What proxy tool will help you find web vulnerabilities?
When you are testing a web application, it is very useful to employ a proxy tool to save every request and
response. You can manually test every request and analyze the response to find vulnerabilities. You can testparameter and headers manually to get more precise results than if using web vulnerability scanners.
What proxy tool will help you find web vulnerabilities?
What nmap script will help you with this task?
When you are getting information about a web server, it is very important to know the HTTP Methods (GET,
POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and
DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all
these methods (GET, POST, HEAD, PUT, DELETE, TRACE) using NMAP script engine.
What nmap script will help you with this task?
What testing method did you use?
You are tasked to perform a penetration test. While you are performing information gathering, you find an
employee list in Google. You find the receptionist’s email, and you send her an email changing the source email
to her boss’s email( boss@company ). In this email, you ask for a pdf with information. She reads your email
and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain
malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the
links, and her machine gets infected. You now have access to the company network.
What testing method did you use?
What is a "Collision attack" in crypt…
What is a “Collision attack” in cryptography?
What command will help you to search files using Google…
When you are collecting information to perform a data analysis, Google commands are very useful to find
sensitive information and files. These files may contain information about passwords, system functions, or
documentation.
What command will help you to search files using Google as a search engine?
What tool will help you with the task?
You are performing information gathering for an important penetration test. You have found pdf, doc, and
images in your objective. You decide to extract metadata from these files and analyze it.
What tool will help you with the task?
How does the Address Resolution Protocol (ARP) work?
How does the Address Resolution Protocol (ARP) work?
Which regulation defines security and privacy controls …
Which regulation defines security and privacy controls for Federal information systems and organizations?
What should be the first step in security testing the c…
Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic
as possible; therefore, they did not provide any information besides the company name.
What should be the first step in security testing the client?
Which protocol will allow you to guess a sequence number?
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence
number?