Big List of Tools

Question 1

<p>AirSnort </p>

Answer 1

crack WEPs

Question 2

<p>Maltego </p>

Answer 2

Dossier builder

Question 3

<p>nmap</p>

Answer 3

port/vuln scanner

Question 4

<p>nessus</p>

Answer 4

vuln scanner

Question 5

<p>ToneLoc</p>

Answer 5

Wardialer

Question 6

<p>Netcraft </p>

Answer 6

suite of tools used to obtain web server version, IP address, subnet data, OS info, subdomain info

Question 7

<p>NIKSUN's PhoneSweep</p>

Answer 7

Wardialer

Question 8

<p>AirSnare </p>

Answer 8

alert when unapproved machine connects to ur wireless

Question 9

<p>NetStumbler </p>

Answer 9

wireless NW detector

Question 10

<p>Kismet</p>

Answer 10

linux, wireless NW detector, sniffer

Question 11

<p>hping</p>

Answer 11

creating custom packets for testing

Question 12

<p>inSSIDer </p>

Answer 12

wireless NW detector, mapper of access points

Question 13

<p>p0f </p>

Answer 13

banner grabbing

Question 14

<p>whoreadme.com </p>

Answer 14

allows you to track emails &amp; provides info on OS, browster type, location, etc

Question 15

<p>Nexpose</p>

Answer 15

vuln scanner

Question 16

<p>openVAS</p>

Answer 16

vuln scanner

Question 17

<p>Link Extractor </p>

Answer 17

this tool locates &amp; extracts the internal and external URLs for a given location

Question 18

<p>THC-SCAN</p>

Answer 18

Wardialer

Question 19

<p>Retina</p>

Answer 19

vuln scanner

Question 20

<p>Archive.org</p>

Answer 20

(aka The Wayback Machine) allows you to find archived copies of websites form which you can extract information

Question 21

finger

Answer 21

finger username
—returns info about a user on a given system (i.e. user’s home directory, login time, idle times, office location, last time they both received or read mail)

Question 22

rpcinfo

Answer 22

—enumerates info over RPC (remote procedure call) protocol

Switches used:

• m //displays list of stats for RPC on given host
• s //displays list registered RPC apps on given host

Question 23

showmount

Answer 23

—lists & identifies shared directories on given system; also displays list of all clients that have remotely mounted a file system

Switches used:

• a //prints all remote mounts
• d //lists directories that have been remotely mounted by clients
• e //prints list of shared file systems

Question 24

nbtstat

Answer 24

nbtstat -a
—-This returns the NetBIOS name table & mandatory access control (MAC) address of the address card the computer name specified

nbtstat -A
—-Lists the same info as -a but using IP

• c (lists contents of the NetBIOS name cache)
• n (displays names registered locally by NetBIOS)
• r (displays count of all names resolved by broadcast)
• s (lists sessions table & converts destination IP addresses to computer NetBIOS names)
• S (lists the current NetBIOS sesssions & their statuses, along w/ IPs)

Question 25

view shares from Windows

Answer 25

net view \\hostnameorIP

Question 26

view null session from Windows

Answer 26

net use \\hostnameorIP\ipc$ " \user:"

Question 27

SNScan

Answer 27

SNMP Scan

Question 28

SMTP VRFY

Answer 28

command to check if specific user ID is present

Question 29

SMTP EXPN

Answer 29

returns all users on a distribution list

Question 30

SMTP RCPT TO

Answer 30

identifies the recipient of an email message (can be used multiple times per message)

Question 31

SuperScan

Answer 31

Windows tool for port & IP scanning + windows enumeration

Question 32

PsTools

Answer 32

Windows admin tools

Question 33

Enum4linux

Answer 33

allows for extraction of info where Samba is in use

Question 34

JXplorer

Answer 34

LDAP enumeration (java based)

Question 35

ntp-monlist

Answer 35

nse script to show last 600 clients to sync clocks over ntp nmap -sU -pU:123 -Pn -n –script=ntp-monlist

Question 36

ntp commands (4)

Answer 36

1) ntpdate 2) ntptrace 3) ntpdc 4) ntpq

Question 37

pwdump7

Answer 37

dumps hashes from windows SAM file

Question 38

winrtgen

Answer 38

generates rainbow tables

Question 39

Rainbow Crack

Answer 39

compares hashes with rainbow table

Question 40

cirt.net

Answer 40

default passwords

Question 41

w3dr.net

Answer 41

default passwords

Question 42

fortypoundhead.com

Answer 42

default passwords

Question 43

pspv.exe

Answer 43

Protected Storage PassView : | windows password grabber (from Outlook, IE, ec.)

Question 44

Ophcrack

Answer 44

cracking hashes

Question 45

L0phtcrack

Answer 45

cracking hashes

Question 46

pwdump

Answer 46

cracking hashes

Question 47

Active@ Password Changer

Answer 47

Windows password recovery

Question 48

Trinity REscue Kit

Answer 48

Windows/Linux password recovery

Question 49

ERD Commander

Answer 49

Windows password recovery

Question 50

Windows Recovery Environment (WinRE)

Answer 50

Windows password recovery

Question 51

PsExec

Answer 51

run remote command (Windows, part of PSTools)

Question 52

auditpol

Answer 52

disable auditing | auditpot \clead

Question 53

Dumpel

Answer 53

can be used to clear log files

Question 54

Elsave

Answer 54

can be used to clear log files

Question 55

WinZapper

Answer 55

can be used to clear log files

Question 56

CCleaner

Answer 56

can be used to clear log files

Question 57

Wipe

Answer 57

can be used to clear log files

Question 58

Tracks Erase Pro

Answer 58

can be used to clear log files

Question 59

Clear My History

Answer 59

can be used to clear log files

Question 60

MRU-Blaster

Answer 60

can be used to clear log files

Question 61

SFIND

Answer 61

Find ADS streamed files (Windows)

Question 62

LNS

Answer 62

Find ADS streamed files (Windows)

Question 63

Tripwire

Answer 63

detects files changes, including ADS streamed files. (Windows)

Question 64

Shark

Answer 64

creates botnet

Question 65

Plugbot

Answer 65

creates botnet

Question 66

Poison Ivy

Answer 66

creates botnet

Question 67

LOIC

Answer 67

Low Orbit Ion Cannon botnet/DDOS

Question 68

DoSHTTP

Answer 68

HTTP Flood

Question 69

UDP Flood

Answer 69

UDP DoS

Question 70

Jolt2

Answer 70

IP packet fragmentation DoS

Question 71

Targa

Answer 71

DoS multitool

Question 72

Trinoo

Answer 72

DDos (UDP Flooding)

Question 73

TFN2K

Answer 73

DDoS (UDP, SYN, UDP Flood)

Question 74

Stacheldraht

Answer 74

DDoS

Question 75

PacketCreator

Answer 75

MITM

Question 76

Ettercap

Answer 76

MITM

Question 77

Dsniff

Answer 77

MITM

Question 78

WebScarab

Answer 78

HTTP Proxy

Question 79

Paros Proxy

Answer 79

HTTP Proxy

Question 80

Burp Suite

Answer 80

HTTP Proxy

Question 81

ProxyFuzz

Answer 81

HTTP Proxy

Question 82

Odysseus Proxy

Answer 82

HTTP Proxy

Question 83

Fiddler (by Microsoft)

Answer 83

HTTP Proxy

Question 84

dnsspoof

Answer 84

spoofs dns