Update for 08-03-22 14:30
This commit is contained in:
parent
beb9b51184
commit
4432cb1eb2
58
tech/malware.wiki
Normal file
58
tech/malware.wiki
Normal file
@ -0,0 +1,58 @@
|
||||
= Malware =
|
||||
|
||||
|
||||
== Types ==
|
||||
|
||||
== Advanced Persistent Threat ==
|
||||
|
||||
Cybercrime directed at a business and political targets,
|
||||
using variety of intrusion techs and malware, applied persistently
|
||||
Often state sponsored.
|
||||
|
||||
== Adware ==
|
||||
|
||||
Advertising that is integrated into software. Makes popup ads or
|
||||
redirection of a browser to commercial site
|
||||
|
||||
== Attack kit ==
|
||||
|
||||
Set of tools for generating new malware automatically using a variety of
|
||||
supplied propagation and payload mechanisms (metasploit)
|
||||
|
||||
== Auto-rooter ==
|
||||
|
||||
Malicous tools to break into new machines remotely
|
||||
|
||||
== Backdoor (trapdoor) ==
|
||||
|
||||
Any mechanism that bypasses a normal security check; it may allow unauthorized
|
||||
access to functionality in a program, or onto a compromised system.
|
||||
|
||||
== Downloaders ==
|
||||
|
||||
Code that installs other items on a machine that is under attack. Included in
|
||||
malware code first inserted onto a compromised system to import a larger
|
||||
malware system.
|
||||
|
||||
== Drive by download ==
|
||||
|
||||
Attack using code on a comprisimised website that exploits a browser
|
||||
vulnerability to attack a client system when the site is viewed.
|
||||
|
||||
== Exploits ==
|
||||
|
||||
Code sepcific to a single vulnerability
|
||||
|
||||
== Flooders ==
|
||||
|
||||
Generate a large volume of data to attack a networked computer system, carrying
|
||||
out some DOS attack
|
||||
|
||||
== Keyloggers ==
|
||||
|
||||
Capture keystrokes on a compromised system
|
||||
|
||||
== Logic Bomb ==
|
||||
|
||||
Code inserted into malware by intruder. Lies dormant until a condition is met,
|
||||
then code triggers some payload.
|
@ -48,6 +48,8 @@ Hiding information
|
||||
* [[nmap|nmap]] - port scanner
|
||||
* [[masscan]]
|
||||
|
||||
== [[malware|Malware]] ==
|
||||
|
||||
== Common attack vectors ==
|
||||
|
||||
Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip
|
||||
|
Loading…
Reference in New Issue
Block a user