Glossary
-
Ransomware
Ransomware is malware designed to block access to a computer until the user pays a sum of money. Recent examples of ransomware (such as WannaCry) have encrypted the data on the users users hard drive, making it impossible to access without the correct decryption key.
-
Malware
Any software that is used for a malicious purpose. This can include Viruses, RATs or ransomware.
-
RAT
Remote Access Trojan. A Type of malware that installs a backdoor onto the target system, allowing hackers to access it remotely.
-
SQL
Structured Query Language. This is a "standardised" language that is used to interact with databases.
-
SQL Injection
A (usually) web based explioit where the attacker makes use of poorly written SQL to modify the queries sent to the server.
-
MITM
Man in the middle. Where the attacker intercepts communication between two people. Either to evesdrop on the converstation, or to act as an authorised source and interfere with communication in some way.
-
XSS
Cross Site Scripting. A web based attack where the user injects malicious javascript into a web page, causing it to behave in a different way.
-
Phishing
-
Social Engineering
-
Web 2.0
The New Web, that emerged in the early 2000's. where technolgies such as Javascript allowed us to move from purely static HTML sites to those with responsive and interteractive content.
-
GET Requests
A method of sending data to a web server. GET requests are encoded as part of the URL (do a Google search and look at the URL for a good example of this). The part appended to the string containing the parameters is known as the query string.
You can see GET requests in action on Google, after making a search you will notice a lof of information in the URL, this represents the search terms that the server is processing.
-
POST Requests
POST requests are encoded inside the request body. This means that the request itself is only visible by inspecting the headers, rather than as part of the URL. This makes it slightly harder to modify the request, as we cannot just manipulate the URL, and would need to use a tool to add the parameters to the request body. We will discuss manually sending requests to the server in the next step.