4.1 Tool to assess organizational security Flashcards

1
Q

Reconnaissance tools: what is traceroute ?

A

Network diagnostic tool that helps determine the path packets take from a source to a destination. It is primarily used for troubleshooting network connectivity issues, identifying network bottlenecks, and understanding the path taken by packets.
Use Traceroute when you want to trace the path packets take from a source to a destination, identify network hops, measure round-trip times, and troubleshoot network connectivity issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Reconnaissance tools: what are the commands in Linux & Windows to traceroute a packet ?

A
  • Windows: tracert
  • Linux: traceroute
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Reconnaissance tools: what is the mechanics of traceroute (how does it work)?

A

Takes advantage of ICMP Time to Live (TTL) exceeded error message.

Ex: TTL=1 is the first router, TTL=2 is the second router etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Reconnaissance tools: what nslookup command for ?

A

Command-line tool available on many operating systems for querying DNS servers and performing basic DNS lookups. It allows users to manually query DNS servers and retrieve information about domain names, IP addresses, name servers, and other DNS records. Nslookup is commonly used for simple DNS troubleshooting, verifying DNS resolution, and checking DNS configurations. However, its feature set is relatively limited compared to Dig. In recent years, the functionality of nslookup has been largely superseded by more advanced tools like Dig.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Reconnaissance tools: what ipconfig and ifconfig command for ?

A

Determine IP and network information
- ipconfig: windows
- ifconfig: linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Reconnaissance tools: what ping command for ?

A

Test reachability of an IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Reconnaissance tools: what pathping command for ?

A

Combines the functionalities of ping and traceroute. It is a Windows-specific command-line utility that measures packet loss, round-trip times, and other network performance metrics. Use PathPing when you need a combination of Ping and Traceroute functionalities. It provides information about latency and packet loss at each hop along the network path, making it useful for diagnosing intermittent connectivity issues and identifying network segments with performance problems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Reconnaissance tools: what netstat command for ?

A

It stands for network statistics and show network status and protocol statistics:
- netstat -a: show all active connection
- netstat -b: show binaries (windows)
- netstat -n: do not resolve names

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Reconnaissance tools: what is ARP ?

A

Address Resolution Protocol determine a MAC address based on an IP address (you need the hardware address to communicate)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Reconnaissance tools: is there a command to see MAC address ?

A

Using the arp command:
- arp -a: view local ARP table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Reconnaissance tools: what curl command for ?

A

It stands for Client URL and allow to grab the raw data (html) from a websites and display it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Reconnaissance tools: why using curl command ?

A

To be able to see the source code of a website and search through it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Reconnaissance tools: what is hping ?

A

Command-line network tool known for packet crafting, network scanning, and testing. It allows you to craft and send customized packets with specific characteristics, such as source and destination IP addresses, ports, protocols, flags, and payloads.
Use Hping when you require advanced network scanning, port scanning, or packet manipulation capabilities for network testing, security assessments, or troubleshooting purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Reconnaissance tools: what is nmap ?

A

It stands for network mapper. It can port scan, discover OS, service scan, can use script

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Reconnaissance tools: what is OSINT ?

A

OSINT skills are the abilities and knowledge necessary to collect, analyze, and use information from open sources for various purposes.

Ex of OSINT tool: theHarvester

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Reconnaissance tools: what is sn1per ?

A

Penetration testing tool and scanner designed for reconnaissance, vulnerability scanning, and information gathering. It combine many tools: dnsenum, metasploit, nmap, wfuzz, nikto etc

17
Q

Reconnaissance tools: what can be a problem when you do a scan? how to prevent it ?

A

Your device can be identify as the source of the scan. To prevent from this, you can scan from a different host (for ex a proxy)
Scaless tool can be use for this type of scan

18
Q

Reconnaissance tools: what dsnenum command for ?

A

DNSenum is a specialized tool for DNS enumeration and information gathering. It focuses on discovering DNS-related information about a target domain, such as subdomains, DNS records, zone transfers, reverse DNS lookups, and DNSSEC configurations. DNSenum automates the process of gathering DNS data and provides a comprehensive view of the DNS infrastructure of a domain. It is commonly used in reconnaissance and information gathering during penetration testing and security assessments to identify potential targets and vulnerabilities related to DNS configurations.

19
Q

Reconnaissance tools: what is nessus for ?

A

A vulnerability scanner The most popular because it has a very large DB

20
Q

Reconnaissance tools: what is cuckoo for ?

A

A sandbox (a virtual env) for malware.
It test a file in a safe environement and can track & trace API calls, network traffic, memory analysis, traffic captures etc

21
Q

File manipulation tools: what cat command for ?

