Certs Vault
See all results for ""
Home Exams
CRISC ISACA CISSP ISC2 200-301 Cisco SY0-701 CompTIA AZ-104 Microsoft AI-900 Microsoft AIGP IAPP 1Z0-1067-26 Oracle View All Exams →
Sign in Create account

Certified AppSec Pentester (CAPen) CAPen Exam Questions

Preparing for the CAPen exam is simple with Certs Vault. We offer easy-to-understand study materials that help you learn the most important exam topics. You can study using our PDF questions, practice online with a real exam-style test, or use the desktop practice software. Choose the study method that works best for you and prepare at your own pace.

At Certs Vault, we keep our CAPen practice questions up to date. Whenever the exam syllabus or objectives change, we update our study materials so you always learn the latest topics. This helps you save time, avoid outdated content, and feel more confident when you take your exam.

Download Exam View Entire Exam
Page: 1 / 1
Question #1 (Topic: demo questions)

Identify email addresses belonging to a company using OSINT techniques.

A.
See the Explanation.
Correct Answer: A
Explanation:
1. Use Hunter.io or theHarvester tool:
theHarvester -d target.com -b google
2. Search Google with: @target.com
3. Use LinkedIn or GitHub advanced search: site:github.com "@target.com"
4. Collect emails for phishing simulation (if permitted).
5. Verify email validity using tools like EmailHippo or Debounce.io.
Discover open directories with potentially sensitive files using Google dorks.
Question #2 (Topic: demo questions)

Discover open directories with potentially sensitive files using Google dorks.

A.
See the Explanation.
Correct Answer: A
Explanation:
Use: intitle:"index of" "parent directory" +passwd
This searches for open directories with file listings containing "passwd".
Replace passwd with other keywords like .sql, .bak, .env, etc.
Confirm findings are in non-sensitive environments or demos.
Access is legal only if no authentication is bypassed or required
Question #3 (Topic: demo questions)

Find public documents on a government site that may contain sensitive metadata using Google dorks.

A.
See the Explanation.
Correct Answer: A
Explanation:
Usethedork: site:gov filetype:pdf
Tofindspecific content, extend it: site:gov filetype:pdf confidential
Downloada few sample PDFs (legally and ethically).
Useexiftool filename.pdf or pdfinfo filename.pdf to extract metadata.
Checkforusernames, software versions, or timestamps that leak OSINT data.
Question #4 (Topic: demo questions)

Use a Google dork to identify login pages of vulnerable sites running PHP.

A.
See the Explanation.
Correct Answer: A
Explanation:
OpenGoogle and use the dork: inurl:login.php intitle:"Login"
Thisquerytargets pages with “login.php” in the URL and “Login” in the title.
Reviewresults and pick non-government, non-critical sites for testing only.
Combinewith site: to target specific domains, e.g., site:.edu.
Validatefindings using a test environment to ensure ethical usage.
Download Exam
Page: 1 / 1
Next Page