What does Nmap’s -sS option do?
Performs a SYN stealth scan, sending SYN packets without completing the TCP handshake.
How do you capture packets with Wireshark on a specific interface?
Select the desired interface and click “Start Capture.” Use filters like tcp.port == 80 to narrow down results.
What is Metasploit used for?
A framework providing exploits, payloads, and modules to automate the exploitation process.
Give an example of using an Nmap script.
nmap --script=vuln <target> to run vulnerability detection scripts.
Which command line tool can brute force FTP or SSH passwords?
Hydra (e.g., hydra -l user -P passlist.txt ftp://target).
How do you view open connections in Windows?
Use netstat -ano to see active connections, listening ports, and associated process IDs.
What is John the Ripper used for?
An open-source password-cracking tool performing dictionary, brute force, or hybrid attacks on password hashes.
Which tool can test a web application for common vulnerabilities automatically?
Nikto or OWASP ZAP can scan for known web vulnerabilities like outdated servers and XSS.
What is Burp Suite used for?
Web app security testing: intercepting requests, modifying parameters, and scanning for vulnerabilities.
How do you perform a simple port scan with Netcat?
nc -vz <target> <port range> (e.g., nc -vz 192.168.0.10 1-1000).