Showing posts with the label technical terms

Vulnerability Research Dictionary

Refer to this page any time there's a vulnerability related term you want to better understand.
ASLR Address Space Layout Randomization. An exploit mitigation that randomizes the loading address of modules in memory to harden the system against exploits that depend on known memory addresses. Usually bypassed via brute-force or a memory disclosure vulnerability.

Authentication Bypass A vulnerability that permits unauthorized users to bypass authentication and reach a protected resource or interface that would otherwise require authentication. Occasionally used as part of an exploit chain.

Brute-Force A methodology used to solve for an unknown value by exhausting all the possible options. Most commonly used as a password guessing technique, but can also be used to break ALSR by guessing the random loading address.

Buffer Overflow A memory vulnerability where data is written past the bounds of a certain sized allocation (buffer), overwriting the following data in memory. When a bu…