What are the main components of Bash scripting?
loops, conditionals, operators
These components are essential for controlling the flow of a script.
Name three tools used for wireless attacks.
-Aircrack-ng – Wi-Fi password cracker (WPA/WPA2 handshake brute-force).
-Kismet – Wireless network sniffer and hidden SSID detector.
-WiFi-Pumpkin – Rogue AP for MITM attacks and credential capture.
These tools are commonly used for testing the security of wireless networks.
What is the purpose of msfvenom in Metasploit?
Msfvenom – Payload generator for custom shellcode/exploits.
Look for suspicious file names or payloads with reverse shells (often with unusual ports).
Which tools are often run on Linux-based attacker VMs?
Impacket, CrackMapExec (CME)
-Impacket – Python toolkit for network protocols & lateral movement (psexec.py, secretsdump.py).
-CrackMapExec (CME) – Swiss army knife for AD — spray creds, enumerate, move laterally.
Detect by unusual NTLM authentication spikes, password spray patterns, or smbexec/psexec events.
List four tools used for web application testing.
sqlmap, Gobuster/DirBuster, wfuzz, WPScan
Each of these tools serves a specific purpose in identifying vulnerabilities in web applications.
What are some tools used for packet analysis and tunneling?
tcpdump, Scapy, Proxychains, sshuttle
These tools help in capturing and analyzing network traffic.
What are some methods of Linux privilege escalation?
cron jobs, SUID bits, library injection, shell escape
These methods exploit vulnerabilities to gain elevated privileges on Linux systems.
What is the default port for SSH?
22
SSH is commonly used for secure remote login.
What does RPC stand for in terms of default services?
Remote Procedure Call
RPC allows programs to execute procedures on other address spaces.
Fill in the blank: NFS stands for _______.
Network File System
NFS is a protocol for file sharing over a network.
