Tools

Question 1

What is Aadinternals?

Answer 1

PowerShell module for managing Azure Active Directory/Entra ID. Allows for unauthenticated enumeration and information disclosure of Azure tenant details.

Question 2

What is Anki used for?

Answer 2

A flexible flash card system that applies spaced repetition theory for improved long-term retention development.

Question 3

What does Basic Blob Finder do?

Answer 3

Search for public Azure Blobs, enumerating the files.

Question 4

What is BeEF?

Answer 4

The Browser Exploitation Framework is a suite of tools for exploiting vulnerabilities in browsers delivered through several attack vectors.

Question 5

What is Bloodhound used for?

Answer 5

Graphically maps the relationships to systems, permissions on those systems, and the permissions of the users logged onto those systems to help an attacker identify the most direct route to elevating the permissions of the system they have access to into a domain admin account.

Question 6

What does Bucket Finder do?

Answer 6

Search for AWS S3 storage buckets, identifying them as protected, public, or not found.

Question 7

What is Burp Proxy?

Answer 7

Cross-platform web proxy for inspecting, attacking web sites and clients.

Question 8

What is Certificate Transparency Search?

Answer 8

Examine certificate registration data for host and system discovery.

Question 9

What is Certutil?

Answer 9

A utility that ships with Windows for managing certificates, downloading content from an arbitrary URL, encoding and decoding Base64 data, and calculating hashes.

Question 10

What does CeWL do?

Answer 10

Crawls a target website and collects all web pages and common document formats (MS Office, PDF, images).

Question 11

What is CloudMapper?

Answer 11

An open-source tool for visualizing AWS and auditing AWS cloud deployments.

Question 12

What is cURL?

Answer 12

A library and command line tool for transferring data using various network protocols including HTTP, HTTPS, FTP, and more.

Question 13

What is Cyber Chef?

Answer 13

A web app for encryption, encoding, compression, and data analysis.

Question 14

What is DefenderCheck?

Answer 14

Assesses an executable file to identify the location where Windows Defender characterizes it as malware.

Question 15

What is dig?

Answer 15

DNS interrogation tool (the UNIX/Linux/macOS version of nslookup).

Question 16

What does DNSStuff provide?

Answer 16

Various tools for interrogating Internet-connected systems including DNS information, IP address information, and various network configuration settings.

Question 17

What is Exiftool?

Answer 17

A Perl script that extracts metadata from many different file types including Microsoft Office, PDF, and many different image file types.

Question 18

What does EyeWitness do?

Answer 18

Scans a range of hosts, recording a screenshot of web server content.

Question 19

What is FireProx?

Answer 19

AWS API proxy tool to masquerade attacker IP address.

Question 20

What is FTK Imager?

Answer 20

A forensic data imaging and inspection tool.

Question 21

What does GCPBucketFinder do?

Answer 21

Identify and enumerate the permissions associated with Google Compute Buckets.

Question 22

What is Ghidra?

Answer 22

A software reverse engineering suite of tools developed by the NSA’s Research Directorate.

Question 23

What is the GNU Debugger?

Answer 23

A portable debugger that runs on many Unix-like systems and works for many programming languages.

Question 24

What is the Google Hacking Database?

Answer 24

Search tool to use Google to identify vulnerabilities in public websites.

Question 25

What is Hashcat?

Answer 25

Multi-functional password hash recovery tool; predominantly uses GPUs for cracking functionality.

Question 26

What is Have I Been Pwned?

Answer 26

Service to determine if an email address or username is known to have been included in a major breach.

Question 27

What does Hayabusa do?

Answer 27

A fast Windows Event Log scanner that integrates Sigma rules for threat hunting and timeline generation.

Question 28

What is Hydra?

Answer 28

Online password guessing tool.

Question 29

What is IDA Pro?

Answer 29

A commercial disassembler, useful for malware analysis and many other reverse-engineering tasks.

Question 30

What is JQ?

Answer 30

A command line tool for processing JSON data.

Question 31

What does lsof do?

Answer 31

LiSt Open Files, including open TCP and UDP port usage.

Question 32

What is Lusrmgr.msc?

Answer 32

The snap-in configuration utility to manage local users and groups.

Question 33

What is Massscan?

Answer 33

Port scanning tool designed to scan large quantities of IP addresses.

Question 34

What is Metasm?

Answer 34

A free assembler, disassembler, and compiler written in Ruby. Can be used for Ghostwriting attacks.

Question 35

What is the Metasploit Framework?

Answer 35

Attack framework for combining exploits, payloads, auxiliary modules, and post-exploitation modules against identified targets.

Question 36

What is Metasploit Meterpreter?

Answer 36

Advanced Command & Control framework that is part of the Metasploit Framework.

Question 37

What does Mimikatz do?

Answer 37

A well-known password and password hash extraction tool for Windows.

Question 38

What is MSBuild?

Answer 38

A built-in Windows tool for building and executing C/C++/C# code.

Question 39

What is Msconfig?

Answer 39

The Windows System Configuration utility, intended for managing configuration and troubleshooting tasks on Windows.

Question 40

What is MsfVenom?

Answer 40

Part of the Metasploit Framework, capable of generating and encoding Metasploit Framework payloads into independent executables.

Question 41

What does MSOLSpray do?

Answer 41

Microsoft 365 password attack tool.

Question 42

What is Namechk?

Answer 42

Check multiple online sources for registered usernames.

Question 43

What is Nbtstat?

Answer 43

A built-in Windows tool for collecting information on SMB servers over the NetBIOS protocol, over TCP.

Question 44

What are Net Commands used for?

Answer 44

Perform operations on Groups, users, account policies, shares etc.

Question 45

What is Netcat?

Answer 45

A featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.

Question 46

What does Netsh do?

Answer 46

A command line scripting utility that allows you to display or modify the network configuration of a computer.

Question 47

What is Netstat?

Answer 47

Identify listening services, connections on a host system.

Question 48

What is Nmap?

Answer 48

Network port scan, mapping, and assessment tool.

Question 49

What does Ntdsutil do?

Answer 49

Provides management facilities for Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS).

Question 50

What is OpenSSL?

Answer 50

A programming library for encryption and encoding operations, implementing common network protocols.

Question 51

What is Pacu?

Answer 51

A modular collection of exploits for multiple cloud enumeration, privilege escalation, and data exfiltration.

Question 52

Fill in the blank: Passwd is a _______ utility to change your password, or other user’s passwords when you have root privileges.

Answer 52

[Linux]

Question 53

What is PowerView?

Answer 53

PowerShell cmdlets for interrogating Windows systems including multiple scanning and enumeration functions.

Question 54

What does ProcDOT do?

Answer 54

Takes output from Process Monitor and optionally a PCAP file, and displays the events graphically.

Question 55

What is Procdump?

Answer 55

Part of the SysInternals suite for Windows, allowing an administrator to dump the memory from running processes.

Question 56

What is Process Explorer?

Answer 56

Part of the Microsoft SysInternals suite of tools, used for tracking process execution for Windows executables.

Question 57

What is Process Monitor (Procmon)?

Answer 57

Used for real-time file system, Registry and process monitoring.

Question 58

What is Real Intelligence Threat Analytics (RITA)?

Answer 58

An open source framework for network traffic analysis and threat hunting.

Question 59

What does Reg do?

Answer 59

Reads and writes to the Windows registry from the command line.

Question 60

What is Regshot?

Answer 60

A snapshot recording tool for Windows that allows you to record a snapshot of the registry and file system.

Question 61

What does Responder do?

Answer 61

A poisoner for LLMNR, NBT-NS, and MDNS, commonly used to steal authentication credentials from Windows victims on the LAN.

Question 62

What does Rpcclient do?

Answer 62

Interrogate Windows RPC services from Linux.

Question 63

What is s3logparse?

Answer 63

Summarizes and collects data from AWS S3 logs.

Question 64

What is Samba?

Answer 64

A collection of tools to interact with Windows systems from Linux.

Question 65

What does sc do?

Answer 65

Control Windows services from the command line.

Question 66

What is Schtasks?

Answer 66

A Windows built-in utility for managing scheduled tasks.

Question 67

What is ScoutSuite?

Answer 67

A dedicated vulnerability assessment tool for cloud environments.

Question 68

What does secretsdump.py do?

Answer 68

Extracts password hash information from the Windows domain SAM file and SYSTEM hive.

Question 69

What is SecuritySpace?

