Linux Commands
This command is used to interact with a web server using a command line interface.
What is wget?
This command is used to display the processes running on a system.
What is tasklist?
A command that is used to remotely issue commands to a windows system.
What is invoke-request?
In CVSS scoring these are the metric choices for the CIA category.
What are High, Low, and None?
A file format that uses attribute-value pairs to define configurations in a structure that is easy for both humans and machines to read and consume.
What is JSON? (JavaScript Object Notation)
A command that is used to remotely access a server and obtain shell access.
What is ssh?
A command that is used to display network activity, in particular active IP addresses and ports.
What is netstat?
This command is used to interact with system using http or https.
What is Invoke-webrequest?
These metrics are the choices for the scope category.
What are Changed and Unchanged?
A sign that an asset or network has been attacked or is currently under attack.
What is IoC? (Indicator of compromise)
This command is used to identify the current session user.
What is whoami?
This command is a net command it is used to perform many administrative tasks.
What is the net<option>?
Starts a new process, often to load malware or a rouge process.
What is Start-process?
What are Physical, Local, Adjacent Network, Network?
A process that provides a shared login capability across multiple systems and enterprises. It essentially connects the identity management services of multiple systems.
What is federation?
This command is a cleartext protocol used to perform file transfer.
What is ftp?
This command allows local and remote configuration of network-related services.
What is netsh?
A command used to display processes configured on a system
What is Get-process?
In PR these are the associated metrics.
What are None, Low, High
An application attack that allows access to commands, files, and directories that may or may not be connected to the web document root directory.
What is directory traversal?
A command used to display network activity, in particular active IP addresses and ports.
What is netstat?
This command is a command line interface to WMI/
What is wmic?
This command is used to download information from a web server, such as a malicious script or payload.
What is Downloadstring?
The metrics of "N" and "R" are part of this category.
What is User Interaction?
A framework for ensuring proper application of SPF and DKIM, utilizing a policy published as a DNS record.
What is DMARC? (Domain-based Message Authentication, Reporting, and Conformance)