FirewallA security barrier that monitors and controls incoming and outgoing network traffic based on predetermined security rules.Network Security
Intrusion Detection System (IDS)A security technology designed to detect and respond to unauthorized access or malicious activities within a network.Network Security
EncryptionThe process of converting plaintext into ciphertext to secure sensitive data from unauthorized access.Cryptography
Public Key Infrastructure (PKI)A framework that manages the creation, distribution, and revocation of digital certificates to facilitate secure communication and authentication in a network environment.Cryptography
MalwareMalicious software designed to disrupt, damage, or gain unauthorized access to computer systems or networks.Cyber Threats
Denial of Service (DoS)A cyberattack that aims to make a system or network unavailable to its intended users by overwhelming it with a flood of traffic or other malicious activities.Cyber Threats
Social EngineeringThe manipulation of individuals to disclose confidential information, perform actions, or compromise security, often through deceptive tactics and psychological manipulation.Human Factor Security
Penetration TestingThe practice of simulating cyberattacks on systems, applications, or networks to identify vulnerabilities and weaknesses, allowing organizations to strengthen their security defenses.Security Testing
Incident ResponseThe coordinated process of responding to and managing a cybersecurity incident, including detection, analysis, containment, eradication, recovery, and lessons learned.Incident Management
Zero-Day ExploitAn exploit targeting a previously unknown vulnerability in software or hardware before the vendor releases a patch or solution, leaving users vulnerable to attacks.Vulnerabilities
Man-in-the-Middle (MitM) AttackAn attack where an unauthorized third party intercepts and potentially alters the communication between two parties without their knowledge.Network Security
PhishingA form of social engineering in which attackers use deceptive emails or messages to trick individuals into divulging sensitive information, such as passwords or financial details.Cyber Threats
Risk AssessmentThe process of identifying, analyzing, and evaluating potential risks to an organization's assets, allowing for informed decision-making in implementing security measures.Risk Management
Endpoint SecurityThe protection of networked devices (endpoints) from cybersecurity threats, including antivirus software, firewalls, and other security measures.Endpoint Protection
Two-Factor Authentication (2FA)A security process that requires users to provide two different authentication factors, typically something they know (password) and something they have (token or smartphone).Access Control
Network SegmentationThe practice of dividing a computer network into smaller, isolated segments to enhance security by limiting the potential impact of a security breach.Network Security
Patch ManagementThe process of planning, testing, and applying updates (patches) to software and systems to address security vulnerabilities and improve overall performance.Vulnerability Management
Secure Socket Layer (SSL)A cryptographic protocol designed to secure communication over a computer network, commonly used to ensure the security of web transactions.Cryptography
Data Loss Prevention (DLP)A set of tools and practices that prevent unauthorized access, sharing, or loss of sensitive data within an organization.Data Security
Virtual Private Network (VPN)A secure and encrypted connection that allows users to access a private network over the internet, ensuring confidentiality and privacy of data transmission.Network Security
Cyber Threat IntelligenceInformation about potential or current cybersecurity threats, including details about the tactics, techniques, and procedures used by threat actors.Threat Intelligence
Security PolicyA set of rules and practices that define an organization's approach to security, outlining acceptable and unacceptable behavior, and providing guidelines for safeguarding information assets.Policy and Compliance
Biometric AuthenticationThe use of unique biological characteristics such as fingerprints, iris scans, or facial recognition to verify the identity of individuals.Access Control
Secure CodingThe practice of writing software applications with security considerations to prevent vulnerabilities and reduce the risk of exploitation.Software Development
Incident Severity LevelsA classification system that categorizes the impact and severity of cybersecurity incidents, helping organizations prioritize their response efforts.Incident Management
Security Awareness TrainingEducational programs designed to inform and train individuals within an organization about cybersecurity best practices, threats, and their role in maintaining a secure environment.Training and Awareness
Multi-Factor Authentication (MFA)A security mechanism that requires users to provide two or more authentication factors from different categories (knowledge, possession, or inherence) to gain access.Access Control
Rogue SoftwareUnauthorized or malicious software that is installed on a system without the user's knowledge or consent, often used for malicious purposes.Malware
Data Encryption Standard (DES)A symmetric-key algorithm used for encrypting electronic data, though now considered insecure and largely replaced by more robust encryption algorithms.Cryptography
Secure File Transfer ProtocolA set of protocols and methods for securing the transmission of files over a network, ensuring data confidentiality and integrity during transfer.Data Security
