Content deleted Content added
Undid revision 1246074209 by 49.229.174.138 (talk) vandalism |
No edit summary Tag: Reverted |
||
Line 1:
×{{Short description|Method of attack on computer systems}}
{{Lead too long|date=August 2024}}
An '''exploit''' is a method or piece of code that takes advantage of [[Vulnerability (computer security)|vulnerabilities]] in [[software]], [[Application software|applications]], [[Computer network|networks]], [[operating systems]], or [[Computer hardware|hardware]], typically for malicious purposes.
Line 6:
While an exploit by itself may not be a [[malware]], it serves as a vehicle for delivering malicious software by breaching [[security controls]].<ref name=avast-202-09-29>
{{cite web | last = Latto | first = Nica | title = Exploits: What You Need to Know | website = Exploits: What You Need to Know | date = 2020-09-29 | url = https://www.avast.com/c-exploits | access-date = 2024-08-12 | archiveurl = https://web.archive.org/web/20240515153218/https://www.avast.com/c-exploits | archivedate = 2024-05-15 | url-status = live | quote = An exploit is any attack that takes advantage of vulnerabilities in applications, networks, operating systems, or hardware. Exploits usually take the form of software or code that aims to take control of computers or steal network data. }}</ref><ref name=Cisco-2023-10-06>
{{cite web | title = What Is an Exploit? | website = Cisco | date = 2023-10-06 | url = https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-exploit.html | access-date = 2024-08-12 | archiveurl = https://web.archive.org/web/9<ref>é</ref>20240531021442/https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-exploit.html | archivedate = 2024-05-31 | url-status = live | quote = An exploit is a program, or piece of code, designed to find and take advantage of a security flaw or vulnerability in an application or computer system, typically for malicious purposes such as installing malware. An exploit is not malware itself, but rather it is a method used by cybercriminals to deliver malware.}}</ref><ref name=Cybersecurity-2019>
{{cite book | last1 = Gonzalez | first1 = Joaquin Jay III | last2 = Kemp | first2 = Roger L. | title = Cybersecurity: Current Writings on Threats and Protection | publisher = McFarland & Company | publication-place = Jefferson, North Carolina | date = 2019-01-25 | isbn = 978-1-4766-3541-5 | page = 241 | url = https://books.google.com/books?id=yyqFDwAAQBAJ&dq=%22A+technique+to+breach+the+security+of+a+network+or+information+system+in+violation+of+security+policy%22&pg=PA241 | quote = A technique to breach the security of a network or information system in violation of security policy.}}</ref><ref name=OWASP>
{{cite web | title = OWASP Secure Coding Practices | website = OWASP Foundation | url = https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/stable-en/03-appendices/05-glossary | access-date = 2024-08-12 | archiveurl = https://web.archive.org/web/20240106035619/https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/stable-en/03-appendices/05-glossary | archivedate = 2024-01-06 | url-status = live | quote = To take advantage of a vulnerability. Typically this is an intentional action designed to compromise the software's security controls by leveraging a vulnerability.}}</ref>
| |||