What Every Hacker Should Know: 27 Common Terms and Attack Techniques

1. Black Hat A black‑hat hacker attacks systems for illegal purposes, usually for financial gain, by destroying, stealing, modifying, or rendering data inaccessible, analogous to the villain wearing a black hat in old Western movies.

2. Backdoor A hidden pathway in a computer system that bypasses normal authentication, rendering password protection ineffective.

3. Brute‑Force Attack An automated, high‑intensity search of every possible password to break security and gain system access.

4. Doxing The practice of researching and publishing personal information about an internet user.

5. Gray Hat A hacker who attacks systems without personal or financial motives, often as part of political protest to embarrass or expose an organization.

6. IP Address The unique identifier or "fingerprint" of a computer on a network, used to identify users, track activity, or locate devices.

7. Keylogging Recording the keys a user presses so that attackers can capture login credentials and passwords.

8. Malware Software designed to control or steal data from a computer.

9. Phishing Sending emails that appear to come from legitimate sources to trick recipients into revealing personal information such as passwords, PINs, or credit‑card details.

10. Spoofing Altering a genuine email so it appears to originate from another source (e.g., a bank) and providing false instructions that compromise data security.

11. Spyware A type of malware that operates stealthily on a computer and silently transmits data to the attacker.

12. Whaling A targeted phishing attack aimed at senior executives to obtain highly sensitive information such as salaries, bonuses, private addresses, and contact details.

13. White Hat A hacker who uses their skills for social good, exposing vulnerabilities to help organizations improve security.

14. Vulnerability A flaw or misconfiguration in software, hardware, or protocols that allows unauthorized access or damage, including SQL injection, weak passwords, remote command execution, and privilege‑escalation bugs.

15. Malicious Program Any unauthorized program installed or executed on an information system to achieve illicit goals.

Malicious program is a program installed or executed without authorization to achieve improper purposes.

Common categories of malicious programs include:

1. Trojan Horse
   - Trojan horses steal personal information or remotely control computers. Variants include credential‑stealing, banking, espionage, remote‑control, traffic‑hijacking, downloader, etc.
2. Botnet (Zombie) Programs
   - Used to build large‑scale attack platforms; types include IRC, HTTP, P2P, etc.
3. Worms
   - Self‑replicating programs that spread via email, instant messaging, USB drives, or exploits.
4. Viruses
   - Infect files to corrupt or alter data, disrupting normal system operation.
5. Ransomware
   - Encrypts user data or locks devices and demands payment for decryption.
6. Mobile Internet Malware
   - Executes on mobile devices without user consent, performing actions such as malicious charging, data theft, remote control, propagation, resource consumption, system damage, fraud, and rogue behavior.
7. Others
   - Any malicious program not covered above.

16. Difference Between Viruses and Trojans

Virus:
   - Self‑replicating code that spreads by infecting files, exhibiting traits such as propagation, concealment, infection, latency, activation, and damage.
   - Lifecycle: development → infection → latency → outbreak → detection → mitigation → extinction.
Trojans:
   - Named after the Trojan horse; they do not self‑replicate but provide backdoors, modify registries, reside in memory, and allow remote control.
   - Key differences: viruses spread, trojans do not; viruses are noticeable, trojans operate silently; viruses aim to destroy, trojans aim to steal information.

17. Honeypot A deception technology that deploys bait systems to attract attackers, allowing defenders to capture and analyze attack methods, tools, and intentions, thereby improving overall security posture.

18. Dark Web The dark web is a subset of the deep web, accessible only through special browsers (e.g., Tor) and identified by .onion domains. It is distinct from the surface web and the broader deep web, which cannot be indexed by search engines.

19. Anti‑Virus Evasion ("Immunity") Techniques used to bypass antivirus detection, rendering security software ineffective.

20. APT Attack Advanced Persistent Threats are long‑term, sophisticated attacks carried out by nation‑states or organized groups to steal research, data, or intellectual property.

21. Exploit / POC

Exploit: A program that leverages a vulnerability to gain unauthorized access.

POC (Proof of Concept): A short, incomplete implementation that demonstrates the feasibility of an idea or vulnerability, proving that a flaw exists even if it cannot yet be exploited.

22. Internal Network Penetration The practice of testing and attacking internal corporate networks to discover sensitive data, code, or credentials stored behind firewalls.

23. Social Engineering Manipulating individuals through legitimate‑looking communication to obtain confidential information or perform actions that compromise security.

24. Data‑Breach Database ("Social‑Engineering Database") A repository that aggregates leaked or stolen data, enabling attackers to query personal details such as phone numbers, hotel records, or passwords.

25. Google Hacking Using search engines like Google to locate insecure web pages, misconfigurations, or vulnerable software exposed on the internet.

26. Database Dump (slang "脱裤") Illegally extracting an entire website’s database, including member information, for malicious use.

27. Privilege Escalation Gaining higher-level permissions (e.g., from a regular user to an administrator) after obtaining a web shell.

28. Zero‑Day Attack Exploiting a vulnerability that has no available patch; the term also refers to the undisclosed vulnerability itself.

29. Side Site / C‑Segment

Side Site: Accessing other websites hosted on the same server to pivot into the target site’s directory.

C‑Segment: Any machine within the same subnet that can potentially sniff credentials or other traffic.