This guide is designed for security researchers. It provides advice on which words to use in reports, how they should look in the middle of a sentence, and how to pronounce them out loud. Since the terms are listed alphabetically, you’ll find serious usage advice right next to playful entries about internet culture.
Each term in the guide earned its place by being unintuitive in some way:
• It may look like a non-technical word (execute, pickling, shell),
• It may be uniquely written (BeEF, LaTeX, RESTful),
• It may not follow a clear pattern (web page vs. website),
• It may have a very specific technical distinction (invalidated vs. unvalidated),
• Or its meaning may change depending on the context (crypto, PoC, red teaming).
Language is always evolving, and those changes are especially visible in an innovative field like information security. This guide aspires to record those changes in vocabulary and encourage researchers to use language intentionally as the digital lexicon continues to grow. Learn more about what guides our style choices in Appendix A.