يتذكر فهداً رآه على شاشة التلفزيون،
فهدا قويا يحاصر ظبيا رضيعا
وحين دنا منه شم الحليب
فلم يفترسه
كأن الحليب يروض وحش الفلاة
م.د
"حنى الوحوش ترفض أن تفعل مثلكم وتؤذي الطفولة أيها المجرمون"

28‏/01‏/2024

eCPPTv2 - Penetration Testing Professional

 


ECPPTv2 - Penetration Testing Professional from the popular eLearnSecurity Institute and INE is advanced penetration testing training. Prerequisite for this course is completion of the eJPT course . The eCPPTv2 course is one of the most popular courses in penetration testing. This course is comparable to the SEC560 course from the SANS Institute. This course teaches network penetration testing, web penetration testing, WiFi penetration testing and wireless networks, as well as operating system penetration testing. In this course, you will gain a deep understanding of Buffer overflow and Shellcoding, Windows and Linux exploitation, Post Exploitation, Pillaging. In this course you will learn about Ruby and Powershell to carry out attacks as well as build custom Metasploit tool modules and use them to carry out attacks.


Course prerequisites

  • Beginner knowledge in networking topics, protocols used on the Internet
  • Beginner knowledge in penetration testing topics
  • Ability to read and understand code
  • Course specifications
  • Course level: Intermediate
  • Time: 66 hours and 16 minutes
  • Includes: ‌ 83 videos | 30 labs | ‌ 118 slides
  • Master: Fabrizio Siciliano
  • ECPPTv2 Course Content - Penetration Testing Professional
  • System Security
  • Architecture Fundamentals
  • Assembler Debuggers and Tool Arsenal
  • Buffer Overflows
  • Shellcoding
  • Cryptography and Password Cracking
  • Malware
  • Network Security
  • Information Gathering
  • Scanning
  • Enumeration
  • Sniffing & MitM Attacks
  • Exploitation
  • Post Exploitation
  • Anonymity
  • Social Engineering
  • PowerShell for Pentesters
  • PowerShell Fundamentals
  • Offensive PowerShell
  • Linux Exploitation
  • Information Gathering
  • Exploitation over the Network
  • Post Exploitation
  • Web App Security
  • Information Gathering
  • Cross Site Scripting
  • SQL Injections
  • Other Common Web Attacks
  • Wi-Fi Security
  • Prerequisites
  • Environment Setup
  • Wireless Standards and Networks
  • Discover Wi-Fi Networks
  • Traffic Analysis
  • Attacking Wi-Fi Networks
  • Wi-Fi as Attack Vectors
  • Metasploit & Ruby
  • Installation and Fundamentals
  • Control Structures
  • Methods, Variables, and Scope
  • Classes, Modules, and Exceptions
  • Pentesters Prerequisites
  • Input Output
  • Network and OS Interaction
  • The Web
  • Exploitation with Ruby
  • Metasploit

Related posts
بقلم: في ليست هناك تعليقات:

DSploit

DSploit

After playing with the applications installed on the Pwn Pad, I found that the most important application (at least for me) was missing from the pre-installed apps. Namely, DSploit. Although DSploit has tons of features, I really liked the multiprotocol password sniffing (same as dsniff) and the session hijacking functionality.

The DSploit APK in the Play Store was not working for me, but the latest nightly on http://dsploit.net worked like a charm.

Most features require that you and your target uses the same WiFi network, and that's it. It can be Open, WEP, WPA/WPA2 Personal. On all of these networks, DSploit will sniff the passwords - because of the active attacks. E.g. a lot of email clients still use IMAP with clear text passwords, or some webmails, etc. 

First, DSploit lists the AP and the known devices on the network. In this case, I chose one victim client.


In the following submenu, there are tons of options, but the best features are in the MITM section. 


Stealthiness warning: in some cases, I received the following popup on the victim Windows:


This is what we have under the MITM submenu:


Password sniffing

For example, let's start with the Password Sniffer. It is the same as EvilAP and DSniff in my previous post. With the same results for the popular Hungarian webmail with the default secure login checkbox turned off. Don't forget, this is not an Open WiFi network, but one with WPA2 protection!


Session hijack

Now let's assume that the victim is very security-aware and he checks the secure login checkbox. Another cause can be that the victim already logged in, long before we started to attack. The session hijacking function is similar to the Firesheep tool, but it works with every website where the session cookies are sent in clear text, and there is no need for any additional support.

In a session hijacking attack (also called "sidejacking"), after the victim browser sends the authentication cookies in clear text, DSploit copies these cookies into its own browser, and opens the website with the same cookies, which results in successful login most of the time. Let's see session hijacking in action!

Here, we can see that the session cookies have been sniffed from the air:


Let's select that session, and be amazed that we logged into the user's webmail session.




Redirect traffic

This feature can be used both for fun or profit. For fun, you can redirect all the victim traffic to http://www.kittenwar.com/. For-profit, you can redirect your victim to phishing pages.


Replace images, videos

I think this is just for fun here. Endless Rick Rolling possibilities.


Script injection

This is mostly for profit. client-side injection, drive-by-exploits, endless possibilities.

Custom filter

If you are familiar with ettercap, this has similar functionalities (but dumber), with string or regex replacements. E.g. you can replace the news, stock prices, which pizza the victim ordered, etc. If you know more fun stuff here, please leave a comment (only HTTP scenario - e.g. attacking Facebook won't work).

Additional fun (not in DSploit) - SSLStrip 

From the MITM section of DSploit, I really miss the SSLStrip functionality. Luckily, it is built into the Pwn Pad. With the help of SSLStrip, we can remove the references to HTTPS links in the clear text HTTP traffic, and replace those with HTTP. So even if the user checks the secure login checkbox at freemail.hu, the password will be sent in clear text - thus it can be sniffed with DSniff.

HTML source on the client-side without SSLstrip:


HTML source on the client-side with SSL strip:


With EvilAP, SSLStrip, and DSniff, the password can be stolen. No hacking skillz needed.

Lessons learned here

If you are a website operator where you allow your users to login, always:
  1. Use HTTPS with a trusted certificate, and redirect all unencrypted traffic to HTTPS ASAP
  2. Mark the session cookies with the secure flag
  3. Use HSTS to prevent SSLStrip attacks
If you are a user:
  1. Don't trust sites with your confidential data if the above points are not fixed. Choose a more secure alternative
  2. Use HTTPS everywhere plugin
  3. For improved security, use VPN
Because hacking has never been so easy before.
And last but not least, if you like the DSploit project, don't forget to donate them!
Related word
بقلم: في ليست هناك تعليقات:

Facebook Plans To Launch Its Own Cryptocurrency

Facebook Plans To Launch Its Own Cryptocurrency

Facebook Plans To Launch Its Own Cryptocurrency

Facebook Plans To Launch Its Own Cryptocurrency

The social network giant, Facebook is going through a bad phase with lots of ups and down. The recent scandal with Cambridge Analytica has caused the world's largest social network giant Facebook to change its stance on user privacy and to be more transparent about its use of the data it collects.
Since then, some social networks based in Blockchain have been popularized, namely Sphere, Steemit, and Howdoo. However, recently, something unusual announcement is announced by the social network giant Facebook itself, in which Facebook stated that it is investing in a Blockchain-based solution development team, but, the purpose of the project is not yet known.
It was with a post on the Facebook page that David Marcus confirmed his departure from the Messenger team and the creation of a small group dedicated to finding solutions based on the potential of Blockchain technology for Facebook.
David Marcus has not given much detail on the work he will do with his new group, saying only that they will study Blockchain from scratch so that they can use this revolutionary technology for Facebook.
"I'm setting up a small group to explore how to leverage Blockchain across Facebook, starting from scratch," stated David Marcus.
Despite being connected to Facebook's Messenger since 2014, David Marcus is no novice in these financial issues related to money transfers. In addition to having introduced the possibility of P2P payments in Messenger itself, David Marcus was President of PayPal and CEO of Zong, a company dedicated to payments on mobile devices.
However, his experience in this segment does not allow us to conclude that Facebook will create or support a crypto coin, but, it also doesn't mean that it will launch or support any crypto coin of its own. Blockchain technology has become famous thanks to crypto-coins, especially Bitcoin, but its potential expands dramatically to other areas.
The potential of Blockchain goes from the crypto-coins to the creation of real ecosystems online, supported by the users of the network. Sharing and storing data is a legacy that Blockchain allows you to explore and maybe the fact that Facebook will use it in your favor.
The lead post in Messenger was then handed over to Stan Chudnovsky, who now heads one of the most widely used communication services around the world, alongside WhatsApp.
Rumors also point out that James Everingham and Kevin Weil, both from Instagram, will also join David Marcus in this new onslaught of Facebook to one of today's most acclaimed technologies.

