Glossary of Hacking Terms
BY
SPYSCAPE


Hackers have their own language and it is not all in code.

Real hackers and security experts have helped SPYSCAPE write a list of terms so you can cut through all the jargon and get to the heart of whats really going on in the murky work of hacking.

Alias
Youll need an alias - a false identity - to conceal a genuine one in the physical or digital worlds.

Backdoor
Secret entry points to a system or piece of software. Backdoors are either built into code, for governments and companies to access, or planted maliciously by hackers.

Blackhat
Blackhats are malicious hackers, out to infiltrate computer systems. They're in it for personal gain, looking for sensitive information, or to damage something. An intelligence service, perhaps. A bank. Maybe you.

Bitcoin
For a totally discreet purchase, you might consider using Bitcoin: a digital currency that you can freely trade and use to make anonymous purchases, both online and increasingly in the physical world.

Botnet
If someone wants to bring down something big or decrypt a particularly important file, they might need an army - an army of hacked and compromised computers. Thats a botnet. The hacker will point the botnet at the target and overload it until it crashes or reveals its secret.

Cipher
A cipher scrambles your message into nonsense by substituting (and adding to) the letters in it. For someone to read it, theyll either need the key or to be skilled at cryptanalysis.

Cryptanalysis
The art of deciphering coded messages without being told the key.
?
Cryptologist
You are a mathematical master of making and breaking codes.

Decryption
Break a code, with or without a key.

Distributed Denial of Service (DDoS)
A favorite way for hacktivists to topple an online target. Feed it too much. Cram it with so much traffic - known as junk packets - that the server gives in and the computer or website crashes. Thats a DDoS attack.

Doxing
If you want information on someone, you need to get their documents. Their docs. Thats doxing. Only now its not just docs. Its anything online: social accounts, images, personal data. It might take you a while, cross-referencing accounts and usernames, but its probably your only chance of discovering your targets real identity.

Encryption
How do you protect your data? Encrypt it with a cipher. If you want to read it again youll need to decrypt it with a key.

Grayhat
As a grayhat hacker you break the law by hacking systems without permission, but not out of malice. Maybe youre motivated by the potential for a reward or maybe you have a political goal (see Hacktivist).

Hacktivist
Youre not here to steal. Youre here to make a point. While activists might paint slogans on the wall, a hacktivist might make their political point by defacing an organizations website. (See also Grayhat.)

Junk packets
If a hacker wants to take a large website offline quickly, they might send it an enormous amount of junk packets. They are simple internet connection requests, like those sent by everyday users, except sent rapidly in great numbers at once, which will eventually crash the target - like trying to fit thousands of people into a revolving door.

Key
In secure, encrypted systems sometimes the same key - usually a string of letters and numbers - locks and unlocks your data. And sometimes the sender and recipient have different keys, which makes life even safer. Protect any keys that unlock important data: If your enemies find the key, youre doomed.

Malware
Short for 'malicious software', malware is any software or program designed to damage or hack its targets, including ransomware, RATs, and spyware.

Man in the middle
Someone who secretly hacks their way into communications between people or computers. The man in the middle can extract data from the traffic - or even insert their own data, so their targets hear what they want them to hear.
?
Operational Security (OpSec)
If you want to hold onto your secrets and identity, youll need good OpSec. That means hiding your IP address, not leaking any personal information, and keeping all your conversations private and not logged.

Penetration testing (Pentest)
If there are weak points in your computer network, you need to know about them before someone else does. So you run a penetration test (or pentest). You bring in the experts to deliberately attack your system. Theyll tell you where there are chinks in the armor - and how to fix them before its too late.

Phishing
That email in your inbox. It looked okay at first. But theres something slightly off about it and you dont recognize the sender. It could be phishing: a hook aiming to catch your private data. Spear-phishing is worse: a more targeted approach designed to look like its come from someone you trust. Beware but dont fret. If you ignore phishing emails, nothing can come of them.

Ransomware
The clues in the name. Ransomware (from ransom plus malware) steals your data and holds it hostage, demanding a bitcoin payment for its return. Some ransomwares even delete files for every minute the ransom isnt paid.

Remote administration tools (RATs)
RATs are well-named. Theyre pieces of software that hide in the dark corners of your computer. And once a RAT is in, it can give a hacker access. Sometimes full administrator access. Watch out for RATs.
hacker in front of computer coding

Script kiddy
If youre a seasoned hacker you look down on anyone who cant create hacking code from scratch and needs to borrow other peoples scripts and tools. You call them script kiddies.

Shell
A shell? More like a seed. This is a piece of code hackers plant on a website that gives them access whenever they want it. Once theyre in, they can start changing things in the network - and open up even more access.

Spyware
This is malware designed to monitor your computer and potentially steal your data.

Vulnerability
Is there a crack in your system? A weak spot, an error, some unusual code that a hacker can use to get in? Thats your vulnerability. And if youre not careful it could give someone access to your whole network.

Whitehat
Sometimes attack is the best form of defense. Thats why an organization hires you: the whitehat. Your mission is to break into the system: test it, find its weaknesses. Then show your client how to make it stronger. The better you attack, the better they can defend (also see penetration testing.)