(3) Expressions That Are Regular And Grep Flashcards
What is a frequent task for security analysts?
A frequent task for security analysts is doing string (text) searches with grep.
Describe the -c, -i and -n flags in grep
-c Counts the number of occurrences
-i Matches both lower and upper case
-n Shows the matching line and line number
Describe the -v, -r, and -e flags in grep
-v shows all lines that do not match the string
-r reads all files under each directory recursively
-e When followed by a pattern, uses the pattern for a search (allows multiple patterns)
What are regular expressions (regex)?
Regex is commonly used in grep to match a flexible set of entries
When doing regular expressions (regex), what will using letters between the square brackets do? What will using an asterisk * do?
Using square brackets will match any of a set of characters, but using an asterisk * will match any number of occurrences of the previous character.
What is grep?
Grep is a powerful tool that is often combined with other command line functions to do complex searches or to prepare data to feed to other tools
How do you send data from one command line tool to another?
To send data from one command line tool to another, you use a pipe, which is the “|” symbol.
knowing how to use pipes to combine data from multiple commands is useful for security analysts if you want to combine multiple regular expressions
What is JSON?
JSON uses JavaScript notation and human-readable text for data interchange
What is XML?
XML is a markup language, it is machine and human readable, and has a broad application to multiple areas
To determine if a file is encoded with JSON, what do we need to look for?
To determine if a file is encoded in JSON, one needs to look for curly brackets opening and closing statements
How would one determine if a file was using XML?
An XML file would use angle brackets to open and close statements, similar to HTML
