Scribd
Upload
5 views5 pages

Cs Easy

quick view of cyber security terms

Uploaded by

ritu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5 views5 pages

Cs Easy

quick view of cyber security terms

Uploaded by

ritu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Key Concepts

• CIA Triad: Confedientiality, Integrity, Availability - core principles of


cybersecurity.

• Firewall: A network security tool can be both a hardware and a software, that
monitors and controls incoming/outgoing traffic.

• Phishing: Fradulent attempts to obtain sensitive information. It is considered to


be a social engineering attack which tricks the target to give their confidential
information.

• Malware: An umbrella term that icludes viruses, worms, ransomware, spyware.

• DDos attack: Overloading a srever to disrupt its functionality.(flooding attack)

• Zero-Day exploit: Exploiting unknown vulnerabilities in software.

• Botnet: A botnet is a network of infected computers (called bots or zombies)


that are controlled remotely by a hacker (called a botmaster).

• Black hat: A hacker who violates computer security for their own personal
profit. The hacking done by black hat hacker is in many cases with malicious
intent and in all cases without permission.

• White hat: A white hat hacker or ethical hacker uses hacking skills to identify
security vulnerabilities in hardware, software or networks.

• Cyber Attack: An attempt to compromise the protected system. Goals of cyber


attacks depend on the attackers mindset and can range from simple information
gathering to damaging the critical infrastructure and data.
• Data Breach: Unwanted disclosure or access to confidential information.

• Data Theft; Act of intentionally stealing data. Data theft can happen through
physical theft or through data leakage.

• Honeypot: A puposefully vulnerable system used for trapping Black Hat hackers.
It is a false system made as a decoy for the hacker to fall for.

• IDS (Intrusion Detection System): An IDS is a monitoring system that detects


suspicious activities and generates alerts when they are detected.

• IPS (Intusion Prevention System): This system takes the action to block and
prevent the malicious activity, once it is discovered.

• Packet sniffing: Collecting/Capturing packets off of a data network


communication.

• Penetration Testing: Security evaluation in which the pen-tester performs


various checks and scans with various tools in order to discover a bug or
vulnerability in the system.

• Sandboxing: The act of isolating a system or an application in order to perform


testing.

• VPN: Virtual Private Network is a communication link between systems which is


encrypted in order to provide a more secure and private communication.
Essential Tools
• Antivirus software: Detects and removes malcious software.

Vulnerability Scanning Tool:


• OpenVAS: Vulnerability Scanning tool.Open Vulnerability Assessment Scanner)

• Metasploit: Penetration testing framework.

Network Vulnerability Scanning Tool


• Nmap (Network Mapper): Network scanning and security auditing. It offers
many different options from running basic port scans to running more advance
software versions and operating system scans. It can be used. as a vulnerability
scanner with the help of scripts.

• THC-Amap, developed by The Hacker's Choice (THC), is a scanning tool


designed to identify applications running on specific ports, even when they
operate on non-standard ports

• Netcat (nc) - The Swiss Army Knife of Networking


Netcat (nc) is a command-line networking tool used for:
Port scanning
Banner grabbing (identifying running services)

File transfer
Chat communication
Reverse & bind shells (for penetration testing)

It is widely used by network administrators, security researchers, and


ethical hackers for debugging and penetration testing.

• Socat - The Advanced Netcat Alternative. Socat (Socket CAT) is a powerful


command-line networking tool that extends Netcat’s capabilities by supporting
multiple connection types, including TCP, UDP, SSL, IPv6, and UNIX domain
sockets.
Port and Service Tools
• Datapipe: It is associated with data streaming or pipeline processing. It is no
longer a standalone tool.

• FPipe: A source port forwarder/redirector. It is often used for tunneling and port
forwarding.

• WinRelay: A network relay tool for Windows that allows redirecting TCP/UDP
traffic.

Network Sniffer and Injection Tools


• Wireshark: Free and opensource Network packet analyzer. Most often used
packet sniffer in the world.

• Tcpdump: Packet sniffer tool. It heps in monitoring and logging TCP/IP traffic
that is shared over a network. Preinstalled on most Linux systems.

• WinDump: It is the Windows equivalent of tcpdump, a powerful command-line


network packet analyzer. It allows you to capture and analyze network traffic in
real time on Windows systems.

• Ettercap: It is a powerful network security tool used for packet sniffing,


network protocol analysis, and Man-in-the-Middle (MitM) attacks. It works
on Linux, macOS, and Windows and supports both active and passive network
monitoring.

• hping: It is a command-line tool used for crafting and analyzing TCP/IP packets.
It's commonly used for network security testing, firewall auditing, and
penetration testing. Unlike standard ping, which only sends ICMP Echo
requests, hpingcan send TCP, UDP, and ICMP packets with custom parameters.

• Kismet: It is widely used by security professionals, penetration testers, and


network administrators to monitor wireless networks, detect unauthorized access
points, and analyze Wi-Fi traffic. It works with Wi-Fi (802.11), Bluetooth, SDR
(Software-Defined Radio), and even some drones.

You might also like