tyler/vimwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update for 09-03-22 12:45

Browse Source
This commit is contained in:
Tyler Perkins 2022-03-09 12:45:01 -05:00
parent 75c35d9abe
commit c016f8124b
2 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
tech/malware.wiki
View File

@ -3,92 +3,92 @@
== Types == == Types ==
== Advanced Persistent Threat == === Advanced Persistent Threat ===
Cybercrime directed at a business and political targets, Cybercrime directed at a business and political targets,
using variety of intrusion techs and malware, applied persistently using variety of intrusion techs and malware, applied persistently
Often state sponsored. Often state sponsored.
== Adware == === Adware ===
Advertising that is integrated into software. Makes popup ads or Advertising that is integrated into software. Makes popup ads or
redirection of a browser to commercial site redirection of a browser to commercial site
== Attack kit == === Attack kit ===
Set of tools for generating new malware automatically using a variety of Set of tools for generating new malware automatically using a variety of
supplied propagation and payload mechanisms (metasploit) supplied propagation and payload mechanisms (metasploit)
== Auto-rooter == === Auto-rooter ===
Malicous tools to break into new machines remotely Malicous tools to break into new machines remotely
== Backdoor (trapdoor) == === Backdoor (trapdoor) ===
Any mechanism that bypasses a normal security check; it may allow unauthorized Any mechanism that bypasses a normal security check; it may allow unauthorized
access to functionality in a program, or onto a compromised system. access to functionality in a program, or onto a compromised system.
== Downloaders == === Downloaders ===
Code that installs other items on a machine that is under attack. Included in Code that installs other items on a machine that is under attack. Included in
malware code first inserted onto a compromised system to import a larger malware code first inserted onto a compromised system to import a larger
malware system. malware system.
== Drive by download == === Drive by download ===
Attack using code on a comprisimised website that exploits a browser Attack using code on a comprisimised website that exploits a browser
vulnerability to attack a client system when the site is viewed. vulnerability to attack a client system when the site is viewed.
== Exploits == === Exploits ===
Code sepcific to a single vulnerability Code sepcific to a single vulnerability
== Flooders == === Flooders ===
Generate a large volume of data to attack a networked computer system, carrying Generate a large volume of data to attack a networked computer system, carrying
out some DOS attack out some DOS attack
== Keyloggers == === Keyloggers ===
Capture keystrokes on a compromised system Capture keystrokes on a compromised system
== Logic Bomb == === Logic Bomb ===
Code inserted into malware by intruder. Lies dormant until a condition is met, Code inserted into malware by intruder. Lies dormant until a condition is met,
then code triggers some payload. then code triggers some payload.
== Macro virus == === Macro virus ===
Virus using macro scripting code, typically embedded in a document or document Virus using macro scripting code, typically embedded in a document or document
template, and triggered when the document is viewed/edited, to run and template, and triggered when the document is viewed/edited, to run and
replicate into other documents. replicate into other documents.
== Mobile code == === Mobile code ===
Software that can be shipped unchanged to a htereogenous colelctions of Software that can be shipped unchanged to a htereogenous colelctions of
platforms and execute with identical semantics. platforms and execute with identical semantics.
== Rootkit == === Rootkit ===
Tools used after a system has been compromised to gain root level access Tools used after a system has been compromised to gain root level access
== Spyware == === Spyware ===
Software that monitors keystrokes, screen data, and/or network traffic, or Software that monitors keystrokes, screen data, and/or network traffic, or
scans files for sensitive information, and sends it back to some Controler scans files for sensitive information, and sends it back to some Controler
server. server.
== Trojan horse == === Trojan horse ===
Appears to have useful function, but has hidden and malicous purpose and evades Appears to have useful function, but has hidden and malicous purpose and evades
security machanisms, sometimes by exploiting legit authorizations of system security machanisms, sometimes by exploiting legit authorizations of system
entity that invoked it entity that invoked it
== Virus == === Virus ===
Malware that when executed, attempts to replicate itself and propigate itself. Malware that when executed, attempts to replicate itself and propigate itself.
== Worm == === Worm ===
Malware that can run independently and can propagate a complete working version Malware that can run independently and can propagate a complete working version
of itself onto other hosts on a network, by exploiting software vulns in the of itself onto other hosts on a network, by exploiting software vulns in the

2
tech/security.wiki
View File

@ -50,6 +50,8 @@ Hiding information
== [[malware|Malware]] == == [[malware|Malware]] ==
See [[malware]]
== Common attack vectors == == Common attack vectors ==
Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip