Cybersecurity Glossary

A security mechanism set up as a decoy to attract and detect attackers, allowing security teams to study attack methods and gather threat intelligence.

A network of honeypots designed to simulate a real network environment, providing a broader view of attacker behavior and techniques than a single honeypot.

An attack that exploits discrepancies in how front-end and back-end servers process HTTP requests, allowing attackers to bypass security controls.

HTTP Strict Transport Security. A security header that instructs browsers to only connect to a website using HTTPS, preventing protocol downgrade attacks and cookie hijacking.

A one-way mathematical function that converts input data of any size into a fixed-size output, used for password storage, data integrity verification, and digital signatures.

Hash-based Message Authentication Code. A mechanism that combines a cryptographic hash function with a secret key to verify both data integrity and message authenticity.

A form of encryption that allows computations to be performed on encrypted data without decrypting it, enabling secure cloud computing on sensitive data.

A high-performance password recovery tool that leverages GPU acceleration to crack password hashes using various attack methods at extremely high speeds.

A fast and flexible online password cracking tool that supports numerous protocols including SSH, FTP, HTTP, RDP, and many database services.

Health Insurance Portability and Accountability Act. US federal law establishing standards for protecting sensitive patient health information from disclosure.

The process of securing a system by reducing its attack surface through disabling unnecessary services, applying patches, and configuring security settings.

A dedicated crypto-processing device that manages and protects digital keys, providing tamper-resistant storage for sensitive cryptographic operations.

A physical device covertly installed in hardware to provide persistent backdoor access, intercept communications, or exfiltrate data.

The examination of email message headers to trace the path of delivery, verify sender authenticity, and identify potential spoofing or manipulation.

An online platform providing vulnerable virtual machines and challenges for practicing penetration testing and offensive security skills.

HyperText Transfer Protocol. The foundation protocol of the World Wide Web for transmitting web pages and data between clients and servers.

HTTP Secure. The encrypted version of HTTP that uses TLS to secure communication between web browsers and servers, protecting data integrity and confidentiality.

An attack technique that exploits how web applications handle multiple HTTP parameters with the same name, potentially bypassing input validation.

HMAC-based One-Time Password. An algorithm that generates one-time passwords using a counter value and shared secret, incrementing with each use.

Human-Machine Interface. The user interface in industrial control systems that allows operators to interact with and control automated processes.

Mobile security tools like Frida and Xposed that inject code into running processes to intercept and modify function calls for dynamic analysis.

A deception technique using characters that look identical to standard letters but are from different character sets, commonly used in phishing domain names.

Hardware Security Module. A dedicated crypto processor that manages digital keys, performs encryption and decryption, and provides tamper-resistant key storage.

The second major version of the HTTP protocol that improves web performance through multiplexing, header compression, and server push capabilities.

The third major version of HTTP that uses QUIC transport protocol instead of TCP, providing improved performance and built-in encryption.

An attack that manipulates the HTTP Host header to affect server-side behavior, potentially enabling cache poisoning or password reset hijacking.

An attack that bypasses security controls by changing the HTTP method of a request to one that is not properly validated.

An individual or group that uses hacking techniques to promote political or social causes, often through website defacement or data leaks.

Accessing resources belonging to another user with the same privilege level, such as viewing another customer account.

A malicious HTML Application file that executes outside the browser security sandbox, providing full system access when run.

An unauthorized modification to hardware that provides covert access to a system, potentially introduced during manufacturing or supply chain.

Attacks that compromise hardware components during manufacturing, shipping, or installation to implant surveillance or backdoor capabilities.

An attack that injects malicious content into HTTP response headers, potentially enabling cache poisoning and cross-site scripting.

A modern, collaborative command and control framework providing advanced evasion and post-exploitation capabilities for red team operations.

Health Information Trust Alliance. A security framework combining HIPAA, NIST, and ISO requirements for healthcare organizations.

A malicious modification to the circuitry of an integrated circuit, potentially introducing backdoors or causing malfunction.

An attack where malicious HTML content is injected into a web page, potentially modifying page appearance or behavior.

An advanced form of request smuggling that exploits differences in how HTTP components process messages.

A DDoS attack technique exploiting HTTP/2 stream multiplexing to generate massive request volumes with minimal resources.

An attack that inserts malicious content into HTTP response headers through unsanitized user input.

Exploiting web servers that respond differently to various HTTP methods, using PUT, DELETE, or TRACE to bypass access controls.

An exploitation technique that writes large amounts of data to the heap memory to increase the reliability of code execution.

Host-based Intrusion Detection System. An IDS that monitors a single host for suspicious activity including file changes and process behavior.

A physical device used for multi-factor authentication that generates or stores cryptographic credentials.