Show:
Hack Tools
CLI
History
Ports and Protocols Potpourri
Miscellaneous
100

What is the open source hash cracking tool that popularized GPU acceleration?

Hashcat

100

What does the symbol “|” stand for in Powershell/Bash and what is its purpose?

Pipe/Pipeline, pass output to another command

100

How did threat actors gain initial access to Colonial Pipeline in the 2021 cyber attack?

Stale VPN account, no MFA, possible password reuse from dark web

100

Secure Shell

TCP 22

100

What two primary factors determine risk?

Impact and Likelihood

200

What is the name of the popular open source tool used to dump cached Windows credentials from memory?

mimikatz

200

How can you show current running processes on a Linux system in Bash?

ps, top/htop, ls /proc

200

What is the term coined for calling many different phone numbers to find live modems?

War dialing

200

Server Message Block

TCP 445

200

What are the three types of authentication?

Something you are, know, and have

300

What kind of attack was LOIC, made popular by Anonymous, used for?

DDoS

300

How would you find the version of Powershell you are using from Powershell?

$psversiontable, Get-Host, $host

300

Who is the cryptanalyst famous for allowing the Allies to break Axis encryption during WWII?

Alan Turing

300

Windows Remote Desktop Protocol

TCP/UDP 3389

300

In the context of Windows Security Events, what does Logon Type 10 represent?

RemoteInteractive – RDP or Remote Assistance

400

What is the default Nmap TCP scan type?

SYN scan, half open scan

400

What Windows CMD command shows currently logged in users?

query session, query user

400

What is the name of the SMB exploit developed by the NSA that was leaked and used by WannaCry ransomware?

EternalBlue

400

Internet Key Exchange

UDP 500

400

In the context of vulnerabilities, what does RCE stand for?

Remote Code Execution

500

Who maintains Metasploit and what language is it written in?

Rapid7, Ruby

500

What the default filesystem path of the Powershell binary?

C:\Windows\System32\WindowsPowershell\1.0\powershell.exe

500

What software was exploited to gain initial access to Equifax in 2017?

Apache Struts

500

Session Initiation Protocol

TCP/UDP 5060

500

Why is stored XSS more dangerous than reflected XSS?

Code is kept in web app and loaded automatically vs requiring user interaction