White/Black hats

Question 1

What is a white hat hacker?

Answer 1

A white hat hacker is a computer security expert who uses their skills to identify and fix security vulnerabilities in a system.

Question 2

What do white hackers do?

Answer 2

What hat hackers perform a variety of tasks including: reverse engineering malware and viruses, analysing security incidents to determine their root cause, scanning networks for vulnerabilities, designing plans to exploit vulnerabilities and then patching them, providing technical support, reviewing and updating documentation.

Question 3

What is a black hat hacker?

Answer 3

A black hat hacker is a cyber criminal who intentionally gains access to computer systems and networks for malicious purposes.

Question 4

What do black hat hackers do?

Answer 4

Black hat hackers steal or destroy data, hold organisations to ransom, sell data to third parties, disrupt or shut down networks and websites and conduct cyber espionage.

Question 5

What tools do hackers use?

Answer 5

Hackers use a variety of tools including: Wireshark, Aircrack-ng, Acunetix, Nikto, Sqlmap, Ettercap, Netsparker, Burp Suite, Kismet, Hashcat and fuzzers.

Question 6

What is wireshark?

Answer 6

Wireshark analyses data packets and protocols and can export results to various file formats.

Question 7

What is Aircrack-ng?

Answer 7

Aircrack-ng analyses Wi-Fi network security and can crack WEP and WPA-PSK in windows.

Question 8

What is Acunetix?

Answer 8

Axunetix is an automated security testing tool that can detect threats like SQL injection and cross-site scripting.

Question 9

What is Nikito?

Answer 9

Nikito is an open source tool that analyses web servers to detect vulnerabilities, malicious files and outdated components.

Question 10

What is Sqlmap?

Answer 10

Sqlmap is an open source tool that automates the detection and exploitation of SQL injection vulnerabilities.

Question 11

What is Ettercap?

Answer 11

Ettercap is a tool that incorporates host and network analysis and can sniff SSH connections.

Question 12

What is Netsparker?

Answer 12

Netsparker is a web application security scanner that identifies weaknesses in web applications.

Question 13

What is Burp Suite?

Answer 13

Burp Suite is a tool that helps detect security tests and is valuable for web application testing.

Question 14

What is Kismet?

Answer 14

Kismet is a wireless sniffer tool that can detect networks, sniff packets and perform intrusion detection.

Question 15

What is Hashcat?

Answer 15

Hashcat is an open source password cracking tool that guesses passwords, hashes them and compares the results to the one it is trying to crack.

Question 16

What are fuzzers?

Answer 16

Fuzzers are tools that automatically feed programs with random or semi-random data to identify bugs and vulnerabilities.

Question 17

What are black box fuzzers?

Answer 17

Black box fuzzers have no knowledge of the program’s structure, so inputs are generated randomly. These are often used by cybersecurity researchers to find vulnerabilities in commercial products.

Question 18

What are white box fuzzers?

Answer 18

White box fuzzers use knowledge of the programs structure, logic and code to create inputs that systematically test the program. This can take longer to generate inputs but is good for finding deep bugs.

Question 19

What are grey box fuzzers?

Answer 19

Grey box fuzzers combine aspects of white box and black box fuzzing, often monitoring program execution to refine input generation.