Cybersecurity Glossary

The practice of intercepting and examining data packets as they travel across a network, used both for legitimate network analysis and malicious eavesdropping.

The process of sending packets to specific ports on a host to determine which services are running and potentially vulnerable, a common reconnaissance technique.

An intermediary server that acts as a gateway between a user and the internet, providing additional security, privacy, and content filtering capabilities.

A network scanning technique that sends ICMP echo requests to a range of IP addresses to determine which hosts are alive and reachable on a network.

A firewall technique that examines each packet passing through and accepts or rejects it based on predefined rules such as source/destination IP, port, and protocol.

A vulnerability that allows attackers to access files and directories outside the intended directory by manipulating file path references with sequences like ../ in user input.

A secret value added to passwords before hashing, stored separately from the hash and salt, providing an additional layer of protection if the password database is compromised.

The publicly shared component of an asymmetric key pair, used to encrypt data that only the corresponding private key can decrypt, or to verify digital signatures.

The secretly held component of an asymmetric key pair, used to decrypt data encrypted with the corresponding public key or to create digital signatures.

Public Key Infrastructure. The framework of policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.

Pretty Good Privacy. An encryption program that provides cryptographic privacy and authentication for data communication, commonly used for email encryption and file signing.

Cryptographic algorithms designed to be secure against attacks by both classical and quantum computers, preparing for the era of quantum computing threats.

The component of malware that performs the malicious action, such as encrypting files, establishing backdoors, or exfiltrating data after successful exploitation.

Malware that constantly changes its identifiable features such as code patterns and encryption keys to evade detection by signature-based security tools.

A social engineering attack that uses deceptive emails, messages, or websites to trick individuals into revealing sensitive information or installing malware.

The act of exploiting a vulnerability or misconfiguration to gain higher-level permissions than originally granted, either vertically or horizontally.

An attack technique that tries a small number of commonly used passwords against many accounts simultaneously to avoid account lockout thresholds.

An attack technique where an attacker captures a password hash and uses it directly to authenticate without needing to crack or know the actual password.

Authentication methods that eliminate traditional passwords, using alternatives like biometrics, hardware security keys, magic links, or push notifications.

Privileged Access Management. A cybersecurity strategy for controlling and monitoring access to critical systems by privileged users and accounts.

An authorized simulated cyberattack performed to evaluate the security of a system, identifying vulnerabilities that could be exploited by real attackers.

A collaborative approach where red and blue teams work together, with the red team sharing attack techniques and the blue team improving defenses in real time.

Activities performed after gaining initial access to a system, including privilege escalation, persistence establishment, lateral movement, and data exfiltration.

Techniques used by attackers to maintain access to a compromised system across reboots, password changes, and other disruptions.

A technique where an attacker uses a compromised system as a stepping stone to reach other systems on the internal network that are not directly accessible.

A social engineering technique where an attacker creates a fabricated scenario to engage a victim and trick them into providing information or performing actions.

Platform as a Service. A cloud computing model that provides a platform for developing and deploying applications without managing the underlying infrastructure.

Payment Card Industry Data Security Standard. A set of security standards designed to ensure that all companies processing credit card information maintain a secure environment.

The systematic process of identifying, acquiring, testing, and installing software updates and patches to fix known vulnerabilities and improve security.

Personally Identifiable Information. Any data that can be used to identify a specific individual, such as name, SSN, email address, or biometric records.

Protected Health Information. Any health-related information that can be linked to a specific individual, protected under HIPAA regulations.

An approach to systems engineering that considers privacy throughout the entire development process rather than as an afterthought.

A systematic process for evaluating the potential effects that a project or system may have on the privacy of individuals.

A method for cracking WPA/WPA2 passwords that captures the Pairwise Master Key Identifier from a single frame without requiring a full handshake capture.

A database query technique that separates SQL code from data values, preventing SQL injection by ensuring user input is treated as data rather than executable code.

An attack against AI language models where malicious instructions are embedded in input to override the model intended behavior or extract sensitive data.

The informal name for the second Tuesday of each month when Microsoft releases security updates, widely used as a patching schedule benchmark.

A document detailing the findings, methodologies, and recommendations from a penetration test, including severity ratings and remediation guidance.

A controlled exercise where simulated phishing emails are sent to employees to assess their ability to recognize and report social engineering attacks.

A comprehensive document outlining response strategies and procedures for various security scenarios, often automated through SOAR platforms.

A Linux distribution designed for security, privacy, and development, offering a lightweight alternative to Kali Linux with similar penetration testing tools.

Measures designed to protect personnel, hardware, software, networks, and data from physical actions and events that could cause serious loss or damage.

A security assessment that tests physical security controls by attempting to gain unauthorized access to facilities through social engineering and bypass techniques.

Post Office Protocol version 3. An email retrieval protocol that downloads messages from a server to a local client, typically removing them from the server.

A code injection technique where a legitimate process is created in a suspended state, its memory is replaced with malicious code, and then resumed.

A post-exploitation framework that provides a pure PowerShell agent for offensive security operations, including credential gathering and lateral movement.

A cybersecurity professional who performs authorized simulated attacks on systems and applications to identify security vulnerabilities.

A JavaScript vulnerability where an attacker can modify the prototype of a base object, potentially leading to property injection and remote code execution.

A technique used by attackers or testers to maintain access to a compromised system across reboots, updates, and credential changes.

