Tip
To make it easier to search, you can check what dictionaries are available by filtering for "dictionary"
A simulated cyberattack against a system to identify vulnerabilities.
A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected.
A suite of tools for assessing Wi-Fi network security.
source: https://blog.malwarebytes.com/101/2015/07/introduction-to-alternate-data-streams/
"Alternate Data Streams (ADS) are a file attribute only found on the NTFS file system"
Files are built from a couple of core attributes - one being $Data. You have a "Primary" Data Stream, and a secondary or "Alternate" Data Stream
Note
Please Note: you can essentially hide data in the secondary data stream.
Tip
You can use dir /R to check for the alternate data stream, and then more < <pastetheresult> to see what is hidden in $DATA.
dir /R
A technique where an attacker sends falsified ARP messages over a local network.
The total sum of the vulnerabilities that can be exploited in a system.
A secret method of bypassing normal authentication to gain access to a system.
A Blue Team is a group of cybersecurity professionals responsible for defending an organization's systems, detecting threats, and responding to attacks to ensure security and resilience.
A network of compromised devices controlled by an attacker.
Attempting to gain access by trying all possible combinations of credentials.
Overwriting a program's memory, leading to arbitrary code execution.
A program that rewards individuals for finding and reporting vulnerabilities.
A popular tool for web application security testing.
A technique used to trick users into clicking on something different from what they perceive.
Servers that attackers use to communicate with compromised systems.
Collecting credentials from users by tricking them into entering them into a fake website or form.
Using leaked username/password pairs from one breach to access other sites.
An attack that tricks a user into performing actions on a web application without their consent.
Injecting malicious scripts into web pages viewed by other users.
The unauthorized transfer of data from a computer or other device.
An attack designed to make a system unavailable by overwhelming it with traffic.
A type of brute force attack that uses a list of common passwords or words.
A DoS attack using multiple systems to flood the target.
An attack where false DNS information is inserted into a DNS resolver's cache.
The unintentional download of malicious software to a user’s device.
Secretly listening to private communications.
Extracting user names, machine names, network resources, and other services.
A code or software that takes advantage of a vulnerability.
A network security device that monitors and filters incoming and outgoing network traffic.
Collecting data on a target system or network to map out its structure.
The process of collecting, analyzing, and preserving digital evidence.
Encryption that covers all the data on a disk.
A testing technique that involves inputting random data to find vulnerabilities.
A network of honeypots that simulate a network to lure attackers.
A decoy system set up to attract and detect attackers.
A fast and flexible password-cracking tool.
Provides access to admin sessions or the ability to read sensitive files if obtained.
The approach taken by an organization to handle a security breach or attack.
A security risk that comes from within the organization, typically from employees or contractors.
A device or software application that monitors network traffic for suspicious activity.
Similar to IDS but actively prevents detected threats.
A password-cracking tool.
Recording the keystrokes of a user to capture sensitive information.
A model used to describe the stages of a cyberattack, from reconnaissance to exfiltration.
Malicious software designed to disrupt, damage, or gain unauthorized access to a system.
The use of online advertising to spread malware.
Intercepting and possibly altering communication between two parties.
A popular penetration testing framework used to develop and execute exploit code.
Capturing and analyzing network packets to detect and troubleshoot issues.
A web server scanner that tests for vulnerabilities.
A network scanning tool used to discover hosts and services on a network.
The act of making something unclear or unintelligible to obscure its meaning.
An organization that provides resources to improve software security.
A list of the most critical security risks to web applications.
An open-source web application security scanner.
The process of regularly updating software to fix vulnerabilities.
The second Tuesday of each month when Microsoft releases security updates.
The part of an exploit that performs the intended malicious action.
A standard framework for conducting penetration tests.
A method of tricking individuals into providing sensitive information by pretending to be a trustworthy entity.
Using a compromised system as a launch point to attack other systems on the same network.
A technique used to identify open ports and services on a networked device.
Gaining higher-level permissions on a system.
A combination of Red and Blue Teams that collaborate to improve overall security.
Malware that encrypts files on a device, demanding a ransom for decryption.
The process of gathering information about a target.
A group of ethical hackers who simulate attacks to test the security of an organization.
A more comprehensive testing strategy that involves simulating real-world attacks over an extended period.
A shell session initiated by the target machine to the attacker’s machine.
The process of identifying, analyzing, and evaluating risks.
A wireless access point that has been installed on a network without authorization.
A set of software tools that enable unauthorized access to a computer, often remaining hidden.
Running programs in isolated environments to prevent them from affecting the main system.
Actively probing a target to gather information about its network and systems.