Security Information and Event Management (SIEM)A comprehensive solution that combines security information management (SIM) and security event management (SEM) to provide real-time analysis of security alerts generated by various hardware and software systems.Security Monitoring
TokenizationThe process of replacing sensitive data with a non-sensitive equivalent, known as a token, to prevent unauthorized access to the original data.Data Security
Honey PotA decoy system or network designed to attract and deceive attackers, allowing security professionals to monitor and analyze their tactics without risking the compromise of critical systems.Deception Technology
Least PrivilegeThe principle of providing individuals or systems with the minimum level of access or permissions necessary to perform their tasks, reducing the risk of unauthorized access and potential misuse.Access Control
Threat ModelingA structured approach to identifying, assessing, and mitigating potential cybersecurity threats and vulnerabilities within a system or application.Risk Management
Red TeamA group of security professionals authorized to simulate cyberattacks and test an organization's defenses to identify vulnerabilities and weaknesses.Security Testing
Blue TeamA group of security professionals responsible for defending and maintaining the security of an organization's systems and networks.Security Operations
Secure Development Lifecycle (SDL)An approach to software development that integrates security measures throughout the entire development process, reducing vulnerabilities and enhancing the overall security of the software.Software Development
Data BreachThe unauthorized access, acquisition, disclosure, or use of sensitive data, potentially leading to the compromise of confidentiality and privacy.Incident Management
Digital ForensicsThe process of collecting, analyzing, and preserving digital evidence to investigate and respond to cybersecurity incidents or criminal activities.Forensics
RansomwareMalicious software that encrypts files on a victim's system, demanding a ransom payment in exchange for the decryption key.Malware
Access Control List (ACL)A list of rules that define the permissions and restrictions for users or systems accessing a network or resource.Access Control
Data MaskingThe process of obscuring or scrambling specific data within a database to protect sensitive information while maintaining its usability for testing or analysis purposes.Data Security
Threat HuntingThe proactive and iterative process of searching for signs of malicious activities or security threats within an organization's environment.Security Monitoring
Security IncidentAn event that compromises the confidentiality, integrity, or availability of an organization's information assets and requires an appropriate response to mitigate potential damage.Incident Management
Supply Chain SecurityThe protection of an organization's products, services, and information from compromise or tampering throughout the entire supply chain, including suppliers, manufacturers, distributors, and customers.Risk Management
Session HijackingUnauthorized interception or taking over of an active user session to gain unauthorized access to a system or application.Network Security
Threat VectorThe path or means by which a threat actor can exploit a vulnerability to compromise the security of a system or network.Risk Management
Web Application Firewall (WAF)A security device or service that monitors, filters, and blocks malicious traffic to and from a web application, protecting it from common web-based attacks.Web Security
Container SecurityThe implementation of security measures to protect containerized applications and their environments from potential threats and vulnerabilities.Container Security
Security Operations Center (SOC)A centralized facility that houses security professionals and technology to monitor, detect, respond to, and mitigate cybersecurity threats in real-time.Security Operations
Incident ContainmentThe process of isolating and limiting the impact of a cybersecurity incident to prevent further damage and maintain the overall security of the organization.Incident Management
Data ClassificationThe categorization of data based on its sensitivity, importance, and confidentiality, allowing organizations to apply appropriate security controls and protection measures.Data Security
Threat Intelligence FeedContinuous streams of information about potential or current cybersecurity threats from external sources, helping organizations stay informed and proactive in their security measures.Threat Intelligence
Fuzz TestingA software testing technique that involves inputting random or unexpected data to discover vulnerabilities, weaknesses, or coding errors in a system or application.Security Testing
Incident HandlingThe process of systematically responding to and managing a cybersecurity incident, including detection, analysis, containment, eradication, recovery, and lessons learned.Incident Management
Container Orchestration SecurityThe implementation of security measures to protect containerized applications within an orchestration framework, ensuring the secure deployment and management of container clusters.Container Security
Network Access Control (NAC)A security solution that enforces policies to control and manage access to a network based on the identity and security posture of connected devices.Access Control
Threat ActorAn individual, group, or entity that carries out actions or activities intended to compromise the security of a system, network, or organization.Threat Intelligence
