Category: Software Topics

PenTest Edition: Cracking WEP, WPS, WPA, and WPA2 Wi-Fi Networks with the “Fern Wi-Fi Cracker” Tool

Here's a fun assessment you can perform on your home network. I'm running Kali Linux 2018.1 in a virtual machine using VMware Workstation Player. My wireless network adapter is an Alfa AWUS036NHA with a 9dBi omni-directional antenna. Penetration testers may use the Fern Wi-Fi cracker as a security auditing tool to test the security of ...

PenTest Edition: Active Reconnaissance and Port Scanning Using Nmap

Nmap, or "Network Mapper," is a network discovery, analysis, and auditing tool utilized by both network defenders and network attackers. As an exceedingly flexible tool with dozens of methods for mapping out networks, Nmap has become a critically acclaimed and well-supported cyber tool. Using Nmap, we can perform network sweeps to discover available hosts on ...

PenTest Edition: My Favorite Wi-Fi Hacking Tools – 2018

Penetration testing and security analysis is an integral aspect of cybersecurity. The ability to master some of these tools is certainly indispensable. Penetration testers and other cybersecurity professionals use these tools everyday to examine the security posture of their networks. All of these tools are free to download; however, whether you can use them or ...

Kerberos Authentication

Kerberos is a Single Sign-On (SSO) authentication protocol developed by the Massachusetts Institute of Technology in the 1980s. It is also a written standard in RFC 4120. As an SSO technology, users don't have to worry about entering different login credentials every time they access a resource. If we didn't have SSO technology, it wouldn't ...

PenTest Edition: Creating A Man-in-the-Middle Attack using Cain & Abel [Tutorial]

A man-in-the-middle attack occurs when an attacker sits in the middle of the communication between two victim devices, secretly relaying information back-and-forth on their behalf. It can be thought of as active eavesdropping. The attacker cannot only see the communication traveling to-and-from the victim devices, but can also inject his own malicious traffic. With this ...