Which of the following wordlists is BEST for cracking MD5 password hashes of an application's users from a compromised database?

A client asks a penetration tester to add more addresses to a test currently in progress.
Which of the following would defined the target list?

A penetration tester is testing a web application and is logged in as a lower-privileged user. The tester runs arbitrary JavaScript within an application, which sends an XMLHttpRequest, resulting in exploiting features to which only an administrator should have access.
Which of the following controls would BEST mitigate the vulnerability?

A malicious user wants to perform an MITM attach on a computer. The computer network configuration is given below:
IP: 192.168.1.20
NETMASK: 255.255.255.0
DEFAULT GATEWAY: 192.168.1.254
DHCP: 192.168.1.253
DNS: 192.168.10.10, 192.168.20.10
Which of the following commands should the malicious user execute to perform the MITM attack?

During an engagement an unsecure direct object reference vulnerability was discovered that allows the extraction of highly sensitive PII. The tester is required to extract and then exfil the information from a web application with identifiers 1 through 1000 inclusive. When running the following script, an error is encountered:

Which of the following lines of code is causing the problem?