| Malware | Exploits That Somehow Still Happen | Tools For Completely Legal Activites | Come On, Guys | Bad Encryption |
|---|---|---|---|---|
|
What is ransomware?
This kind of malware encrypts users' files and demands payment to unlock them
|
What is a macro virus?
This kind of virus can be baked directly into a Microsoft Office document and run automatically when opened
|
What is nmap?
This tool lets you check for open ports on a host
|
What is 123456?
The most common password among users of Adobe's website, according to a 2013 data breach
|
What is a substitution cipher?
A general type of cipher where one character is replaced with another
|
|
What is a worm?
This kind of malware autonomously propagates, usually through e-mail
|
What is SQL injection?
Putting a semicolon after a query in a website's input form means you're probably trying to do this
|
What is John the Ripper?
This tool applies dictionary and brute-force attacks to crack password hashes extremely quickly
|
What is a password hint?
Something that most users had set to the exact same thing as their password, according to the 2013 Adobe data breach
|
What is ABC code / multi-tap code / phone keypad code?
1-800-222666333
|
|
What is the e-mail body sent by the ILOVEYOU / Loveletter worm?
"Kindly see the attached LOVELETTER coming from me."
|
What is a drive-by download?
When a file is downloaded and run on your computer without your knowledge after visiting a website
|
What is shred?
This UNIX utility lets you delete files without leaving any traces
|
What is a rogue antivirus?
Sometimes called a "rogue" for short, this is a particular kind of trojan horse that tries to scare users into buying it
|
What is MD5?
This cryptographic hash algorithm is infamous for failing at collision resistance
|
|
What was the first virus ever written to target personal computers?
Brain.A
|
What is a buffer overflow/buffer overrun?
When you use "strcat" instead of "strncat" in a C program, you're potentially vulnerable to this
|
What is Aircrack-ng?
One of the things this suite of software can do is crack into insecure WEP/WPA2 wifi networks
|
What is Facebook?
In 2019, this social media platform leaked 267 million+ IDs, phone numbers, and names because a database was accidentally set to public
|
What is DES?
This symmetric encryption algorithm is a bit insecure, so just do it three times in a row
|
|
What is Welchia?
This worm's payload actually helps the user by removing infections of the Blaster worm and installing security patches
|
What is (URL-encoded) shellcode?
An example of this, from the CodeRed worm, would be: %u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801
%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3 %u0003%u8b00%u531b%u53ff%u0078%u0000%u00 |
What is Powersploit?
This suite of powershell scripts is meant to be run on a victim's machine to perform keylogging, data exfiltration, etc.
|
What is Hashdump?
This student-run organization let a perfectly good domain name expire so it could be taken by a porn site
|
What is RC4?
The stream cipher that makes WEP insecure
|
Support Us on Ko-fi