Recon Tools Flashcards
Windows cmd to map the entire path of a packet
tracert
Linux/OS/Unix cmd to map the entire path of a packet.
traceroute
query information from DNS servers(deprecated).
nslookup
modern cmd to query information from DNS servers
dig
TCP/IP adapter information for Windows.
ipconfig, ipconfig /all for detailed info
TCP/IP adapter information for linux/OS
ifconfig
ICMP protocol to test for reachability, roundtrip time, ttl, and icmp sequence.
ping
Windows cmd that combines tracrt and ping
pathping
network statistics to show all information
netstat -a
network statistics to show windows binaries
netstat -b
network statistics showing ip addresses only without names
netstat -n
view local arp table (ip address, mac address, and type(static/dynamic)
arp -a
view next route/hop (Windows)
route print
view next route/hop (Linux/OS)
netstat -r
grabs raw html data from a url and displays in a terminal screen.
curl, client url
Two examples of IP scanners that also display port information.
nmap and hping
OSint tool that scrapes public information from Bing or Google.
theHarvester
Combines multiple recon tools into a single framework and returns a single query.
sn1per
Runs port scans from a different host; hides user/client ip information
scanless
view host information from dns servers.
dnsenum, dns enumerate
vulnerability scanner. identifies known vulnerabilities on systems before they can be exploited.
Nessus
a sandbox for malware. Test a file in a safe environment.
Cuckoo
most common packet analyzer
Wireshark
packet analyzer from the command line
tcpdump
used to create a bit by bit copy of a drive or directory
dd (data definition)
copy information in system memory to the output stream.
memdump
windows universal hexadecimal editor. Can clone disks, secure wipe, etc.
Winhex
performs digital forensics on a hard drive, smart phones. View and recover data
autopsy
