Professional Documents
Culture Documents
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
1
19. Remote File Inclusion (RFI) – The process of allowing an attacker to upload a
custom malicious file onto the website or server by code execution to deface a
webpage or gain access.
20. Scanning – A tool to map the network.
21. SearchSploit – A database with searchable preloaded exploit scripts.
22. Secure Socket Layer (SSL) – A standard technology for securing internet
connections and safeguarding any sensitive data being sent between two
systems, preventing criminals from reading and modifying any information
transferred, including potential personal details (The Ultimate Guide What is SSL,
TLS and HTTPS? (n.d.)).
23. Servers Status Codes
a. 1XX – informational
b. 2XX – Success Codes
c. 3XX – Redirection
d. 4XX – Client Error
e. 5XX – Server Error
24. Spidering – A technique of mapping a website either actively or passively
to identify all the pages accessible to any user.
25. SQL Injection – A code injection attack to take advantage of improperly filtered
user input to enumerate and manipulate a database through the escape
characters.
26. SQLMap – Automatic SQL injection and database enumeration tool.
27. SQLNinja – Automatic SQL injection and database enumeration tool.
28. SQL Post Injection – the use of the POST parameter for a
code injection attack.
29. Transmission Control Protocol (TCP) – A connection-oriented protocol with
a three-way handshake.
30. Transport Layer Security (TLS) - A protocol that provides authentication,
privacy, and data integrity between two communicating computer applications
(What is Transport Layer Security (TLS)? - Definition from WhatIs.com. (n.d.)).
31. Universal Datagram Protocol (UDP) – A connectionless-oriented protocol with
no handshake.
32. URL Manipulation – Used to gain access or information from a website when
poor users controls are implemented.
33. Vega – A web vulnerability scanner tool.
34. Wire Shark – A network protocol analyzer tool.
35. Zap – An attack proxy web scanner.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
2
References:
The Ultimate Guide What is SSL, TLS and HTTPS? (n.d.). Retrieved June 15, 2019, from
https://www.websecurity.symantec.com/security-topics/what-is-ssl-tls-https
What is Transport Layer Security (TLS)? - Definition from WhatIs.com. (n.d.). Retrieved June
15, 2019, from https://searchsecurity.techtarget.com/definition/Transport-Layer-Security-
TLS
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.