Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
59 Cards in this Set
- Front
- Back
Dmitry |
Info gathering tool Subdomains Email addresses Tcp port scan Banner reading Who's lookup in IP or domain name |
|
Dnmap |
Client version and server version Distribute nmap scans among several clients |
|
Ike-scan |
Uses Ike protocol Scans IP addresses for VPN servers |
|
Ike protocol |
Internet key exchange Protocol used to set up a security association in the ipsec protocol suite Sets up a shared session secret where crypto keys are derived |
|
Maltego |
Data mining....represents visually in a graph |
|
Netdiscover |
Live host identification Mostly used for networks without a DHCP server War driving uses this |
|
Nmap |
Discover hosts and services on a network and build a map of the network |
|
Zenmap |
Graphical version of nmap |
|
p0f |
Passive tcp/IP stack fingerprinting Identify the system running on the machines that that sends network traffic to the box it is running on |
|
Recon-ng |
Passive recon Written in python |
|
If you want to exploit use To social engineering use To passive recon use |
Metasploit Set Recon-ng |
|
Sparta |
Recon tool Can scan for hosts Can brute Force passwords |
|
Lynis |
Vulnerability analysis Extensive security scans Determine os Search for tools/utilities Find enabled plugins Report status of security scan |
|
Golismero |
Vulnerability scan Shows list of available config files Available plug ins Info dump |
|
Nikto |
Vulnerability scanner Checks for malicious files, outdated servers, server specific oroblems, installed web servers and software |
|
Unix-privesc-check |
Runs on Unix Looks for misconfigurations that could allow privilege escalations |
|
Burpsuite |
Web application analysis Graphical Detects vulnerabilities Can capture traffic to analyze or change Credential harvesting |
|
Commix |
Web application analysis Command injection exploiter Test web application for vulnerabilities related to command injection attacks |
|
Httrack |
Website copier Can copy website to your local computer to test on it |
|
Owasp-zap |
Graphical Web application analysis Active,passive scans, fuzzing |
|
Skipfish |
Web application analysis Security reconnaissance Interactive site map |
|
Sqlmap |
Website application analysis Detecting and exploiting SQL injection flaws |
|
Webscarab |
Web application analysis Graphical Standard Web application review |
|
Wpscan |
Word press vulnerability scanner Blogging platform |
|
Bbqsql |
Database assessment Blind SQL injection framework |
|
Bbqsql |
Database assessment Blind SQL injection framework |
|
Hexorbase |
Database assessment Auditing multiple databases SQL queries, brute Force access to servers, packet routing to communicate to remotely inaccessible servers |
|
Jsql injection |
Find database information |
|
Mdb-sql |
Allows users to connect to the Microsoft access database files (.mdb) and executes sql queries |
|
Oscanner |
Oracle scanner Oracle assessment framework |
|
Sidguesser |
Guesses Sid's/instances against Oracle database using a predefined dictionary file |
|
Sqldict |
Dictionary attack for SQL server |
|
Sqlite databases |
Automated access to SQL lite databases (browsers, mobile devices....) |
|
Sqlninja |
Targets SQL injection vulnerabilities on a web app that uses Microsoft SQL server as it's back end |
|
Sqlsus |
MySQL injection and takeover tool Retrieve database structure, inject your own SQL queries, download files, etc. |
|
Tnscmd10g |
A tool to prod the Oracle tnslsnr process |
|
Cewl |
Spiders a given url and returns a list of words that could be used for password crackers |
|
Crunch |
Users can specify a character or set of characters and crunch generates all possible combos |
|
Hashcat |
Password recovering World's fastest |
|
John/ johnny |
John the ripper password cracker Johnny is the GUI |
|
Medusa |
Log in brute force |
|
Ncrack |
Network authentication cracking took Tests hosts and network devices |
|
Ophcrack |
Windows password cracker based on rainbow tables |
|
Pyrit |
Create massive databases of pre computed wpa/wpa2-psk authentication phase |
|
Rainbow crack |
Cracks hashes with rainbow tables |
|
Rcracki_mt |
Hybrid of rcrack that supports hybrid and indexed tables |
|
Wordlists |
Wordlists and password files |
|
Aircrack-ng |
Wireless attack 802.11 wep and wpa-psk key cracking program that can recover keys once enough data packets are captured |
|
Chirp |
Wireless attack |
|
Cowpatty |
Wpa/wpa2 dictionary attack |
|
Fern WiFi cracker |
Can crack and recover wep, wpa, and wps keys Can run other network attacks on wireless or Ethernet networks |
|
Ghost phisher |
Emulates access points on Ethernet or wireless networks |
|
Giskismet |
Wireless recon visualization tool |
|
Kismet |
Layer 2 wireless network detector, sniffer, IDs. Can sniff 802.11 traffic |
|
Reaver |
Brute Force attack against wps |
|
Apktool |
Reverse engineering Android apps |
|
Clang |
Parse analyze code in c, c++,... |
|
Dex2jar |
Works with .Dex files Android |
|
Mimikatz |
Uses admin rights on Windows to display passwords in plain text |