Skip to main content

Posts

How to Discover Device Manufacturer Based on MAC Address Need some little help with figuring which of the computers on the network is the apple device just using a MAC address? Have a look at this post as it might have a little tip for you. There are some great tools out there such as Nmap that would give us the connected clients on the same network along with their MAC address and the device vendor, the only issue with this is that Nmap only works  after  connecting to the target network. But we know there are a number of attacks that can be launched before connecting to a network, and we also know that we can see all connected clients to a network using airodump-ng before connecting to the network, even if we don’t know the network key, the only problem is airodump-ng does not give us any info other than the MAC address of the connected clients, but what if we can identify the device vendor based on the MAC address?? Lets start with shortly explaining what MAC ad...
Post a Comment
Read more
Recent posts
Creating a Vulnerability Management Strategy Often, an exploitation of a vulnerability might lead to a disaster recovery scenario. Therefore, it is imperative to have a system in place that can prevent the vulnerabilities from being exploited in the first place. But how can you prevent a vulnerability from being exploited if you don’t know whether your system is vulnerable? The answer is to have a vulnerability management process in place that can be used to identify vulnerabilities and help you mitigate them.  This article is an excerpt from the book  Cybersecurity – Attack and Defense Strategies, Second Edition  by Yuri Diogenes and Dr Erdal Ozkaya. This book covers the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape. In this article, we’ll look into how to create a vulnerability management strategy. The optimal approach to creating an...
Post a Comment
Read more
Cracking WPA/WPA2 Using the GPU We all know we can use aircrack-ng to run a wordlist attack to crack WPA/WPA2, in this article I’m going to show you how to do the same using a tool called HashCat, and compare its speed with aircrack-ng. The advantage of using HashCat is unlike aircrack-ng which uses the CPU to crack the key, HashCat uses the GPU, this makes the cracking process MUCH faster (results below). Installing & using Hashcat: First you need to download Hashcat from  https://hashcat.net/hashcat/ Navigate to the location where you downloaded it, and unzip it, personally I like to use 7zip. Open the Command Prompt (go to windows search and type cmd). Navigate to your Hashcat folder where it’s unzipped. Type hashcat32.exe or hashcat64.exe depending on the architecture of your CPU. In order to use the GPU, you need to get its id using the following command hashcat64.exe -I mine is #3. Then you need to use the hash type which is 2500 fo...
Post a Comment
Read more
How To Start a Fake Access Point (Fake WIFI)? As you might know, untrusted Wifi networks can be extremely dangerous if you happen to be connected to them. In this article I am going to show you how to create a simple yet dangerous access point. We will be using a well-known wireless card that supports monitor mode which is the Alfa AWUS036NHA USB wireless adapter. Or you can use any wireless adapter that supports monitor mode, Alfa AWUS036NHA is highly recommended though. How dangerous can an access point be?  If you are in a random place and happened to be connected to an open network, it doesn’t matter what device you are connected with, your data will be visible to the person who is controlling the access point. Not only that, but the person in control can have a complete control over your device by hooking you with a malicious web page or a backdoor. How can you control the devices that are connected to your fake access point?  There are many...
Post a Comment
Read more