Reconnaissance – The process of gathering as much information about a target as possible.
Reconnaissance looks for valuable information such as:
Social Engineering techniques used during recon:
Technical Exploits are active methods for gathering deeper information:
Defense in Depth – Multiple layers of defense designed to make it more difficult for attackers to reach critical assets.
Principle of Least Privilege – Users should only have the minimum access required to perform their jobs.
Early password policy standards originated from Bill Burr (NIST), who introduced periodic password change requirements.
| Term | Definition |
|---|---|
| Social Engineering | Manipulating people to gain unauthorized information or access. |
| Impersonation | Pretending to be someone with authority or trust. |
| Pretexting | Creating a fabricated scenario to extract information. |
| Phishing | Fraudulent emails or messages tricking users into revealing data. |
| Vishing | Voice phishing via phone calls. |
| Smishing | Phishing via SMS/text messages. |
| Pharming | Redirecting users to malicious websites without their knowledge. |
| Typosquatting | Using misspelled domain names to capture traffic. |
| Business Email Compromise (BEC) | Impersonating executives to defraud organizations. |
| Watering Hole Attack | Compromising websites frequently visited by targets. |
| OSINT | Open Source Intelligence – gathering information from public sources. |
Why it works:
Motivations used:
Process:
| Term | Definition |
|---|---|
| Malware | Malicious software designed to disrupt, damage, or gain unauthorized access. |
| Trojan | Malicious program disguised as legitimate software. |
| PUPs | Potentially Unwanted Programs, often bundled with downloads. |
| Virus | Code that attaches to files/programs and spreads when executed. |
| Malicious Process | Any unauthorized or harmful running process. |
| Worm | Self-replicating malware that spreads without user action. |
| Shellcode | Exploit payload providing control of a system. |
| APT | Advanced Persistent Threat – prolonged, targeted attack. |
| Adware | Software that automatically delivers ads. |
| Spyware | Software that secretly monitors user activity. |
| Keylogger | Records keystrokes to capture sensitive data. |
| Backdoor | Hidden entry point bypassing normal authentication. |
| RAT | Remote Access Trojan – allows remote control of systems. |
| Botnet | Network of compromised devices controlled by attackers. |
| C2C (C2) | Command and Control server used to manage malware. |
| Covert Channel | Hidden communication path to exfiltrate data. |
| IRC | Internet Relay Chat – sometimes used for botnet control. |
| Rootkit | Stealthy malware that hides its presence and activities. |
| Ransomware | Encrypts data and demands payment for release. |
| Crypto-Miner | Malware hijacking system resources to mine cryptocurrency. |
| Logic Bomb | Malicious code triggered by specific conditions. |
Prevention and Recovery:
Practice Resource: trycyber.us/challenges