Discovering & Analyzing Vulnerabilities

Question 1

Is Nikto open source?

Answer 1

Yes

Question 2

What does Nikto do?

Answer 2

Web server vulnerability scanner and checks for configuration errors

Question 3

What is TruffleHog?

Answer 3

tool for scanning code repositories, clooud storage and other sources to detect exposed secrets

Question 4

TruffleHog can be integrated into what?

Answer 4

CI/CD

Question 5

Is Grype open source?

Answer 5

Yes

Question 6

What does Grype do?

Answer 6

Vulnerability scanner for container images

Question 7

Grype can scan what?

Answer 7

Containers and file systems

Question 8

Kube-hunter is for what?

Answer 8

Kubernetes scanning

Question 9

What is Greenbone OpenVAS for?

Answer 9

full features vulnerability scanner

Question 10

What is BllodhoundAS/Sharphound for?

Answer 10

mapping out Active Directory environments

Question 11

What is PingCastle for?

Answer 11

assessesthe security health of an Active Directory environment

Question 12

Auto jigglers are used to overcome what type of locks?

Answer 12

Waffer

Question 13

Bump keys are used to ovecome which locks

Answer 13

pin tumbler locks