Network security
Do you know the following common terms of network security?
0 1 broiler
A computer or server that has been hacked and stationed for a long time.
02 zhuaji
Using the loopholes in the widely used programs, the behavior of broilers can be automatically obtained.
03webshell
Through a scripting tool for web intrusion, we can control the website service to some extent.
One word Trojan horse
By submitting short code to the server and cooperating with the local client to realize the Trojan horse of webshell function.
Claim rights
A method of upgrading yourself to administrator rights by using a low-privilege account in the operating system.
06 back door
A program or portal implanted by a hacker on a machine in order to control the host for a long time.
07 springboard
Use broiler IP to attack other targets in order to better hide their identity information.
08 station invasion
That is, website intrusion under the same server.
090-day vulnerability and 0-day attack
0-0day vulnerability, also known as zero-day vulnerability. Has been discovered (may not be made public), and the official has not found the vulnerability of the relevant patch. An attack that exploits the 0day vulnerability is a 0day attack.
10CVE
The English full name of CVE is "Common vulnerability &;; Exposure "exposes vulnerabilities and exposures, such as CVE-20 15-0057, CVE- 1999-000 1, etc. CVE is like a dictionary table, which gives a common name for the widely recognized information security vulnerabilities or weaknesses that have been exposed.
1 1PoC
You can think of it as a vulnerability verification program. Compared with some applications, PoC is an incomplete program, just a piece of code to prove the author's point of view.
12Exp
Vulnerability exploitation program. Simply put, it is a program that can play the value of vulnerabilities, and you can use vulnerabilities to gain access to the target machine.
13SSL
Secure Sockets Layer (SSL) is a protocol that supports services to communicate through the network without compromising security.
14APT attack
Advanced persistent attacks, also known as directed threat attacks, refer to persistent and effective attacks launched by organizations against specific objects. This kind of attack activity is extremely concealed and targeted, and usually uses many means such as infecting the media, supply chain and social engineering to carry out advanced, lasting and effective threats and attacks.
15 marginal note
Sidenote is an intrusion method, which uses the vulnerabilities of different websites on the same host to obtain webshell, thus using the physical path of users exposed by programs or services on the host to invade.
16 don't kill
It is to modify the program through techniques such as adding shell, encryption, modifying feature code, and adding instructions, so that it can escape the killing of antivirus software.
17 red-blue confrontation
In network security, the red-blue confrontation is that one party plays the role of hacker (Blue Army) and the other party plays the role of defender (Red Army) in network security.
18 payload
Payload is a payload, a hidden and secretly sent message.
19DDOS attack
Distributed Denial of Service (DDoS) means that multiple attackers in different places attack one or more targets at the same time, or one attacker controls multiple machines in different places and uses these machines to attack the victims at the same time. Because the attack points are distributed in different places, this kind of attack is called distributed denial of service attack, and there can be multiple attackers.
20IDS
Intrusion detection system (IDS is the abbreviation of "intrusion detection system"). Professionally speaking, it is to monitor the running state of the network and system through software and hardware according to certain security policies, find all kinds of attack attempts, attacks or attack results as much as possible, and ensure the confidentiality, integrity and availability of network system resources.
2 1IPS
Intrusion Prevention System (IPS) is a special security device with the function of filtering attacks. Generally, it is distributed between the firewall and the external network equipment, and it relies on the detection of data packets to defend it (check the data packets entering the network, determine the real purpose of the data packets, and then decide whether to allow them to enter the internal network).
22WAF protection
WAF is called Web application firewall in English, and Chinese means website application-level intrusion prevention system. Waf is a network security technology, which is mainly used to strengthen the security of website servers.
23MD5 algorithm
Message Digest Algorithm (English: MD5 Message-Digest Algorithm) is a widely used cryptographic hash function, which can generate a hash value of 128 bits to ensure the integrity and consistency of information transmission.
24 black box test
Without authorization, it simulates the attack mode and thinking mode of hackers and evaluates the possible security risks of computer network systems.
25 white box test
White-box testing is biased towards code auditing.
26 Grey box test
Testing products between white box and black box.
Botnet (botnet)
Botnet refers to a one-to-many controlled network formed between the controller and the infected host by infecting a large number of hosts with Bot virus through one or more communication means.
28 Harpoon Attack
"Harpoon attack" usually refers to using a Trojan horse program as an attachment to an e-mail and sending it to the target computer to induce the victim to open the attachment and infect the Trojan virus.
29 phishing attacks
Phishing attack is a criminal fraud process, which attempts to obtain personal sensitive information from electronic communication by pretending to be a reputable corporate media, such as user name, password and credit card details.
30 puddle attack
"puddle attack", one of the hacking methods, as its name implies, is to set up a "puddle (trap)" on the road where the victim must pass. The most common way is for hackers to analyze the law of the target's online activities, find the weaknesses of the websites frequently visited by the target, first "break through" the websites, and implant attack codes. Once the target visits the websites, it will be "recruited".
3 1 social engineering attack
Social engineering is a non-technical infiltration means to obtain information through interpersonal communication.
32TOP500 name
For the top 500 commonly used names in China, you can set the password of the attack dictionary collision user.
33 ml injection
Put the DLL into the address space of the process and make it a part of the process.
34SQL injection
SQL injection is to submit or input the query string of domain name or page request by inserting SQL command into Web form, thus deceiving the server to execute malicious SQL command. Specifically, it is the ability to use existing applications to inject (malicious) SQL commands into the background database engine for execution. It can get the database on the website with security holes by inputting (malicious) SQL statements in the web form, instead of executing the SQL statements according to the designer's intention.
35sys drive
Driver generally refers to device driver, which is a special program that enables computers to communicate with devices. Equivalent to the interface of hardware. Only through this interface can the operating system control the work of hardware devices.
36 jiake
A method of compressing executable program resources. Another form is to implant a piece of code into a binary program, control the program first at runtime, and then return the control to the original code. The purpose of this is to hide the real OEP (entry point to prevent cracking) of the program. Most viruses are based on this principle.
If it helps, please adopt it. Thank you!