What Is Virtualization?

What Is Virualization?

What Is Virtualization? – This Blog gives you an overview of virtualization as it applies to security testers, reviews some virtualization vulnerabilities that security testers should consider, and explains how to create a virtual machine with the free VMware Server. What Is Virtualization? Virtualization and Security Testing A virtual machine is a software-based system that acts like a hardware system. It runs on a software layer called the hypervisor, which can run on a system without an OS installed (called a “bare-metal system”) or on one with an OS, such…

Read More

Phases Of Wireless Deployment

Ten Reasons Hacking Is The Effective Way Test Your Skill

Phases Of Wireless Deployment – At each phase of a wireless network’s life, you have an opportunity to integrate or reintroduce security into the thought process. Let’s take a look at some of the nuances of security at each phase, including new deployments, existing wireless networks, and wireless refresh projects. When deploying a new wireless network, you are in a unique position to do things correctly from the start. Trying to secure a wireless network after you’ve deployed it is never as easy as just doing it from the start.…

Read More

What is Mobile Computing?

What Is Mobile Computing?

What is Mobile Computing? – Through the course of the book, we have looked at some code examples and exercisesthat will enable you to build web apps for Android and Chrome OS using the features available both on the phone and in the cloud. What’s coming though? How are new technologies and trends going to change our development approach? What is presented in this chapter is a developer’s perspective on the potential future of mobile platforms and subsequently applications. Of course, the contents of this blog represent only one possible…

Read More

Krack Attacks

Krack Attacks – This blogs discusses the recently identified KRACK vulnerabilities and explores the current state of the tools that enable the identification of vulnerable devices. This blogs is a deep dive into the inner workings of the WPA2 handshake and is recommended for advanced readers. KRACK Attack KRACK stands for Key Reinstallation AttaCKs. It’s a tranche of vulnerabilities publicly disclosed in October 2017 by a team from KU Leuven. The attack is the exploitation of a fundamental flaw in the WPA2 handshake, allowing resending of a stage of the…

Read More

How to setup Tor on Linux

how to install tor in linux

How to setup Tor on Linux – The Tor browser has packages for Debian, Redhat, and Gentoo Linux platforms. These packages can be downloaded from the official website: www.Torproject.org and installed manually. We explore how you can set up your Tor browser on each of these platforms. Let’s jump in. How to setup Tor browser on Debian/Ubuntu platforms Before you begin the process of installing Tor on your computer, ensure you’re connected to the internet. Here are steps that you should follow to successfully install and use Tor on Debian…

Read More

Sniffing Cryptocurrency Traffic

What is Cryptocurrency?

Sniffing Cryptocurrency Traffic – If you work as an investigator, I feel sure that when you read the title of this chapter regarding sniffing network traffic, you will think of the potential issues involved that could make it difficult or impossible. If you work within government or law enforcement, you will immediately think of the application of wiretap and intercept legislation—here in the UK, this type of activity requires an intercept warrant, which can be difficult to obtain. If you are a civilian investigator, you may assume that this type…

Read More

Capturing Traffic Using Wireshark

capturing traffic using wireshark

Capturing Traffic Using Wireshark – Before we move on to exploitation, we’ll use the Wireshark monitoring tool, as well as other tools, to sniff and manipulate traffic to gain useful information from other machines on the local network. On an internal penetration test, when we’re simulating an insider threat or an attacker who has breached the perimeter, capturing traffic from other systems in the network can give us additional interesting information (perhaps even usernames and passwords) that can help us with exploitation. The trouble is that capturing traffic can produce…

Read More

What Is MITM?

What Is Man In The Middle Attack

What Is MITM? – In this Blogs, we will take a look at how we can conduct advanced attacks using what we have learned so far. We will primarily focus on the Man-in-the-Middle (MITM) attack, which requires a certain amount of skill and practice to conduct successfully. Once we have done this, we will use this MITM attack as a base from which to conduct more sophisticated attacks such as eavesdropping and session hijacking. A Man-in-the-Middle attack MITM attacks are probably one of the most potent attacks on a WLAN…

Read More

Ten Mistake While Doing Hacking?

Ten Mistake While Doing Hacking?

Ten Deadly Mistake While Doing Hacking? – Making the wrong choices in your security testing can wreak havoc on your work and possibly even your career. In this Blog, I discuss ten potential pitfalls to be keenly aware of when performing your security assessment work. Not Getting Approval Getting documented approval in advance, such as an email, an internal memo, or a formal contract for your security testing efforts — whether it’s from management or from your client — is a must. Outside of laws on the books that might…

Read More

How To Detect Sniffing?

How To Detect Sniffing?

How to Detect Sniffing? – It is not easy to detect a sniffer on the network, as sniffers only capture data. A sniffer leaves no trace, since it does not transmit data. Some sniffers can be identified by manually verifying the Ethernet wire. Sometimes, the machine that is doing the sniffing will be in the promiscuous mode, although that is not always true. An investigator can use the reverse DNS lookup method to detect nonstandalone sniffers. The following are the steps involved in detecting sniffing: Check to see if any…

Read More