Security Information Management (SIM)The collection, analysis, and interpretation of security-related data from various sources to identify and respond to cybersecurity threats.Security Monitoring
Data IntegrityThe assurance that data remains accurate, unaltered, and consistent throughout its lifecycle, protecting it from unauthorized modifications or corruption.Data Security
Cloud SecurityThe set of policies, controls, technologies, and best practices implemented to protect data, applications, and infrastructure within cloud computing environments.Cloud Security
Incident RecoveryThe process of restoring systems, services, and data to a normal operational state after a cybersecurity incident, minimizing downtime and ensuring business continuity.Incident Management
Threat LandscapeThe overall view and assessment of potential cybersecurity threats, risks, and vulnerabilities that an organization may face.Threat Intelligence
Network Packet AnalysisThe examination of network packets and data traffic to identify patterns, anomalies, or signs of malicious activity within a network.Network Security
Security BaselineThe established and documented security configuration that serves as a foundation for securing systems and networks, providing a standard for secure operations.Policy and Compliance
Incident ReportingThe timely and accurate communication of cybersecurity incidents to the appropriate stakeholders, facilitating a swift and coordinated response.Incident Management
Disaster Recovery PlanA documented and structured approach to restoring operations and services after a disruptive event, such as a cybersecurity incident, natural disaster, or system failure.Business Continuity
Threat Hunting ToolsSoftware and solutions designed to facilitate proactive threat hunting activities by security professionals, allowing them to identify and respond to potential threats more effectively.Security Tools
Password PolicyA set of rules and requirements governing the creation, use, and management of passwords within an organization, aimed at enhancing password security and preventing unauthorized access.Access Control
Code of EthicsA set of principles and guidelines outlining acceptable behavior and ethical conduct for individuals working in the field of cybersecurity.Ethics and Compliance
Security Awareness ProgramA structured initiative within an organization to educate and raise awareness among employees about cybersecurity risks, best practices, and their role in maintaining a secure environment.Training and Awareness
Cybersecurity FrameworkA structured set of standards, guidelines, and best practices designed to help organizations manage and improve their cybersecurity posture, often provided by government or industry bodies.Policy and Compliance
Security Risk AssessmentThe systematic process of identifying, analyzing, and evaluating potential risks and vulnerabilities within an organization's systems, applications, and infrastructure.Risk Management
Threat Modeling ToolsSoftware tools designed to facilitate the process of threat modeling by helping security professionals identify and assess potential threats and vulnerabilities in a system or application.Security Tools
Security Incident Response PlanA documented and detailed plan outlining the steps and procedures to be followed when responding to a cybersecurity incident, ensuring a coordinated and effective response.Incident Management
Cybersecurity Awareness MonthAn annual campaign held in October to promote cybersecurity awareness and educate individuals and organizations about the importance of cybersecurity and best practices.Training and Awareness
NameDescriptionFamily
Cross Site Script (XSS)Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.VulnerabilityRead More >>
Burp SuiteBurp Suite is an integrated platform/graphical tool for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.ToolRead More >>
Cross-Site-Script (XSS)XSS is a type of injection attack that occurs when malicious code is injected into your web application via user input. This can allow attackers to steal cookies, access sensitive information, redirect users, etc.Vulnerability
SQL InjectionSQL Injection is a form of injection attack where data entered into a web application forms a query string that is sent to a database server. An attacker may use this vulnerability to extract confidential information from databases, deface websites, delete data, or even modify transactions.Vulnerability
(Cross-Site Request Forgery (CSRF)CSRF is a type of request forgery attack that exploits a trusted session between a victim and a website. By manipulating the trusted session, an attacker can trick the victim into performing actions against their own interests.Vulnerability
Strict-Transport-Security (HSTS)HTTPS stands for Hypertext Transfer Protocol Secure. This protocol was designed to ensure that data sent between two computers is encrypted. When using HTTPS, the connection between your browser and website's server is secure. HSTS is a security measure that forces browsers to use only secured connections to websites. This helps prevent man-in-the-middle attacks, where someone can intercept and read your traffic without being detected.Security Header
(Open Web Application Security Project) OWASPOWASP (Open Web Application Security Project) is a community-driven open standard that helps organizations identify, analyze, and mitigate application security risks. OWASP provides free resources like guides, tools, training, events, and forums to help developers, testers, architects, and other IT professionals understand and effectively secure their applications.Community
DevSecOpsDevSecOps is a concept where developers and operations work together to deliver secure software faster.
