Domain 1.4 - Analyzing Assessment Output
Arachni
A Ruby framework for assessing the security of a web application.
oclHashcat
A general-purpose computing on graphics processing units (GPGPU)-based multi-hash cracker using a brute-force attack.
real user monitoring (RUM)
A monitoring method that captures and analyzes every transaction of every application or website user.
host scanning
A process that involves identifying the live hosts on a network or in a domain namespace.
Nessus Professional
A proprietary network scanner developed by Tenable Network Security
null scan
A scan is series of TCP packets that contain a sequence number of 0 and no set flags
Aircrack-ng
A set of command-line tools for sniffing and attacking wireless networks.
Burp Suite
A suite of tools used for testing web applications
Responder
A tool that can be used for answering NBT and LLMNR name requests.
Nmap
A tool that can be used to scan for open ports and perform many other operations, including performing certain attacks.
synthetic transaction monitoring
A type of proactive monitoring that uses external agents to run scripted transactions against an application.
XMAS scan
A type of scan that sets the FIN, PSH, and URG flags.
web vulnerability scanner
A type of scanner used to assess the security of web applications.
Nikto
A vulnerability scanner that is dedicated to web servrs.
OWASP Zed Attack Proxy (ZAP)
An application that stands between the web server and the client and passes all requests and responses back and forth, while analyzing the information to test the security of the web application.
SYN flood
An attack where the target is overwhelmed with unanswered SYN/ ACK packets.
OpenVAS
An open-source scanner developed from the Nessus code base, available as a package for many Linux distributions.
fuzzing
Injecting invalid or unexpected input (sometimes called faults) into an application to test how the application reacts.
software development life cycle (SDLC)
Provides a predictable framework of procedures designed to identify all requirements with regard to functionality, cost, reliability, and delivery schedule and ensures that each is met in the final solution.
Qualys
Qualys is a cloud-based solution that detects vulnerabilities on all networked assets, including servers, network devices (e.g. routers, switches, firewalls, etc.), peripherals (such as IP-based printers or fax machines), and workstations. Qualys can assess any device that has an IP address.
dynamic analysis
Software code analysis done with the code executing.
enumeration
The process of discovering what is in the network along with any other pieces of information that might be helpful in a network attack or compromise.
reverse engineering
The process of taking something apart to discover how it works and perhaps to replicate it; retracing the steps in an incident, as seen from the logs.
passive enumeration
The technique of capturing traffic and making educated assumptions from the traffic.
active enumeration
The technique of sending packets of some sort to the network and then assessing responses.
Fin Scan
Type of scan that sets the FIN bit only.
ScoutSuite
A data collection tool that allows you to use what are called longitudinal survey panels to track and monitor the cloud environment.
Reaver
Both a package of tools called Reaver and a tool within the package called Reaver that is used to attack Wi-Fi Protected Setup (WPS).
static code analysis
Code analysis that is conducted without the code executing.