| No. | Item | Definition |
|---|---|---|
| 1. | alert | notification of suspicious activity |
| 2. | artifact | trace left by activity |
| 3. | attack surface | all reachable points of attack |
| 4. | authentication | verifying claimed identity |
| 5. | authorization | granting permitted actions |
| 6. | backdoor | hidden access method bypassing controls |
| 7. | banner grabbing | reading service banners for details |
| 8. | beacon | periodic callback to controller |
| 9. | binary | compiled executable program file |
| 10. | bind shell | shell waiting for inbound connection |
| 11. | botnet | network of controlled infected devices |
| 12. | buffer overflow | writing beyond allocated memory |
| 13. | C2 | command and control infrastructure |
| 14. | callback | connection initiated back to operator |
| 15. | command injection | injecting operating system commands |
| 16. | cookie | browser-stored session data |
| 17. | crack | recover plaintext from a hash |
| 18. | credential | username and secret for access |
| 19. | CSRF | forged request from authenticated user |
| 20. | CVE | public identifier for vulnerability |
| 21. | debugger | tool for inspecting program execution |
| 22. | decompiler | tool converting binaries to code |
| 23. | directory traversal | accessing files outside web root |
| 24. | DNS | system translating names to addresses |
| 25. | domain | human-readable internet name |
| 26. | EDR | endpoint detection and response tool |
| 27. | encryption | scrambling data with a key |
| 28. | enumeration | extracting detailed target information |
| 29. | evasion | bypassing defensive detection |
| 30. | exfiltration | unauthorized data removal |
| 31. | exploit | code or technique abusing a flaw |
| 32. | finding | documented issue discovered during test |
| 33. | fingerprinting | identifying software or systems |
| 34. | firewall | filters network traffic by rules |
| 35. | forensics | investigation of digital evidence |
| 36. | FTP | file transfer protocol |
| 37. | fuzzing | sending malformed inputs to find bugs |
| 38. | hardening | reducing attack opportunities |
| 39. | hash | fixed-length digest of data |
| 40. | host | network-connected computer or device |
| 41. | HTTP | web transfer protocol |
| 42. | HTTPS | encrypted web transfer protocol |
| 43. | IDS | detects suspicious activity |
| 44. | impact | harm caused by exploitation |
| 45. | IOC | indicator of compromise |
| 46. | IP address | numeric network location identifier |
| 47. | IPS | blocks detected malicious activity |
| 48. | keylogger | tool recording keystrokes |
| 49. | kill chain | stages of an attack |
| 50. | lateral movement | moving across compromised systems |
| 51. | listener | service waiting for incoming shells |
| 52. | log | record of system events |
| 53. | malware | software designed to cause harm |
| 54. | memory dump | captured contents of system memory |
| 55. | MFA | multiple factors for login verification |
| 56. | misconfiguration | unsafe or incorrect system setup |
| 57. | MITRE ATT&CK | framework of adversary behaviors |
| 58. | NAT | address translation between networks |
| 59. | obfuscation | making code harder to analyze |
| 60. | opsec | protecting operational secrecy |
| 61. | OSINT | publicly available intelligence gathering |
| 62. | password spray | few passwords across many accounts |
| 63. | patch | update correcting a flaw |
| 64. | payload | code delivered after exploitation |
| 65. | persistence | maintaining access over time |
| 66. | phishing | deceptive message to steal access |
| 67. | pivot | route attacks through compromised host |
| 68. | port | network endpoint for communication |
| 69. | post-exploitation | actions after initial compromise |
| 70. | privilege escalation | gaining higher access rights |
| 71. | proof of concept | demonstration that exploit works |
| 72. | race condition | timing flaw causing unsafe behavior |
| 73. | RCE | remote code execution vulnerability |
| 74. | reconnaissance | information gathering before an attack |
| 75. | remediation | steps to fix an issue |
| 76. | reverse shell | shell connecting back to attacker |
| 77. | RFI | remote file inclusion flaw |
| 78. | risk | likelihood and impact combined |
| 79. | rules of engagement | agreed limits and procedures |
| 80. | scan | probe systems for information |
| 81. | scope | authorized boundaries of testing |
| 82. | service | networked program listening for requests |
| 83. | session | active connection to compromised host |
| 84. | severity | how serious an issue is |
| 85. | shell | command-line access on a system |
| 86. | social engineering | manipulating people for access |
| 87. | spoofing | forging identity or source |
| 88. | TLS | protocol securing network communications |
| 89. | token | data granting authenticated access |
| 90. | trojan | malware disguised as legitimate software |
| 91. | TTP | tactics, techniques, and procedures |
| 92. | tunnel | encapsulated communication channel |
| 93. | use-after-free | using memory after release |
| 94. | vulnerability | a weakness attackers can abuse |
| 95. | WAF | filters web application traffic |
| 96. | web shell | server-side script for control |
| 97. | wordlist | list of candidate passwords |
| 98. | XSS | injected script running in browser |
| 99. | XXE | XML external entity vulnerability |
| 100. | zero-day | unknown unpatched vulnerability |

