The method or pathway that an attacker employs to exploit vulnerabilities in a system or network to carry out an attack.

An individual, group, or entity that carries out malicious activities with the intent to compromise the security of a system or network.

A stream of real-time or regularly updated information about current and emerging cybersecurity threats.

The process of addressing and mitigating security threats or vulnerabilities in a system or network.

the sum of all the points or areas in a system, network, or application that are vulnerable to potential security threats.

Involves collecting information without directly interacting with the target. This can include searching public records, social media profiles, WHOIS databases, and other publicly available sources.

Taking information from publicly available websites and web pages.

Involves actively probing the target systems to gather information. This may include network scanning, port scanning, and other techniques to discover live hosts, open ports, and services.

A term used to define the technique of mapping out a network.

A term used to define the technique of finding very detailed information about a target on a network.

• Very fast and aggressive.

• Increases the chances of being detected and can put a heavier load on the network and target system.

• Slower than the default.

• Intended to be stealthy but still reasonably fast.

• Faster and more aggressive than the default.

• Can increase the likelihood of detection but provides quicker results.

• Default timing template.

• Balances speed with caution to avoid causing disruption.

• A balanced and moderate timing template.

• It is often a good choice for general-purpose scanning.