A

Show the content of a file on linux machines

22
Q

File manipulation tools: what head command for ?

A

View the first part of a file (linux)

Ex: head -n 5 syslog: view the 1st 5 line of syslog file

23
Q

File manipulation tools: what tail command for ?

A

View the last part of a file. Same syntax as the head command

24
Q

File manipulation tools: what grep command for ?

A

Find text in a file

Ex: grep failed auth.log: find the word ‘failed’ in the auth.log file

25
Q

File manipulation tools: what chmod command for ?

A

Change the permission of a file:
- r= read; w=write, x= execute
- set for the file owner (u), the group (g), others (o) or all (a)

Ex: chmod 744 script.sh

26
Q

File manipulation tools: explain chmod permission

A

If you use the chmod command, you give permission through number. Hence:
- 0: none; —
-1: Execute only; –x
-2: Write only; -w-
-3: Write and execute; -wx
-4: Read onlt; r–
-5:Read and execute; r-x
-6: Read and write; rw-
-7: Read, write and execute; rwx

27
Q

File manipulation tools: explain this command “-rwxr–r–” ?

A

This display when you list the content of a directory (ls -la). The mode (ex: -rwxr–r–) are listed before and can be divided into 4 pieces. In our example of -rwxr–r– :
- the piece is the “-“ which is the type of object ‘-‘ for file, d for directory
- rwx are for the user’s permission (7)
- r– is for group permission (4)
- r– is for others permission (4)

28
Q

Shell & script env: what is SSH?

A

Encrypted console communication that is more secure than Telnet

29
Q

Shell & script env: what is Windows Powershell?

A

Command line administrator for Windows. You can manage windows OS and run scripts in the powershell

30
Q

Shell & script env: what is Open SSL for ?

A

A toolkit and crypto library for SSL/TLS. It can build certificate and manage SSL/TLS communication

31
Q

Packet tools: what is Wireshark for ?

A

A packet analyzer. it gather frames on the network and help to identify unknown traffic, verify packet filtering and security controls

32
Q

Packet tools: what is a tcpdump ?

A

Command-line packet capture tool used for capturing and analyzing network traffic. It allows users to monitor and capture network packets in real-time or from pre-captured packet capture files. Tcpdump captures packets at the data link layer and provides detailed information about each packet, including source and destination addresses, protocols, headers, and payload. It is commonly used for network troubleshooting, protocol analysis, security monitoring, and forensic investigations.

33
Q

Packet tools: what is a tcpreplay ?

A

command-line tool used for replaying captured network traffic back onto a network interface. It takes packet capture files (e.g., pcap files) generated by tools like Tcpdump and replays the captured packets onto a network in the same order and timing as they were originally captured. The purpose of Tcpreplay is to recreate network traffic scenarios for testing, benchmarking, or simulating real-world network conditions. It allows users to replay captured network traffic and observe how systems or network devices respond to that traffic.

34
Q

Forensic tools: what is the dd comand for ?

A

Allows to create a bit by bit copy of a drive/ directory

Ex: dd if=/dev/sda of=/tmp/sda-image.img to create a disk image
dd if=/tmp/sda-image.img of=/dev/sda to restore from an image

35
Q

Forensic tools: what is the memdump comand for ?

A

Copy information in system memory to the standard output stream. Therefor, everything that happens is in memory

36
Q

Forensic tools: what is WinHex?

A

A hexadicimal editor used for analyzing and editing binary files, disk drives, and forensic imaging. Use in forensics, data recovery, cybersecurity, and software debugging.

37
Q

Forensic tools: what is Autopsy tool?

A

Autopsy is widely used by digital forensic investigators, law enforcement agencies, and incident responders to process and analyze digital evidence in a forensically sound manner. It provides a comprehensive set of tools for examining various types of digital artifacts, recovering deleted files, reconstructing user activities, and generating detailed reports for investigative purposes (downloaded files, browser history, email, DB, etc)

38
Q

Forensic tools: what is data sanitization ?

A

Completely remove data from a drive /directory and make sure data cannot be recovered

39
Q

Reconnaissance tools: what dig command for ?

A

Command-line tool used for querying DNS servers and retrieving DNS-related information. It provides detailed information about DNS records, name servers, IP addresses, and other DNS-related data. Dig supports various types of DNS queries, including A, AAAA, CNAME, MX, NS, PTR, SOA, and TXT records. It is a powerful tool for troubleshooting DNS issues, performing DNS lookups, and gathering DNS-related information manually. Dig provides extensive control over query parameters and offers more flexibility and advanced features compared to nslookup and dnsenum.