ethical hacking chapt4

footprinting

A technique used to gather information about a network, organization, or individual to identify vulnerabilities.

Web tools for footprinting

Free online tools that help security testers (or attackers) collect data on a target network, such as WHOIS lookup, nslookup, and Shodan.

competitive intelligence

The process of legally gathering information about competitors to make strategic business decisions.

DNS zone transfer

A process where DNS records are copied from one DNS server to another, which can be exploited to reveal network structure details.

social engineering

The use of psychological manipulation to trick people into giving up confidential information.

cookie

A small piece of data stored on a user’s browser that tracks website activity and preferences.

dumpster diving

The act of searching through trash to find sensitive information, such as discarded documents or hardware.

phishing

A social engineering attack where attackers send fake emails or messages to trick users into revealing personal or sensitive information.

piggybacking

A security breach where an unauthorized person follows an authorized user into a restricted area.

shoulder surfing

Observing someone’s screen or keyboard to steal sensitive information like passwords or PINs.

spidering (or crawling)

The automated process of scanning websites to gather data, often used in reconnaissance for attacks.

spear phishing

A targeted phishing attack directed at a specific individual or organization, often using personalized details.

Web bug

A small, hidden tracking element embedded in emails or web pages to monitor user activity.

zone transfer

The process of copying DNS zone files between servers, which can be exploited to gather information about a network’s structure.