Cybersecurity requires a ton of knowledge across many different areas and seemingly all at once. This short series of articles aims to give newer friends some guidance. If I did something dumb, please let me know on twitter @digibeard_yt or you can email at email@example.com. Let’s Go!
The process or action of verifying the identity of a user or process. This could be username and password combinations, SSH Keys or combined with something like fingerprints or a hardware token to fully allow the user appropriate access to a resource.
The action, fact or permission of authorizing or being authorized. So, once you’ve authenticated, it’s time to verify your authorization and checking that you’ve got permission to perform an action or view the requested resources. Remember to enact best practices and grant the lowest amount of priveleges that user needs.
Audits are fairly harmless for the most part. Typically, they are only a form of inspection. With regard to cybersecurity, a penetration tester is someone who is going to inspect an entire segment of your organization or the entire thing in a bid to uncover any form of vulnerability or bug. This happens so you can fix the issues before the bad dudes find them.
ACL – Access Control List
An access control list or ACL for short, is a list of users and their level of access to any system. You could create a list with pre-defined permissions and then assign individual users to it or create policies and assign the users to a policy. Either way, grant your users the least access level possible.
Aircrack-NG is a suite of command-line tools to assess WiFi network security. It does this by focusing on monitoring, attacking, testing or cracking WiFi protocols. There are also GUI applications that use the CLI information aircrack spits out for a slightly easier experience.
A backdoor is a way in again should your main point of access get compromised and closed down. Typically, you’ll have fought for a good while to gain that toehold and it will suck to start all over again.
Portswigger offers this web security testing toolkit for free with limits and other editions that cost ~$400 to over $4k per seat. You get fine grained control over requests and responses and if you’re a bug bounty hunter, this will be your main application.
When you run a scan of some sort against a machine or network, you might encounter basic info about the machine. It might have a MOTD (Message Of The Day) that tells the software and version or a footnote telling the framework used. This could include the type of web server software in use and you grab that banner for later use.
Botnets are compromised machines that act together to perform attacks. Distributed Denial of Service (DDoS) attacks often take advantage of botnets to do their dirty deeds or they turn the machines into spambots.
A brute-force attack is a rather noisy method of trying to guess a PIN code or password. Typically, you start at 0000 and move up by 1 each time it doesn’t let you in (0001, 0002, 0003+). This can be mitigated by ensuring that you have a certain number of failed attempts before lockout.
Programs have access to a very specific amount of memory on the host machine. When your program tries to store more than it’s meant to, it can overflow into other buffers and leads to corruption of existing data on those other areas. Buffer Overflows are still part of the OSCP training.
When it comes to computing, a cache is either a special portion of memory or a portion of the CPU meant to provide quick access to frequently accessed “things” to maintain efficiency. Why ask for things that are on a slow, spinning disk when you can keep them in the fastest parts of your machine for near-instant access?
A cipher is when you encode or decode some data using one of the many cryptographic algorithms that exist. You will use these often.
Penetration testers rely on being able to send arbirtary code into applications to see if they cause a vulnerability by exploiting a bug in a specific version of an application.
Cross-Site Scripting (XSS)
If a web application doesn’t sanitize user inputs when a script is run, it could lead to you exploiting a system by executing a client-side script on the website.
The rules the government or other agencies define to keep customer sensitive data secure. NIST, ISO and others fill these roles.
That certainly covers a decent amount of terms and jargon for the newbies out there. Stay tuned for additional posts with info added in the near future.