the gnaa official encyclopedia to cyberwarfare
| com/the com: |
| com - refers to a decentralized community of people that do things like:
|
| OPSEC: |
|
opsec - operation security/operational security. the term on wikipedia does not apply to the com meaning of opsec. opsec refers to keeping your identity private by using encryption suites like vpn, fullzs (explained later), fake username identities, and anything to preserve your actual identity from being doxxed/leaked to the feds |
| ss/simswap/simjack/simmed/simming/simmer/simswapper: |
|
simswapping is a fraud method where a cybercriminal/threat actor se's (social engineer, explained later) a telecom employee to port a victims phone number and signal to a different phone (usually a space phone with a dumpster sim). when this happens, the criminal gains full access to the numbers sms, meaning they can essentially bypass mfa (2-factor authentication) and enter any account they want. a simmer or a simswapper is a person that does this. |
| fullz: |
|
a fullz or full information is a com term for stolen information from a person who was either doxxed or been attacked online in the past. people can use a fullz to e.g. do scamming, masquerade under different identities, or do financial fraud, mostly credit card fraud, also known as carding. |
| nn/unknown: |
|
if you are called a nn by a com person that means you are not known on the com and therefore anything you say is fucking retarded. stop being a nn kiddo |
| comp/beam: |
more commonly used in roblox bm (black market) or underground coms, beam or comp is the act of hijacking something/compromising something either using an exploit or social engineering. |
| iccid: |
|
integrated circuit card id, an important component that identitfies your sim card. do not give it to a simmer. |
| ran by: |
|
to get 'ran by' is to have your information exposed and compromised by someone, usually a deface message e.g. ran by team nigger |
| db/dumped db: |
|
a db is a database. a dumped db means a database that got leaked. |
| shell: |
|
to shell a site is to find a vulnerability and manage to inject a webshell, a php file that gives you access to read/write permissions (aka fuck the site up). |
| se: |
|
se (social engineering) is to trick someone either by reverse psychology or some other clever tactic for them to do whatever you want them to do, e.g. leak their info, expose some shit |
| skid: |
|
a skid/script kiddie is someone that steals code off of someone and claims credit or abuses it. fuck skids |
| leech: |
|
leeches, or leeching is getting stuff someone posted on a com forum without liking the thread or replying 'thanks' or some other complimentary thing to wipe their dicks clean. leeches are people who intentionally make alt accounts to leech. |
| textnow: |
|
textnow is a common service comtards use for swatting someone, as if paired with a good vpn like mullvad can make you essentially a nobody calling the cops on someone else |
| addy: |
|
to drop someones addy or 'addy dropper' or 'dropped' is to leak someones address, usually irl, ip or some other shit |
| dwc/deal with caution: |
|
dwc/deal with caution is a role applied to people who have previously scammed before and remain suspiscious. to be called dwc means everyone and anyone when dealing with you will automatically use a mm. |
| mm/middleman: |
|
a mm/middleman is someone who handles the transfer of funds to make sure no one scams. reputable middlemen like beam or zalgo have mm'd funds above 1000$, and some even mm fucking airplanes. most middlemen charge a fee. |
| triangle scam: |
|
a triangle scam involves person 1, the scammer, person 2, the victim, and person 3, the fake middleman. when person 2 sends the funds to the fake middleman, the fake mm sends it to person 1 directly and both block person 2. person 2 does not get the account, and is scammed by two scammers working together. to prevent this just get reputable middlemen and always cos (explained later) |
| cos/confirm onsite: |
|
cos is the smartest thing one can do when dealing. always double check tags and check if theres unicode characters in the discord tag, and always message on site first before dealing. |
| exiting: |
|
when the owner of a service (be it illegal) removes every trace of himself and the service on the internet and customers dont get refunds, an exit scam |
| fedded: |
|
fedded implies that a com person has either attracted the attention of the fbi/feds and they were arrested/shutdown or they got swatted. |
| pooron: |
|
slang used by so called 'rich commers' to indicate that you are indeed poor because your exodus crypto wallet has more zeros than he does (if you get it you get it) |
| jacked: |
|
to jack someones accounts is to hijack it. 'jacked your twitter' |
| c2 |
|
a c2 or a cnc (command and control) is a botnet, typically for ddosing |
| stresser |
|
a stresser is a shitty ddos panel |
| jitcoin: |
|
running joke in com about jitcoin being worth |
| smm: |
|
smm panels are social media panels that utilize a large amount of bots to give you a fuck ton of followers |
