312-50V13 Question #457: Real Exam Question with Answer & Explanation

Question

In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?

Options

• AShadowsocks
• BCeWL
• CPsiphon
• DOrbot

Explanation

CeWL (Custom Word List Generator) is the correct answer because it is specifically designed to spider a target website and extract words to create custom wordlists, which can then be used for brute-force or password attacks - exactly what Hailey is doing in this scenario.

Why the distractors are wrong:

• Shadowsocks (A) is a secure proxy protocol used to bypass internet censorship and firewalls, not a wordlist generation tool.
• Psiphon (C) is a censorship circumvention tool that provides open access to the internet, unrelated to wordlist creation.
• Orbot (D) is a proxy application for Android that routes traffic through the Tor network for anonymity purposes, not a reconnaissance or wordlist tool.

Memory Tip: Think of CeWL as "crawl" - it crawls (spiders) a website and generates a custom word list from the content it finds. The name itself stands for Custom Word List, making it easy to associate with website-based wordlist generation for brute-force attacks.

No community discussion yet for this question.