Enhance Your Learning with Ethical Hacking Flash Cards for quick learning
The practice of intentionally penetrating computer systems, networks, or applications to identify vulnerabilities and improve security measures.
The process of gathering information about a target system or network to identify potential entry points and vulnerabilities.
The act of actively probing a target system or network to discover open ports, services, and potential vulnerabilities.
The process of extracting information about a target system or network, such as user accounts, shares, and system configurations.
The process of identifying and evaluating vulnerabilities in a system or network to determine potential risks and prioritize remediation efforts.
The process of gaining unauthorized access to a target system or network, often involving password cracking, privilege escalation, and backdoor installation.
Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems or networks, including viruses, worms, Trojans, and ransomware.
The act of intercepting and capturing network traffic to gather sensitive information, such as usernames, passwords, and confidential data.
The manipulation of individuals to disclose sensitive information or perform actions that may compromise the security of a system or network.
An attack that aims to disrupt the availability of a system or network by overwhelming it with a flood of illegitimate requests or excessive traffic.
The act of intercepting and taking control of a user's session on a target system or network, allowing the attacker to impersonate the user.
Techniques used to bypass or circumvent intrusion detection systems (IDS), firewalls, and honeypots to avoid detection and maintain access.
The process of identifying and exploiting vulnerabilities in web applications to gain unauthorized access, manipulate data, or perform malicious actions.
A code injection technique used to exploit vulnerabilities in a web application's database layer, allowing unauthorized access or manipulation of data.
The process of gaining unauthorized access to wireless networks, often involving the interception of wireless traffic, cracking encryption, or exploiting vulnerabilities.
The process of exploiting vulnerabilities in mobile operating systems, applications, or devices to gain unauthorized access or control.
The process of exploiting vulnerabilities in Internet of Things (IoT) devices, such as smart home devices or industrial control systems, to gain unauthorized access or control.
The protection of data, applications, and infrastructure in cloud computing environments, addressing unique security challenges and ensuring privacy and compliance.
The practice of secure communication in the presence of adversaries, involving encryption, decryption, and various cryptographic algorithms and protocols.
The process of assessing the security of a system or network by simulating real-world attacks to identify vulnerabilities and recommend remediation measures.
A network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules.
A security system that monitors network traffic for suspicious activities or patterns that may indicate an ongoing or potential security breach.
The process of converting plaintext into ciphertext to protect sensitive information from unauthorized access or disclosure.
An attack method that involves systematically trying all possible combinations of passwords or encryption keys until the correct one is found.
A social engineering attack that involves tricking individuals into revealing sensitive information, such as passwords or credit card details, by impersonating a trustworthy entity.
A security measure that requires users to provide two different forms of identification, typically a password and a unique code sent to their mobile device, to access a system or account.
The process of examining and understanding the behavior, characteristics, and impact of malware to develop effective detection and mitigation strategies.
A framework used for creating and executing social engineering attacks, providing a wide range of attack vectors and techniques.
A secure network connection that allows users to access a private network over a public network, encrypting data and ensuring privacy and anonymity.
A type of malware or hardware device that records keystrokes, capturing sensitive information such as passwords, credit card numbers, or personal messages.
A type of malware that provides unauthorized access to a computer system or network while hiding its presence and activities from detection.
A software vulnerability that occurs when a program or process tries to store more data in a buffer than it can hold, leading to memory corruption and potential exploitation.
A vulnerability or software flaw that is unknown to the software vendor or security community, allowing attackers to exploit it before a patch or fix is available.
An attack where an attacker intercepts and relays communication between two parties without their knowledge, allowing the attacker to eavesdrop, modify, or inject malicious content.
A web application vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to session hijacking or data theft.
A web application vulnerability that allows attackers to trick authenticated users into performing unwanted actions without their consent or knowledge.
The process of recovering passwords from stored or transmitted data, often using techniques such as brute force, dictionary attacks, or rainbow tables.
The act of intercepting and capturing network traffic to gather sensitive information, such as usernames, passwords, and confidential data.