PenTest Edition: Create Evil Twin on Your Home Network Using dnsmasq and hostapd
As promised in Creating an Evil Twin or Fake Access Point Using Aircrack-ng and Dnsmasq [Part 2 - the Attack], here is another way we can create an evil twin. In this demonstration, I am going to use hostapd instead of Aircrack-ng. I personally think hostapd is better solely due to the fact that we can ...
PenTest Edition: Creating an Evil Twin or Fake Access Point on Your Home Network Using Aircrack-ng and Dnsmasq [Part 2 – the Attack]
If you haven't already begun the initial startup, you'll need to go back to PenTest Edition: Creating an Evil Twin or Fake Access Point on Your Home Network Using Aircrack-ng and Dnsmasq [Part 1 - Setup] and update Aircrack-ng and configure the dnsmasq configuration file. After that, you can come back here and begin the ...
PenTest Edition: Creating an Evil Twin or Fake Access Point on Your Home Network Using Aircrack-ng and Dnsmasq [Part 1 – Setup]
Before I start, I hope you already have a great understanding of 802.11 networks! A "Fake Access Point (AP)" is a type of wireless network attack in which an attacker uses software to create a malicious AP that is live and broadcasting out to wireless clients. Fake APs are rogue, and often times, the Service ...
PenTest Edition: Evade Detection Using Tor and Proxy Chains
"Goodluck, I'm behind 7 proxies." Hackers (or at least good hackers) hide their IP address so they can evade detection from security admins or security system logs, such as firewalls and Intrusion Detection Systems. Every time we send information out on the Internet from our computers, each packet contains an IP header, which stores the ...
PenTest Edition: Using “theHarvester” to Gather E-mail accounts, Subdomains, Hosts, LinkedIn Users, Banner Information, and More!
theHarvester is a neat information-gathering tool used by both ethical and non-ethical hackers to scrape up emails, subdomains, hosts, employee names, open ports, and banners from different public sources like popular search engines, PGP key servers, and the Shodan database. This program is particularly useful during the reconnaissance phase of gathering Open Source Intelligence (ONSIT). The ...
The Cybersecurity Man 