computer criminals and security experts.
Security exploits
A security exploit is a prepared application that takes advantage of a known weakness.
Common examples of security exploits are SQL injection, Cross Site Scripting and Cross
Site Request Forgery which abuse security holes that may result from substandard
programming practice. Other exploits would be able to be used through FTP, HTTP,
PHP, SSH, Telnet and some web-pages. These are very common in website/domain
hacking.
Techniques of hacking
Vulnerability scanner
A vulnerability scanner is a tool used to quickly check computers on a network for known
weaknesses. Hackers also commonly use port scanners. These check to see which ports on
a specified computer are open or available to access the computer, and sometimes will
detect what program or service is listening on that port, and its version number. (Note that
firewalls defend computers from intruders by limiting access to ports/machines both
inbound and outbound, but can still be circumvented.)
Password cracking
Password cracking is the process of recovering passwords from data that has been stored
in or transmitted by a computer system. A common approach is to repeatedly try guesses
for the password.
Packet sniffer
A packet sniffer is an application that captures data packets, which can be used to capture
passwords and other data in transit over the network.
Spoofing attack (Phishing)
A spoofing attack involves one program, system, or website successfully masquerading as
another by falsifying data and thereby being treated as a trusted system by a user or
another program. The purpose of this is usually to fool programs, systems, or users into
revealing confidential information, such as user names and passwords, to the attacker.
Rootkit
A rootkit is designed to conceal the compromise of a computers security, and can
�represent any of a set of programs which work to subvert control of an operating system
from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to
prevent its removal through a subversion of standard system security. Rootkits may
include replacements for system binaries so that it becomes impossible for the legitimate
user to detect the presence of the intruder on the system by looking at process tables.
Trojan horses
A Trojan horse is a program which seems to be doing one thing, but is actually doing
another. A trojan horse can be used to set up a back door in a computer system such that
the intruder can gain access later. (The name refers to the horse from the Trojan War, with
conceptually similar function of deceiving defenders into bringing an intruder inside.)
Viruses
A virus is a self-replicating program that spreads by inserting copies of itself into other
executable code or documents. Therefore, a computer virus behaves in a way similar to a
biological virus, which spreads by inserting itself into living cells. While some are
harmless or mere hoaxes most computer viruses are considered malicious.
Worms
Like a virus, a worm is also a self-replicating program. A worm differs from a virus in
that it propagates through computer networks without user intervention. Unlike a virus, it
does not need to attach itself to an existing program. Many people conflate the terms
virus and worm, using them both to describe any self-propagating program.
Key loggers
A key logger is a tool designed to record (log) every keystroke on an affected machine
for later retrieval. Its purpose is usually to allow the user of this tool to gain access to
confidential information typed on the affected machine, such as a users password or other
private data. Some key loggers uses virus, trojan, and rootkit-like methods to remain