Answer 69

Online vulnerability assessment/network security auditing services including network monitoring and notification.

Question 70

What is services.msc?

Answer 70

Command to open the snap-in control panel for managing Windows services in a GUI interface.

Question 71

What is SharpView?

Answer 71

Interrogate Windows properties including users, platforms, domain settings, and more.

Question 72

What is SHODAN?

Answer 72

Use Shodan to discover Internet devices including vulnerable platforms and systems.

Question 73

What is Smbclient?

Answer 73

FTP-like client to access SMB/CIFS resources on servers.

Question 74

What does Sqlmap do?

Answer 74

An open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws.

Question 75

What is Squid?

Answer 75

A popular open source web proxy tool.

Question 76

What does Strings (Linux) do?

Answer 76

Extracts plaintext strings from a specified file, supporting both ASCII and UTF-16 string data.

Question 77

What is Strings (Windows)?

Answer 77

Extracts ASCII and UTF-16 string values from an arbitrary file.

Question 78

What is Sudo?

Answer 78

A program for Unix-like operating systems that allows users to run programs with the security privileges of another user.

Question 79

What is SysInternals?

Answer 79

A collection of tools to perform advanced management, diagnostics, troubleshooting, and monitoring in a Microsoft Windows environment.

Question 80

What does systemctl do?

Answer 80

Control Linux services.

Question 81

What is Tasklist?

Answer 81

A built-in Windows tool that enumerates running processes and services.

Question 82

What is Tcpdump?

Answer 82

A command line network packet capture and analysis tool.

Question 83

What is TCPView?

Answer 83

Shows detailed listings of all TCP and UDP endpoints on your system.

Question 84

What is TLS-Scan?

Answer 84

A network scanning tool to extract SSL and TLS certificate details from servers.

Question 85

What is TCPView?

Answer 85

A tool that shows detailed listings of all TCP and UDP endpoints on your system, including local and remote addresses and state of TCP connections.

Part of the Microsoft SysInternals suite of tools.

Question 86

What type of tool is TLS-Scan?

Answer 86

A network scanning tool to extract SSL and TLS certificate details from servers, saving the output as a JSON file.

Useful for identifying attribution for a server based on certificate details.

Question 87

What is Tshark?

Answer 87

The command line version of Wireshark.

It is free and open source, available on multiple platforms.

Question 88

What does the Unshadow tool do?

Answer 88

Merges the password and shadow files into a single unified file for password cracking efficiency.

Included with John the Ripper.

Question 89

What is the US Government SEC Database used for?

Answer 89

A source for collecting data for publicly traded US companies.

Useful for offense and defense purposes.

Question 90

What is the function of useradd in Linux?

Answer 90

To add new user accounts to the system.

It’s a free and open-source utility.

Question 91

What does Velociraptor do?

Answer 91

Collects and reports information on Windows, Linux, and macOS systems using client endpoint software.

It is free and open source.

Question 92

What is Volatility?

Answer 92

An open-source memory forensics framework.

Available on multiple operating systems.

Question 93

What is vpc-flow-log-analysis used for?

Answer 93

To visualize AWS VPC flow logs.

Original source available on GitHub.

Question 94

What is the purpose of Wevtutil?

Answer 94

A command line tool for managing event log data, including purging event logs.

Comes with Windows.

Question 95

What does wget do?

Answer 95

Retrieves content from a specified URL.

A free and open-source utility.

Question 96

What is the whois utility used for?

Answer 96

To interrogate DNS registration data.

Available on Linux and macOS.

Question 97

What is Windump?

Answer 97

A port of the TCPDump tool to Windows.

It is free and open source.

Question 98

What is Wireshark?

Answer 98

The world’s foremost network protocol analyzer.

Free and open source, available on multiple platforms.

Question 99

What is wmic?

Answer 99

Windows Management Instrumentation Console for accessing Windows system components and functionality from the command line.

It is a commercial tool.

Question 100

What is xlek?

Answer 100

A resource to search millions of online data records for free.

It serves both offense and defense purposes.

Question 101

What is Zeek?

Answer 101

A free and open-source software network analysis framework.

Its logging data is used for network threat hunting analysis.

Question 102

What is Zenmap?

Answer 102

A GUI front-end and visualization tool for Nmap.

It is free and open source.