Pentesting Tools

Question 1

Nikto

Answer 1

Scanner

an open-source web application vulnerability scanners.

Question 2

OpenVAS

Answer 2

Scanner

an open-source alternative to commercial tools such as Nessus. OpenVAS also performs network vulnerability scans.

Question 3

sqlmap

Answer 3

Scanner

an open-source tool used to automate SQL injection attacks against web applications with database backends.

Question 4

Nessus

Answer 4

Scanner

a commercial vulnerability scanning tool used to scan a wide variety of devices.

Question 5

Nmap

Answer 5

Scanner

the most widely used network port scanner and is a part of almost every cybersecurity professional’s toolkit.

Question 6

WHOIS

Answer 6

OSINT

gather information from public records about domain ownership.

Question 7

Nslookup

Answer 7

OSINT

help identify the IP addresses associated with an organization.

Question 8

FOCA

Answer 8

OSINT

(Fingerprinting Organizations with Collected Archives) is an open-source tool used to find metadata within Office documents, PDFs, and other common file formats.

Question 9

TheHarvester

Answer 9

OSINT

scours search engines and other resources to find email addresses, employee names, and infrastructure details about an organization.

Question 10

Shodan

Answer 10

OSINT

a specialized search engine to provide discovery of vulnerable Internet of Things (IoT) devices from public sources.

Question 11

Maltego

Answer 11

OSINT

a commercial product that assists with the visualization of data gathered from OSINT efforts.

Question 12

Recon-ng

Answer 12

OSINT

a modular web reconnaissance framework that organizes and manages OSINT work.

Question 13

Censys

Answer 13

OSINT

a web-based tool that probes IP addresses across the Internet and then provides penetration testers with access to that information through a search engine.

Question 14

SSH

Answer 14

Remote Access Tool

provides secure encrypted connections between systems.

Question 15

Ncat

Answer 15

Remote Access Tool

provide an easy way to read and write data over network connections.

Question 16

Netcat

Answer 16

Remote Access Tool

provide an easy way to read and write data over network connections.

Question 17

Proxychains

Answer 17

Remote Access Tool

allows testers to force connections through a proxy server where they may be inspected and altered before being passed on to their final destination.

Question 18

Hashcat

Answer 18

Credential Testing Tool

password cracking tool used to reverse engineer hashed passwords stored in files.

Question 19

Medusa

Answer 19

Credential Testing Tool

password cracking tool used to reverse engineer hashed passwords stored in files.

Question 20

CeWL

Answer 20

Credential Testing Tool

a Custom Wordlist Generator that searches websites for keywords that may be used in password guessing attacks.

Question 21

John the Ripper

Answer 21

Credential Testing Tool

password cracking tool used to reverse engineer hashed passwords stored in files.

Question 22

Cain and Able

Answer 22

Credential Testing Tool

password cracking tool used to reverse engineer hashed passwords stored in files.

Question 23

Mimikatz

Answer 23

Credential Testing Tool

retrieves sensitive credential information from memory on Windows systems.

Question 24

Patator

Answer 24

Credential Testing Tool

password cracking tool used to reverse engineer hashed passwords stored in files.

Question 25

DirBuster

Answer 25

Credential Testing Tool

a brute-forcing tool used to enumerate files and directories on a web server.

Question 26

W3AF

Answer 26

Credential Testing Tool

an open-source web application vulnerability scanners.

Question 27

Aircrack-ng

Answer 27

Wireless

a wireless network security testing tool.

Question 28

Kismet

Answer 28

Wireless

a wireless network security testing tool.

Question 29

WiFite

Answer 29

Wireless

a wireless network security testing tool.

Question 30

Wireshark

Answer 30

Networking Tools

a protocol analyzer that allows penetration testers to eavesdrop on and dissect network traffic.

Question 31

Hping

Answer 31

Networking Tools

a command-line tool that allows testers to artificially generate network traffic.

Question 32

OllyDbg

Answer 32

Debugger

a Windows debugger that works on binary code at the assembly language level.

Question 33

Immunity Debugger

Answer 33

Debugger

designed specifically to support penetration testing and the reverse engineering of malware.

Question 34

GDB

Answer 34

Debugger

GNU Debugger is a widely used open-source debugger for Linux that works with a variety of programming languages.

Question 35

WinDbg

Answer 35

Debugger

a Windows-specific debugging tool that was created by Microsoft.

Question 36

IDA

Answer 36

Debugger

a commercial debugging tool that works on Windows, Mac, and Linux platforms.

Question 37

OWASP ZAP

Answer 37

Web Proxy

Question 38

Burp Suite

Answer 38

Web Proxy

Question 39

Drozer

Answer 39

Mobile Tool

a security audit and attack framework for Android devices and apps.

Question 40

APKX

Answer 40

Mobile Tool

decompile Android application packages (APKs).

Question 41

APK Studio

Answer 41

Mobile Tool

decompile Android application packages (APKs).

Question 42

FindBugs/find-sec-bbugs

Answer 42

Software Assurance

are Java software testing tools that perform static analysis of code.

Question 43

Peach

Answer 43

Software Assurance

a fuzzing tool that generate artificial input designed to test applications.

Question 44

AFL

Answer 44

Software Assurance

a fuzzing tool that generate artificial input designed to test applications.

Question 45

SonarQube

Answer 45

Software Assurance

an open-source continuous inspection tool for software testing.

Question 46

YASCA

Answer 46

Software Assurance

Yet Another Open Source Code Analyzer is an open-source software testing tool that includes scanners for a wide variety of languages. YASCA leverages FindBugs, among other tools.

Question 47

SET

Answer 47

Social Engineering Tools

Social Engineering Toolkit provides a framework for automating the social engineering process, including sending spear phishing messages, hosting fake websites, and collecting credentials.

Question 48

BeEF

Answer 48

Social Engineering Tools

Browser Exploitation Framework provides an automated toolkit for using social engineering to take over a victim’s web browser.

Question 49

SearchSpolit

Answer 49

Misc

a command-line tool that allows you to search through a database of known exploits.

Question 50

PowerSploit

Answer 50

Misc

a Windows-centric set of PowerShell scripts that may be used to automate penetration testing tasks.

Question 51

Responder

Answer 51

Misc

a toolkit used to answer NetBIOS queries from Windows systems on a network.

Question 52

Impacket

Answer 52

Misc

a set of network tools that provide low-level access to network protocols.

Question 53

Empire

Answer 53

Misc

a Windows-centric set of PowerShell scripts that may be used to automate penetration testing tasks.

Question 54

Metasploit Framework

Answer 54

Misc

the most popular exploitation framework and supports thousands of plug-ins covering different exploits.