Showing posts with the label technical terms

Vulnerability Research Dictionary

Refer to this page any time there's a vulnerability related term you want to better understand.
ASLR Address Space Layout Randomization. An exploit mitigation that randomizes the loading address of modules in memory to harden the system against exploits that depend on known memory addresses.
In Linux, the address of the heap, stack and external libraries is randomized.
In Windows the address of the code, heap, and stack is randomized. External libraries (DLLs) are randomized once when loaded, but their address is the same between separate processes.

Authentication Bypass A vulnerability that permits unauthorized users to bypass authentication and reach a protected resource or interface that would otherwise require authentication. Occasionally used as part of an exploit chain.

Brute-Force A methodology used to solve for an unknown value by exhausting all the possible options. Most commonly used as a password guessing technique, but can also be used to break ALSR by guessing the ra…