A solution that provides real-time analysis of security alerts generated by network hardware and applications.
A centralized unit that deals with security issues at the organizational level.
Tools that automate the response to security incidents.
The overall security status of an organization's systems, networks, and information.
An attack that involves taking over a user session to gain unauthorized access.
A command-line interface that allows users to interact with the operating system.
Online identities that are not a representation of who someone is - e.g., a fake identity or fake accounts. These are used to avoid someone noticing you are investigating them.
A targeted phishing attack aimed at a specific individual or organization.
An attack that allows execution of malicious SQL statements on a database.
An automated tool for detecting and exploiting SQL injection flaws.
Protocols for encrypting data transmitted over a network.
The practice of hiding data within other non-secret data.
Attacking an organization by targeting less-secure elements in its supply chain.
The process of proactively searching for cyber threats that are lurking undetected in a network.
Information that helps organizations understand and mitigate cyber threats.
The process of identifying and prioritizing potential threats to a system.
A temporary passcode generated by an algorithm that uses the current time as one of its factors.
Temporary keys allowing access to systems and networks without providing credentials with every instance of access. Similar to cookies for web browsers.
Created when logging into a machine or using Remote Desktop RDP
An impersonate token is a temporary credential that allows one user or system to act on behalf of another with their permissions.
Malicious software disguised as legitimate software.
A security process that requires two separate forms of identification.
A type of malware that replicates by modifying other programs and inserting its code.
An attack that allows an attacker to escape the confines of a virtual machine and interact with the host operating system.
A secure connection over a less-secure network, like the internet.
A weakness in a system that can be exploited by a threat actor.
An attack strategy where the attacker infects websites likely to be visited by a specific group of individuals.
The process of exploiting vulnerabilities or misconfigurations in a Windows system to gain higher levels of access or permissions.
A network protocol analyzer used to capture and analyze network traffic.
A type of malware that replicates itself in order to spread to other computers.
A vulnerability that is unknown to the software vendor and for which no patch exists.
A protocol for resolving hostnames to IP addresses within a local network without requiring a DNS server.
Instead of cracking passwords, we can intercept the hashes and send those on (relay them) to other machines and potentially gain access.
Exploiting features in order to control the victim machine remotely, with a command-line tool.
Attacks against the IPv6 network protocol which is enabled by default on Windows server devices.
Note
Not yet added.
The practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration.
The creation of virtual versions of physical components, such as servers, storage devices, and network resources.
Software that creates and runs virtual machines (VMs) by abstracting the underlying hardware.
The process of packaging an application and its dependencies into a container that can run on any computing environment.
Physical servers without any virtualization, where the operating system runs directly on the hardware.
A device or software that distributes network or application traffic across multiple servers to ensure availability and reliability.
A facility used to house computer systems and associated components, such as telecommunications and storage systems.
A system design approach and associated service implementation that ensures a certain level of operational performance, typically uptime, for a higher than normal period.
A set of policies and procedures to enable the recovery or continuation of vital technology infrastructure after a natural or human-induced disaster.
The ability of a system to handle growing amounts of work by adding resources to the system.
The duplication of critical components or functions of a system to increase reliability and availability.
The ability of a system to continue functioning when part of the system fails.
A data center facility where businesses can rent space for servers and other computing hardware.
Infrastructure that is hosted within the physical confines of an organization’s facilities.
The delivery of computing services—including servers, storage, databases, networking, software—over the cloud (internet).
The practice of processing data near the edge of the network, where the data is being generated, rather than in a centralized data-processing warehouse.
A unit of measure defined as 1.75 inches, used to describe the height of equipment in a rack.
A contract between a service provider and a customer that outlines the level of service expected during its term.
A virtual machine sold as a service by an Internet hosting service.
The process of copying and archiving computer data so it may be used to restore the original after a data loss event.
A network that provides access to consolidated, block-level data storage.
A dedicated file storage device that provides local area network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
A data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for data redundancy and performance improvement.
A modular server that fits into a chassis with other blade servers, sharing power and cooling resources.
A device that provides emergency power to a load when the input power source or mains power fails.
A centralized location from which IT professionals monitor, manage, and maintain network infrastructure.
A set of practices that combine software development (Dev) and IT operations (Ops) to shorten the systems development lifecycle.
The process of observing and checking the progress or quality of a system over time.
The act of keeping a log of events, errors, and other operational details in software or hardware systems.
The process of maintaining computer systems, servers, and software in a desired, consistent state.
The process of managing a network of computers by regularly performing patch deployment to ensure systems are up-to-date and protected from vulnerabilities.
