Tools Flashcards
tracert
Windows route tracing command based on ICMP packets
-d prevents address resolution
-h specify # hops
-j define loose source route
Traceroute
*nix based route tracing command uses UDP packets
Shows latency for each hop
-n no name resolution
-m #of hops
-q #of packets per hop
pathping
Windows to similar to tracert/route while providing latency and packet loss.
Calculates over time rather than TTL allowing 25secs per hop.
-n no resolution
-h #of hops
-w time to wait in ms for reply
nslookup
IP/Domain return
Also MX, A and other DNS records
‘set type=MX/A/AAAA‘ For type of record
-type=any Records of any type
-type=a Looks up A records (IP addresses)
-type=mx Looks up mail exchange
dig
*nix based DNS tool, more detail and power can request all make servers in a single command
-+short Makes output more concise
-x for reverse lookups when given an IP
-+trace Traces the DNS delegation path
Ipconfig
Shows current TCP/IP network configuration for the host.
IP4, IP6, MAC, Subnet, speeds, domains,
Can also enable/disable interfaces, refresh DHCP
-/all for full configuration
-/release to release the IP
-/renew to request new IP
netstat
Statistics by protocol,
Information about local/remote addresses
Connections, listening ports, running services
-a for all active connections
-n for numeric connections rather than symbolic names
-t/-u for limiting to tcp/UDP connections
arp
Local hosts arp cache
-a current cache for each interface
-s manually create entry
-d to delete entry
route
Used to display and modify systems route tables
-n/print displays in numerical format
-add to add a route
-del to delete route
nmap
IP scanner tool: port scans, hosts, services, service versions, OS.
-p specify port ranges
-sS TCP SYN half open route
-O for OS detection
Nessus
Vulnerability scanning tool.
Attempts to specify if running service is vulnerable and report with documentation and fixes.
netcat / nx
Banner gabbing, provide local or remote shell, raw connections to service, transfer files, interact with web servers
-l to listen to incoming connections
-p specify port
-v verbose output
curl
Linux utility to transfer data via URLs. Can also be used to transfer files
-o write output to a file
-I fetches HTTP heater only
-d to send HTTP post data
hping
Assembles and analyses TCP/IP packets.
Build custom packets to test issues and vulnerabilities, OS fingerprinting, firewalls and networks
The Harvester
Scrapes a URL or domain for emails, addresses, usernames and other details
scanless
Port scanner that uses third party scanners to port scan and reduce exposure of your system
sn1per
Automated scanning tool
Recon using Whois, DNS, ping, port scanning and enumeration
Metasploit and nmap automation
DNSenum
Find DNS service and entries, attempts zone transfers
Used in web penetration testing to identify potential targets
tcpdump
Linux; Packet capture and relay
-w writes to file
-i for a given input
Wireshark
Packet capture; sorting and analysis
tcpreplay
Replay captured files from tcpdump/wireshark.
Different speeds, split output, apply filters.
Cuckoo
Automated malware analysis sandboxing app.
Tracking calls to system components, APIs, capturing network traffic the malware might send
route
Local routing table
‘route print’ - local route
‘route add’ - add a route
WinHex
Hexadecimal editor can be used on Windows for forensics
Find and recover deleted/lost data
memdump
Linux tool to analyse dump files