JenkinsJenkins is a free open-source automation tool that can help you automate your workflow. Jenkins is a continuous integration server, meaning that it runs automated tests on your code before each commit. This helps ensure that your code works properly before you push it to GitHub.Tool
OWASP ZAPZAP stands for Zero Access Pathway. This project was created to help prevent attacks from malicious code that can be embedded into websites. By using this tool, we are able to scan our website for any vulnerabilities that may exist.Tool
OWASP Top 10The OWASP Top 10 is a list of the most common web application security risks. These risks include SQL injection, cross-site scripting, session management, insecure deserialization, directory traversal, parameter tampering, path disclosure, open redirects, insecure direct object references, and many others.
Username unumerationUsername enumeration is a technique that allows attackers to discover usernames from user accounts. This can be done through brute force attacks, dictionary-based attacks, or even social engineering. In this video we'll discuss how to perform username enumeration using Burp Suite.Vulnerability
Directory TraversalDirectory Traversal is the ability to access files that are not normally accessible. This can be done through the use of tools like FTP (File Transfer Protocol) or SSH (Secure Shell). Directory traversal is used to gain access to restricted directories.Vulnerability
Secure Shell Protocol (SSH)Secure Shell Protocol is used to transfer files securely over a network. SSH is a protocol that allows users to log into remote computers using passwords or public/private keys. SSH can be used to connect to any computer running a Unix-like operating system.Protocol
Secure Copy Protocol (SCP)Secure Copy Protocol is a file transfer protocol that uses encryption to ensure data integrity while being transferred between two hosts. SCP is commonly used to copy files from one host to another.Protocol
Simple Network Management Protocol (SNMP)Simple Network Management Protocol is a standard communications protocol for managing devices on IP networks. SNMP provides information about network elements like routers, switches, servers, etc.Protocol
Hypertext Transfer Protocol Secure (HTTPS)This protocol is used to transfer data securely over the internet. When you are using your browser to access websites, the website's address begins with https:// instead of http://. This means that any information sent from the site to your computer is encrypted, making sure that no one can read it while it travels across the web.Protocol
Hypertext Transfer Protocol (HTTP)his protocol is used when you want to visit a website. Your browser uses this protocol to communicate with the server.Protocol
Simple Mail Transport Protocol (SMTP)This protocol is usually used to send emails.Protocol
Local File Inclusion (LFI)Local File Inclusion is a type of security vulnerability that allows attackers to include files from remote locations into web pages served by vulnerable servers. This can allow them to steal sensitive information like usernames, passwords, credit card details, etc. LFI attacks are usually carried out through malicious links in emails or websites.Vulnerability
Remote File Inclusion (RFI)Remote File Inclusion is similar to local file inclusion but instead of including files locally, the attacker includes files remotely. This means that they don't need to have access to your server at all. They just need to know the path to the file. RFI attacks are usually carried through cross site scripting vulnerabilities.Vulnerability
Remote Code Execution (RCE)Remote code execution occurs when a malicious actor executes code remotely without having direct access to the system. This can occur via a variety of vectors, including web-based attacks, email attachments, infected USB devices, etc. There are many different ways that remote code execution can take place. Some common vectors include: Web Application Attacks, Email Attachments, Malicious Links, Infected USB Devices, and Other Methods.Vulnerability
wordpressWordPress is a free and open-source content management system (CMS) that allows users to easily publish their web pages or blogs online. WordPress was created by Automattic, LLC, the company behind the popular blogging platform Tumblr. WordPress is used by millions of people across the globe and has been downloaded over 100 million times.CMS
JoomlaJoomla! ® is free software released under the GNU/GPL license. Joomla!® was created to provide developers with a robust, reliable, and powerful content management system (CMS) platform that can be used to create websites and web applications. Joomla!™ is open-source software, meaning that its code is freely available for anyone to use and improve upon.CMS
StrapiStrapi is a free open-source platform that makes developing your own web applications easy. It's built using ReactJS (a JavaScript library) and GraphQL (an API query language). You can use any programming language to develop plugins for Strapi. Strapi is used to create modern websites and mobile apps. With its modular architecture, you can easily add features like authentication, user management, data storage, email sending, payment processing, analytics, etc.CMS
GraphqlGraphQL is a query language that allows you to define how data should be returned from your API. This is done through a simple interface where you can define what fields are returned and how they are formatted. You can then use this information to create client-side applications that consume your API. Apollo Client is a library that makes working with GraphQL easy. It provides a number of features including caching, subscriptions, error handling, and much more.Language
Java ScriptJavaScript is a programming language that can be used to create interactive web pages. JavaScript is embedded into HTML (HyperText Markup Language) documents to add interactivity and animation to your website. In this tutorial we are going to learn how to embed a simple Java Script code into our HTML document.Language
WiresharkWireshark is a network protocol analyzer that can capture packets from any interface on your computer. You can then use this information to analyze traffic on the network. This tool is useful for troubleshooting problems on the local area network (LAN) and helps identify what type of data is being sent over the wire.Tool
Aircrack-ngThis is a free software tool that allows you to crack WEP/WPA/WEP2 networks using only your wireless card. This program has been tested on Windows XP SP2, Vista, 7, 8, 10 and Mac OS X 10.5.8.Tool
GithubGitHub is a web-based hosting service that allows users to create online repositories where they can store files and share them with others. This allows developers to collaborate and work together easily from anywhere at any time. GitHub was founded in 2008 by Chris Wanstrath and PJ Hyett.
GitGit is a version control system (VCS) used to manage changes to software code. A VCS helps programmers keep track of who changed what, when, and why. Git was created by Linus Torvalds while he was working for Novell in 2004.
Kali LinuxKali Linux is a free open-source security distribution based on Debian GNU/Linux. Kali Linux was created by Offensive Security, Inc., a U.S.-based computer security company specialising in penetration testing and ethical hacking.Operating System
WindowsWindows Operating System (WOS) is a computer operating system developed and marketed by Microsoft Corporation. It was first released in 1985 as MS-DOS 6.0 and has since been updated several times. WOS is currently used on personal computers, servers, embedded systems, mobile devices, video game consoles, and other computing platforms.Operating System
Directory ListingDirectory listing vulnerabilities are a common problem that can occur when web servers are configured incorrectly. This type of vulnerability allows hackers to gain access to sensitive information about your website. A hacker may use this information to steal your customers' personal data, sell their information, or even shut down your site completely.Vulnerability
DOM Cross Site Scripting (DOM XSS)DOM Cross Site Scripting (XSS) is a type of security vulnerability that occurs when malicious code is injected into a web page's Document Object Model (DOM). This can allow attackers to steal cookies, inject ads, redirect users, or access sensitive information.Vulnerability
Java DeserializationThe Java serialization mechanism allows objects to be saved to files or streams. This can be used to store data that needs to be sent over networks or stored on disk. However, this feature has been exploited before. In fact, the first time I heard about this was back in 2004, but it wasn't until recently that I started to pay attention to this issue again. How does it work? Serialization works by converting an object into a stream of bytes. These bytes are then written to a file or streamed to other applications. When reading these bytes, the application reads them from the file or stream and converts them back into an object. What's the problem? This method of storing information is great, but it has some drawbacks. One of the biggest problems is that if the original object isn't properly initialized, it could cause a memory leak. If the object contains pointers to other objects, they may not be deallocated properly. Another problem is that the serialized form of the object doesn't contain any information about its type. This means that if the object is converted back into its original state, it won't know what kind of object it is.Vulnerability
Open RedirectionThe open redirect vulnerability allows attackers to use malicious URLs that point to any website other than the intended target. This can allow them to steal cookies, inject malware into your browser, or even change the content of the page you are viewing.Vulnerability
Session FixationSession fixation occurs when an attacker takes control of a user's session ID. They may then impersonate the user by logging into websites they have access to.Vulnerability
Server-Side Template Injection (SSTI)Server side template injection is a technique that allows attackers to inject malicious code into web pages without having access to the server's filesystem. This can allow them to bypass certain security controls, like firewalls, and gain remote control over vulnerable servers. SSTI works by using HTML tags to insert content from external files. These files are typically stored on the same server as the page being served, but they could also be stored on other servers. When a user requests a page containing an embedded file, the browser first sends a request to the server hosting the page. If the server does not have a copy of the file, it returns a 404 error message. However, if the server has a copy of the file and it contains malicious code, the server may serve it instead of returning a 404 error.Vulnerability
Host Header InjectionHost Header Injection is a technique that allows attackers to inject malicious code into web pages served by vulnerable servers. This can allow them to steal cookies from other users, redirect victims to phishing sites, or even install malware on their computers. IT is used to deliver ransomware, exploit banking websites, and launch DDoS attacks. An attacker can use this flaw to create a specially crafted request that will cause the application to perform actions on behalf of the user.Vulnerability
X-Frame-OptionsX-Frame-Options HTTP Response Header allows web browsers to prevent clickjacking attacks against pages that use framesets. This prevents malicious sites from tricking users into clicking links that take them out of their intended frame.Header
Content-TypeThe content type is used to identify the MIME format of the data being transmitted. This information can be used by a web server to determine how to handle the request.Header
X-Content-Type-OptionsThe header allows the client to specify that they want to prevent caching of the document. In other words, if the browser requests this document again, it should not use its cached version but instead send a fresh copy back to the user.Header
X-XSS-ProtectionThe header prevents cross site scripting attacks by setting the value of the 'script' attribute to 'false'. If a malicious script is injected into your page, this option will prevent it from executing.Header
Content-Security-PolicyContent Security Policy (CSP) is a W3C specification that allows web applications to declare what resources they are allowed to load from. This helps prevent cross-site scripting attacks. CSP can be used to restrict access to sensitive data like credit card numbers, passwords, etc.Header
JSON Web Token (JWT)JSON Web Token (JWT) is a JSON-based data structure that can be used to encode information about an identity, including its claims. JWTs are commonly used in OAuth 2.0 access tokens and OpenID Connect ID Tokens. They are based on the concept of signing and encrypting messages using HMAC SHA-256 hashing algorithms.
