Glossary¶
- Address Resolution Protocol (ARP)
A network protocol used to determine the hardware (MAC) address of a device associated with a specified IP address. It is used when a device wants to communicate with another device on the local network. The sending device uses ARP to translate an IP address into a MAC address, enabling it to communicate directly with the device. ARP requests can be seen by all devices on a network.
- bind shell
A piece of software that provides a remote attacker with command-line access to a target system by opening a port on the target system to which the attacker’s system can connect. Similar to a reverse shell.
- Capture the Flag (CTF)
A game in which hackers attempt to penetrate a specially-designed target system or network. CTFs are a good way to legally practice hacking skills and gain recognition in the hacker community.
- enumeration
The process of collecting useful information about a target, such as open ports, software version numbers, etc.
- exploit
A piece of software that takes advantage of a vulnerability to compromise a computer system or network.
The act of using such software against a target.
- Google Dork / * Dork
A syntactical search recipe enabling users to discover specific information online, such as vulnerable systems or private data.
- Google-Fu
The ability to effectively employ search engines to obtain useful information.
- hack
To write (software) or modify (software or hardware) in a clever or skillful way.
To gain unauthorized access to computer files, systems, and/or networks.
A clever or skillfully-crafted piece of software or hardware, or a clever or skillful technique.
- hacker
An expert or enthusiast of any kind.
One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.
A person who uses technology to gain unauthorized access to computer files, systems, and/or networks.
- hacking
Writing software.
Gaining unauthorized access to data, systems, or networks.
Finding clever or creative solutions to problems.
Splitting something with an axe.
Doing whatever hackers do.
- hacktivism
Using hacking techniques and skills to gain unauthorized access to computer files, systems, and/or networks, in order to further social or political ends.
- malware
Software designed to disrupt, damage, or gain unauthorized access to computer systems.
- Open-Source Intelligence (OSINT)
Data collected from publicly available sources to be used in an intelligence context.
- payload
A piece of software included in an exploit, designed to perform a specific task on the target system, such as creating a bind shell or reverse shell.
- penetration test / pentest
The use of adversarial tactics to simulate an attack against systems, networks, individuals or groups, with the intent of revealing and mitigating vulnerabilities.
- penetration tester / pentester
Someone who conducts penetration tests.
- port
A communication endpoint through which software can communicate between different systems on a network.
- Remote-Access Trojan (RAT)
A malware program used by intruders to remotely control target systems.
- Remote Code Execution (RCE) Vulnerability
A flaw in a piece of software which allows attackers to run arbitrary commands or code on a target machine across a network connection.
- report
In the context of a penetration test, a written document containing vulnerabilities, exploits, mitigation and advice, created by the penetration tester for the client.
- reverse shell
A piece of software that provides a remote attacker with command-line access to a target system by connecting to a port on the attacker’s system which was opened for this purpose. Similar to a bind shell.
- scope
The systems, locations, techniques and tools which can be used in a specific penetration test.
- script kiddie / skid
An unskilled individual who uses other people’s tools and exploits without attempting to understand how or why they work.
- shell script
A text file that contains a sequence of commands for a Unix-based operating system.
- vulnerability
A weakness in a system, network, or other entity, which makes the entity open to abuse or attack.