All posts by thecybersecurityman

PenTest Edition: Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 1 – Setup]

Before I start, I hope you already have a great understanding of 802.11 networks! A "Fake Access Point (AP)" is a type of wireless network attack in which an attacker uses software to create a malicious AP that is live and broadcasting out to wireless clients. Fake APs are rogue, and often times, the Service ...

PenTest Edition: Using “theHarvester” to Gather E-mail accounts, Subdomains, Hosts, LinkedIn Users, Banner Information, and More!

theHarvester is a neat information-gathering tool used by both ethical and non-ethical hackers to scrape up emails, subdomains, hosts, employee names, open ports, and banners from different public sources like popular search engines, PGP key servers, and the Shodan database. This program is particularly useful during the reconnaissance phase of gathering Open Source Intelligence (ONSIT). The ...

The Need-to-Know Encryption Algorithms

We use encryption for a lot of things...a LOT. For example, we use encryption to protect our web traffic, file transfers, emails, and data storage. It plays a big role in cybersecurity; it's what provides us the data confidentiality we need. Below is a helpful table that summarizes the encryption algorithms required to know for ...

An Intermediate-level Discussion on Network Switches

A "switch" is a Data Link (layer 2) device responsible for receiving, processing, and forwarding network traffic based on destination MAC addresses. Modern day switches are "smart" and manageable, either from a web console or a command-line interface (CLI). Due to the fact that they break apart collision domains, eliminate collisions, provide full-duplex communication, and ...