Miscellaneous Tools

Question 1

SearchSploit

Answer 1

a command line search tool for Exploit-DB that also allows you to take a copy of Exploit Database and search it offline.

Question 2

PowerSploit

Answer 2

a series of Microsoft PowerShell scripts that can be used in post-exploitation scenarios during authorized penetration tests.

Question 3

Responder

Answer 3

a Link Local Multicast Name Resolution (LLMNR), NBT-NS, and MDNS poisoner.

Question 4

Impacket tools

Answer 4

an open source collection of modules written in Python for programmatically constructing and manipulating network protocols. Impacket contains several tools for remote service execution, Kerberos manipulation, Windows credential dumping, packet sniffing, and relay attacks.

Question 5

Empire

Answer 5

implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.

Question 6

Metasploit

Answer 6

a pentesting framework that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Question 7

mitm6

Answer 7

a pentesting tool that exploits the default configuration of Windows to take over the default DNS server.

Question 8

CrackMapExec

Answer 8

Python-based post-exploitation tool, CrackMapExec is used by adversaries and penetration tests to gain remote access to protected servers. It can be used to abuse Windows Management Instrumentation (WMI) for execution of malicious commands and payloads.

Question 9

TruffleHog

Answer 9

search source code repositories for high entropy strings that can represent git secrets.

Question 10

Censys

Answer 10

provides a 360-degree depiction of an organization’s Internet attack surface.