Which tool can a penetration tester use to query and obtain data about hosts, websites, and certificates to assist in identifying potential security risks and misconfigurations?
Censys is the correct answer because it scans the internet for information about hosts, websites, and certificates, providing searchable data that penetration testers can use to find security risks and misconfigurations. 'Nessus' is an incorrect answer because it is a vulnerability scanner rather than a searchable database of internet-connected devices. 'John the Ripper' is a password-cracking tool, not an OSINT tool. 'WiGLE' is used for mapping wireless networks and is not designed to provide the same type of host, website, and certificate information.