mirror of
https://github.com/sundowndev/hacker-roadmap.git
synced 2024-11-27 13:41:11 +00:00
[Content:Vocabulary] Different kinds of Infosec
This commit is contained in:
parent
ed8ce5b25e
commit
ee5bac7763
1 changed files with 14 additions and 1 deletions
15
README.md
15
README.md
|
@ -31,7 +31,6 @@ This repository is a guide for amateurs pen testers and a summary of hacking too
|
|||
* [Exploitation Tools](#wrench-exploitation-tools)
|
||||
* [Sniffing & Spoofing](#busts_in_silhouette-sniffing--spoofing)
|
||||
* [Web Hacking](#rocket-web-hacking)
|
||||
* [Private Web Hacking](#zap-private-web-hacking)
|
||||
* [Post Exploitation](#tada-post-exploitation)
|
||||
* [Frameworks](#package-frameworks)
|
||||
* [Additional resources](#additional-resources)
|
||||
|
@ -55,12 +54,26 @@ This repository aim first to establish a reflection method on penetration testin
|
|||
|
||||
## Some vocabulary
|
||||
|
||||
**Infosec** : ...
|
||||
|
||||
**Opsec** : ...
|
||||
|
||||
**Black/grey/white hat hacker** : Someone who uses bugs or exploits to break into systems or applications. The goal and the method differs depending if he's a black, grey or white hat hacker. A black hat is just someone malicious that does not wait permission to break into a system or application. A white hat is *usually* a security researcher who practice ethical hacking. A grey hat is just in the middle of these two kind of hackers, he might want to be malicious if it can be benefit (data breach, money, whistleblowing ...).
|
||||
|
||||
**Penetration tester** : Most likely a white hacker who test applications and systems to secure them or find vulnerabilities.
|
||||
|
||||
**Security researcher** : Someone who practice pen testing and browse the web everyday to find phishing/fake websites, infected servers, bugs or vulnerabilities. He can work for a company so he's responsible for the security of systems.
|
||||
|
||||
**Red teamer** : ...
|
||||
|
||||
**Blue teamer** : ...
|
||||
|
||||
**Reverse engineer** : ...
|
||||
|
||||
**Social engineer** : ...
|
||||
|
||||
**Threat analyst** : ...
|
||||
|
||||
### Difference between hacking and ethical hacking
|
||||
|
||||
A black hat is practicing penetration testing, but unlike a white hat, this is not ethical hacking. Ethical hacking is about find vulnerabilities and improve the security of a system. An ethical hacker is the ultimate security professional. Ethical hackers know how to find and exploit vulnerabilities and weaknesses in various systems, just like a malicious hacker (a black hat hacker). In fact, they both use the same skills; however, an ethical hacker uses those skills in a legitimate, lawful manner to try to find vulnerabilities and fix them before the bad guys can get there and try to break in. An ethical hacker is basically a white hat hacker.
|
||||
|
|
Loading…
Reference in a new issue