Deck B Prt. 2 Flashcards
NetPass.exe
Is a LEGITIMATE Password Recovery tool developed by Nirsoft. It Can retrieve all passwords stored in a system for a Logged in User, as well as those kept on EXTERNAL Drives.
nmap TCP SYN PING Scan
Can Be Carreid out by the Command (nmap -sn-PS<Target>) Ping Scans are used for
Detecting live hosts in networks</Target>
Obfuscation
Is A Technique that Encodes Packets with Unicode Chacters.
Outlook Scraper
Is a Malicious Utility that scrapes credentials from the Users Outlook Accounts and Uses this Infor to send out further PHISHING Emails
Passive Assessment
External Assessment is the one in which the Penetration Tester can obtain the list of the Users who are currenty Accessing the Company Network and Identify Active Systems on the network.
Patch Management
Is A BIG Security Issue in the industry that leads to many ATTACKS. It is when the Fix was Available from the software vendor for several months prior to the INTRUSION, but the Targe Organizations take a very long time to Patch Their systems
Pharming
Is also Called DNS Cache Poisoning and is Carried out by EXPLOITING the Vulnerabilities in the DNS server Software and Modifying the Original IP Address for the targe website to that of a fake Website to redirect the Traffic to the FAKE Site and Harvest the Credentials.
Phishing
Is an Attack in Which the Attacker Redirects the Victims to Malicious Websites by sending them a Malicious LINK by Email. The link Appears Authentic but redirects the victim to a malicious web page, which allows the Attackers to Steal the Victim’s DATA
RADIUS
(Remote Authentication Dial In User Service) PORT UDP 1812 Is an an example of AAA Service that can be used to secure a LDAP Service Against Anonymous Queries
RESTful API
Is a WEB Service API that is Centralized and Uses HTTP Methods such as PUT, POST, GET, & Delete and can improve the overall Performance, Visibility, Scalability, Reliability and Portability of an application
SOX Compliance
Is Sarabanes Oxley Compliance law that was Enacted back in early 2000 to improve the accuracy and accountability of corporate disclosures and prevent accounting fraud.
SMB (Server Message Block)
Is the Service That Hackers Enumerate to gain Information and it Runs Directly on TCP Port 445
Special Nmap Command
nmap -Pn -sU -p 44818 –
Script enip-info [Target IP] is a special nmap command to IDENTIFY Ethernet/IP devices connected to the internet and further gathered information such as the vendor name, Product code and name, Device name, and IP Address
Stateful or Stateless Firewall
nmap -A command is used to determine whether the Firewall is stateful or Stateless. It is used for mapping firewall rulesets and distinguish between stateful and stateless firewalls, this scan type sends ACK Packets to a HOST to find out if the port is filtered or unfiltered.
TTL Value of Windows
The Time to Live (TTL) value of Windows OS is 128