Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ethical hacking course 1 > The 5 stages of ethical hacking + passive reconnaissance > Flashcards

The 5 stages of ethical hacking + passive reconnaissance Flashcards

1
Q

What are the 5 stages of ethical hacking?

A

1) Reconnaisance (active and passive)
2) Scanning & enumeration
3) Gaining access
4) maintaining access
5) covering tracks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What website can you find public bug bounties on?

A

bugcrowd.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name the 4 main assessments in web/host assessment

A

target validation
finding subdomains
fingerprinting
data breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name 3 target (web/host) validation tools (web/host assessment)

A

WHOIS
nslookup
dnsrecon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Name 3 subdomain searching tools (web/host assessment)

A

google Fu
dig
Nmap
Sublist3r
Bluto
crt.sh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Name 5 fingerprinting tools (web/host assessment)

A

Nmap
Wappalyzer
WhatWeb
BuiltWith
Netcat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name 3 data breaches tools (web/host assessment)

A

HaveIBeenPwned
Breach-Parse
WeLeakInfo

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Name 4 email address discovering tools

A

hunter.io
phonebook.cz
voilamorbert.com
clearbit.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How to discover email addresses? (3 steps)

A
  • google search person if looking for specific person in company
  • phonebook.cz / hunter.io -> try to identify the formatting of the email, then try to find person / gestimate
  • take email and verify at tools.emailhippo.com or email-checker.net/validate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Breach-parse tool?

A

CLI program from heath self to find breached info about people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is one of the best websites to search for breached info?

A

DeHashed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What website can dehash a hashed password?

A

hashes.org -> but doesn’t always work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what’s the CLI command of sublist3r to find Tesla subdomains?

A

sublist3r -d tesla.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What tool is better but slower than sublist3r?

A

OWASP Amass (cli tool)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What tool can be used to probe subdomains to see if they’re active?

A

tomnomnom httprobe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Burp suite and what does it do?

A

web proxy -> intercepts traffic for us -> scans websites passively / or actively if you buy the pro version

17
Q

Scan your network with Nmap, if you don’t know how, look at page 15 of summary

A

if you don’t know how, look at page 15 of summary

18
Q

type nmap –help in Linux CLI and explore some of its features

A

this card doesn’t have an answer, go to the CLI and just try some Nmap commands out to become familiar with them

ethical hacking course 1 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions