Security Tools Flashcards
What is tracert used for and what is it’s linux counterpart
Tracert is a network diagnostic tool for displaying possible routes and measuring transit delays of packets across an IP network
The Linux cmd is “trace route”
What is nslookup and its linux counterpart
Used to determine the IP address associated with a domain name. Can be used to obtain the mail server settings for a domain and other DNS information.
The Linux cmd is “dig”
What is ipconfig used for and what is its linux computerpart
displays network configuration of the currently connected network devices and can modify DHCP and DNS settings
The Linux cmd is “ifconfig”
what is Nmap
opensource network scanner that is used to discover hosts and services on a computer network by sending packets and analyzing their responses
What is ping used for and its linux counterpart
utility used to determine if a host is reachable on an IP network
The Linux cmd is “path ping”
What is Hping
open source packet generator and analyzer for the TCP/IP protocol used for security auditing and listing of firewalls and networks
NMAP makes use of this
What is netstat
utility that displays network connections for TCP , routing tables, and a number of network interfaces and network protocol statistics
What is netcat
Used for reading from and writing to a network connection using TCP or UDP. Dependable back end that can be used directly or easily driven by other programs and scripts
What is netcat used for
Banner grabbing of webservers
Shell connections and remote control of machines.
Blocked by most security policies
What is ARP
Utility for viewing and modifying the local address resolution protocol cache on a given host or server.
Layer 2 protocol, ARP messages and Mac address
ARP cache contains the Mac>IP Table
What is the route command used for
used to view and manipulate the IP routing tables on a host or server
Every PC has an embedded router, and route allows you to interact with it
What is Curl
A tool used to transfer data to or from a server using any of the supported protocols including
(SCP, SMTP, TFTP, Telnet, LDAP, File)
Used by analysts when testing protocols over a network or server
What is the harvester
Python script that is used to gather emails, subdomains, hosts, employee names, open ports, and banners from different public sources like search engines, and PGP key servers
What is Sn1per
automated scanner that scan be used during pentest to enumerate vulnerabilities across a network
what is scanless
utility that is used to create an exploitation websites that can perform open port scans in a more stealth manor.
What is DNSenum
utility that is used for DNS enumeration to locate all DNS servers and DNS entries for a targeted organization
What is Nessus used for
Proprietary vulnerability scanner thatn can remotley scan a comptuter or network for vulnerablites
Infrastructure scanner for routers switches, hosts
What is Cuckoo
open source sosftware for automating the analysis of suspicious files
program that allows files to be placed in a sandbox to see how they act when executed or acted upon
Describe the head, tail and cat linux commands
head - will display first 10 lines of a file to the screen
Tail - will display the last 10 lines of a file to the screen
cat - will display the entire file to the screen
What is grep and how is it used
CLI for searching plaintext datasets for lines that match a regular expression or pattern
What is chmod used for
Changing access permissions of file system objects
What is logger
CLI that is an easy wat to add messages to the /var/log/syslog file from the CLI
what is SSH
Secure Shell - supporst encrypted data transfer between 2 pcs for secure logon, file transfers, and general purpose connections
What is OpenSSL
software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end
allows for SSL/TLS tunneling for services
