Tool and Techniques
This recon tool can identify open ports, services and operating systems with various scan types
What is Nmap?
This 32-character hexadecimal hash algorithm is cryptographically broken but still commonly seen
What is MD5?
DDoS is the acronym for this attack method, that overwhelms systems with traffic
What is Distributed Denial of Service?
SIEM is an acronym for which system used to collect, analyse, and manage security logs?
What is "Security Information and Event Management"?
This text-based attack tricks users into clicking malicious links or revealing credentials
What is smishing?
What are hashes?
Adding this random data to passwords before hashing prevents rainbow table attacks
What is salt?
This network security device device filters traffic based on rules, blocking or allowing packets
What is a firewall?
This is the phase of incident response between Identification and Eradication
What is containment?
XSS attacks inject malicious scripts into websites, with X standing for this word
What is Cross?
This directory brute-forcing tool discovers hidden web paths like /admin and /backup
What is Gobuster? (I'll also accept alternative directory brute-forcers)
This encryption method uses the same key for both encryption and decryption and includes algorithms like AES/DES
What is symmetric encryption?
This technique divides networks into isolated sections to contain breaches and limit lateral movement
What is network segmentation?
This team conducts simulated attacks on an organisation’s systems to test its defences
What is red team?
This common web vulnerability allows attackers to inject malicious commands into database queries
What is SQL injection?
Hydra performs password attacks against login services like SSH, FTP, and this protocol on port 3389
What is RDP?
In Linux password files, hashes starting with $6 indicate this hashing algorithm is being used
What is SHA-512 Crypt?
Disabling this service on port 23 prevents cleartext password transmission to network devices
What is Telnet?
This framework by MITRE documents adversary tactics and techniques across the attack lifecycle
What is ATT&CK?
The 2014 Heartbleed vulnerability affected this widely-used cryptographic library
What is OpenSSL?
In Linux, this command would list the directory contents of /home/jesse including hidden files
What is 'ls -a /home/jesse'?
This is the input that results in the following NTLM hash: 72FC5EF38C07F24388017C748CEAB330
What is "helloworld"?
This open source VPN protocol operates on UDP port 1194
What is OpenVPN?
This principle ensures evidence hasn't been tampered with by documenting every person who handled it
What is chain of custody?
EternalBlue exploited SMBv1, leading to this 2017 ransomware outbreak that crippled hospitals
What is WannaCry?