Security Assertion Markup Language (SAML)SAML is a standard that allows users to authenticate themselves to web services using their username and password. This is useful if your website uses a third-party service that requires authentication. SAML is used for Single Sign On (SSO) where a user logs into a single application and then can access other applications without having to log in again.
OAuthOAuth stands for Open Authentication. It's a protocol that allows third-party systems (such as social media sites) to access your information without having to ask for your username and password. This is especially useful if you're using multiple accounts from different websites. OAuth is used to authorize requests from clients, usually web applications, to obtain tokens that can be exchanged for a user's basic profile information. These tokens are short lived, typically only good for a few minutes, but they do allow the application to request specific pieces of data without exposing the user's credentials.
Cross-Origin Resource Sharing (CORS)The Cross-Origin Resource Sharing (or CORS) is a standard that allows web servers to specify what origins are allowed to access their resources. This can help prevent cross-site scripting attacks. When a website wants to load content from another domain, they have to use either JSONP or XMLHttpRequest. These methods allow JavaScript code to make requests to other domains, but they both have some drawbacks. In order to implement CORS, the server needs to add a header to its responses. This header contains information about which origins are allowed to access the resource.
HTML InjectionThe HTML injection vulnerability allows an attacker to inject arbitrary HTML into any page loaded from this domain.Vulnerability
HTTP MethodsHTTP Methods are used to communicate with a web server. They define how the client can interact with the server. There are five different types of HTTP methods that are defined as follows: GET, POST, PUT, DELETE, and HEAD. These methods are used to perform operations like retrieving data from a database, updating information, deleting records, etc.
CookiesCookies are temporary files that store information about your browsing activity on a website. They can be used to track what pages you visit and how long you spend on each page. Cookies are usually deleted once you close your browser but some websites may use them to keep track of your activities over time.
Subdomain TakeoverSubdomain takeover vulnerabilities are a type of attack that can occur when a website is compromised and the attacker gains access to other subdomains on the same domain name. This allows them to gain control over those subdomains and use them to spread malware, steal information, or even redirect users to malicious websites.Vulnerability
MalwareMalware is a term used to describe malicious software that can cause harm to your computer. This includes viruses, worms, trojans, adware, spyware, rootkits, etc.Term
VirusA virus is a type of malware that infects your computer's operating system. Viruses are usually spread through email attachments, websites, or other types of files. Once infected, they replicate themselves over and over again until they have taken control of your entire hard drive.Term
WormsWorms are small pieces of code that can copy themselves from one computer to another. They do this by using the internet to find computers that are vulnerable to them. Once they find a target, they attach themselves to the computer and wait for instructions. These instructions could be anything from sending spam emails to stealing personal information.Term
AdwareAdware is software that has been designed specifically to infect your computer without your knowledge or consent. This software can cause problems ranging from slow performance to complete system failure. Adware is usually bundled with other programs and often comes pre-installed on computers. Once installed, adware may continue to run even after you have uninstalled the original programTerm
SpywareSpyware is software that is designed to monitor what you do online. Some spyware is used to steal personal information from your computer while others are used to track your internet activity.Term
RootkitsRootkits are malicious software that can infect your computer without your knowledge. They are usually installed through other malware programs like viruses, Trojans, etc. Rootkits are designed to hide their existence from the user and make them undetectable. Once they have been installed, rootkits can monitor your activities and steal information from your system. This includes passwords, banking details, credit card numbers, personal data, etc.Term
Amazon Web Services (AWS)Amazon Web Services (AWS)nAmazon Web Services is a cloud computing service that provides Internet-based resources through virtual machines. AWS offers several different types of services including Elastic Compute Cloud (EC2), Simple Storage Service (S3), Elastic Block Store (EBS), Relational Database Service (RDS), Auto Scaling, Elastic Load Balancing, and CloudFormation. These services are designed to make it easy to set up, operate, and scale infrastructure.Cloud Platform
Microsoft AzureMicrosoft Azure is a cloud computing platform that allows users to build and deploy applications online. This helps businesses reduce costs and increase productivity. Microsoft Azure provides its customers with a wide range of services including web hosting, database management, email, storage space, and many others.Cloud Platform
