From 4432cb1eb2f65cbbfce63d04737c5ec8c5be690a Mon Sep 17 00:00:00 2001 From: Tyler Perkins Date: Tue, 8 Mar 2022 14:30:01 -0500 Subject: [PATCH] Update for 08-03-22 14:30 --- tech/malware.wiki | 58 ++++++++++++++++++++++++++++++++++++++++++++++ tech/security.wiki | 2 ++ 2 files changed, 60 insertions(+) create mode 100644 tech/malware.wiki diff --git a/tech/malware.wiki b/tech/malware.wiki new file mode 100644 index 0000000..55ac97a --- /dev/null +++ b/tech/malware.wiki @@ -0,0 +1,58 @@ += Malware = + + +== Types == + +== Advanced Persistent Threat == + +Cybercrime directed at a business and political targets, +using variety of intrusion techs and malware, applied persistently +Often state sponsored. + +== Adware == + +Advertising that is integrated into software. Makes popup ads or +redirection of a browser to commercial site + +== Attack kit == + +Set of tools for generating new malware automatically using a variety of +supplied propagation and payload mechanisms (metasploit) + +== Auto-rooter == + +Malicous tools to break into new machines remotely + +== Backdoor (trapdoor) == + +Any mechanism that bypasses a normal security check; it may allow unauthorized +access to functionality in a program, or onto a compromised system. + +== Downloaders == + +Code that installs other items on a machine that is under attack. Included in +malware code first inserted onto a compromised system to import a larger +malware system. + +== Drive by download == + +Attack using code on a comprisimised website that exploits a browser +vulnerability to attack a client system when the site is viewed. + +== Exploits == + +Code sepcific to a single vulnerability + +== Flooders == + +Generate a large volume of data to attack a networked computer system, carrying +out some DOS attack + +== Keyloggers == + +Capture keystrokes on a compromised system + +== Logic Bomb == + +Code inserted into malware by intruder. Lies dormant until a condition is met, +then code triggers some payload. diff --git a/tech/security.wiki b/tech/security.wiki index f392f3a..3983525 100644 --- a/tech/security.wiki +++ b/tech/security.wiki @@ -48,6 +48,8 @@ Hiding information * [[nmap|nmap]] - port scanner * [[masscan]] +== [[malware|Malware]] == + == Common attack vectors == Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip