Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Windows Server Netlogon Exploit Code Publicly Exposed

Windows Server Netlogon Exploit Code Publicly Exposed
Read more...

Evilnum hackers targeting financial firms with a new Python-based RAT

Evilnum hackers targeting financial firms with a new Python-based RAT
Read more...

Try challenges


Register & Join The Game

Break It

Welcome to Exploit Zone


Become a ninja in the shadow !

News
  • Welcome To Exploit Zone
  • The kingdom of knowledge sharing in hacking
  • New Updates ! Stay Tunned !
  • Share your knowledge here !
  • unlash your power on our challenges !
  • Become a ninja in the Shadow !

Ichinose

Redactor
  • Content Count

    150
  • Joined

  • Last visited

  • Days Won

    47
  • Points

    409,009 [ Donate ]

Ichinose last won the day on September 9

Ichinose had the most liked content!

Community Reputation

103 Excellent

1 Follower

About Ichinose

  • Rank
    Sensei 〽️
  • Birthday 07/23/2019

Register Information

  • Birth date
    07/23/00
  • Experience in years
    2
  • Your ambitions
    Became CyberSecurity Expert
  • Your Favorite domains
    Python / C / C++ / x86_ASM / HTML / CSS / PHP / SQL / DLL modding

Recent Profile Visitors

1959 profile views
  1. Hacker's vocabulary When it comes to hacking, a lot of terms are used, and you need to understand them so here is a 20 list a main terms and some other useful ones that may be useful If yours not a beginner in hacking you can skip to the useful ones maybe you'll learn something. Summary: The Main ones 1. Phishing Phishing is one of the most common hacking terminology used by security people. Phishing is a technique which tricks users into revealing sensitive information (like usernames, passwords, or credit card details) to seemingly benign sources. A phisher disguises as a trustworthy entity and contacts potential victims asking them to reveal information. This could be further used for malicious intent. For example, a phisher may pose as a bank and ask for a user’s bank account credentials via e-mail. Or he could trick you to click on a fraudulent link. Phishing is a type of social engineering. 2. Malware You daily hear websites getting infected with malware attacks, so let’s learn more about this hacking terminology. Malware is a software program designed by hackers to hijack computer systems or steal sensitive information from a device. These go by various names like viruses, adware, spyware, keyloggers, etc. A malware program can get transferred to a system via various means like USB, hard drive, or spam. 3. Ransomware One of the most searched hacking terminology of 2017. Ransomware is a form of malware which locks a user out of his own system and cuts access to his/her files. A ransom message is displayed that instructs how much and where to send payment, usually requested in bitcoin, in order to get your files back. Such attacks affect not only individuals but banks, hospitals, and online businesses. A very recent example of such ransomware is the Petya ransomware attack which recently took the businesses worldwide by a storm. 4. Spoofing E-mail and IP spoofing are few common hack techniques encountered by users worldwide. E-mail spoofing involves altering the header of an e-mail to make it look legit. For instance, a black hat hacker can make an e-mail look as if it has appeared from your bank or any other source you may trust. On the other hand, IP spoofing refers to an illegitimate packet sent to a computer with an altered IP appearing to be a trusted host. This is carried out with the hope that the packet would be accepted that will allow the sender access to the target machine. 5. Encryption Encryption is a process of encoding a message or information to make it unreadable and secretive. This ensures that the concerned information is concealed only to the authorized parties. Often, encryption is employed by hackers to extort money by unleashing ransomware on computer systems, thus locking out victims and encrypting their files. The decryption key is provided only when a certain ransom is paid. 6. Adware Adware is typically a software which acts as spyware to track a user’s browsing activities covertly. It then generates advertisements based on the user’s browsing history. Some adware is maliciously designed to pop up ads with a frequency ultimately slowing down your system. It can collect your personal information, browsing history, and provide inputs for further phishing attacks. This hacking terminology is common in the marketing world. Google shows a warning when visitors visit such a deceptive website because of Social engineering content. 7. Zero Day threat A zero-day threat refers to a threat which is undocumented and hence hidden from any antivirus scanner installed on the system. This kind of flaw is inherent in anti-virus scanners, making it oblivious to developers who built antivirus functionalities based on knowledge of these vulnerabilities. Such vulnerabilities are exploited through different vectors, popularly web browsers, and malicious attachments via e-mails. 8. Brute Force Attack Another commonly hacking terminology to get bypass the login pages. Brute Force, aka Exhaustive key search, is a trial and error method to decrypt data such as passwords, Data Encryption Standard (DES) keys, or other encrypted information. This method is widely used to crack passwords to admin accounts, which in turn can be used to steal information and documents of paramount importance. 