Tools

Question 1

Framework for developing and executing exploit code against remote targets

Answer 1

Metasploit

Question 2

Browser Exploitation Framework for web-based client-side attacks

Answer 2

BeEF

Question 3

Web application security testing and analysis suite

Answer 3

Burp Suite

Question 4

Packet manipulation tool for network discovery and attacks

Answer 4

Scapy

Question 5

Networking utility for reading and writing across network connections

Answer 5

NetCat

Question 6

Windows-based debugger for kernel and user mode debugging

Answer 6

WinDbg

Question 7

Search engine for finding devices connected to the internet

Answer 7

Shodan

Question 8

Network security tool for man-in-the-middle attacks on LAN

Answer 8

Ettercap

Question 9

Dynamic instrumentation toolkit for developers and researchers. Injection tool using JavaScript.

Answer 9

Frida

Question 10

Password cracking tool supporting numerous algorithms

Answer 10

John the Ripper

Question 11

Password recovery tool for Windows operating systems

Answer 11

Cain and Abel

Question 12

Cloud security auditing tool supporting multiple cloud providers

Answer 12

Scout Suite

Question 13

network software suite for WiFi network security testing

Answer 13

Aircrack-ng

Question 14

Web recon framework with database integration

Answer 14

Recon-ng

Question 15

Vulnerability scanner designed to identify software flaws

Answer 15

Nessus

Question 16

Tool for redirecting TCP traffic through proxy servers

Answer 16

ProxyChains

Question 17

Automated tool for SQL injection and database takeover

Answer 17

SQLMap

Question 18

Credential gathering tool targeting Windows authentication

Answer 18

Mimikatz

Question 19

Vulnerability assessment system for network-level scanning

Answer 19

OpenVAS

Question 20

Network discovery and security auditing tool

Answer 20

nmap

Question 21

network tool for packet generation and response analysis

Answer 21

Hping

Question 22

Security scanner for WordPress websites, detecting vulnerabilities

Answer 22

WPScan

Question 23

Web server scanner detecting outdated software and misconfigurations

Answer 23

Nikto

Question 24

API development and testing tool for sending HTTP requests

Answer 24

Postman

Question 25

Social Engineering Toolkit for crafting attacks against humans

Answer 25

SET

Question 26

Reverse engineering tool for analyzing Android applications

Answer 26

APK Studio

Question 27

Open source web application security scanner

Answer 27

OWASP ZAP

Question 28

Debugger for debugging and profiling Unix-like systems

Answer 28

GNU Debugger (GDB)

Question 29

Network protocol analyzer for network troubleshooting and analysis

Answer 29

Wireshark

Question 30

Wireless network detector, sniffer, and intrusion detection system

Answer 30

Kismet

Question 31

A security audit tool and attack framework for Android devices and apps

Answer 31

Drozer

Question 32

Automated Android/iOS and Windows pentest, security assessment, and malware analysis framework that can perform both SAST and DAST and supports wide range of application binaries

Answer 32

MobSF

Question 33

Automates scanning web servers for thousands of common URLs

Answer 33

DirBuster

Question 34

Provides a searchable database of exploits sorted by type, platform, and CVE information

Answer 34

Exploit DB

Question 35

Includes news as well as exploit information and code

Answer 35

Packet Storm

Question 36

Used to determine if a load balancer is in place

Answer 36

lbd

Question 37

CLI tool to automate the audit of web applications

Answer 37

Wapiti

Question 38

CLI tool that analyzes the source code of Ruby on Rails applications to find potential security vulnerabilities

Answer 38

Brakeman

Question 39

Password-cracking utility that uses GPUs to crack passwords at a very high speed

Answer 39

Hashcat

Question 40

Brute-force login attack tool that supports variety of protocols and services

Answer 40

Medusa

Question 41

Brute-force dictionary attack tool that is designed to work against a variety of protocols and services like SSH, http/https, SMB and databases

Answer 41

Hydra

Question 42

Ruby application that allows you to spider a website based on a URL and depth setting and then generate a wordlist from the files and web pages it finds

Answer 42

CeWL

Question 43

Tool in same class as Hydra and Medusa, but is more difficult to use

Answer 43

Patator

Question 44

Open source web application security scanner that includes directory and filename brute-forcing

