Category: glossary

Penetration Testing Wiki

Google Dork

Google Dork is an advanced Google search query using special commands such as allinurl, allintitle, etc to leverage Google to find public information. Is also a good way to perform passive reconnaissance. Offensive Security has the major Google Dork database called GHDB: https://www.exploit-db.com/google-hacking-database

Faradaysec 3.0

Faradaysec

Faradaysec is a penetration testing IDE. How to run Faraday < 2.7 To run the server: Check: To run the client: How to run Faraday v3.0 First run server: Second, run client: Check: How to access the UI: http://127.0.0.1:5985/_ui/ For more info go to https://github.com/infobyte/faraday/wiki and https://faradaysec.com/ Next section, to customize your shell: ZSH

ZSH

Useful frameworks to beautify your zsh shell: https://ohmyz.sh/ https://github.com/robbyrussell/oh-my-zsh Manual installation of oh-my-zsh: >> ZSH_THEME=”random” Cool themes: mortalscumbag To know more about how to use zsh shell and oh-my-zsh integrated within Faradaysec.

RCE

RCE stands for Remote Code Execution. It is the most critical type of vulnerabilities as it means that an attacker can execute arbitrary code and take ownership of a remote account or machine.

exploit kit

An exploit kit or exploit pack is a type of toolkit cybercriminals use to attack vulnerabilities in systems so they can distribute malware or perform other malicious activities. Some known exploit kits are mpack, neutrino, angler, magnitude, RIG, nuclear, phoenix or crimepack. Usually are sold in the dark market using a subscription model (i.e. 500…
Read more

exploit

An exploit is a program or system designed to take advantage of a particular error or security vulnerability in computers or networks. Look also exploit kit.

CTF

A Capture the Flag (CTF) is a computer security competition. CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world. Usually are structured in different levels, and each level has…
Read more

bug bounty

A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities. The most important ones are: https://www.bugcrowd.com https://www.hackerone.com https://bountyfactory.io For each vulnerability sent that is eligible for bounty (i.e. it is inside the scope…
Read more

0day

Zero day or 0day is an exploit that has been released or leaked to the public before the vendor has submitted a patch for the vulnerability. That means that is being used in-the-wild by threat actors.

blue team

Blue team is an specialized group of cybersecurity professionals, experts in threats identification, cybersecurity incidents analysis, remediation and forensics. As opossed to the red team, blue team has to identify, detect and prevent cyberattacks. Usually they work inside a SOC (Security Operations Center) in 24×7 shifts. They constantly monitor SIEM and other sources of information…
Read more