9. HTTPS/SSL/TLS Highly searched hacking terminology of 2018 when Google Chrome announced that it will give warning to users who are visiting HTTP using websites. HTTPS, which stands for Hypertext Transfer Protocol with the “S” for “Secure”, is a basic framework that controls how data is transferred across the web. This protocol adds a layer of encryption to provide you with secure daily browsing—your bank, your email provider, and social network. SSL and TLS are protocols used by HTTPS to provide an added identity proof to your website. It is advised to avoid browsing the website using HTTP and enter any passwords or credit card detail on it. 10. Bot A bot is a software robot that runs automated tasks (scripts) over the Internet. Many search engines like Google and Bing employ bots, also called spiders, to scan websites and index them for purpose of ranking them according to returns on search queries. But when these bots are used by hackers, they can be programmed to perform malicious tasks, as well as introduce malware into the system. Learn more about bad bots. 11. Botnets A botnet refers to a network of bots controlled by a black hat. Applications of botnets include the launch of DDoS (Distributed Denial of Service), steal data, send spam, and allow the attacker access to the device and its connection. A swarm of botnets not only help cover the black hat’s tracks but raise the intensity of the attack by attacking in a coordinated effort. 12. Distributed Denial of Service Attack (DDOS) This hacking terminology is highly common among hackers and is a major concern for website owners and developers. A DDoS attack is carried out with the aid of zombies or botnets controlled by black hats. By programming the botnets, the black hats command them to send data packets to the targeted web server from multiple systems. This floods the target server thereby slowing down or even crashing and shutting down the server thereby disrupting any activity. All the while the user of the server is oblivious to the attack. Some of the most notoriously known attacks discovered lately were the Rio Olympics DDoS which lasted for months, Russian banks Sberbank and Alfabank which were attacked by a botnet consisting of at least 24,000 computers located in over 30 countries, and the US presidential elections campaign attacks. 13. Firewall A firewall is a network security system, which continuously monitors incoming and outgoing network traffic, and blocks out any untrusted sources to ensure safe communications. A firewall can be both hardware and software-based. A well designed and implemented firewall continuously monitors for malicious inputs, however, black hats strive to circumvent them. As a result, firewalls are continuously being updated, adjusted, or replaced with new security measures over time. 14. Payload Essentially, a payload is a cargo of transmitted data over a network. However, in black hat hacking terminology, a payload refers to the part of the virus that performs malicious actions, such as compromising data, destroy information, or hijacking the computer system. 15. White hat While black hat hackers are notoriously known for performing destructive activities online, white hat hackers are ethical hackers who use their skills to expose loopholes in security measures for organizations/companies before black hats exploit them. 16. Rootkit Rootkits are one of the scariest methods to perform a cyber intrusion mostly because it goes undetected. Give a black hat a rootkit and he would perform the perfect heist. A rootkit is a malware program which can be installed on a system through various means. Just like a virus, a rootkit can be injected via e-mails, unauthenticated websites, infected hard drives, etc. Once injected, a black hat can exploit unhindered access to remote applications as per his/her need. What makes it even more lethal is its ability to function at the low system level so as to erase its tracks and go undetected for a long time. Once introduced into a system, its activity is extremely hard to detect even by skilled IT security professionals. It’s like the holy grail of hacking. 17. RAT Remote Access Tool or Remote Access Trojan (RAT) is a form of malware which can be operated by even an unskilled hacker. Once a RAT is installed on your system, the attacker gains complete control of the system. While RAT can be used for legitimate purposes, like when a user wants to access his home computer from another location, it is largely used for illegitimate reasons. 18. SPAM This hacking terminology is commonly associated with e-mails. Spam is unsolicited emails, often used to spread advertisements via e-mails. Often, spammers collect a huge database of e-mails and randomly send them emails to promote products. However, spams can also be used to introduce malware into systems through phishing or directing to unauthenticated websites. The best practice is to delete spam as soon as you receive one, or make use of a spam filter. 19. Worm Similar to a virus, a worm is a destructive self-contained program which can self-replicate. A worm doesn’t need to be a part of a program, but instead, it can transfer itself to multiple systems on a network without user intervention. A self-replicating worm can consume hordes of memory and bandwidth while drastically reducing the speed of your system. If not removed timely, it can become devastating. 20. Cloaking Hackers often use Cloaking to present different content or URLs to human users and search engines, thereby cloaking them under legitimate-looking web material. Hackers use dynamic scripts and .htaccess rules to hide their tracks by returning a 404 or 500 error code to certain IP addresses or browsers while serving spam to other IP addresses or browsers. Google generally suspend your ads if they notice cloaking on your website. Check our detailed blog on how to reactivate disapproved ads. Then some useful ones Key In secure, encrypted systems sometimes the same key—usually a string of letters and numbers—locks and unlocks your data. And sometimes the sender and recipient have different keys, which makes life even safer. Protect any keys that unlock important data: If your enemies find the key, you’re doomed. MITM / Man in the middle Someone who secretly hacks their way into communications between people or computers. The man in the middle can extract data from the traffic—or even insert their own data, so their targets hear what they want them to hear. Junk packets If a hacker wants to take a large website offline quickly, they might send it an enormous amount of junk packets. They are