Glossary Flashcards
Kismet/ Netstumbler
Detects wireless access points and analyzes network traffic. Useful for surveying a network to understand its wireless security footprint.
INMAP
Scans networks to identify active hosts and open ports. Employed for initial network reconnaissance and security auditing.
WireShark
A packet sniffer and protocol analyzer for realtime network monitoring. Ideal for diagnosing network issues or analyzing security incidents.
TCPDump
A Unix/Linux command-line packet capture tool. Helpful for real-time network troubleshooting and capturing packets for later analysis.
Honeypots
Decoy systems to lure attackers away from legitimate targets. Useful for studying attacker behaviors and tactics.
Hping3
Crafts custom ICMP, UP, and TCP packets to test firewalls. Employed to identify vulnerabilities or misconfigurations in firewall rules.
Intel Executable Disable (XD)
Provides hardware-level buffer overflow protection in Intel chipsets. Useful for preventing malicious code execution at the system level.
AMD Enhanced Virus Protection
Offers chipset-level buffer overflow protection for AMD processors. Acts as a hardware-level security feature against certain types of attacks.
Address Space Layout Randomization (ASLR)
Randomizes memory locations for process execution, offering buffer overflow protection. Effective against exploits aiming to predict memory addresses.
Nessus
A Tenable product for vulnerability assessment. it scans networks to identify security risks. Ideal for regular security audits.
Metasoloit
A penetration testing framework that includes tools and exploits for securitv assessments. Can be used to simulate cyber-attacks to test network resilience.
CANVAS
Vulnerability assessment tool by Immunity, designed for identifying network and system weaknesses. Useful for enterprise security audits.
Nikto and Wikto
analize what?
Analyzes web servers and identifies security issues like outdated software and misconfigurations. Effective for hardening web servers before deployment.
Burp Suite
A web security testing platform for web application vulnerabilities. Ideal for security assessments of web-based applications.
Fuzzers (MiniFuzz, Binscope, Regex Fuzzer)
Automated tools for identifying vulnerabilities by inputting unexpected data. Helpful for discovering unknown issues like crashes or security flaws in software.
OpenVAS
Open-source vulnerability scanning and management software. Useful for detecting vulnerabilities in your network before they can be exploited.
Snort
Intrusion Detection Svstem (IDS) that monitors network traffic in real-time for malicious activities. Employed for real-time threat detection and prevention.
Hashcat
Advanced password recovery and cracking tool. Useful for assessing the strength of passwords by attempting to crack hashed password files.
John the Ripper
Password cracking software designed to identify weak passwords by using various attack methods. Effective for security audits to improve password policies.
Cuckoo Sandbox
Malware analysis tool that isolates suspicious files in a secure environment. Useful for understanding the behavior of unknown or potentially harmful files.
FISMA
Federal Information Security Management Act:
Mandates a comprehensive framework to protect government information, operations, and assets.
HIPAA
Health Insurance Portability and Accountability
Act: Regulates the use and disclosure of sensitive patient health information.
FERPA
Family Educational Rights and Privacy Act:
Governs the protection of student education records and grants specific rights to students.
SOX
The Sarbanes-Oxley Act: Imposes regulations on financial reporting to improve the accuracy and integrity of corporate disclosures.
GLBA
The Gramm-Leach-Bliley Act: Requires financial institutions to explain their data-sharing practices and safeguard sensitive data.