Samenvatting
Ethical Hacking
Gebaseerd op de slides, Wikipedia, Google, colleges en voorkennis. Good luck!
Dictionary 2
Abbreviations: 2
Terms: 2
Phases of ethical hacking: 3
Week 1 4
Penetration test types: 4
Types of hackers: 4
Breaches: 4
The BAD pyramid: (build attack defend) 4
Social Engineering: 4
Week 2 5
Target scanning process 5
Port Scanning 5
Sniffing 5
Week 3 6
Application Layer Vulnerabilities 6
Tools 6
SQL Injection Attacks 6
XSS Attacks 6
Clickjacking attacks 7
Week 4 8
Keyloggers 8
Hashes 8
Crypto attacks 8
Week 5 9
Denial of Service Attacks 9
CPU Attacks 9
Application Attacks 9
Week 6 10
Mobile attacks 10
Week 7 11
, Dictionary
Abbreviations:
● TOE: Target of Evaluation (product or system that is the subject of the
evaluation)
● CEH: Certified Ethical Hacker
● PTES: Penetration Testing Execution Standard (consists of 7 main sections
covering everything related to a penetration test)
● WSTG: Web Security Testing Guide
● MSTG: Mobile Security Testing Guide
● ISSAF: Information Systems Security Assessment Framework (reference
source of penetration testing)
● CVE: Common Vulnerabilities and Exposures (A list of publicly known
cybersecurity vulnerabilities)
● CVSS: Common Vulnerability Scoring System (Standard for assessing the
severity of vulnerabilities)
● MITM: Man in the Middle
● RCE: Remote Code Execution
● RAT: Remote Access Tool
● DoS: Denial of Service
● DDoS: Distributed DOS
● DRDoS: Distributed Reflection Denial of Service
● CPDoS: Cache Poisoned Denial of Service
● MAC: Media Access Control (Hardware address of the NIC)
● NIC: Network Interface Controller (Physical network hardware such as a
WiFi adapter or Ethernet module)
● ARP: Address Resolution Protocol (Protocol used for discovering the link
layer address, mapping IPv4 addresses to MAC addresses)
● WAN: Wide Area Network (Public network that extends over a large
geographic area)
● LAN: Local Area Network (Private network within a limited area such as a
building)
● WLAN: Wireless Local Area Network (Wireless equievelant of LAN)
Terms:
● Threat: potential violation of security
● Exploit: software or technology that takes advantage of a vulnerability
● Vulnerability: software flaw, implementation error, logic design error
Ethical Hacking
Gebaseerd op de slides, Wikipedia, Google, colleges en voorkennis. Good luck!
Dictionary 2
Abbreviations: 2
Terms: 2
Phases of ethical hacking: 3
Week 1 4
Penetration test types: 4
Types of hackers: 4
Breaches: 4
The BAD pyramid: (build attack defend) 4
Social Engineering: 4
Week 2 5
Target scanning process 5
Port Scanning 5
Sniffing 5
Week 3 6
Application Layer Vulnerabilities 6
Tools 6
SQL Injection Attacks 6
XSS Attacks 6
Clickjacking attacks 7
Week 4 8
Keyloggers 8
Hashes 8
Crypto attacks 8
Week 5 9
Denial of Service Attacks 9
CPU Attacks 9
Application Attacks 9
Week 6 10
Mobile attacks 10
Week 7 11
, Dictionary
Abbreviations:
● TOE: Target of Evaluation (product or system that is the subject of the
evaluation)
● CEH: Certified Ethical Hacker
● PTES: Penetration Testing Execution Standard (consists of 7 main sections
covering everything related to a penetration test)
● WSTG: Web Security Testing Guide
● MSTG: Mobile Security Testing Guide
● ISSAF: Information Systems Security Assessment Framework (reference
source of penetration testing)
● CVE: Common Vulnerabilities and Exposures (A list of publicly known
cybersecurity vulnerabilities)
● CVSS: Common Vulnerability Scoring System (Standard for assessing the
severity of vulnerabilities)
● MITM: Man in the Middle
● RCE: Remote Code Execution
● RAT: Remote Access Tool
● DoS: Denial of Service
● DDoS: Distributed DOS
● DRDoS: Distributed Reflection Denial of Service
● CPDoS: Cache Poisoned Denial of Service
● MAC: Media Access Control (Hardware address of the NIC)
● NIC: Network Interface Controller (Physical network hardware such as a
WiFi adapter or Ethernet module)
● ARP: Address Resolution Protocol (Protocol used for discovering the link
layer address, mapping IPv4 addresses to MAC addresses)
● WAN: Wide Area Network (Public network that extends over a large
geographic area)
● LAN: Local Area Network (Private network within a limited area such as a
building)
● WLAN: Wireless Local Area Network (Wireless equievelant of LAN)
Terms:
● Threat: potential violation of security
● Exploit: software or technology that takes advantage of a vulnerability
● Vulnerability: software flaw, implementation error, logic design error
