Active Reconnaissance and Port Scanning Using Nmap

Nmap, or "Network Mapper," is a network discovery, analysis, and auditing tool utilized by both network defenders and network attackers. As an exceedingly flexible tool with dozens of methods for mapping out networks, Nmap has become a critically acclaimed and well-supported cyber tool. Using Nmap, we can perform network sweeps to discover available hosts on... Continue Reading →

Decrypting HTTPS Traffic

Hypertext Transfer Protocol over SSL (https)  is pretty decent security. This is because https uses the Secure Sockets Layer (SSL) encryption scheme to pass keys between two parties over the Internet. These days, however, most of our Web servers are utilizing Transport Layer Security (TLS), which is an updated version of SSL. Therefore, we refer... Continue Reading →

What is the DARK WEB? How to Access It

Introduction: Ever wonder what lurks on the Dark Web? Hear any scary stories about contract killings? Weapons trading? Sex trafficking? Red rooms? These are all very real (with the exception of "red rooms." They are, by and large, more of a myth). At the surface, we have the Internet or the World Wide Web (WWW).... Continue Reading →

PenTest Edition: Performing a Man-in-the-Middle Attack on a Wireless Network Using Cain & Abel and Wireshark Without Monitor Mode

IntroductionA man-in-the-middle attack occurs when an attacker sits in the middle of the communication between two victim devices, secretly relaying information back and forth on their behalf, similar to a proxy. It can be thought of as active eavesdropping. The attacker cannot only see the communication traveling to-and-from the victim devices, but can also inject... Continue Reading →

Up ↑