| proxy: |
|
proxies are for opsec purposes, to hide internet activity under an array of proxies either through some sort of script to rotate them or some other inventive openvpn bullshit. a polluted proxy are ones that are known by authorities/feds and may get you fedded |
| kyc: |
|
KYC or know your customer is an anti fraud measure used by cryptocurrency services to prevent money laundering or financial fraud. people on com sell kyc bypasses or help you do kyc challenges. |
| crypters: |
|
a crypter is a software that helps encrypt RATs (remote access trojans) to bypass the windows UAC (user account control) firewall/avast by assigning it a malformed certificate and other antivirus checkers. |
| TOX: |
|
good encrypted chat similar to signal |
| RDP: |
|
RDP - Remote Desktop, used to test stuff and to do cybercrime because no one can trace it back to you when you do funny tomfoolery (its a REMOTE desktop, you connect to it remotely lmao) |
| combolist: |
|
combolists are dehashed versions of dumped databases. most databases have their passwords hashed with something like MD5 (shit ones) or mostly BCRYPT or SHA256. Dehashing it implies that someone has cracked the hash and obtained the actual password, probably through something like a rainbow table or a common pg list (explained later). a combolist is a list of dehashed information from the db. |
| e-whoring: |
|
e-whoring is a common method used by depraved poorons trying to earn money by scamming horny people online. they are called whoretards and most successful ones are pretty rich and turn to some other place for profit. |
| bibles: |
|
a bible is a bunch of pdfs full of private methods to either help you get money or teach you the best way to do shit like simswapping, ewhoring, and other cybercrime. |
| newfag: |
|
a newfag is someone new to the com and is typically a fucking retard thinking he'll be the grand master hackerman in no time only to get ratted by someone. |
| hoa: |
|
hoa is the hall of autism on doxbin, filled with a bunch of the internets most retarded people getting their asses caught. |
| token logger: |
|
a discord token trojan. |
| cbing: |
|
chargebacking is the act of doing a chargeback on a paypal transaction to try and defraud someone in a deal. cbers usually get dwc in 5 seconds. |
| support pulling /spulling: |
|
spulling is se'ing the support staff of a social media website or other website to reactivate your account, steal a handle or other things. people who successfully spull get to resell them and earn some quick money. |
| b4u: |
|
b4u stands for buy for you and its basically someone buying things and shipping them to you/emailing it to you because your funds are obtained illegally. the seller then gets the illegal funds and then spends it all like a timebomb. |
| mixer: |
|
mixers or crypto mixers are services that 'mix' your dirty crypto (illegally obtained) by mixing the btc into different altcoins like solana or tron, then blends them together with different users of the service to obfuscate where the money came from. |
| cryptojacking: |
|
installing a crypto miner on peoples machines, or jacking their binance accounts. |
| drainer: |
|
drainers or more commonly nft drainers are fake fraud sites that masquerade as nft sites only to abuse the purchasing mechanic in metamask wallet and drain someones ethereum in seconds. drainers are very based. |
| jewing: |
|
to jew is to overprice something. an account jewer is someone who sells cheap 4chars at a price of 500$. |
| 1/2/3/4 chars: |
|
* char accs are ones that have short handles and come in a combo of numbers and letters. a 4 char can be p0zk, a 4 letter/4l can be kqmw. a 3 char is ae5, a 3l is aes |
| final: |
|
a final is a handle that is a real word and is short, easy to use and is the only singular form of it. for example, a final is 'Shoot', the very original form of the word itself. finals are worth a fuck ton and are usually priced 600$ ^. |
| semis: |
|
semis are forms of finals e.g. 'Shooting', 'databases' (it has an s), 'mainframes'. there are good and shit semis as usual. good semis are almost like finals, like 'databases' or 'mainframes', or 'radios'/'advantaging'. shit ones are too long, such as 'reauthentication'. semis are usually worth $160-300^ |
| invalid: |
|
invalids are handles that cannot be obtained. for example, long usernames or incredibly short ones or ones with emojis/invalid chars. they are usually priced at around 100$ to sometimes 6k$ depending on how good the handle is. |
| bp hosting: |
|
bp hosting or bulletproof hosting are hosting services that put their servers off shore so governments issuing subpoenas can stick their documents right up their ass, because they will get nothing. |
| ovh: |
|
used by com stressing services to protect their servers, and also can be hit off by c2s aswell. ovhs are one unique breed. |
| aio: |
|
an aio/all-in-one is a software suite that contains a lot of features for different sites. e.g. twitter botting, youtube botting, etc. basically multitool softwware. |