An attack that uses stolen Kerberos tickets to authenticate to services, bypassing the need for credentials.

Password-Based Key Derivation Function 2. An algorithm that applies a pseudorandom function to a password with a salt, iterating many times to slow down brute-force attacks.

A cryptographic property ensuring that session keys will not be compromised even if the server's private key is compromised in the future.

A passwordless authentication credential based on FIDO2 standards, using public-key cryptography and stored securely on the user's device.

Privileged Access Control. Security measures specifically designed to manage, monitor, and audit access by users with elevated privileges.

Regulatory requirements for periodic penetration testing, mandated by standards like PCI DSS, HIPAA, and various industry frameworks.

The processing of personal data so that it can no longer be attributed to a specific individual without the use of additional information kept separately.

Technologies designed to protect personal privacy, including encryption, anonymization, secure computation, and privacy-preserving analytics.

A side-channel attack that analyzes the power consumption patterns of a device during cryptographic operations to extract secret keys.

Programmable Logic Controller. An industrial computer used to control manufacturing processes, which can be targeted to disrupt physical operations.

A physical security breach where an authorized person knowingly allows an unauthorized person to enter a secured area, unlike tailgating which is covert.

Physical security measures designed to prevent unauthorized access to the boundary of a facility, including fences, barriers, and detection systems.

The professional progression in penetration testing from junior tester through senior consultant, team lead, and security architect.

A detailed document presenting the findings, methodologies, and recommendations from a penetration testing engagement.

The creation of custom network packets with specific header values and payloads for testing network security controls and responses.

Information gathering about a target without directly interacting with their systems, using public sources and third-party data.

Authentication methods that verify identity without traditional passwords, using biometrics, hardware tokens, or cryptographic keys instead.

A collaborative cybersecurity approach where red team attackers and blue team defenders work together in real time to improve detection and response.

Technologies that enable data analysis while keeping the underlying data confidential, including secure multi-party computation and homomorphic encryption.

The systematic application of engineering practices to ensure that systems and products protect user privacy throughout their lifecycle.

A security control designed to prevent security incidents from occurring, such as firewalls, access controls, and encryption.

Mobile malware that requests excessive permissions to access sensitive data and functionality beyond what is needed for its stated purpose.

A hardware device placed between a keyboard and computer that records all keystrokes, often disguised as a USB adapter.

A method of externally opening ports on a firewall by making connection attempts to a sequence of closed ports in a specific order.

An NTLM relay attack that abuses the MS-EFSRPC protocol to coerce Windows domain controllers into authenticating to attacker-controlled servers.

Attacks exploiting the Windows Print Spooler service, including PrintNightmare, allowing remote code execution and privilege escalation.

An open-source super timeline tool that extracts timestamps from various sources to create comprehensive forensic timelines.

Defining and enforcing security policies through code, enabling automated validation and consistent application across infrastructure.

A specialized database designed to isolate and protect sensitive personal data, providing tokenization and access controls.

A team that simulates physical security threats including unauthorized building access, device theft, and social engineering of staff.

Practical Network Penetration Tester. A certification by TCM Security covering practical penetration testing skills including OSINT and Active Directory attacks.

In-person social engineering techniques used during penetration tests including impersonation, pretexting, and tailgating.

The process of defining targets, methods, and boundaries for a penetration testing engagement to ensure appropriate coverage.

Techniques for disguising malicious payloads to evade signature-based detection, including encoding, encryption, and polymorphism.

A technique where malicious code is inserted into the address space of a legitimate running process to evade detection.

Multi-factor authentication methods that cannot be intercepted or replayed through phishing attacks, such as FIDO2 and hardware tokens.

Tools and frameworks that automate portions of the penetration testing process, from reconnaissance to exploitation.

A framework for transatlantic data transfers between the EU and US, replaced by the EU-US Data Privacy Framework.

Penetration Testing Execution Standard. A framework defining the methodology and phases for conducting professional penetration tests.

An attack that extracts the system prompt or hidden instructions from an AI chatbot through carefully crafted queries.

The management and monitoring of accounts with elevated access rights to prevent misuse and detect compromised privileged credentials.

The detailed examination of network protocol behavior to identify anomalies, misconfigurations, and potential security issues.

An HTTP header that allows websites to control which browser features and APIs can be used, reducing the attack surface.

A collaborative security exercise where red and blue teams work together in real-time to test and improve detection capabilities.

A series of proxy servers used to route traffic through multiple hops, increasing anonymity during penetration testing.

A tool that compresses and encrypts executable files to change their signature and evade antivirus detection.

Attacks leveraging Windows PowerShell for execution, download, and lateral movement while evading traditional file-based detection.

Access control that uses centrally managed policies to determine authorization, enabling consistent enforcement across systems.

Organizational rules governing password creation, complexity, rotation, and handling to reduce credential-based attacks.

In-person manipulation techniques including impersonation, pretexting, and building rapport to bypass physical security controls.

A comprehensive evaluation of an organization physical security controls including access points, surveillance, and guard procedures.

A switch feature that limits the number of MAC addresses allowed on a port to prevent MAC flooding and unauthorized connections.

A VLAN configuration that restricts communication between ports in the same VLAN, providing host isolation within a broadcast domain.

A database query technique that separates SQL code from data values, preventing SQL injection by treating input as data only.

The mechanism used to transport and deploy malicious code to a target system, including email attachments, web downloads, and USB drives.