Establishing Persistence

Question 1

Name two browser extension PenTesting tools

Answer 1

Neto and Tarnish

Question 2

What does EPP stand for?

Answer 2

Endpoint protection platform

Question 3

What does EDR stand for?

Answer 3

Endpoint detection and response

Question 4

What does NGAV stand for?

Answer 4

Next Generation Anti-Virus

Question 5

What does pwncat do?

Answer 5

simplifies tasks such as privilege escalation, file transfer and tunneling

Question 6

What does sshuttle do?

Answer 6

combines the features of a VPN and SSH.

Question 7

How do SMB Relay Attacks work?

Answer 7

attacker captures and relays a users NTML hash

Question 8

What are some famous SMB attacks?

Answer 8

WannaCry
Trickbot trojan
Emotet trojan

Question 9

Is Kerberos authentication recommended for SMB

Answer 9

Yes

Question 10

SDP stands for?

Answer 10

Service Discovery Protocol

Question 11

SSDP stands for?

Answer 11

Simple Service Discovery Protocol

Question 12

MDNS stands for?

Answer 12

Multicast DNS

Question 13

LPD stands for?

Answer 13

Line Printer Daemon

Question 14

WMI stands for?

Answer 14

Windows Management Instrumentation

Question 15

What is WMI (Windows Management Instrumentation) used for?

Answer 15

To configure systems

Question 16

WinRM stands for?

Answer 16

Windows Remote Management

Question 17

What is WinRM used for?

Answer 17

management protocol used by windows to communicate with servers remotely

Question 18

What protocol does WinRM use?

Answer 18

built on SOAP-based and communicate over HTTP/HTTPS

Question 19

What standard ports does WinRM use?

Answer 19

5985 for HTTP and 5986 for HTTPS

Question 20

What does this command do: winrm get winrm/config

Answer 20

show current config

Question 21

What does this command do: winrm quickconfigu

Answer 21

set up default configuration vales on a local machine

Question 22

What are LOLBins (Living of the Land Binaries)?

Answer 22

are binaries that use legitmate commands to execute malicious activities

Question 23

What is Covenant?

Answer 23

open-source C2 framework

Question 24

What is Covenant developed with?

Answer 24

ASP.NET

Question 25

Is Covenant CLI or Web-based?

Answer 25

Web-based

Question 26

What is CrackMapExec(CME)?

Answer 26

Post-exploitation tool designed for pen testing in Windows

Question 27

What can CrackMapExec enumerate?

Answer 27

Active Directory

Question 28

What is Impact?

Answer 28

Collection of Python classes focused on low-level networking protocols

Question 29

What is Mimikatz?

Answer 29

Password retrieval