A very common question in the mind of the beginners in cyber security is that do we really need to learn programming to get a job in cyber security? Well, the answer to this question is not as simple as a YES or NO, it varies according to the job you have. Although, learning programming is not necessary to become a cyber security professional, having knowledge about the basics of programming is a skill that we all must learn.
Majority of the ENTRY LEVEL JOBS in cyber security do not demand expertise in programming, but in order to advance our career, we must learn to code. …
As a beginner, I used to face a number of issues while installing these tools, so I thought of writing an article about installing and using these basic tools. Some of the basic scanners are described in this article with their installation procedure for Kali Linux.
HOW TO INSTALL NESSUS?
Step 1 : Go to this website and Register for an activation code: https://www.tenable.com/products/nessus/nessus-essentials and click on Download Nessus.
Hello Everyone! I have listed some of the popular & easiest tools for bug hunting. Check them out.
FoxyProxy automates the manual process of editing Firefox’s Connection Settings dialog. It switches internet connections across multiple proxy servers.
I have explained how a basic file interceptor program is developed using python in this article. Keep in mind that before running this program, We need to run the ARP spoofer. Then run the iptables command.
If you are targeting the remote computers, then redirect the FORWARD chain to your queue using the following command -
iptables -I FORWARD -j NFQUEUE --queue-num 0
If you are testing on your local machines, then redirect the INPUT & OUTPUT chains.
iptables -I INPUT -j NFQUEUE --queue-num 0
iptables -I OUTPUT -j NFQUEUE --queue-num 0
We were modifying data in the DNS layer in our previous DNS Spoofer Program, Now we are going to modify the data in the HTTP layer to perform this attack. …
Now that I have explained how to develop our own tools for performing MITM attacks such as ARPSPOOF and DNSPOOF, We will explore how to build a program to detect the ARP Spoof attacks being performed on our machine. This is a basic beginner friendly program.
If we look at how our ARP spoofer program works, we will be able to notice that we created a function to send ARP responses that used to poison the ARP table of the victim machine. We will be making some changes in that function and edit it so that if the packets have a layer of spoofed ARP, the program could detect it. …
How does a DNS SPOOFER work?
This is a Man-in-the middle attack so there will be three entities :
The victim sends requests to the Access Point, the attacker sniffs them and modifies them and send the modified malicious request to the Access Point on behalf of the victim. The attacker does this by creating a queue of packets, storing all the requests, modifying them using a program and then sending them to the Access Point.
Similarly, the responses of the Access Point are stored in a queue, modified by the attacker using a program and then sent to the victim. …
As a beginner in coding, this was the second program that I had written after understanding the basic concepts of programming. I have explained some of them in a brief manner.
Address Resolution Protocol is used for mapping a dynamic IP address to a permanent machine address (MAC Address). The attackers take advantage of this protocol by sending fake ARP messages to the target machine in a Local Area Network. By doing this, the address of the attacker gets mapped with the IP of a legitimate computer/ server on the same network. …
The First program that I had written was a basic MAC Address Changer program which is available on github. I have explained how to create your own macchanger with python or you can also use the github tool that I have uploaded. If you are a beginner in Cyber Security, you can get started with writing your first program!
Each network interface on our device has a different MAC address so that they can be uniquely identified. Anonymity is a major concern in the area of cyber security and hence, we need to spoof our MAC Address so that it becomes a bit more difficult to recognize our devices on the network. …