HTTP Request The following script will issue an HTTP request: import requests from colorama import Fore, Back, Style proxies = {'http':'http://127.0.0.1:8080','https':'http://127.0.0.1:8080'} req...

DnSpy We use dnSpy and attempt to decompile an executable’s code. We’ll drag the test.exe file to the dnSpy window, which automatically triggers the decompilation process in dnSpy. To view the ...

Técnicas para capturar un Handshake A continuación, se representan distintas técnicas con el propósito de capturar un Handshake de la red fijada como objetivo. Ataque de deautenticación dirigido ...

WEP Fake Authentication Attack # Monitor Mode airmon-ng start wlan0 # Capturing Traffic airodump-ng –c <Canal_AP> --bssid <BSSID> -w <nombreCaptura> wlan0mon # Identifying our ow...

Basics WPA Enterprise uses Extensible Authentication Protocol (EAP) Authentication is done using a Remote Authentication Dial-In User Service (RADIUS) server. Authentication to a RADIUS serv...

Attacking Captive Portals Captive portals are often set up on unencrypted or open networks to allow guests or employees to easily connect to the network or Internet, sometimes without credentials. ...

A rogue AP is an AP in use that has not been authorized by a local network administrator. This could take the form of an AP plugged into a network without the administrator’s knowledge. Creating a...

WPS WPS makes configuring new devices easier for users with little networking or security knowledge. For the most part, all they have to do is input a PIN code or push a button. Method to authent...

John The Ripper The rules to mutate passwords are in /etc/john/john.conf Rule to add 2 and 3 numbers at the end of the password: $[0-9]$[0-9] $[0-9]$[0-9]$[0-9] Use –rules with jo...

Hashcat Hashcat is a password cracking tool that was developed to primarily operate on systems with Graphical Processing Units (GPUs) from NVIDIA, AMD, and Intel. A utility that is specifically r...