Read more


  1. Pentest Tools Url Fuzzer
  2. Black Hat Hacker Tools
  3. Hacking Tools Kit
  4. Growth Hacker Tools
  5. What Are Hacking Tools
  6. Hack Tools Download
  7. Hacking Tools Github
  8. Hacking Tools For Windows 7
  9. Hacker Tools Mac
  10. Tools 4 Hack
  11. Hacking Tools For Games
  12. Pentest Tools For Mac
  13. Hacker Tools Software
  14. Hacking Tools For Windows Free Download
  15. Growth Hacker Tools
  16. Pentest Tools Framework
  17. How To Install Pentest Tools In Ubuntu
  18. Hacker Hardware Tools
  19. Hacking Tools For Windows
  20. Pentest Tools Kali Linux
  21. Hackrf Tools
  22. World No 1 Hacker Software
  23. Pentest Tools For Mac
  24. Hacking Tools Free Download
  25. Hacker Tools Apk
  26. Hackers Toolbox
  27. Hacker
  28. Hacking Tools
  29. Pentest Tools For Mac
  30. Hacker Tool Kit
  31. Easy Hack Tools
  32. Hacker Tools
  33. Hacker Tools For Ios
  34. Pentest Reporting Tools
  35. Pentest Tools Open Source
  36. Tools 4 Hack
  37. Best Hacking Tools 2020
  38. Hack Tools
  39. Nsa Hacker Tools
  40. Blackhat Hacker Tools
  41. Hacking App
  42. Hacking Tools For Pc
  43. Hack Tools
  44. Pentest Tools Nmap
  45. Hack Tools Online
  46. Hacking Tools Pc
  47. Hack Tools Github
  48. Hacking Tools Name
  49. Hack Tools Github
  50. Nsa Hack Tools Download
  51. Easy Hack Tools
  52. Pentest Tools Online
  53. Github Hacking Tools
  54. Hack Tools Github
  55. Pentest Tools Bluekeep
  56. Nsa Hacker Tools
  57. Hacker Tools Online
  58. Hacking Tools Windows
  59. How To Install Pentest Tools In Ubuntu
  60. Pentest Tools
  61. Hacker Tools For Mac
  62. World No 1 Hacker Software
  63. Hack Tools For Windows
  64. Black Hat Hacker Tools
  65. Growth Hacker Tools
  66. How To Make Hacking Tools
  67. Kik Hack Tools
  68. Pentest Tools
  69. Install Pentest Tools Ubuntu
  70. Pentest Tools For Windows
  71. Hacking Tools Hardware
  72. Hackers Toolbox
  73. Hacking Tools Pc
  74. Best Hacking Tools 2019
  75. Hack Tool Apk No Root
  76. Tools For Hacker
  77. Hacking Tools And Software
  78. Computer Hacker
  79. Hacker Tools Apk Download
  80. Hacker Tools 2019
  81. Free Pentest Tools For Windows
  82. Pentest Tools For Ubuntu
  83. Pentest Tools Website Vulnerability
  84. Pentest Tools Nmap
  85. Hacker Tools List
  86. Pentest Tools Tcp Port Scanner
  87. Underground Hacker Sites
  88. Hacks And Tools
  89. Hack Tools Github
  90. Hacker Tools Free Download
  91. Hacking Tools For Mac
  92. Pentest Tools For Ubuntu
  93. What Are Hacking Tools
  94. Hak5 Tools
  95. Hacker Tools Free Download
  96. Growth Hacker Tools
  97. Hacker Tools 2020
  98. Hacking Tools 2020
  99. Kik Hack Tools
  100. Top Pentest Tools
  101. World No 1 Hacker Software
  102. Termux Hacking Tools 2019
  103. Pentest Tools Open Source
  104. Hack App
  105. Ethical Hacker Tools
  106. Hacker Hardware Tools
  107. Hacker Tools For Windows
  108. Hack Apps
  109. Nsa Hack Tools
  110. Hacker Tools 2019
  111. Hacker
  112. Pentest Tools Port Scanner
  113. What Is Hacking Tools
  114. Hack Website Online Tool
  115. Hack Tools For Windows
  116. Computer Hacker
  117. Physical Pentest Tools
  118. Best Pentesting Tools 2018
  119. Best Hacking Tools 2019
  120. Pentest Automation Tools
  121. Hacker Tools Mac
  122. Tools Used For Hacking
  123. Hacking Apps
  124. Black Hat Hacker Tools
  125. Hacker Security Tools
  126. How To Install Pentest Tools In Ubuntu
  127. Hacking Tools Windows 10
  128. Pentest Tools Review
  129. Hacker Tools List
  130. Hack Tools Mac
  131. Pentest Tools Port Scanner
  132. Physical Pentest Tools
  133. Hacking Tools For Windows 7
  134. Hacking Tools For Mac
  135. Hacker Tools 2020
  136. Pentest Tools For Windows
  137. Hack Tools For Mac
  138. Termux Hacking Tools 2019
  139. Hacking Tools Usb
  140. Hacking Tools Download
  141. Hacking Tools For Beginners
  142. Tools 4 Hack
  143. Pentest Tools Download
  144. Hacking Tools Mac
  145. Hacker Hardware Tools
  146. Best Hacking Tools 2019
بقلم: في ليست هناك تعليقات:
الاشتراك في: الرسائل (Atom)