simple internet connection requests, like those sent by everyday users, except sent rapidly in great numbers at once, which will eventually crash the target—like trying to fit thousands of people into a revolving door. Doxing If you want information on someone, you need to get their documents. Their docs. That’s doxing. Only now it’s not just docs. It’s anything online: social accounts, images, personal data. It might take you a while, cross-referencing accounts and usernames, but it’s probably your only chance of discovering your target’s real identity. Operational Security (OpSec) If you want to hold onto your secrets and identity, you’ll need good OpSec. That means hiding your IP address, not leaking any personal information, and keeping all your conversations private and not logged. Script kiddy If you’re a seasoned hacker, you look down on anyone who can’t create hacking code from scratch, and needs to borrow other people’s scripts and tools. You call them script kiddies. Shell A shell? More like a seed. This is a piece of code hackers plant on a website that gives them access whenever they want it. Once they’re in, they can start changing things in the network—and open up even more access. BackDoor A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation. Sometimes crackers will create their own back door to a system by using a virus or a Trojan to set it up, thereby allowing them future access at their leisure. Cookies A cookie is a small packet of information from a visited webserver stored on your system by your computer’s browser. It is designed to store personalized information in order to customize your next visit. For instance, if you visit a site with forms to fill out on each visit, that information can be stored on your system as a cookie so you don’t have to go through the process of filling out the forms each time you visit. Dumpster Diving The act of rummaging through the trash of an individual or business to gather information that could be useful for a cyber criminal to gain access to a system or attain personal information to aid them in identity theft or system intrusion. One person’s garbage can indeed be a cyber criminal’s treasure. Logic Bomb A logic bomb is a malicious program designed to execute when a certain criterion is met. A time bomb could be considered a logic bomb because when the target time or date is reached, it executes. But logic bombs can be much more complex. They can be designed to execute when a certain file is accessed, or when a certain key combination is pressed, or through the passing of any other event or task that is possible to be tracked on a computer. Until the trigger event the logic bomb was designed for passes, it will simply remain dormant. Phreaker Considered the original computer hackers, phreakers, or phone phreakers, hit the scene in the 60s and made their mark by circumventing telecommunications security systems to place calls, including long distance, for free. By using electronic recording devices, or even simply creating tones with a whistle, phreakers tricked the systems into thinking it was a valid call. One of the first to find prominence was “Captain Crunch,” a phreaker who realized the toy whistle that came as a prize in a box of Captain Crunch cereal could be used to mimic the tone frequencies used by telecommunications companies to validate and route calls. Polymorphic Virus A polymorphic virus is a virus that will change its digital footprint every time it replicates. Antivirus software relies on a constantly updated and evolving database of virus signatures to detect any virus that may have infected a system. By changing its signature upon replication, a polymorphic virus may elude antivirus software, making it very hard to eradicate. Wardriving Wardriving is the act of driving around in a vehicle with the purpose of finding an open, unsecured Wi-Fi wireless network. Many times, the range of a wireless network will exceed the perimeter of a building and create zones in public places that can be exploited to gain entry to the network. Black hats, and even gray hats, will often use a GPS system to make maps of exploitable zones so they can be used at a later time or passed on to others. Wardriving is not the only way this task is performed - there are Warbikers and Warwalkers too. As you can see, it is imperative that your WiFi network is secure because there are entities out there looking for any opening to ply their trade. Zombie / Zombie Drone A zombie is a malware program that can be used by a black hat cracker to remotely take control of a system so it can be used as a zombie drone for further attacks, like spam emails or Denial of Service attacks, without a user’s knowledge. This helps cover the black hat’s tracks and increases the magnitude of their activities by using your resources for their own devious purposes. Rarely will the user infected with a zombie even know it’s there, as zombies are normally benign and non-destructive in and of themselves. Zombies can be introduced to a system by simply opening an infected email attachment, but most often they are received through non-mainstream sites like file sharing sites, chat groups, adult websites and online casinos that force you to download their media player to have access to the content on their site, using the installed player itself as the delivery mechanism. If you have any request ask them down below i'll explain it / add it to the vocabulary list
  2. Ichinose approved the submission
  3. Ichinose approved the submission
  4. Ichinose approved the submission
  5. Ichinose approved the submission
  6. Ichinose approved the submission
  7. Ichinose approved the submission
  8. Ichinose approved the submission
  9. hey welcome, check the rules and accept them to be validated and become member ^^
  10. Ichinose approved the submission
  11. Ichinose denied the submission
  12. Ichinose approved the submission
  13. Ichinose approved the submission
  14. Ichinose approved the submission
  15. Ichinose approved the submission
×
×
  • Create New...