Category: Software Topics

PenTest Edition: Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 1 – Setup]

Before I start, I hope you already have a great understanding of 802.11 networks! A "Fake Access Point (AP)" is a type of wireless network attack in which an attacker uses software to create a malicious AP that is live and broadcasting out to wireless clients. Fake APs are rogue, and often times, the Service ...

PenTest Edition: Using “theHarvester” to Gather E-mail accounts, Subdomains, Hosts, LinkedIn Users, Banner Information, and More!

theHarvester is a neat information-gathering tool used by both ethical and non-ethical hackers to scrape up emails, subdomains, hosts, employee names, open ports, and banners from different public sources like popular search engines, PGP key servers, and the Shodan database. This program is particularly useful during the reconnaissance phase of gathering Open Source Intelligence (ONSIT). The ...

PenTest Edition: Using Shodan to Locate Internet-Connected Devices (Webcams, Servers, Routers, and More)

With Shodan, there's no hiding on the Internet. Shodan is a search engine that allows users to locate devices that are connected to the Internet, such as webcams, routers, servers, traffic lights, baby monitors, SCADA systems, Internet of Things (IoT) devices, and so forth. Shodan began back in 2009 as a small project created by ...

The Recent 4G LTE Network Vulnerabilities and Attacks

In this blog post, I'll discuss the design and operation of a 4G LTE network. In hindsight, I realize topics such as these can get extremely lengthy. For that reason, I'll limit this discussion down to only the necessary technical details required to understand these new LTE attacks, while excluding any complicating, non-essentials. These new ...

PenTest Edition: Cracking Strong WPA2 Wi-Fi Passwords Using Fluxion

Fluxion Is The Future! Fluxion is accurately just a Wi-Fi analysis tool that comes with a list of very useful penetration testing programs, such as Aircrack-ng, Aireplay-ng, Airodump-ng, awk, bully, curl, dhcpd, hostapd, lighttpd etc. It is a remake of linset by vk496, available on Github. Unlike many other Wi-Fi analysis tools that use a dictionary ...