Google Cloud Platform (GCP)Google Cloud Platform (GCP), is a fully managed service that provides developers with a suite of tools to build, deploy, and manage applications online. GCP offers a variety of services including storage, networking, databases, analytics, machine learning, messaging, APIs, and many others.Cloud Platform
Alibaba CloudAlibaba Cloud is a cloud computing service platform provided by Alibaba Group Holding Limited. It was launched in 2009 and has been expanding rapidly since then. It provides services including Infrastructure-as-a-Service (IaaS), Platform-as-a-service (PaaS) and Software-as-a- Service (SaaS).Cloud Platform
Oracle CloudOracle Cloud is a service that provides computing resources through the Internet. Oracle Cloud offers services like storage, databases, networking, and other IT infrastructure services. It is a platform-as-a-service (PaaS) offering from Oracle Corporation.Cloud Platform
Secure Socket Layer (SSL)This protocol was developed to provide secure communication between web browsers and servers. In other words, this protocol provides encryption and authentication of data that is sent over the internet. SSL uses public-key cryptography. Public-key cryptography relies on two keys: a public key and a private key. The public key can be shared freely while the private key should only be known to the owner. When a user wants to send information to a server, they use their own private key to encrypt the message. Only the recipient has access to the private key, so they are able to decrypt the message using the public key.Protocol
File Transfer Protocolhe file transfer protocol (FTP) is a standard way to move files between computers over a network. FTP is used to upload and download files from a server to your computer. You can use this method to send large amounts of data to and from your website.Protocol
Secure File Transfer Protocol (SFTP)Secure File Transfer Protocol (SFTP) is an encrypted version of the File Transfer Protocol (FTP). SFTP uses public-private key encryption to encrypt communications between client/server. This means that only the user who has the private key can decrypt the communication.Protocol
Demilitarized zone (DMZ)Demilitarized Zone (DMZ) is a term used to describe a portion of a network that has been separated from the rest of the network to prevent unauthorized access to sensitive information. DMZs are typically located between two firewalls, one internal and one external. This separation prevents any data from being transferred between the networks.Term
FirewallFirewalls are used to protect your computer from outside attacks. They can be either software-based (e.g., antivirus) or hardware-based (e. g., firewalls). Firewall is a type of gateway that controls incoming and outgoing network connections and allows only certain kinds of data to enter or leave a computer.Term
Intrusion Detection System (IDS)Intrusion detection system (IDS) is a network security device that monitors computer networks for unauthorized activity. An IDS can detect intrusions at various stages of their life cycle. Intrusions are detected using different methods including signature matching, anomaly detection, protocol analysis, host-based monitoring, and misuse prevention.Term
Intrusion Prevention System (IPS)Intrusion prevention system (IPS) is a network security device that monitors traffic entering or leaving a protected area. An IPS can detect and block unauthorized access attempts to a computer network.Term
Internet Service Provider (ISP)Internet Service Provider (ISP) is a company that provides access to the internet. ISPs are often referred to as broadband providers. There are many different types of ISP's including cable companies, satellite companies, DSL providers, wireless carriers, etc.Term
Virtual Private Network (VPN)A virtual private network (VPN) is a secure connection between two devices that allows them to communicate securely over a public network. A VPN creates a secure tunnel through the internet from your computer to a remote server allowing you to access resources on the other side of the internet without being exposed to hackers.Term
Domain NameDomain names are used to identify Internet resources, such as websites, computer servers, and other services that are connected to the Internet. A domain name consists of a series of characters that identifies a server's IP address. Domain names are organized into various top-level domains (TLDs), including.com,.net,.org, and many others.Term
Dynamic Host Configuration Protocol (DHCP)This protocol allows your computer to automatically obtain IP addresses from a central server. DHCP is used to assign IP addresses to computers that are connected to a network.Term
IP AddressAn IP address is a unique identifier that identifies each device connected to the internet. Every device has its own IP address, which allows computers to communicate with each other over the internet. An IP address consists of four numbers separated by dots (e.g., 192.168.1.1). Each number represents a different section of the network. The first three sections are called octets. Octet 1 is the network ID, octet 2 is the subnet mask, and octet 3 is the host ID.Term
BotnetsBotnets are networks of infected computers that are used to control other computers remotely. They can be used to perform any number of malicious activities, including sending spam email, stealing data, launching denial-of-service attacks, and even committing credit card fraud.
