What is Nmap?
Network Mapped (Nmap) is a network scanning and host detection tool that is very useful during several steps of penetration testing. Nmap is not limited to merely gathering information and enumeration, but it is also powerful utility that can be used as a vulnerability detector or a security scanner.
What is Maltego?
Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.
What is Website Cloning and SE Toolkit?
Website cloning is an action to create an exact copy of a website, which usually used to find vulnerabilities and develop exploits on the cloned website. In this case, website cloning is used to act as a fake website that will receive input from users such as login credential.
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.
What is Smartphone hacking and MSFvenom?
Smart phone hacking is a practice whereby a third party gains access to an individual’s smartphone through a variety of methods, mostly using a dangerous application that provide remote access to the listener or hacker.
MSFvenom is an instance of Metasploit framework and a combination of Msfpayload and Msfencode. msfvenom replaced both msfpayload and msfencode5.
What is Metasploit?
Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop, and hit Enter.
Metasploit Framework is a software platform for developing, testing, and executing exploits. It can be used to create security testing tools and exploit modules and also as a penetration testing system.
The Metasploit Framework is a Ruby-based, modular penetration testing platform that enables you to write, test, and execute exploit code. The Metasploit Framework contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. At its core, the Metasploit Framework is a collection of commonly used tools that provide a complete environment for penetration testing and exploit development.
What is Burp Proxy?
Burp Proxy lies at the heart of Burp’s user-driven workflow. It operates as a web proxy server between your browser and target applications, and lets you intercept, inspect and modify the raw traffic passing in both directions.
Burp Suite Proxy also gives you a direct view into how your target application works “under the hood”. It operates as a web proxy server, and sits as a man-in-the-middle between your browser and destination web servers. This lets you intercept, inspect and modify the raw traffic passing in both directions.
If the application employs HTTPS, Burp breaks the SSL connection between your browser and the server, so that even encrypted data can be viewed and modified within the Proxy.
What is TCPDump?
Tcpdump is a type of packet analyzer software utility that monitors and logs TCP/IP traffic passing between a network and the computer on which it is executed, or more technically a packet sniffer.
Using tcpdump command we can capture the live TCP/IP packets and these packets can also be saved to a file. Later on these captured packets can be analyzed via tcpdump command. tcpdump command becomes very handy when it comes to troubleshooting on network level.
Before conducting the process of penetration testing on the designated system for 1NSP3CT, It is recommended and possibly crucial to make a plan beforehand. Here is the Excel file of the pentest plan for EH final project. Get the whole story
What is Session Hijacking?
Session hijacking is when an authorized user accesses another user’s actual network connection. This is usually to bypass password authentication, which is the starting point of the session.
TCP/IP hijacking, also called active sniffing, involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address. This happens quickly and gives the attacker access to the session and to all the information on the original system. The server will not know that this has occurred and will respond as if the client were trusted.
Typograph is a standards compliant theme with a JQuery powered tabbed sidebar box and an ad under the first post on the index page. This theme has no images and is purely based on CSS elements and typography. Ideal for future customization. Typograph was styled "from the ground up" on a highly customized version of the Sandbox theme.
Designed by Morten Rand-Hendriksen - designer, information philosopher and author based out of Burnaby, BC.
You can change the contents of the tabbed box by editing the tabbedBox.php file located in the Typograph theme directory.
