The command gobuster dir -u http://example.com -w /path/to/wordlist.txt is used to:

Brute-force directories and files on a web server

Brute-force usernames and passwords

When exploring a remote code execution (RCE) vulnerability in a web application, what is the first thing an attacker usually tries to do after gaining initial access to the system?

Escalate privileges and gain full control of the system

Explore more external vulnerabilities

Change permissions for all users

Quiz sobre Ferramentas de Segurança

Authored by David Russo

English

Professional Development

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

10 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does the Nikto tool do?

Checks for vulnerabilities in databases

Checks web servers for known vulnerabilities

Performs brute force attacks

Exploits vulnerabilities in operating systems

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which Nmap command is used to detect the operating system running on a machine?

nmap -sV

nmap -O

nmap -A

nmap -sn

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which Wfuzz command can be used to perform a brute-force on subdomains?

wfuzz -z list http://example.com/FUZZ

wfuzz -z file,subdomains.txt http://FUZZ.example.com

wfuzz -c -w subdomains.txt http://FUZZ.example.com

wfuzz -z list,users.txt http://example.com/FUZZ

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which Gobuster mode is used to force the discovery of subdomains?

dir

dns

vhost

url

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the exploit commonly used to exploit the vulnerability in vsftpd 2.3.4, a version known to have a backdoor?

exploit/unix/ftp/vsftpd_234_backdoor

exploit/unix/webapp/joomla_php_upload

exploit/windows/smb/ms08_067_netapi

exploit/multi/http/tomcat_mgr_deploy

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What type of information can be obtained with the basic Nikto command nikto -h http://example.com?

Vulnerabilities in local applications

Information about vulnerabilities in web servers

Enumerate directories and hidden files

Perform brute-force of credentials

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

How can Nmap be used to check the versions of services running on a machine?

nmap -O

nmap -sS

nmap -sV

nmap -Pn

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

8 questions

Causatives Have, Get_Part 2

Quiz

•

Professional Development

13 questions

Azure Security Quiz

Quiz

•

Professional Development

7 questions

Working with words-projects

Quiz

•

Professional Development

7 questions

Outcomes Upper-inter U5 Time Out

Quiz

•

Professional Development

Popular Resources on Wayground

10 questions

Fire Safety Quiz

Quiz

•

12th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

36 questions

6th Grade Math STAAR Review

Quiz

•

6th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for English

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

21 questions

Illinois Science Assessment

Quiz

•

Professional Development

17 questions

Filling out Forms

Quiz

•

Professional Development

Quiz sobre Ferramentas de Segurança

What does the Nikto tool do?

Which Nmap command is used to detect the operating system running on a machine?

Which Wfuzz command can be used to perform a brute-force on subdomains?

Which Gobuster mode is used to force the discovery of subdomains?

What is the exploit commonly used to exploit the vulnerability in vsftpd 2.3.4, a version known to have a backdoor?

What type of information can be obtained with the basic Nikto command nikto -h http://example.com?

How can Nmap be used to check the versions of services running on a machine?

Which option in Wfuzz should be used to ignore HTTP status code 404 during a brute-force of directories?

The command gobuster dir -u http://example.com -w /path/to/wordlist.txt is used to:

When exploring a remote code execution (RCE) vulnerability in a web application, what is the first thing an attacker usually tries to do after gaining initial access to the system?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for English