Free Book - External Exposure & Attack Surface Management for Dummies
A query and response protocol commonly used for querying databases storing registered users or assignees of internet resources. This includes information on the owners of a domain name, IP address block, or autonomous system. The response is delivered in a human-readable format, the current iteration of which was drafted by the Internet Society.
The records have played an essential role for organizations looking for a reliable resource for domain name registration and website ownership. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates the database.
Also known as a web app, a web application is software running on a web server that is accessed by users via a browser called a client. Google Docs is a common example of a web application.
Web applications are by nature Internet facing and running continuously so present an avenue of attack when coded with vulnerabilities or misconfigurations. Also they will oftentimes feature a front-end attached to one or more backend systems like authorization, authentication, accounting, directory service, or databases which are attractive targets for attackers.