CEH Chapter 4

Ace your homework & exams now with Quizwiz!

URI (Uniform Resource Identifier)

The protocol used that is put before a FQDN http:// https:// ftp:// etc...

ARIN (American Registry for Internet Numbers)

The North american (US and Canada), as well as Caribbean and Antarctica RIR

AfriNIC (African Network Information Center)

The african RIR

ICANN (Internet Corporation for Assigned Names and Numbers)

The authority above IANA

TLD (top-level domain)

The highest-level category used to distinguish domain names-for example, .org, .com, and .net. A TLD is also known as the domain suffix.

FQDN (Fully Qualified Domain Name)

The host name combined with the host's domain name.

wappalyzer

A chrome and firefox extension that attempts to scan for technologies and frameworks used on a website.

Recon (chrome)

A chrome extension that gives context menu when right clicking links to give basic/quick

firebug

A firefox extension that does a deep investigation of a websites technologies including DOM elements

Job Descriptions

A great way to find out about what types of technologies a company uses based on the employee specifications they are looking for

IANA (Internet Assigned Numbers Authority)

A nonprofit group charged with managing IP address allocation and the domain name system. The oversight for many of IANA's functions was given to ICANN in 1998; however, IANA continues to perform Internet addressing and domain name system administration.

RIR (Regional Internet Registry)

A not-for-profit agency that manages the distribution of IP addresses to private and public entities. They get their IP addresses from IANA.

HTTrack

A program that performs a spider on a website but runs it on a mirror of the specified website to help avoid detection.

InSpy

A python script that will take in a txt file of relevant technologies and search for jobs related to those technologies at a specified company.

theHarvester

A script that runs through various sources to search for contact details of people who work for a specific website/company.

Host

A unix cmd line tool used to get IP info of a Domain

Netcraft

A website that tracks statistics and info of web hosts

A

Adress record

Domain Registrar

An organization or commercial entity that manages the reservation of Internet domain names. They also can provide useful information, such as employee names and HQ physical addresses. The info is not guaranteed to be real/truthful however.

APNIC (Asia Pacific Network Information Center)

Asia, Australia, New Zealand, and neighboring countries RIR

Google Hacking

Creative searches in google to find exposed systems

RIPE NNC (Réseaux IP Européens Network Coordination Centre)

Europe, Russia, West Asia and Central Asia RIR

Sources for theHarvester

Google PGP MIT More...

LACNIC (Latin American and Caribbean Internet Addresses Registry)

Latin America and parts of the caribbean RIR

NS

Name server record

P0f

Passive OS fingerprinting tool that evaluates large amounts of data while identifying the network hosts involved in TCP/IP communications. Not as useful as it once was due to HTTPS being more widely used

Domains to search people

Pipl Wink Intelius

EDGAR (Electronic Data Gathering and Retrieval)

SEC reporting system requiring companies to file their financial statements and other information electronically to allow current and potential investors access quickly and easily over the Internet.

DNS

The service that translates URLs to IP addresses. It is a tiered system ,with TLD's at top,then second level domains, subdomains, and hostnames in that order

Passive Reconnaissance

Using searches online for publicly accessible information that can reveal valuable insight about a system.

zone transfer

When DNS servers exchange information among themselves it is known as a ____. Often, a primary server will have multiple secondary servers. The secondary servers would issues zone transfer requests to the primary server to update their records

URL (Uniform Resource Locator)

_______ is the address of a Web page on the World Wide Web. It is built as such: URI -> FQDN

R3con

a firefox plugin that gives info on the web pages you visit

nslookup

a tool used to query the DNS system to find the IP addresses for domain names, and vice versa

WHOIS

an internet utility program that obtains information about a domain name or IP number from the database of a domain name registry

dig

similar to nslookup but also has the ability to specify resource record type, request,and server for the request

axfr

the argument used to specify a zone transfer with dig

dnsrecon

used to extract common resource records using DNS. Can be used to identify hostnames as a result of repeated requests based on a provided wordlist. The words from the wordlists are prepended to the given domain name and the program searches for resolved FQDNs using a brute force like tactic.


Related study sets

Database Foundations Final Practice Test

View Set

Chapter 10. Nursing Care of Patients in Pain

View Set

International Business Exam Questions

View Set

Management Accounting quiz 4 (Chapter 9)

View Set

MAT217 Final Exam Word Problems Review

View Set