Security Tools

Question 1

What is tracert used for and what is it’s linux counterpart

Answer 1

Tracert is a network diagnostic tool for displaying possible routes and measuring transit delays of packets across an IP network

The Linux cmd is “trace route”

Question 2

What is nslookup and its linux counterpart

Answer 2

Used to determine the IP address associated with a domain name. Can be used to obtain the mail server settings for a domain and other DNS information.

The Linux cmd is “dig”

Question 3

What is ipconfig used for and what is its linux computerpart

Answer 3

displays network configuration of the currently connected network devices and can modify DHCP and DNS settings

The Linux cmd is “ifconfig”

Question 4

what is Nmap

Answer 4

opensource network scanner that is used to discover hosts and services on a computer network by sending packets and analyzing their responses

Question 5

What is ping used for and its linux counterpart

Answer 5

utility used to determine if a host is reachable on an IP network

The Linux cmd is “path ping”

Question 6

What is Hping

Answer 6

open source packet generator and analyzer for the TCP/IP protocol used for security auditing and listing of firewalls and networks

NMAP makes use of this

Question 7

What is netstat

Answer 7

utility that displays network connections for TCP , routing tables, and a number of network interfaces and network protocol statistics

Question 8

What is netcat

Answer 8

Used for reading from and writing to a network connection using TCP or UDP. Dependable back end that can be used directly or easily driven by other programs and scripts

Question 9

What is netcat used for

Answer 9

Banner grabbing of webservers
Shell connections and remote control of machines.
Blocked by most security policies

Question 10

What is ARP

Answer 10

Utility for viewing and modifying the local address resolution protocol cache on a given host or server.

Layer 2 protocol, ARP messages and Mac address
ARP cache contains the Mac>IP Table

Question 11

What is the route command used for

Answer 11

used to view and manipulate the IP routing tables on a host or server

Every PC has an embedded router, and route allows you to interact with it

Question 12

What is Curl

Answer 12

A tool used to transfer data to or from a server using any of the supported protocols including

(SCP, SMTP, TFTP, Telnet, LDAP, File)

Used by analysts when testing protocols over a network or server

Question 13

What is the harvester

Answer 13

Python script that is used to gather emails, subdomains, hosts, employee names, open ports, and banners from different public sources like search engines, and PGP key servers

Question 14

What is Sn1per

Answer 14

automated scanner that scan be used during pentest to enumerate vulnerabilities across a network

Question 15

what is scanless

Answer 15

utility that is used to create an exploitation websites that can perform open port scans in a more stealth manor.

Question 16

What is DNSenum

Answer 16

utility that is used for DNS enumeration to locate all DNS servers and DNS entries for a targeted organization

Question 17

What is Nessus used for

Answer 17

Proprietary vulnerability scanner thatn can remotley scan a comptuter or network for vulnerablites

Infrastructure scanner for routers switches, hosts

Question 18

What is Cuckoo

Answer 18

open source sosftware for automating the analysis of suspicious files

program that allows files to be placed in a sandbox to see how they act when executed or acted upon

Question 19

Describe the head, tail and cat linux commands

Answer 19

head - will display first 10 lines of a file to the screen
Tail - will display the last 10 lines of a file to the screen
cat - will display the entire file to the screen

Question 20

What is grep and how is it used

Answer 20

CLI for searching plaintext datasets for lines that match a regular expression or pattern

Question 21

What is chmod used for

Answer 21

Changing access permissions of file system objects

Question 22

What is logger

Answer 22

CLI that is an easy wat to add messages to the /var/log/syslog file from the CLI

Question 23

what is SSH

Answer 23

Secure Shell - supporst encrypted data transfer between 2 pcs for secure logon, file transfers, and general purpose connections

Question 24

What is OpenSSL

Answer 24

software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end

allows for SSL/TLS tunneling for services

Question 25

What is tcpdump

Answer 25

CLI that captures and analyzes network traffic going through your system

Question 26

What is TCPreplay

Answer 26

Suite of free open-source utilities for editing and replaying previously captured network traffic

Question 27

What is dd used for

Answer 27

CLI utility used to copy disk images using a bit-by-bit copying process

Question 28

What is FTK Imager used for

Answer 28

Data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with forensic tools are needed.

Question 29

What is memdump

Answer 29

linux command that dumps system memory to the standed output stream by skipping over holes in memory map

Question 30

what is winhex

Answer 30

Commercial disk editor and universal hexadecimal editor used for data recover and digital forensics

Question 31

What is autopsy

Answer 31

digital forensics platform and gui to the sleuthkit and other digital forensic tool

Question 32

what is metasploit

Answer 32

computer security tool that offers info about software vulnerabilities , ID signatures development and improves pen testing

Question 33

What is Beef

Answer 33

Browser exploitation framework - Tool that can hook one or more browsers and can use them as a beach head for launching various direct commands and further attacks against the system from within the browser context

Question 34

What is cain and abel

Answer 34

Password recovery tool that can be used through sniffing the network, cracking passwords through brute force, dictionary and cryptoanalysis attacks, record VOIP conversations, decode scrambled passwords, reveal PWs and analyze routing protocols

Question 35

What is jack the ripper

Answer 35

open source auditing and password recovery tool for many OSes, allows for the brute force and dictionary attacks