Glossary of hacking terms
A
B
Bluejacking
Bluejacking is an attack that uses Bluetooth to spam mobile devices with annoying and unwanted messages.
Bluesnarfing
Bluesnarfing is a hacking technique that exploits Bluetooth connections to snatch data from a mobile devices.
Bluesmacking
Bluesmacking is an DOS attack that uses Bluetooth to spam mobile devices by flooding a large number of echo packets.
C
CVE
Common Vulnerabilities and Exposures (CVE) is a standardized list of vulnerabilities and security risk
CWE
Common Weakness Enumeration (CWE) is a collection of standardized names and descriptions for common software weaknesses.
D
E
F
Fuzzing
Fuzzing is usually an automated process of entering random data into a program and analyzing the results to find potentially exploitable errors.
G
H
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) is a US law from 1996 that regulates security and data protection in connection with protected patient data and patient access to medical data records.
I
IaaS
Infrastructure as a Service (IaaS) is the on-demand availability of highly scalable computing resources as a service via the Internet
IANA
IANA, short for Internet Assigned Numbers Authority, coordinate the Internet's globally unique identifiers, and are provided by Public Technical Identifiers, an affiliate of ICANN.
IETF
The Internet Engineering Task Force (IETF) is the premier standards development organization (SDO) for the Internet.
J
K
L
M
MDM
Mobile-Device-Management (MDM) is a management software, which monitors the BYOD (Bring Your Own Device) devices.
MSA
The Microsoft account (MSA) consumer signing key is typically used to cryptographically sign into a Microsoft consumer application or service such as Outlook.com or OneDrive.
N
NDA
A non-disclosure agreement (NDA) is a contract in which various contracting parties undertake to treat all information as strictly confidential and to protect business secrets.
NVD
The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP).
O
OSINT
Open Source Intelligence (OSTINT) refers to the gathering of publicly available informations.
P
PaaS
Platform as a Service (PaaS) is a cloud infrastructure layer that provides resources for creating tools and applications at user level.
PCI DSS
The PCI Security Standards Council (PCI SSC) is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide.
Ping of death
A ping of death is a special DoS attack with the aim of crashing the attacked system.
PtH
A Pass-the-Hash Attack (PtH) is an attack in which an attacker steals a password hash and uses it to create a new user session on the same network.
Q
R
RoE
Return on equity (ROE) is a Indicator that measures the ratio of a company's profit to its equity.
S
SaaS
Software-as-a-Service (SaaS) is a cloud-based method of providing software to users.
Sarbanes-Oxley
Add description
Smurf attack
Add description
Social network attack
Add description
SOW
Add description
Spear phishing attack
Add description
SYN flooding
Add description
T
TCP hijacking
Add description
THC-Hydra
Add description
Trojan server attack
Add description
U
V
W
WAP
Add description
Whireshark
Add description
Whois
Add description