Skip to content
This repository has been archived by the owner on Sep 8, 2021. It is now read-only.

Latest commit

 

History

History

Tools_CodeAnalysis

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
5.1
5.1
 
 
5.2
5.2
 
 
5.3
5.3
 
 
README.md
README.md
 
 

README.md

5.0 Tools and Code Analysis

5.1 Explain the basic concepts of scripting and software development.

  • Logic constructs
    • Loops
    • Conditionals
    • Boolean operator
    • String operator
    • Arithmetic operator
  • Data structures
    • JavaScript Object Notation (JSON)
    • Key value
    • Arrays
    • Dictionaries
    • Comma-separated values (CSV)
    • Lists
    • Trees
  • Libraries
  • Classes
  • Procedures
  • Functions

5.2 Given a scenario, analyze a script or code sample for use in a penetration test.

  • Shells
    • Bash
    • PS
  • Programming languages
    • Python
    • Ruby
    • Perl
    • JavaScript
  • Analyze exploit code to:
    • Download files
    • Launch remote access
    • Enumerate users
    • Enumerate assets
  • Opportunities for automation
    • Automate penetration testing process - Perform port scan and then automate next steps based on results - Check configurations and produce a report
    • Scripting to modify IP addresses during a test
    • Nmap scripting to enumerate cyphers and produce reports

5.3 Explain use cases of the following tools during the phases of a penetration test.

(The intent of this objective is NOT to test specific vendor feature sets.)

  • Scanners
    • Nikto
    • Open vulnerability assessment scanner (Open VAS)
    • SQLmap
    • Nessus
    • Open Security Content Automation Protocol (SCAP)
    • Wapiti
    • WPScan
    • Brakeman
    • Scout Suite
  • Credential testing tools
    • Hashcat
    • Medusa
    • Hydra
    • CeWL
    • John the Ripper
    • Cain
    • Mimikatz
    • Patator
    • DirBuster
    • w3af
  • Debuggers
    • OllyDbg
    • Immunity Debugger
    • GNU Debugger (GDB)
    • WinDbg
    • Interactive Disassembler (IDA)
    • Covenant
    • SearchSploit
  • OSINT
    • WHOIS
    • Nslookup
    • Fingerprinting Organization with Collected Archives (FOCA)
    • theHarvester
    • Shodan
    • Maltego
    • Recon-ng
    • Censys
  • Wireless
    • Aircrack-ng suite
    • Kismet
    • Wifite
    • Rogue access point
    • EAPHammer
    • mdk4
    • Spooftooph
    • Reaver
    • Wireless Geographic Logging Engine (WiGLE)
    • Fern
  • Web application tools
    • OWASP ZAP
    • Burp Suite
    • Gobuster
  • Social engineering tools
    • Social Engineering Toolkit (SET)
    • BeEF
  • Remote access tools
    • Secure Shell (SSH)
    • Ncat
    • Netcat
    • ProxyChains
  • Networking tools
    • Wireshark
    • Hping
  • Misc.
    • SearchSploit
    • PowerSploit
    • Responder
    • Impacket tools
    • Empire
    • Metasploit
    • mitm6
    • CrackMapExec
    • TruffleHog
    • Censys
  • Steganography tools
    • Open steg
    • Steghide
    • Snow
    • Coagula
    • Sonic Visualiser
    • TinEye
    • Metagoofil
    • Online SSL checkers
  • Cloud tools
    • Scout Suite
    • CloudBrute
    • Pacu
    • Cloud Custodian