nerdexam
EC-Council

312-50V11 · Question #921

You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page. What Is the best Linux pipe to achieve your milestone?

The correct answer is C. wget https://stte.com | grep "< a href=\*http" | grep "site.com". During web reconnaissance, wget piped through grep can extract anchor href hyperlinks from a webpage's raw HTML source for initial link harvesting.

Footprinting and Reconnaissance

Question

You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page. What Is the best Linux pipe to achieve your milestone?

Options

How the community answered

(27 responses)
  • A
    7% (2)
  • B
    11% (3)
  • C
    78% (21)
  • D
    4% (1)

Why each option

During web reconnaissance, wget piped through grep can extract anchor href hyperlinks from a webpage's raw HTML source for initial link harvesting.

Adirb https://site.com | grep "site"

dirb is a web directory and file brute-forcing tool that enumerates hidden server paths, not a tool for parsing or extracting hyperlinks from a page's existing HTML content.

Bcurl -s https://sile.com | grep `'< a href-\'http" | grep "Site-com- | cut -d "V" -f 2

While curl is well-suited for HTTP requests and output piping, the syntax shown contains malformed backticks, broken grep patterns, and incorrect quoting that would prevent successful execution and link extraction.

Cwget https://stte.com | grep "< a href=\*http" | grep "site.com"Correct

The wget command retrieves the full raw HTML source of the target page, and chaining its output through grep filters for lines containing anchor href attributes pointing to external links, making it an effective command-line method for harvesting all links from a page during the reconnaissance phase of a penetration test.

Dwgethttps://site.com | cut-d"http-

The wget command shown is missing required spaces between the command and its URL argument and lacks proper flags or pipe syntax, making it syntactically invalid as a pipeline command.

Concept tested: Web reconnaissance link harvesting with Linux command pipeline

Source: https://www.gnu.org/software/wget/manual/wget.html

Topics

#web scraping#link extraction#Linux reconnaissance commands#wget

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice