Attacks and Exploits Flashcards
HardSpaced repetition with the SM-2 algorithm — grade each card and PlayPrepHQ schedules it to resurface right before you'd forget it. Progress saves in this browser.
Loading your deck…
Terms in this set
- DDoS Distributed Denial of Service — flooding a target from many sources to exhaust capacity.
- Injection Inserting malicious input that the system mistakenly interprets as code or commands.
- XSS Cross-Site Scripting — injecting client-side script into web pages viewed by other users.
- CSRF Cross-Site Request Forgery — tricking a logged-in user's browser into making unwanted requests.
- Exploit Code or technique that takes advantage of a specific vulnerability to achieve an attacker goal.
- Zero-day A vulnerability unknown to the vendor — and therefore unpatched — at the time of exploitation.
- Spoofing Falsifying identity — sender address, IP, MAC, ARP, DNS, or caller ID.
- MITM Man-in-the-Middle — an attacker secretly relaying and possibly altering communication between two parties.
- Brute Force Trying every possible value (passwords, keys) until one succeeds.
- Payload The portion of an exploit or malware that performs the attacker's intended action.
- Keylogger Software or hardware that records keystrokes to capture credentials and sensitive input.
- Backdoor A hidden method of bypassing normal authentication to maintain access.