The automated configuration, management, and coordination of computer systems, applications, and services.
A cloud-computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers.
Writing scripts to automate repetitive tasks in infrastructure and system management.
A software implementation of a network function that can be deployed on a virtualized infrastructure.
The automated process of managing the lifecycle of containers, especially in large, dynamic environments.
The practice of collecting and analyzing data to ensure that infrastructure performs at its best and meets the needs of users.
A computing environment that combines on-premises infrastructure, private cloud services, and a public cloud.
A cloud computing model where the cloud infrastructure is dedicated to a single organization.
A cloud computing model where the cloud infrastructure is owned and operated by a third-party cloud service provider, and resources are shared among multiple organizations.
An open-source container orchestration platform that automates the deployment, scaling, and operation of application containers.
A platform used to develop, ship, and run applications inside containers.
An open-source cloud computing platform for building and managing public and private clouds.
An open-source infrastructure as code software tool that enables users to define and provision data center infrastructure using a high-level configuration language.
An open-source automation tool for configuration management, application deployment, and task automation.
An open-source software configuration management tool that automates the management of infrastructure.
An open-source automation platform that transforms infrastructure into code, enabling operations and development teams to manage environments.
An open-source automation server used to automate parts of software development, such as building, testing, and deploying code.
A development practice where developers integrate code into a shared repository frequently, with each integration automatically verified by a build.
A software release process where code changes are automatically deployed to production after passing predefined tests.
A software development practice where code changes are automatically prepared for a release to production.
A discipline that applies aspects of software engineering to infrastructure and operations problems to create scalable and highly reliable software systems.
CIDR notation is a shorthand way to represent a range of IP addresses by specifying the starting address and the size of the group using a suffix (like /24).
source: ChatGPT
A unique string of numbers separated by periods or colons that identifies each computer using the Internet Protocol to communicate over a network.
The practice of dividing a network into smaller, more efficient subnetworks.
The phonebook of the internet, translating domain names into IP addresses so browsers can load resources.
A network management protocol that dynamically assigns IP addresses to devices on a network.
A device that forwards data packets between computer networks.
A device that connects devices on a computer network by using packet switching to receive, process, and forward data to the destination device.
A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.
A subnetwork that can group together a collection of devices from different physical LANs.
A method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
A service that allows you to connect to the internet securely and privately by routing your connection through a server and hiding your online actions.
A unique identifier assigned to a network interface controller for communications at the data link layer of a network segment.
A conceptual framework used to describe the functions of a networking or telecommunication system in seven layers.
The suite of communication protocols used to connect network devices on the internet.
The maximum rate of data transfer across a given path.
The delay before
a transfer of data begins following an instruction for its transfer.
The rate of successful message delivery over a communication channel.
A unit of data that is routed between an origin and a destination on the internet or any other packet-switched network.
A networking utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time for messages sent from the originating host to a destination computer.
A network diagnostic tool that displays the route and measures transit delays of packets across an IP network.
The process of distributing network traffic across multiple servers.
The protocol used to exchange routing information between networks on the internet.
A technique in high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses.
The description or measurement of the overall performance of a service, such as a telephony or computer network or a cloud computing service, particularly the performance seen by the users of the network.
An approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring.
An attack in which corrupted DNS data is inserted into the cache of a DNS resolver, returning an incorrect IP address.
A protocol used for mapping an IP address to a physical machine address that is recognized in the local network.
A network layer protocol used by network devices to diagnose network communication issues.
An Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.
A service that allows instances in a private subnet to connect to services outside your VPC but prevents the outside services from initiating a connection with those instances.
A defined set of rules used to control network traffic, allowing or denying communications based on criteria such as IP address, port number, or protocol.
The process of redirecting a communication request from one address and port number combination to another while the packets traverse a network gateway, such as a router or firewall.
A suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session.
A method of carrying multiple VLANs over a single network link between devices.
A server that acts as an intermediary for requests from clients seeking resources from other servers.
A geographically distributed network of proxy servers and their data centers that delivers content to users based on their geographic location.
The process of translating a domain name into its corresponding IP address.
The practice of dividing a computer network into smaller parts, or segments, to improve performance and security.
A data table stored in a router or a networked computer that lists the routes to particular network destinations.
A list of rules used to grant or deny access to certain digital environments.
A logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer.
A network segment connected by a shared medium or through repeaters where simultaneous data transmissions can collide with one another.
The time it takes for a data packet to travel from its source to its destination across a network.
The arrangement of different elements (links, nodes, etc.) in a computer network.
The maximum data transfer rate of a network or Internet connection.
Policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
A computer network that uses wireless data connections between network nodes.
