teenagers or inexperienced threat actors running existing scripts, tools, and exploits, to cause harm, but typically not for profit
Script Kiddie
tools used to probe network devices, servers, and hosts for open TCP or UDP ports.
network scanning and hacking tools
tools are used to probe and test a firewall’s robustness using specially crafted forged packets
packet crafting tools
occurs when threat actors have positioned themselves between a source and destination
man-in-the-middle attack (MiTM)
an attack that prevents normal use of a computer or network by valid users.
denial-of-service (DoS) attack
hackers who rally and protest against different political and social ideas
Hacktivists
tools used to capture and analyze packets within traditional Ethernet LANs or WLANs
packet sniffers
These tools identify whether a remote host is vulnerable to a security attack.
vulnerability exploitation tools
when a threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet
IP address spoofing attack
occur when a threat actor has captured enterprise traffic and has altered the data in the packets without the knowledge of the sender or receiver.
data modification attack
hackers who are either self-employed or working for large cybercrime organizations
Cybercriminal
Systems with specially designed operating systems preloaded with tools and technologies optimized for hacking.
hacking operating systems
tools safeguard the contents of an organization’s data when it is stored or transmitted.
encryption tools
when a threat actor captures and listens to network traffic.
eavesdropping attack
occur when a threat actor obtains the credentials for a valid user account.
password-based attacks
threat actors who steal government secrets, gather intelligence, and sabotage networks of foreign governments.
State-Sponsored hackers
tools used by black hats to reverse engineer binary files when writing exploits
debuggers
Used to sniff out any trace of evidence existing in a particular computer.
forensic tools
occurs when a threat actor obtains a secret key
compromised key attack
when an application or device can read, monitor, and capture network data exchanges and read network packets.
sniffer attack
hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.
Vulnerability brokers
These tools scan a network or system to identify open ports. They can also be used to scan for known vulnerabilities and scan VMs, BYOD devices, and client databases
vulnerability scanners
tools used by threat actors when attempting to discover a computer system’s security vulnerabilities
fuzzers to search vulnerabilities