Q. How can you search for an exploit in Metasploit based on the CVE ID?

View solution

Q. How can you tell Metasploit to use a specific exploit after identifying it?

View solution

Q. What are the three types of exploit modules in Metasploit?

View solution

Q. What is the default payload for the Metasploit Meterpreter?

View solution

Q. What is the purpose of the "rhost" setting in Metasploit modules?

View solution

Q. When might you need to set the "rport" setting in a Metasploit module?

View solution

Q. What command is used to attempt the exploit after selecting an exploit and payload in Metasploit?

View solution

Q. How can you escalate privileges after connecting with Meterpreter?

View solution

Q. What is PowerSploit?

View solution

Q. What is the primary purpose of BloodHound?

View solution

Q. What role does SharpHound play in conjunction with BloodHound?

View solution

Q. Why might a penetration tester use BloodHound before using tools like PowerSploit or Empire?

View solution

Q. What is PsExec, and how is it commonly used in penetration testing?

View solution

Q. How can a penetration tester enable remote PowerShell command execution on Windows systems?

View solution

Q. What setting must be configured if remote systems are not part of the same domain in order to enable PowerShell remoting?

View solution

Q. What does WMI stand for, and what capabilities does it offer for penetration testers?

View solution

Q. What is the purpose of fileless malware in penetration testing?

View solution

Q. What is the concept of "living off the land" in penetration testing?

View solution

Q. How can a scheduled task be created to run the calculator application once a day at 8:00 a.m. on a Windows system using the command line?

View solution

Q. How does cron work on Linux or Unix systems for scheduling tasks?

View solution