Testing Tools Review Flashcards

1
Q

Arachni

spider like and more complex

A

Is an open-source web scanner
CLI and GUI
Focused on HTML, JSON and XML
Finding are in Input Section
Dispatcher Tab lists instances and Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Burp Suite

Commercial tool

A

Similar to ZAP for exploiting webapp vulnerabilities
Intruder and Repeater Tabs are present.
Highlights in green an vulnerable elements
Extender Section

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Zed Attack Proxy - By OWASP

A

Tabs:
Alerts Tab - Findings
Advisory Tab - Issue Details
Event - previous task
Spider Tab - Scans target URL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Nikto

A

WebApp Scanner CLI Only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Prowler

A

CLI Based Cloud Security Auditing/Assessment Tool (maps to CIS)
Security Posture
Report - Extended Column -

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Metasploit

A

for BruteForce attacks
Powerful collection of tools for exploiting vulnerabilities

has a module library for paths for vendors such as Cisco

Statistics section shows compromised targets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Recon-ng

A

recon framework tool for mapping. IP Address, subdomains, software versions and other attributes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PACU

A

AWS Only exploitation framework

APIs/Virtual Machine Instances

also Prowler and ScoutSuite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ZenApp GUI is under what tool

A

nMAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ScoutSuite

A

Open Source multi Cloud security posture tool

Prowler and PACU are AWS Only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Legion

A

Uses automation around using shodan, whatweb, nikto, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly