Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Hacker Course > Tools > Flashcards

Tools Flashcards

(102 cards)

Start Studying
1
Q

What is Aadinternals?

A

PowerShell module for managing Azure Active Directory/Entra ID. Allows for unauthenticated enumeration and information disclosure of Azure tenant details.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Anki used for?

A

A flexible flash card system that applies spaced repetition theory for improved long-term retention development.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Basic Blob Finder do?

A

Search for public Azure Blobs, enumerating the files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is BeEF?

A

The Browser Exploitation Framework is a suite of tools for exploiting vulnerabilities in browsers delivered through several attack vectors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Bloodhound used for?

A

Graphically maps the relationships to systems, permissions on those systems, and the permissions of the users logged onto those systems to help an attacker identify the most direct route to elevating the permissions of the system they have access to into a domain admin account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does Bucket Finder do?

A

Search for AWS S3 storage buckets, identifying them as protected, public, or not found.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Burp Proxy?

A

Cross-platform web proxy for inspecting, attacking web sites and clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Certificate Transparency Search?

A

Examine certificate registration data for host and system discovery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Certutil?

A

A utility that ships with Windows for managing certificates, downloading content from an arbitrary URL, encoding and decoding Base64 data, and calculating hashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does CeWL do?

A

Crawls a target website and collects all web pages and common document formats (MS Office, PDF, images).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is CloudMapper?

A

An open-source tool for visualizing AWS and auditing AWS cloud deployments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is cURL?

A

A library and command line tool for transferring data using various network protocols including HTTP, HTTPS, FTP, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Cyber Chef?

A

A web app for encryption, encoding, compression, and data analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is DefenderCheck?

A

Assesses an executable file to identify the location where Windows Defender characterizes it as malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is dig?

A

DNS interrogation tool (the UNIX/Linux/macOS version of nslookup).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does DNSStuff provide?

A

Various tools for interrogating Internet-connected systems including DNS information, IP address information, and various network configuration settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Exiftool?

A

A Perl script that extracts metadata from many different file types including Microsoft Office, PDF, and many different image file types.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does EyeWitness do?

A

Scans a range of hosts, recording a screenshot of web server content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is FireProx?

A

AWS API proxy tool to masquerade attacker IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is FTK Imager?

A

A forensic data imaging and inspection tool.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does GCPBucketFinder do?

A

Identify and enumerate the permissions associated with Google Compute Buckets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is Ghidra?

A

A software reverse engineering suite of tools developed by the NSA’s Research Directorate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the GNU Debugger?

A

A portable debugger that runs on many Unix-like systems and works for many programming languages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the Google Hacking Database?

