WiFi Hacking (Penetration Testing) Tools

WiFi Hacking (Penetration Testing) Tools

1、Aircrack Aircrack is currently the most popular WiFi password cracking tool. There are many tools on the market that can crack WiFi encryption, primarily utilizing WEP security vulnerabilities or brute-force dictionary attacks to crack WPA/WPA2 PSK passwords. WPA2 AES/CCMP encryption remains a relatively secure choice. If you use WPA2 PSK mode, it is best to … Read more

Installation Guide for the Latest Weekly Version of Kali Linux and VPN Connection to Hack The Box

Installation Guide for the Latest Weekly Version of Kali Linux and VPN Connection to Hack The Box

Installation Guide for the Latest Weekly Version of Kali Linux and VPN Connection to Hack The Box Kali Linux is maintained and released by OffSec, serving as the core platform for penetration testing and cybersecurity training. Compared to the regular stable version, the Weekly version synchronizes the latest tool updates and security fixes in the … Read more

Comprehensive Guide to Kali Linux Penetration Testing: From OWASP Top 10 to Enterprise-Level Red Team Practices

Comprehensive Guide to Kali Linux Penetration Testing: From OWASP Top 10 to Enterprise-Level Red Team Practices

1. Core Value and System Features of Kali Linux Penetration Testing Kali Linux, as the benchmark operating system in the field of penetration testing, demonstrates its core value in three aspects: tool integration, coverage of testing scenarios, and legal compliance. The system comes pre-installed with over 600 specialized tools, covering 12 categories including information gathering, … Read more

Comprehensive Guide to Windows and Linux System Commands

Comprehensive Guide to Windows and Linux System Commands

Author: Xiao Yang Sean Source: https://www.cnblogs.com/-mo-/p/12109717.html 1. Introduction During our penetration testing process, we often need to transfer files to the target host to achieve purposes such as privilege escalation and maintaining control. Therefore, when direct transfer is inconvenient and the target host has network connectivity, we can use local download methods to achieve file … Read more

Proximal Phishing: Creating Custom Fishing WiFi at Ultra-Low Cost

Proximal Phishing: Creating Custom Fishing WiFi at Ultra-Low Cost

*Disclaimer:This article is for technical discussion and sharing only, and is strictly prohibited for illegal purposes. As enterprise security devices become more prevalent and border security measures improve, phishing attacks have gradually become a primary method in red-blue team exercises. With the updates to email server WAFs and the increasing security awareness among enterprise personnel, … Read more

Top 20 Kali Linux Tools in 2021

Top 20 Kali Linux Tools in 2021

The 20 Kali Linux penetration tools discussed in this article are selected based on the <span>most commonly used</span> and <span>most favored</span> criteria. Therefore, some excellent tools may not be included. If you have better suggestions, please leave a comment for us to make corrections! Kali-Linux-tools Information Gathering Tools 01 traceroute <span>traceroute</span> is a tool used … Read more

Ensuring the Security of Industrial Control Systems: How NetEye Helps Energy Companies Strengthen Cybersecurity

Ensuring the Security of Industrial Control Systems: How NetEye Helps Energy Companies Strengthen Cybersecurity

An energy company operates multiple oil and gas transportation pipelines and remote monitoring systems. With the deep integration of industrial control systems and IT networks, the exposure of these systems has significantly increased. To prevent threats from cyberattacks on critical infrastructure, the company introduced NetEye for penetration testing. Technicians used NetEye’s “Proxy Interception“ feature to … Read more

The Top Red Team in the US is Actually an AI Robot

The Top Red Team in the US is Actually an AI Robot

Part01 Chatbot “Xbow” Ranks First on HackerOne The performance of artificial intelligence (AI) has surpassed that of human red team members. On the HackerOne platform, an AI chatbot named “Xbow” currently ranks first in the reputation leaderboard of the US security industry. The platform connects businesses with ethical hackers through a bug bounty program, and … Read more

The Pitfalls of Login Functionality: How an HTTP Redirection Attack Almost Cost My Company (with Solutions)

The Pitfalls of Login Functionality: How an HTTP Redirection Attack Almost Cost My Company (with Solutions)

Follow our public account for Java insightsTimely delivery Last week, I made a blunder at the company—my own login module almost became an accomplice to a phishing site. Today, I want to share this thrilling process and how to avoid the “invisible bomb” of HTTP redirection attacks. The Morning That Drove the Tester Crazy It … Read more

Linux Lesson 5: Web Security Vulnerabilities

Linux Lesson 5: Web Security Vulnerabilities

1.1 Web Security Vulnerabilities Before discussing web vulnerabilities, let me briefly talk about web security knowledge. Let’s briefly understand the knowledge related to computer networks and protocols. Composition of Computer Communication Networks A computer network consists of a communication subnet and a resource subnet. The communication subnet is responsible for the error-free and orderly transmission … Read more