` into a search field on a web application. The subsequent results page immediately executes the script, and an alert box appears. The script is not stored on the server in any permanent way. What type of Cross-Site Scripting (XSS) vulnerability has been identified?","acceptedAnswer":{"@type":"Answer","text":"Reflected XSS"},"suggestedAnswer":[{"@type":"Answer","text":"Stored XSS"},{"@type":"Answer","text":"DOM-based XSS"},{"@type":"Answer","text":"Server-Side XSS"}]},{"@type":"Question","position":2,"name":"A penetration tester needs to discover hidden directories and files on a web server by using a wordlist to brute-force common names. Which of the following command-line tools is specifically designed for this purpose and is known for its speed?","acceptedAnswer":{"@type":"Answer","text":"Gobuster"},"suggestedAnswer":[{"@type":"Answer","text":"Nmap"},{"@type":"Answer","text":"Wireshark"},{"@type":"Answer","text":"Metasploit"}]},{"@type":"Question","position":3,"name":"While testing a login form, a junior pentester enters `' OR 1=1 --` into the username field and a random string in the password field. They successfully bypass authentication and gain access to an account. This is a classic example of which vulnerability?","acceptedAnswer":{"@type":"Answer","text":"SQL Injection (SQLi)"},"suggestedAnswer":[{"@type":"Answer","text":"Cross-Site Scripting (XSS)"},{"@type":"Answer","text":"Cross-Site Request Forgery (CSRF)"},{"@type":"Answer","text":"Insecure Deserialization"}]},{"@type":"Question","position":4,"name":"Within Burp Suite, which tool is primarily used to act as a man-in-the-middle, allowing a tester to intercept, view, and modify all HTTP/S requests and responses between their browser and the target application in real-time?","acceptedAnswer":{"@type":"Answer","text":"Proxy"},"suggestedAnswer":[{"@type":"Answer","text":"Intruder"},{"@type":"Answer","text":"Repeater"},{"@type":"Answer","text":"Decoder"}]},{"@type":"Question","position":5,"name":"A tester discovers a URL `http://example.com/app/profile?view=user.php`. By changing the URL to `http://example.com/app/profile?view=../../../../etc/passwd`, the contents of the server's password file are displayed. Which vulnerability has been exploited?","acceptedAnswer":{"@type":"Answer","text":"Local File Inclusion (LFI)"},"suggestedAnswer":[{"@type":"Answer","text":"Server-Side Request Forgery (SSRF)"},{"@type":"Answer","text":"Remote File Inclusion (RFI)"},{"@type":"Answer","text":"Command Injection"}]},{"@type":"Question","position":6,"name":"Which of the following best describes the primary goal of a Cross-Site Request Forgery (CSRF) attack?","acceptedAnswer":{"@type":"Answer","text":"To trick an authenticated user's browser into sending an unintended, state-changing request to a web application."},"suggestedAnswer":[{"@type":"Answer","text":"To execute malicious scripts in the victim's browser to steal session cookies."},{"@type":"Answer","text":"To inject malicious SQL queries into a back-end database through user input fields."},{"@type":"Answer","text":"To include and execute a malicious file from a remote server within the context of the target application server."}]}]}