A

Search tool to use Google to identify vulnerabilities in public websites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is Hashcat?
Multi-functional password hash recovery tool; predominantly uses GPUs for cracking functionality.
26
What is Have I Been Pwned?
Service to determine if an email address or username is known to have been included in a major breach.
27
What does Hayabusa do?
A fast Windows Event Log scanner that integrates Sigma rules for threat hunting and timeline generation.
28
What is Hydra?
Online password guessing tool.
29
What is IDA Pro?
A commercial disassembler, useful for malware analysis and many other reverse-engineering tasks.
30
What is JQ?
A command line tool for processing JSON data.
31
What does lsof do?
LiSt Open Files, including open TCP and UDP port usage.
32
What is Lusrmgr.msc?
The snap-in configuration utility to manage local users and groups.
33
What is Massscan?
Port scanning tool designed to scan large quantities of IP addresses.
34
What is Metasm?
A free assembler, disassembler, and compiler written in Ruby. Can be used for Ghostwriting attacks.
35
What is the Metasploit Framework?
Attack framework for combining exploits, payloads, auxiliary modules, and post-exploitation modules against identified targets.
36
What is Metasploit Meterpreter?
Advanced Command & Control framework that is part of the Metasploit Framework.
37
What does Mimikatz do?
A well-known password and password hash extraction tool for Windows.
38
What is MSBuild?
A built-in Windows tool for building and executing C/C++/C# code.
39
What is Msconfig?
The Windows System Configuration utility, intended for managing configuration and troubleshooting tasks on Windows.
40
What is MsfVenom?
Part of the Metasploit Framework, capable of generating and encoding Metasploit Framework payloads into independent executables.
41
What does MSOLSpray do?
Microsoft 365 password attack tool.
42
What is Namechk?
Check multiple online sources for registered usernames.
43
What is Nbtstat?
A built-in Windows tool for collecting information on SMB servers over the NetBIOS protocol, over TCP.
44
What are Net Commands used for?
Perform operations on Groups, users, account policies, shares etc.
45
What is Netcat?
A featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.
46
What does Netsh do?
A command line scripting utility that allows you to display or modify the network configuration of a computer.
47
What is Netstat?
Identify listening services, connections on a host system.
48
What is Nmap?
Network port scan, mapping, and assessment tool.
49
What does Ntdsutil do?
Provides management facilities for Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS).
50
What is OpenSSL?
A programming library for encryption and encoding operations, implementing common network protocols.
51
What is Pacu?
A modular collection of exploits for multiple cloud enumeration, privilege escalation, and data exfiltration.
52
Fill in the blank: Passwd is a _______ utility to change your password, or other user's passwords when you have root privileges.
[Linux]
53
What is PowerView?
PowerShell cmdlets for interrogating Windows systems including multiple scanning and enumeration functions.
54
What does ProcDOT do?
Takes output from Process Monitor and optionally a PCAP file, and displays the events graphically.
55
What is Procdump?
Part of the SysInternals suite for Windows, allowing an administrator to dump the memory from running processes.
56
What is Process Explorer?
Part of the Microsoft SysInternals suite of tools, used for tracking process execution for Windows executables.
57
What is Process Monitor (Procmon)?
Used for real-time file system, Registry and process monitoring.
58
What is Real Intelligence Threat Analytics (RITA)?
An open source framework for network traffic analysis and threat hunting.
59
What does Reg do?
Reads and writes to the Windows registry from the command line.
60
What is Regshot?
A snapshot recording tool for Windows that allows you to record a snapshot of the registry and file system.
61
What does Responder do?
A poisoner for LLMNR, NBT-NS, and MDNS, commonly used to steal authentication credentials from Windows victims on the LAN.
62
What does Rpcclient do?
Interrogate Windows RPC services from Linux.
63
What is s3logparse?
Summarizes and collects data from AWS S3 logs.
64
What is Samba?
A collection of tools to interact with Windows systems from Linux.
65
What does sc do?
Control Windows services from the command line.
66
What is Schtasks?
A Windows built-in utility for managing scheduled tasks.
67
What is ScoutSuite?
A dedicated vulnerability assessment tool for cloud environments.
68
What does secretsdump.py do?
Extracts password hash information from the Windows domain SAM file and SYSTEM hive.
69
What is SecuritySpace?
Online vulnerability assessment/network security auditing services including network monitoring and notification.
70
What is services.msc?
Command to open the snap-in control panel for managing Windows services in a GUI interface.
71
What is SharpView?
Interrogate Windows properties including users, platforms, domain settings, and more.
72
What is SHODAN?
Use Shodan to discover Internet devices including vulnerable platforms and systems.
73
What is Smbclient?
FTP-like client to access SMB/CIFS resources on servers.
74
What does Sqlmap do?
An open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws.
75
What is Squid?
A popular open source web proxy tool.
76
What does Strings (Linux) do?
Extracts plaintext strings from a specified file, supporting both ASCII and UTF-16 string data.
77
What is Strings (Windows)?
Extracts ASCII and UTF-16 string values from an arbitrary file.
78
What is Sudo?
A program for Unix-like operating systems that allows users to run programs with the security privileges of another user.
79
What is SysInternals?
A collection of tools to perform advanced management, diagnostics, troubleshooting, and monitoring in a Microsoft Windows environment.
80
What does systemctl do?
Control Linux services.
81
What is Tasklist?
A built-in Windows tool that enumerates running processes and services.
82
What is Tcpdump?
A command line network packet capture and analysis tool.
83
What is TCPView?
Shows detailed listings of all TCP and UDP endpoints on your system.
84
What is TLS-Scan?
A network scanning tool to extract SSL and TLS certificate details from servers.
85
What is TCPView?
A tool that shows detailed listings of all TCP and UDP endpoints on your system, including local and remote addresses and state of TCP connections. ## Footnote Part of the Microsoft SysInternals suite of tools.
86
What type of tool is TLS-Scan?
A network scanning tool to extract SSL and TLS certificate details from servers, saving the output as a JSON file. ## Footnote Useful for identifying attribution for a server based on certificate details.
87
What is Tshark?
The command line version of Wireshark. ## Footnote It is free and open source, available on multiple platforms.
88
What does the Unshadow tool do?
Merges the password and shadow files into a single unified file for password cracking efficiency. ## Footnote Included with John the Ripper.
89
What is the US Government SEC Database used for?
A source for collecting data for publicly traded US companies. ## Footnote Useful for offense and defense purposes.
90
What is the function of useradd in Linux?
To add new user accounts to the system. ## Footnote It's a free and open-source utility.
91
What does Velociraptor do?
Collects and reports information on Windows, Linux, and macOS systems using client endpoint software. ## Footnote It is free and open source.
92
What is Volatility?
An open-source memory forensics framework. ## Footnote Available on multiple operating systems.
93
What is vpc-flow-log-analysis used for?
To visualize AWS VPC flow logs. ## Footnote Original source available on GitHub.
94
What is the purpose of Wevtutil?
A command line tool for managing event log data, including purging event logs. ## Footnote Comes with Windows.
95
What does wget do?
Retrieves content from a specified URL. ## Footnote A free and open-source utility.
96
What is the whois utility used for?
To interrogate DNS registration data. ## Footnote Available on Linux and macOS.
97
What is Windump?
A port of the TCPDump tool to Windows. ## Footnote It is free and open source.
98
What is Wireshark?
The world’s foremost network protocol analyzer. ## Footnote Free and open source, available on multiple platforms.
99
What is wmic?
Windows Management Instrumentation Console for accessing Windows system components and functionality from the command line. ## Footnote It is a commercial tool.
100
What is xlek?
A resource to search millions of online data records for free. ## Footnote It serves both offense and defense purposes.
101
What is Zeek?
A free and open-source software network analysis framework. ## Footnote Its logging data is used for network threat hunting analysis.
102
What is Zenmap?
A GUI front-end and visualization tool for Nmap. ## Footnote It is free and open source.

Hacker Course (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions