Question

In: Computer Science

Research the following five (5) tools below that could be using during a penetration test: Nmap...

  1. Research the following five (5) tools below that could be using during a penetration test:
    1. Nmap
    2. Wireshark
    3. John the Ripper
    4. Maltego
    5. Recon-ng

For each tool, answer the following questions:

  1. 1) What does the tool do?
  2. 2) Why is the tool favored by attackers for badness?
  3. 3) How can the tool be used by a Defender for good?
  4. 4) What risk does the tool present if used incorrectly on the organization?

Solutions

Expert Solution

N-map

1.Nmap tool also called as Network Mapper, used for vulnerability scanning and network discovery. Generally,Network administrators use N-map finding open ports and detecting security risks

2.N-map is a reconnaissance tool.It is used used to gather information about a site before launching a attack.if the attacker gather this information,the total network is compromised so that it leads to a attack.

3.when we do N-map scan,it provides information on the systems and services that are running on open ports.Through open ports ,the attacker attacks easily. when we find out that open ports,its mandatory to close the open port for better security

4.When Nmap is used improperly, sometimes it get sued, fired, expelled, jailed, or banned by ISP.

Wireshark

1.Wireshark is a network analysis tool.It captures packets from the system and display them in human-readable format.It is also used to inspect the network traffic and analyze the traffic flow.

2.Generally attackers used wireshark to capture and examine data that is flowing across your network. If any data not encrypted is readable,attackers stole that unencrypted data ,even passwords and other sensitive data,so that information is stealed

3.Wireshark is used to check the network traffic in our systems anf if any seems to be vulnerable,recognising that vulnerability and taking necessary action.

4.Whenever scanning is done, we have to close the wireshark.otherwise if someone entered the network and starts managing your system,data is stealed using your system's wireshark by the atacker on your system.

John the Ripper

1.John the Ripper is a password cracking tool.It is used for password testing and breaking programs. It combines a number of password crackers into one package to autodetects password hash types.

2.Key for storing the data is use password and the password must be in encrypted form.Blackhat hackers use this tool for their wrong usage

3.John the Ripper autodetects the encryption on the hashed data and compares with large plain-text file that contains passwords.It performs  hashing on each password, and then stopping it when it finds a match.

4.Legally one have to use the password cracking.If it is found threat by cyber security team.he is prisoned to jail.

Maltego

1.Maltego tool is used for open-source intelligence and forensics.

2.Generally it is used ,information gathering on people.the attackers gather information like email id's, their public information, files publicly uploaded like photos etc., that can be used for performing brute force etc.

3.online investigations for finding relationships between pieces of information from various sources located on the Internet.

4.One cant use it for unlawful or illegally ( collecting email addresses for sending spam).

Recon-ng

1.Recon-ng tool is used for information gathering with its independent modules other modules which can help in gathering the information of the target.

2.Recong-ng is a similar interface like metasploit.First thing is both the white hat expert and the bad guys will do an information-gathering process.This will lead to either a good-stronger defense or falling victim to different kinds of cyber attacks launched against your organization.

3.Recong-ng is a reconnaissance tool .It has an interface similar to Metasploit. If you run recon-ng from the command line, you directly enter into a shell like environment where you can configure options, perform recon and output results to different report types.

4.If used this tool illegally,severe actions are taken by the government.


Related Solutions

Do a bit of research on penetration testing techniques. Investigate and document the following Five network...
Do a bit of research on penetration testing techniques. Investigate and document the following Five network penetration testing techniques Advantages and disadvantages of each One notable social engineering test Possible negative implications of penetration testing Please write between 200 and 300 words
For which of the following research questions could you test using a dependent samples t-test? Group...
For which of the following research questions could you test using a dependent samples t-test? Group of answer choices Do student athletes and non student athletes differ on levels of self-esteem? Is there a difference in verbal problem solving skills between science majors and art majors? Is pain tolerance different with acupuncture versus without acupuncture needles? Do boys and girls differ on mathematical abilities?
Develop the presentation using your research of 5 Business Intelligence tools.
Develop the presentation using your research of 5 Business Intelligence tools.
Develop a Research Question: In your area of interest, think about a research question that could be answered using a hypothesis test for a mean
  For this Discussion please complete the following: Develop a Research Question: In your area of interest, think about a research question that could be answered using a hypothesis test for a mean (see Live Binder video for examples). Write down this research question and explain what your research is trying to investigate. State the Hypotheses: Using your research question, create the null hypothesis that will be tested and the alternative hypothesis. Be sure to use the symbols Ho for...
(a) Based on your research, conduct a competitor analysis using Porter’s five (5) forces to determine...
(a) Based on your research, conduct a competitor analysis using Porter’s five (5) forces to determine the organisation’s competitive advantage. You should identify at least ONE (1) example for each of the FIVE (5) forces.
Explain using both qualitative interviews (4 to 5 interviews) and secondary research tools how COVID-19 might...
Explain using both qualitative interviews (4 to 5 interviews) and secondary research tools how COVID-19 might change the priorities of sustainability dimensions from different stakeholders’ perspectives of an organization in a selected business sector (for example, health sector, education sector, …). Then, discuss how this might reflect on corporate social responsibility practices.
Discuss FIVE (5) tools to be used for the performance measurement in Malaysia Airlines Bhd.
Discuss FIVE (5) tools to be used for the performance measurement in Malaysia Airlines Bhd.
1. Test the series below for convergence using the Root Test. ∞∑n=1 (2n/7n+5)^n The limit of...
1. Test the series below for convergence using the Root Test. ∞∑n=1 (2n/7n+5)^n The limit of the root test simplifies to lim n→∞ |f(n)| where f(n)=    The limit is:     Based on this, the series Diverges Converges 2. Multiple choice question.  We want to use the Alternating Series Test to determine if the series: ∞∑k=4 (−1)^k+2 k^2/√k5+3 converges or diverges. We can conclude that: The Alternating Series Test does not apply because the terms of the series do not alternate. The...
Research, list and explain at least five advantages and five disadvantages of using CAATs
Research, list and explain at least five advantages and five disadvantages of using CAATs
93). Conduct research using the Internet and identify the type of software or management tools that...
93). Conduct research using the Internet and identify the type of software or management tools that you would utilize to help with each of the major steps in developing the project plan. Summarize the software/suite selected and identify its key capabilities, advantages and disadvantages.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT