Attack Types Flashcards
IOC - Define
Indicator of Compromise
Virus
Malicious Code that requires user interaction to install and replicate.
Crypto-malware/Ransomware
Malicious applications that scare or scam users into paying money or granting access.
Trojan/RAT
Friendly software that contains malicious software.
Worms
Self replicating program without user interaction
Network Service Worms
Worm that exploits a network
Mass Mailing Worms
Work that spreads thorugh email
PUP
Potentially Unwanted Program which tend to be adware or spyware.
Fileless Virus
Malware that operates in memory. Hooks in through Powershell or WMI
Botnet
Malicious Code that infects a large number of hosts
Logic Bomb
Malicious code that triggers after a specific time or on a date or after a specific activity etc
Empire, PowerSploit, MetaSploit, Cobalt Strike
Fileless Attack Framework
Spyware
Malicious software that collects user activity and reports back
Keylogger
Malicious code that collects all keystrokes
Rootkits
Malicious code that installs at the OS or Kernal level
Backdoors
Software that installs for the purpose of opening ports to install additional software
Spraying
A form of brute force where the attacker has acquired a bunch of usernames and are testing passwords against them.
Brute Force
Systematic approach of trying different passwords
Rainbow Table
Precomputed table to reverse cryptographic hashes
Dictionary Attack
Using known words to brute force
Brutus, Cain and Abel, Crack, Aircrack-ng, John the Ripper
Dictionary attack tools
Salting
Adding random data to hashing algorithm so that each hash is unique even if the same password is used twice.
Known Plaintext/ Ciphertext
Access to both can allow an attacker to reveal further information like secret keys. AES is not vulnerable to this attack.
AES
Advanced Standard Encryption
