Announcing month of new security buzzwords

Topics

Tags

Favorite Links

Translate

Security Books

Archives

Recent entries...

Announcing SecTemplates.com release #4: Vulnerability Management Program Release Pack 1.0

Announcing SecTemplates.com release #3: Bug bounty program pack 1.0

Announcing SecTemplates.com release #2: External penetration testing program pack 1.0

Announcing SecTemplates.com and the incident response program pack 1.0

20 years of CGISecurity: What appsec looked like in the year 2000

My experience coleading purple team

oAuth nightmares talk

Extensive IOS hacking guide released by Security Innovation

Presentation: Problems you'll face when building a software security program

Google's intentions are good, but implementation leave MORE users vulnerable to hacking than before

Twitter

Sponsored Ads

Sponsored Ads

The Web Security Mailing List

« New cert program for Application Security Specialists | Main | Metasploit shut down by FBI and DHS »

Announcing month of new security buzzwords

In the tradition of Month of Bugs we're pleased to announce the month of security buzzwords, complete with abbreviations.

#1 Remote Command Injection (RCI)
#2 Remote Filestream Inclusion (RFSI)
#3 Cam Jacking (CJ)
#4 Cross-Port Request Forgery (XPRF)
#5 Cross-Site Fixation (XSF)
#6 HTTP Gerbiling (HTTP-Gerbil)
#7 Host Request Splitting (HRS)
#8 Double Credential Reflection Looping (DCRL)
#9 Heap Showering (SHOWER)
#10 Proxy Jacking (PJ)
#11 HTTP Riding (HR)
#12 Tiny Blue Pill Attack (VIAGRA)
#13 Side Jacking (SJ)
#14 Reverse Backdoor Plugging (RBP)
#15 Active Site Scripting (ASS)
#16 Cloud Jacking (CJ)
#17 Proxy In The Middle attack (PITM)
#18 Cross-page Channel Smurfing (XPCS)
#19 Blue-Pill Obfuscation Bypass Internal Traversaling (PILLOBITing)
#20 Proxy Request Smuggling (PRS)
#21 Man in the Browser Helper Object (MITBHO)
#22 Stack Shattering (SS)
#23 HTTP Galloping (HORSEY)
#24 Cross Metadactyling (XMETA)
#25 Data Type Redirectioning (DTR)
#26 XSLT Foreign Object Insertion (XSLTROI)
#27 Cloud Surfing (CLOUDING)
#28 Stack Tumbling (STMBL)
#29 Cyber Jacking (CYBER)
#30 Cross-context Fixation (X-F)

Thanks to HD Moore and my co workers for helping compile this list, and PDP for the inspiration.

Posted by Robert A. on 04/01/2009 in Buzzwords , Funny | Permalink | Reddit

Comments

You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

You forgot "Cross Cross Cross - XXX"

Posted by: Anonymous | Apr 1, 2009 10:20:30 AM

Some of these sound less like computer exploit techniques and more like something you'd find on *ahem* some other less savory areas of the Internet.

Posted by: Anonymous | Apr 1, 2009 11:11:52 AM

Thanks for the credits. :) Btw, some of these "new terms" bring good ideas for research.

Posted by: pdp | Apr 2, 2009 1:48:11 AM

hmm, should have make an exploi, but "copy/paste-jacking" is great! :)

Posted by: romain | Apr 2, 2009 5:45:37 AM

Great list :-) Was disappointed to not find "Universal" anywhere, though.

Posted by: Brandon | Apr 3, 2009 10:07:03 AM

Post a comment