Get started

Bring yourself up to speed with our introductory content.

Hacker Tools and Techniques Underground Sites and Hacking Groups

  • watering hole attack

    A watering hole attack targets a specific group of users by infecting websites group members like to visit. The name watering hole attack is inspired by predators in the natural world who lurk near watering holes, looking for opportunities to attack... Continue Reading

  • man-in-the-middle attack (MitM)

    A man-in-the-middle attack is one in which the attacker secretly intercepts and relays messages between two parties who think they are communicating directly with each other. Continue Reading

  • card-not-present fraud (card-not-present transaction)

    Card-not-present (CNP) fraud is the unauthorized use of a payment card to conduct a card-not-present transaction, in which there is no face-to-face contact between purchaser and merchant, and the cardholder cannot or does not physically present the ... Continue Reading

  • evil twin

    An evil twin, in security, is a rogue wireless access point that masquerades as a legitimate hot spot. Continue Reading

  • pass the hash attack

    A pass the hash attack is an NT LAN Manager (NTLM)-based technique in which an attacker steals a hashed user credential and, without cracking it, reuses it to trick a Windows-based authentication system into creating a new authenticated session on ... Continue Reading

  • ethical hacker

    An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.Continue Reading

  • Rescator

    Rescator is the name of an underground online forum which allegedly sold credit card data stolen from customers who shopped at the United States discount retail chain, Target. Continue Reading

  • domain fluxing

    Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.Continue Reading

  • cold boot attack

    A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.Continue Reading

  • attack vector

    An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.Continue Reading

  • differential power analysis (DPA)

    A differential power analysis (DPA) attack is an exploit based on analysing the correlation between the electricity usage of a chip in a smart card and the encryption key it contains.Continue Reading

  • voluntary botnet

    A voluntary botnet is a distributed network of computers whose processing power is harnessed to carry out a political or socially-motivated denial of service (DoS) attack.Continue Reading

  • TDL-4 (TDSS or Alureon)

    TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.  The program is the fourth generation of the TDL malware, which was itself based on an earlier malicious program known as TDSS or Alureon.Continue Reading

  • privilege escalation attack

    A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.Continue Reading

  • domain rotation

    Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist...Continue Reading