I Know What You Did on That Endpoint
This IDS Evasion Technique takes advantage of an IDS' inability to reassemble packets into the appropriate order to compare against a known signature.
What is Out-of-Order Sequencing
This Cisco router file is typically stored in NRVAM and is considered "persistent".
What is the Startup configuration file
This form of content spoofing happens when an attacker injects arbitrary HMTL code into a vulnerable web page in order to obtain login credentials
What is HTML Injection?
When conducting a port scan, these are the three reposes that may be received.
What are:
Open, Accepted
Closed, Not Listening
Filtered, Dropped, Blocked
This dig query type signifies a Pointer record.
What is PTR?
This type of evasion attack embeds a partial attack payload in the TCP handshake and delivers the remaining payload in a subsequent packet after handshake completion
What is Established?
This is the process of identifying routers to uncover network weaknesses in order to plan future attacks.
What is Router Reconnaissance
This security solution enables a network administrator to inspect all incoming and outgoing network traffic, while also blocking malicious traffic instantly.
What is a NIPS?
This network scanning tool is "noisy" and easily detectable.
What is Angry IP Scanner?
This dig command would locate any IPv4 information pertaining to www.goarmy.com
What is
dig A www.goarmy.com
A host with the avp.exe process actively running is likely using this software.
What is Kaspersky?
You target a switch’s ARP table by spoofing MAC addresses so that IP traffic gets rerouted through your machine, turning you into a man-in-the-middle.
What is ARP Poisoning?
This attack modifies the text of a web application to display altered or misleading content to the user without executing scripts.
What is Text Injection?
This fingerprinting tool is capable of both passive and active protocol dissection, and supports multiple sniffing modes such as IP-based, MAC-based, and ARP-based sniffing.
What is Ettercap?
This technique is used to identify characteristics of a system without sending any direct probes.
What is passive fingerprinting?
This evasion technique involves encoding malware to bypass IDS detection.
What is obfuscation?
These two Nmap scan types will return filtered ports when enumerating firewalls.
What are TCP SYN Stealth & TCP Connect scans
This type of attack is suggested when a user input contains OR '1'='1', potentially allowing unauthorized access to a database.
What is SQL Injection?
This technique sends malformed packets and observes target responses in order to identify a target OS.
What is Active Fingerprinting?
DOUBLE JEOPARDY
The team that selected this category may wager points, if negative they can wager up to 500.
What are the seven steps of the cyber kill chain?
This evasion technique involves overloading an IDS with traffic in order to force it into a fail-open state.
What is Denial of Service?
This open source exploitation framework is designed primarily to detect and exploit router vulnerabilities and utilizes a CLI interface.
What is RouterSploit?
When deliberately malformed input is used to trigger database errors that reveal information such as table names or column structure, this SQL injection technique is being used.
What is Error-Based SQL Injection?
This Endpoint Security software opens a port listener on port 1110.
What is Kaspersky Internet Security?
This nslookup command will query the start of authority records for the website www.goarmy.mil
nslookup -query=SOA www.goarmy.mil
nslookup -type=SOA www.goarmy.mil