Ethical hacker 🟩 Profession
An ethical hacker is a computer security expert who uses his or her skills in a legal and authorised manner to test and improve the security of computer systems.
This is often called a pentester.
Phishing 🔴 Attack
Phishing is a fraudulent technique that consists of usurping the identity of a trusted person or organisation (bank, administration, online service, etc.) in order to obtain sensitive personal information (login details, bank card numbers, etc.).
Social engineering 🔴 Attack
Social engineering refers to the set of psychological manipulation techniques used by malicious individuals, often cybercriminals, to get people to divulge confidential information or perform actions that compromise the security of their personal data or that of their organisation.
These attacks do not directly target computer systems, but exploit human weaknesses, playing on emotions and cognitive biases such as trust (by pretending to be a trustworthy person), fear (of punishment or an urgent problem), urgency (to get a quick reaction), curiosity (with tempting lures), greed (promises of financial gain), altruism (asking for help for a cause), or ignorance.
SQL injection 🔴 Attack
SQL injection (SQLi) is a malicious technique used by attackers to compromise the security of a web application.
It involves inserting malicious SQL code into the input fields of a web application in order to manipulate the underlying database. It exploits vulnerabilities in the way the application processes user input and constructs its SQL queries.
Injection 🔴 Attack
An injection is a technique used by cybercriminals to insert malicious code into a computer system.
Once executed, this code can enable the attacker to :
Stealing sensitive data: personal and financial information, etc.
Take control of the system: to use it for malicious purposes (for example, to launch attacks against other systems).
Degrading services: by making a website or application unavailable (denial of service attack).