Penetration Testing
Penetration testing is an authorized, simulated cyberattack against a system, network, or application performed to identify exploitable security vulnerabilities before real attackers can find and abuse them.
17 resources across 2 libraries
Glossary Terms(16)
OWASP
OWASP (Open Worldwide Application Security Project) is a nonprofit foundation dedicated to improving software security through open, community-driven resources…
SQL Injection
SQL Injection is a web security vulnerability where an attacker inserts malicious SQL statements into an application's input fields, tricking the backend datab…
Nessus
Nessus is a widely used vulnerability scanning tool developed by Tenable that identifies security weaknesses, misconfigurations, and missing patches across net…
Wireshark
Wireshark is a free, open-source network protocol analyzer that captures and inspects network traffic in detail, allowing security professionals and network en…
Metasploit
Metasploit is an open-source penetration testing framework that provides a library of exploits, payloads, and auxiliary modules for discovering, validating, an…
Nmap
Nmap (Network Mapper) is a free, open-source command-line tool used to discover hosts and services on a network by sending packets and analyzing the responses,…
Penetration Testing
Penetration testing is an authorized, simulated cyberattack against a system, network, or application performed to identify exploitable security vulnerabilitie…
Red Team
A red team is a group of security professionals who simulate real-world adversary tactics against an organization to test and improve its detection and respons…
Bug Bounty Program
A bug bounty program is an initiative where an organization invites independent security researchers to find and responsibly report vulnerabilities in its syst…
Vulnerability Assessment
A vulnerability assessment is a systematic process of identifying, classifying, and prioritizing security weaknesses in systems, networks, or applications, typ…
Social Engineering
Social engineering is the use of psychological manipulation to trick people into divulging confidential information, granting access, or performing actions tha…
Zero-Day Vulnerability
A zero-day vulnerability is a software flaw that is unknown to the vendor and has no available patch, meaning defenders have had "zero days" to fix it before i…
CVE (Common Vulnerabilities and Exposures)
CVE (Common Vulnerabilities and Exposures) is a publicly maintained catalog that assigns a unique, standardized identifier to each publicly disclosed cybersecu…
OWASP Top 10
The OWASP Top 10 is a regularly updated awareness document published by the Open Worldwide Application Security Project that ranks the ten most critical securi…
PCI DSS
PCI DSS (Payment Card Industry Data Security Standard) is a set of security requirements created by major card brands that all organizations handling, processi…
Kali Linux
Kali Linux is a Debian-based Linux distribution purpose-built for penetration testing, digital forensics, and security research, pre-loaded with hundreds of sp…