A family of computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN), and wide area networks (WAN).
A set of standards that define communication for wireless local area networks (WLANs).
A secure connection between two or more devices across a public network like the Internet.
A method of modifying network address information in IP packet headers while in transit across a traffic routing device.
The relationship between Internet service providers (ISPs) in which they exchange traffic between their networks.
A device or software that distributes network or application traffic across multiple servers to ensure availability and reliability.
## Cloud ArchitectureThe components and subcomponents required for cloud computing, including databases, software capabilities, applications, and services.
The use of multiple cloud computing services in a single heterogeneous architecture.
A software approach that involves building and running applications that fully exploit the advantages of the cloud computing delivery model.
A cloud-computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers.
An architectural style that structures an application as a collection of loosely coupled services.
The packaging of software code with all its dependencies so that it can run uniformly and consistently on any infrastructure.
The automated arrangement, coordination, and management of complex computer systems, middleware, and services.
A form of cloud computing that provides virtualized computing resources over the internet.
A cloud computing model that delivers hardware and software tools to users over the internet.
A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
A category of cloud computing services that provides a platform allowing customers to develop, run, and manage application functionalities without the complexity of building and maintaining the infrastructure.
A set of policies, controls, procedures, and technologies that work together to protect cloud-based systems, data, and infrastructure.
A framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources.
A cloud computing feature that automatically adjusts the amount of computational resources in a server farm based on the load.
The ability of a cloud service to automatically scale computing resources up or down as needed.
Physically separate locations within a cloud provider’s data centers that help safeguard applications and data from data center failures.
An infrastructure as code (IaC) service from Amazon Web Services (AWS) that allows you to easily model and set up AWS resources.
A service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.
A monitoring and observability service by AWS that provides data and actionable insights to monitor applications, understand and respond to system-wide performance changes, and optimize resource utilization.
An object storage service that offers industry-leading scalability, data availability, security, and performance.
An AWS service that lets you run code without provisioning or managing servers.
A web service that provides resizable compute capacity in the cloud, designed to make web-scale cloud computing easier for developers.
A virtual network dedicated to your AWS account, logically isolated from other virtual networks in the AWS Cloud.
The deployment and management service for Azure, providing a consistent management layer that enables you to create, update, and delete resources in your Azure account.
A set of services for DevOps, including CI/CD pipelines, version control, and Agile tools, integrated with
Azure.
A managed, production-ready environment for running containerized applications, with support for Kubernetes orchestration.
Google Cloud’s application management platform that provides a consistent development and operations experience for cloud and on-premises environments.
Google Cloud’s fully-managed, serverless, highly scalable, and cost-effective multi-cloud data warehouse.
A set of permissions that define what actions can be taken on what resources within a cloud environment.
A service model in which data is maintained, managed, backed up remotely, and made available to users over a network.
A security service provided by cloud vendors that protects cloud infrastructure and resources from network threats.
An open-source system for automating the deployment, scaling, and management of containerized applications.
A package manager for Kubernetes that helps you define, install, and upgrade even the most complex Kubernetes applications.
An open-source service mesh that layers transparently onto existing distributed applications, providing services such as load balancing, service-to-service authentication, monitoring, and more.
An open-source infrastructure as code software tool that enables users to define and provision data center infrastructure using a high-level configuration language.
Ensuring that cloud usage adheres to laws, regulations, standards, and organizational policies.
A service that provides a managed interface for developers to create, publish, maintain, monitor, and secure APIs at any scale.
An extension of DevOps that integrates security practices into the DevOps approach.
A fully distributed, software-defined managed service that provides global load balancing with a single IP address.
An API object that manages external access to services in a cluster, typically HTTP.
The process of managing and configuring networks and communication systems in cloud environments.
The process of tracking, monitoring, and managing cloud usage and costs to optimize spending.
The application of data analysis techniques to datasets stored in the cloud to uncover insights.
The use of technology to manage and coordinate the interactions between different cloud services, typically in a multi-cloud environment.
A dedicated infrastructure layer for making service-to-service communication safe, fast, and reliable, usually within microservices architectures.
The practice of bringing together finance, technology, and business teams to collaborate on data-driven spending decisions in the cloud.
The process of storing copies of data in a cloud environment to ensure its availability in case of system failures, disasters, or other data loss events.
A computing environment that combines on-premises infrastructure, private cloud services, and a public cloud.
The processes, rules, and policies that define how an organization operates in the cloud to ensure compliance, security, and effective management.
A security approach designed specifically for securing cloud-native applications, which are built to leverage the cloud’s scalability and flexibility.