C Certs Club
Home
Oracle SAP Microsoft Cisco CompTIA Fortinet Salesforce Nutanix Linux Foundation Amazon View All Vendors →
Login Register

The SecOps Group CAPen - Certified AppSec Pentester (CAPen) Certification Exam

Download Exam View Entire Exam
Page: 1 / 1
Question #1 (Topic: demo questions)

Identify email addresses belonging to a company using OSINT techniques.

A.
See the Explanation.
Correct Answer: A
Explanation:
1. Use Hunter.io or theHarvester tool:
theHarvester -d target.com -b google
2. Search Google with: @target.com
3. Use LinkedIn or GitHub advanced search: site:github.com "@target.com"
4. Collect emails for phishing simulation (if permitted).
5. Verify email validity using tools like EmailHippo or Debounce.io.
Discover open directories with potentially sensitive files using Google dorks.
Question #2 (Topic: demo questions)

Discover open directories with potentially sensitive files using Google dorks.

A.
See the Explanation.
Correct Answer: A
Explanation:
Use: intitle:"index of" "parent directory" +passwd
This searches for open directories with file listings containing "passwd".
Replace passwd with other keywords like .sql, .bak, .env, etc.
Confirm findings are in non-sensitive environments or demos.
Access is legal only if no authentication is bypassed or required
Question #3 (Topic: demo questions)

Find public documents on a government site that may contain sensitive metadata using Google dorks.

A.
See the Explanation.
Correct Answer: A
Explanation:
Usethedork: site:gov filetype:pdf
Tofindspecific content, extend it: site:gov filetype:pdf confidential
Downloada few sample PDFs (legally and ethically).
Useexiftool filename.pdf or pdfinfo filename.pdf to extract metadata.
Checkforusernames, software versions, or timestamps that leak OSINT data.
Question #4 (Topic: demo questions)

Use a Google dork to identify login pages of vulnerable sites running PHP.

A.
See the Explanation.
Correct Answer: A
Explanation:
OpenGoogle and use the dork: inurl:login.php intitle:"Login"
Thisquerytargets pages with “login.php” in the URL and “Login” in the title.
Reviewresults and pick non-government, non-critical sites for testing only.
Combinewith site: to target specific domains, e.g., site:.edu.
Validatefindings using a test environment to ensure ethical usage.
Download Exam
Page: 1 / 1
Next Page