Multiple Choice
A penetration tester is exploring a client's website. The tester performs a curl command and obtains the following:
* Connected to 10.2.11.144 (::1) port 80 (#0)
> GET /readmine.html HTTP/1.1
> Host: 10.2.11.144
> User-Agent: curl/7.67.0
> Accept: */*
> * Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Date: Tue, 02 Feb 2021 21:46:47 GMT
< Server: Apache/2.4.41 (Debian)
< Content-Length: 317
< Content-Type: text/html; charset=iso-8859-1
< <code><span> <</span>!DOCTYPE html <span>></span>
<span><</span>html lang="en"<span>></span> <span><head <span>></span>
<span><</span>meta name="viewport" content="width=device-width" / <span>> </span>
<span><</span>meta http-equiv="Content-Type" content="text/html; charset=utf-8" / <span>></span>
<span><</span>title <span>>WordPress › ReadMe<span><</span>/title<span>></span>
<span><</span>link rel="stylesheet" href="wp-admin/css/install.css?ver=20100228" type="text/css" /></span> <span><</span>/head> </span></code>
Which of the following tools would be BEST for the penetration tester to use to explore this site further?
A) Burp Suite
B) DirBuster
C) WPScan
D) OWASP ZAP
Correct Answer:
Verified
Correct Answer:
Verified
Q45: A penetration tester wants to scan a
Q46: A penetration tester logs in as a
Q47: During a penetration-testing engagement, a consultant performs
Q48: A penetration tester was able to gain
Q49: A penetration tester discovered a vulnerability that
Q51: A penetration tester has identified several newly
Q52: A new security firm is onboarding its
Q53: A penetration tester conducted a vulnerability scan
Q54: A large client wants a penetration tester
Q55: A penetration tester wants to identify CVEs