Tools

Question 1

tracert

Answer 1

Windows route tracing command based on ICMP packets
-d prevents address resolution
-h specify # hops
-j define loose source route

Question 2

Traceroute

Answer 2

*nix based route tracing command uses UDP packets
Shows latency for each hop
-n no name resolution
-m #of hops
-q #of packets per hop

Question 3

pathping

Answer 3

Windows to similar to tracert/route while providing latency and packet loss.
Calculates over time rather than TTL allowing 25secs per hop.
-n no resolution
-h #of hops
-w time to wait in ms for reply

Question 4

nslookup

Answer 4

IP/Domain return
Also MX, A and other DNS records
‘set type=MX/A/AAAA‘ For type of record
-type=any Records of any type
-type=a Looks up A records (IP addresses)
-type=mx Looks up mail exchange

Question 5

dig

Answer 5

*nix based DNS tool, more detail and power can request all make servers in a single command
-+short Makes output more concise
-x for reverse lookups when given an IP
-+trace Traces the DNS delegation path

Question 6

Ipconfig

Answer 6

Shows current TCP/IP network configuration for the host.
IP4, IP6, MAC, Subnet, speeds, domains,
Can also enable/disable interfaces, refresh DHCP
-/all for full configuration
-/release to release the IP
-/renew to request new IP

Question 7

netstat

Answer 7

Statistics by protocol,
Information about local/remote addresses
Connections, listening ports, running services
-a for all active connections
-n for numeric connections rather than symbolic names
-t/-u for limiting to tcp/UDP connections

Question 8

arp

Answer 8

Local hosts arp cache
-a current cache for each interface
-s manually create entry
-d to delete entry

Question 9

route

Answer 9

Used to display and modify systems route tables
-n/print displays in numerical format
-add to add a route
-del to delete route

Question 10

nmap

Answer 10

IP scanner tool: port scans, hosts, services, service versions, OS.
-p specify port ranges
-sS TCP SYN half open route
-O for OS detection

Question 11

Nessus

Answer 11

Vulnerability scanning tool.
Attempts to specify if running service is vulnerable and report with documentation and fixes.

Question 12

netcat / nx

Answer 12

Banner gabbing, provide local or remote shell, raw connections to service, transfer files, interact with web servers
-l to listen to incoming connections
-p specify port
-v verbose output

Question 13

curl

Answer 13

Linux utility to transfer data via URLs. Can also be used to transfer files
-o write output to a file
-I fetches HTTP heater only
-d to send HTTP post data

Question 14

hping

Answer 14

Assembles and analyses TCP/IP packets.
Build custom packets to test issues and vulnerabilities, OS fingerprinting, firewalls and networks

Question 15

The Harvester

Answer 15

Scrapes a URL or domain for emails, addresses, usernames and other details

Question 16

scanless

Answer 16

Port scanner that uses third party scanners to port scan and reduce exposure of your system

Question 17

sn1per

Answer 17

Automated scanning tool
Recon using Whois, DNS, ping, port scanning and enumeration
Metasploit and nmap automation

Question 18

DNSenum

Answer 18

Find DNS service and entries, attempts zone transfers
Used in web penetration testing to identify potential targets

Question 19

tcpdump

Answer 19

Linux; Packet capture and relay
-w writes to file
-i for a given input

Question 20

Wireshark

Answer 20

Packet capture; sorting and analysis

Question 21

tcpreplay

Answer 21

Replay captured files from tcpdump/wireshark.
Different speeds, split output, apply filters.

Question 22

Cuckoo

Answer 22

Automated malware analysis sandboxing app.
Tracking calls to system components, APIs, capturing network traffic the malware might send

Question 23

route

Answer 23

Local routing table
‘route print’ - local route
‘route add’ - add a route

Question 24

WinHex

Answer 24

Hexadecimal editor can be used on Windows for forensics
Find and recover deleted/lost data

Question 25

memdump

Answer 25

Linux tool to analyse dump files