Answer 44

W3af

Question 45

Windows debugger that works on binary code at the assembly language level

Answer 45

OllyDbg

Question 46

Designed specifically to support penetration testing and reverse engineering of malware

Answer 46

Immunity Debugger

Question 47

Commercial debugging tool that works on Windows, Mac, and Linux

Answer 47

IDA

Question 48

Windows-specific command and control framework for .NET applications and includes a debugging tool

Answer 48

Covenant

Question 49

tool used mainly to find metadata and hidden information in the documents it scans. OSINT

Answer 49

FOCA

Question 50

CLI tool included in Kali that acts as a wrapper for variety of search engines and is used to find email accounts, subdomain names, virtual hosts, open ports/banners, and employee names related to a domain from different public sources. OSINT

Answer 50

theHarvester

Question 51

Offers real-time data mining and information gathering as well as the representation of this info on a node-based graph. OSINT

Answer 51

Maltego

Question 52

Discover, monitor, and analyze devices that are accessible from the Internet. OSINT

Answer 52

Censys

Question 53

Wireless network auditing tool including WPA handshake capture capabilities, support for pixie dust attacks, support for identification of hidden access points, and WPA handshake cracking

Answer 53

Wifite

Question 54

Toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks

Answer 54

EAPHammer

Question 55

Tool designed to exploit 802.11 protocol weaknesses and flaws includes SSID probing and brute forcing, flooding, fuzzing, deauth, and disassociation tools

Answer 55

mdk4

Question 56

Automates spoofing or cloning Bluetooth device Name, Class, Address

Answer 56

Spooftooph

Question 57

Performs brute-force attack against an access point’s WPS PIN

Answer 57

Reaver

Question 58

Website for collecting info about different wireless hotspots around the world - GPS coords, SSID, MAC address, encryption, etc

Answer 58

WiGLE

Question 59

WiFi cracking tool that includes WPA2 dictionary attack functions, session hijacking functions, geolocation abilities, on-path attack support, brute-force functions for common services like HTTP, Telnet, and FTP

Answer 59

Fern

Question 60

Tool used to brute-force URIs including directories and files as well as DNS subdomains

Answer 60

Gobuster

Question 61

CLI tool that allows search and browse all exploits in Exploit DB

Answer 61

SearchSploit

Question 62

Collection of MS PS modules that can be used to aid penetration testers during all phases of an assessment

Answer 62

PowerSploit

Question 63

Python tool capable of harvesting credentials through on-path attacks within Windows networks via LLMNR, NBT-NS, and MDNS

Answer 63

Responder

Question 64

Collection of Python classes for working with network protocols focused on providing low-level programmatic access to the packets and for some protocols (SMB and MSRPC)

Answer 64

Impacket Tools

Question 65

Post-exploitation tool similar to Metasploit that works well with PS, though it also supports tools written in Python and C#

Answer 65

Empire

Question 66

Exploits default configuration of windows to take over the default DNS server

Answer 66

mitm6

Question 67

Post-exploitation tool developed in Python and designed for pen testing against networks - collects AD information to conduct lateral movement through targeted networks

Answer 67

CrackMapExec

Question 68

Scans code respositories for vulnerabilities related to secret keys, such as private encryption keys and passwords

Answer 68

TruffleHog

Question 69

Provides data hiding within a cover file and watermarking with an invisible signature - can be used to detect unauthorized file copying

Answer 69

Open Steg

Question 70

Able to hide data in various kinds of image and audio files

Answer 70

Steghide

Question 71

Whitespace steg tool used to embed hidden messages in ASCII format by extending the whitespace to the end of lines

Answer 71

Snow

Question 72

Image synth meaning it is both a simple image editor and a program from making sound from those images

Answer 72

Coagula

Question 73

Reverse image search engine

Answer 73

TinEye

Question 74

info gathering tool designed for extracting metadata of public documents belonging to a target company - will perform a search in Google to identify and download the documents to local disk

Answer 74

Metagoofil

Question 75

Cloud enumeration tool designed to identify applications and storage in multiple cloud provider environments will run without creds

Answer 75

CloudBrute

Question 76

AWS-specific exploit framework that users multiple modules to perform actions like testing for priv escalation or disrupting monitoring efforts. Can also implant backdoors via IAM user account modifications

Answer 76

Pacu