Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) Setup tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 (optional) sudo python . Running sslstrip That should do it. How does this work? First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. At this point, sslstrip receives the traffic and does its magic. Development The current development branch can be found on github.
Aquila Online | A South African Blog Backtrack alternative Xiaopan OS is a small Tiny Core Linux based operating system specific for wireless penetration testing, it comes with the XFE desktop environment, a very lightweight graphical front end, the distribution can run as a live CD, from a USB thumbdrive with Unetbootin or used inside a virtual machine. Numerous wireless card controllers are supported, including Atheros and Broadcom, the most widely used chipsets. As a result of the distribution being based on Tiny Core Linux all of the .tcz precompiled packages available for Tiny Core can be installed in Xiopan using the TCL Appbrowser, non hacking utilities like games, media player, CD burner, VoIP software and Truecrypt can all be optionally added to Xiopan OS. Wifi hacking Linux distribution Xiaopan This Linux live CD is first class penetration testing tool to audit wireless access points security and replaces Beini, a very similar distribution no longer active. Xiaopan Linux WPA2 hacking Visit Xiaopan OS homepage
...seeking serenity Cloud computing In common usage, the term "the cloud" is essentially a metaphor for the Internet.[1] Marketers have further popularized the phrase "in the cloud" to refer to software, platforms and infrastructure that are sold "as a service", i.e. remotely through the Internet. Typically, the seller has actual energy-consuming servers which host products and services from a remote location, so end-users don't have to; they can simply log on to the network without installing anything. The major models of cloud computing service are known as software as a service, platform as a service, and infrastructure as a service. Network-based services, which appear to be provided by real server hardware and are in fact served up by virtual hardware simulated by software running on one or more real machines, are often called cloud computing. Advantages[edit] The cloud also focuses on maximizing the effectiveness of the shared resources. Hosted (Host) services[edit] History[edit] The 1950s[edit] The 1960s–1990s[edit]
gregoogle Linux and Open source Understanding Nmap Commands: In depth Tutorial with examples Article by James Hawkins As we all know, Nmap (Network Mapper) is a stealth port scanner widely used by network security experts (including forensics & Pen-testing Experts). In this article we’ll see the different types of Nmap Scans, its techniques, understanding the purpose and goals of each scan , its advantages or disadvantages over other scanning tools, which could be better at evading firewalls & IDS (To a certain extent) and much more. Let’s start with one of the most basic and default scan, the one without using any parameters. This is a basic scan of the local IP address 192.168.1.34, we use sudo to gain administrator privileges, and then we give the target to Nmap. Note there is a space between each complete ip address, in above example we have used 4 target ip addresses to do the scan at once Discovery Before scanning a target port, Nmap will attempt to send ICMP echo request to see if the remote host is “alive”. Port scanning options Performing Fast scan: Scan Ports by name
Goozeberry: A Blog for the Future Sybil attack Description[edit] In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence. A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. An entity on a peer-to-peer network is a piece of software which has access to local resources. A faulty node or an adversary may present multiple identities to a peer-to-peer network in order to appear and function as multiple distinct nodes. Prevention[edit] Validation techniques can be used to prevent Sybil attacks and dismiss masquerading hostile entities. See also[edit] Ballot stuffing References[edit]
the other side of the mountain trustedsec/social-engineer-toolkit Oodlesofnoodlesoffun The Lazy Guide to Installing Knoppix on a USB Key Knoppix, the famous live Linux CD that practically started the live CD trend, needs no introduction to most people. One of the things that's so great about it is that you can take it with you and boot to a familiar Linux environment on almost any modern computer, without touching the OS that's already installed on it. Of course, it can be even more portable when it runs entirely off of an inexpensive USB key. So let's install it to a 1 GB USB key, and create a persistent home directory in which to store files. You will need a copy of the latest Knoppix CD (v5.1.1 as of this writing) and, of course, a 1 GB USB key. A note about the mysterious art of booting from USB keys. Generally speaking, there are two ways of booting from a USB key. The current way is to simply treat the USB key as if it were a hard drive. To get started, boot from the Knoppix CD. 1. 2. Next, insert your USB key. 3. When you're ready, click the Apply button. 4. 5. syslinux /dev/sda1 6. 7. 8. 9. 10. 11. 12. 13. 14. 15.
Nomad’s land Old Town Square Prague is said to be one of the most beautiful cities in Europe. If you ever have the slightest chance of visiting it, do so. When visiting a country, I want to have the facts beforehand to prepare myself, and it is notoriously difficult to find all the practical info you need, even online at Tripadvisor, Travelwiki, etc. MoneyYou will be needing Czech Koruny (CZK) to pay for things in Prague, since attempting to pay in Euros is often considered an insult and will not be accepted in most places. Far easier and cost effective is to take your Visa/Mastercard and draw money at a Prague ATM when you need it. Communication If you just want to be able to SMS, enable SMS roaming on your Vodacom SIM by SMSing “ROAMON” to 123. Otherwise, buy a Czech SIM card at the airport for 200 CZK which gives you 200 CZK worth of airtime. Navigation and transportGet yourself an iPhone, seriously. Prague has four major modes of public transportation: Trams, Trains, Bus and Taxis.