Cyber Security Threats FAQ/Glossary

Tutorials and guides for Plazma Burst and community features.

Cyber Security Threats FAQ/Glossary

Postby ZapruderFilm » 10 October 2016, 01:38

Hey guys, gonna be going over some basic knowledge of what some of these fancier words people use to describe hackers mean, because not everyone knows. It is recommended you read my other tutorials/FAQ's first.

Also, should these topics be against the rules to discuss, please notify me and remove this content immediately. I will not be showing anyone how to do any of these things, and I am careful to be vague.

What is a DDoS attack?

A Distributed Denial of Service attack, is an attack where powerful servers, or many devices, send requests to an IP address at extremely high rates, resulting in lag or complete server overload (going offline) occurs.

What is a DoS attack?

It is the same as above, except the requests only come from one device.

What is a DoX?

A DoX is a compilation of personal or sensitive information about a person that is acquired through the internet, or indirectly through the internet. (IE, you find a person's phone number, then call them and social engineer them into giving more information about the target.) The word derives from microsoft's file extension, .docx files, because you have 'documented' the person, or have their documents, or whatever. You get what I mean.

What is a RAT?


A RAT, or Remote Access Trojan, is a virus that controls most every aspect of a person's computer when installed. Literally everything is recorded that is possible, including keylogs, files, passwords, other things.

What is malware?

Malicious code running on a machine. A virus, essentially. RAT's, botnet stubs, etc.. All classify as malware.

What is a stub?

Most malware have central programs that run to control the people they infect. These programs also generate the malware to execute on other computers. The file these programs generate is often referred to as a stub.

What is a phishing scam/page?

A phishing page/scam is where a webpage that is the exact same as another websites login/information page is formed, and is used to trick user's into thinking they are on a trusted website, then when they enter their credentials, they are recorded and used for later.

What is MySQL injection?

MySQL injection or SQLi, is the use of code injection to inject code into a database to gain access to it, and after access is gained, the database (Usually containing sensitive informaiton such as password hashes and IP addresses amongst other things.) Is dumped and collected.

What is bruteforcing?

Bruteforcing is the use of an automated system to attempt to enter information onto a form repeatedly, or to replicate a hashing process repeatedly, to hopefully guess the correct credentials for the form/hash. These use combolists, dictionaries, and many other systems to properly guess passwords.

What's a combolist?

A combolist is a list in the format email:password, that is harvested from leaked databases then tested on other websites.

What is an IP Logger?

An IP logger is a website that records your IP when you visit it, and that is the only purpose - To gain your IP address.

What is a botnet?

A botnet is a network of infected devices with malware that contacts a central server for commands on how to control the infected devices. These are often used to direct DDoS attacks.

What is a RATnet?

Same as a botnet except that is focuses on computers, usually of the Windows or Mac OSX operating systems, and it collects much more information.

What is a ponzi scheme?

A ponzi scheme is a scam where it requires small investments, promising returns. When you invest, your money is used to pay the previous investor, until the scam director hits it big, or gets enough money to opt out, and then the people who didn't get paid are left cashless.

What is a USB-Spreader?

A USB spreader is malware typically packaged with a RATnet or other malware, that spreds itself to any USB connected to the computer, so that it can infect the next computer it reaches.

What is a doc exploit?

A doc exploit is code that abuses microsoft word to execute code (RATs/Other malware.)

What is a PDF exploit?

A PDF exploit is an exploit that uses the javascript capabilities of PDFs to execute code. (RATs/Other Malware.) Very outdated and not often used because only work on PDF readers versions 9.0 and lower.

What is a Silent .doc exploit?

It is a variant of doc exploit where no user prompt is required to execute the code. Usually these exploits are very specific to word versions.

What are macro exploits?

Macro exploits are exploits designed for Microsoft Office programs that require a prompt to enable macros, and once enabled, execute code on the machine.

What is a Java Driveby?

A java driveby is a .jar file uploaded to a website, that older browsers that are vulnerable to these exploits attempt to open, and the .jar runs, downloads, then executes a specified code. (RATs/Other Malware) Heavily outdated, especially since the discontinuation of java in Chrome.

What is a rootkit?

A rootkit is malware that forces itself harder into your system to higher levels, such as above the conventional user level, so it cannot be removed. There are multiple types and isn't necessary for understanding but more research can be done on your own.

What is an exploitkit?

An exploit kit is a series of scripts uploaded online, then have traffic directed to them. This traffic is then calculated to be vulnerable to a series of compiled and stored exploits. Once it finds a couple or one vulnerable to that computer, it sends them to where they are stored, and the code is attempted to be executed. Used for the mass spread of malware.

What is FUD?

FUD means fully-undetectable, it refers to a viruses detection rate when uploaded to a virus scanning website such as virustotal.com

What is UD?

It is the same as FUD, except some anti-virus programs to detect it, just not many.

What is a MitM attack?

It's an attack where a device injects itself between another device and the internet, then intercepts all data before passing it on to the internet, but records information without consent from the device. It occurs mostly on local networks. These attacks cannot intercept HTTPS data as it is encrypted. http is still vulnerable, though. The attack stands for 'Man in the Middle' attack.

What is a Peer to Peer/P2P connection?

It's a connection where devices directly contact each other's IP addresses, rather than one central server, where the server communicates for them. Skype used to be P2P, but is no longer that way. PB2 does not have this. P2P connections can be used to get the IP addresses of others.

Please feel free to ask me to explain any words or concepts and I will add them to OP. Enjoy.

ZapruderFilm
Android T-01187 [200]
 
Posts: 238
Joined: 26 August 2016, 21:00
Location: USA

Re: Cyber Security Threats FAQ/Glossary

Postby Charlie 5 Lives » 10 October 2016, 10:09

Holy crap, this is really detailed, just like your other post on IP Addresses.

Thank you for this, mate. I didn't even know about MitM attacks until now.
User avatar
Charlie 5 Lives
Cyber Grub [25]
 
Posts: 27
Joined: 18 February 2014, 05:11

Re: Cyber Security Threats FAQ/Glossary

Postby ZapruderFilm » 12 October 2016, 03:32

Much obliged, but due to lack of interest/support or whatever, I think this is gonna be my last post/Update in Cybersecurity tutorials until I receive specific requests for others.

ZapruderFilm
Android T-01187 [200]
 
Posts: 238
Joined: 26 August 2016, 21:00
Location: USA


Return to Tutorials

Who is online

Users browsing this forum: No registered users



cron