Denial of ServiceDenial of Service (DoS) attacks are a type of cyber attack that involves flooding a target computer system with requests from multiple sources until it becomes overwhelmed and either crashes or slows down to a crawl. This can cause significant damage to the targeted network.Attack
Distributed Denial-of-Service (DDoS)Distributed Denial-of-Service (DDoS) attacks involve sending malicious traffic from many different computers at once. This makes them harder to detect and stop than single-source DoS attacks.Attack
PhishingPhishing is a type of social engineering that involves sending emails to people pretending to be someone else (the “victim”) asking them to perform some action on their behalf. This can include requesting personal information like usernames, passwords, credit card details, etc.Attack
Social EngineeringSocial Engineering is the act of manipulating people into doing things they normally wouldn't do. This can either be done through deception or manipulation. Social engineering is used in many different ways, but some common examples are phishing (faking emails), phone scams, and even physical attacks. In this video we discuss how social engineering is being used today by hackers around the world to gain access to sensitive data and systems. We then explore the different ways that social engineering can be used to manipulate people.Attack
EncryptionEncryption is the process of converting data into a form that can only be read by those who have access to a specific code or key. This is done through the use of mathematical algorithms.Term
HashingHashing is the act of using a computer program to create a unique hash code from a string of text. This hash code can then be used to identify that same string of text later on. Hashing is typically used to make sure that two different strings are not identical.
ClickjackingClickjacking is a type of attack that involves tricking users into clicking on links/buttons that take them to malicious websites. This can happen if the user is tricked into thinking they are visiting a legitimate website but instead end up at a phishing site where their personal information is stolen.Vulnerability
Dark WebThe Dark Web is a hidden section of the internet that requires special software to access. This area of the web is used primarily for illegal activities such as buying and selling drugs, weapons, counterfeit goods, hacking into private databases, and other criminal activity.
DarknetDarknet is a term used to describe the hidden parts of the internet that are not indexed by search engines. These websites can be accessed through Tor (The Onion Router) browser, which allows users to browse anonymously. Darknet markets have been around since before Bitcoin was even created. They offer everything from drugs, weapons, stolen credit card details, and other illicit goods and services.
BitcoinBitcoin is a cryptocurrency that was created in 2008 by Satoshi Nakamoto. It uses peer-to-peer technology to facilitate instant payments. The total supply of Bitcoins is capped at 21 million coins, though this limit can change over time. Bitcoin offers low transaction fees, minimal volatility and allows users to send money across the world without borders or intermediaries.
NiktoNikto is a free online scanner that checks your server for vulnerabilities like SQL injection, directory traversal, cross-site scripting (XSS), file inclusion, remote code execution, etc. Nikto can scan both Apache and IIS web servers.Tool
Active DirectoryActive Directory (AD) is a Microsoft technology that provides centralized management of user accounts and resources across multiple devices and platforms. AD allows users to access their network resources from any device, anywhere at any time.
Dex2JarDEX2JAR is a free online tool that allows users to convert their favourite files into jar archives. This can be done manually or automatically using batch conversion scripts.Tool
BluestacksBluestacks is a free app that allows you to run android apps on your windows pc.Tool
nampNmap is a free open-source utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on your network, what services (application name and version) they are offering, what operating systems and OS versions they are running, and what type of packet filters/firewalls are in use at their perimeter.Tool
CoverityCoverity is a software testing tool that helps developers identify potential vulnerabilities in their code before they are released into production. Coverity uses static analysis techniques to detect coding errors, including memory leaks, buffer overflows, race conditions, and other common programming mistakes.Tool