Learn Cyber Security

CASB - CLOUD ACCESS SECURITY BROKER What is CASB? This article aims to bring forward a concise knowledge for those people who are interested to learn about the latest trend of Cloud Broker Security. A Cloud Access Security Broker (CASB) is a set of new cloud security technologies that addresses the challenges posed by the use of cloud apps and services. They work as tools that sit between an organization's on-premises infrastructure and a cloud provider's infrastructure. Playing the role of a gatekeeper, they allow the organization to extend the reach of their security policies beyond their own infrastructure. Classified as:     ● On-premises or     ● Cloud-hosted software that acts as a control point to support continuous visibility, compliance,           threat protection, and security for cloud services. CASB solutions helps to:     ● Identify and evaluate all the cloud apps in use     ● Enforc...

PYTHON - PRACTICE AND FUNCTIONALITY In the past, there were a lot of programming languages you can use to make your own penetration testing tools, but there was usually one that was the most popular and was your first choice when you thinking about choosing a programming language to make a penetration testing tools, like Perl. Lately, programming languages like Python and Ruby have been widely adopted and proved their usefulness. In this article, we will try to shed light on some of the Python advantages and functionality. We will divide the article into two parts; the first part will discuss the practical use of Python to perform Wi-Fi attacks, the second part will use Python to perform Exploit Development. I will try to explain everything in detail. But to be honest, you should be aware of some things so that you do not miss anything. WHAT YOU NEED AND SHOULD KNOW:       ● Basic Knowledge of 802.11 Protocol.       ● Basic Knowledge of Wi-Fi Att...

IMSI CATCHING OVER WIFI NETWORKS: EXPOSING WIFI-OFFLOADING Introduction IMSI (International Mobile Subscriber Identity) catchers have been widely known in 3G mobile networks as a malicious device to intercept and eavesdrop mobile traffic and tracking users, considered a type of man-in-the-middle attacks. This type of attack has been aroused in wifi networks as well. Wifi networks that operate over 2G-4G protocols, better known as Wifi-offloading, has been an emerging concept adopted by mobile operators for several years to relieve the congested mobile data networks with additional capacity from the unlicensed Wifi spectrum. Wifi offloading architecture relies heavily on the mobile operator's infrastructure as the users are authenticated via their SIM/(U)SIM cards as the normal defined 3GPP mobile authentication mechanism. The architecture of wifi offloading solutions mainly consists of the wireless access point that the user attaches to and depends on the operator’s core ...

THE DEVELOPMENT OF DISPLAYING SSL CERTIFICATES IN A BROWSER Displaying an SSL certificate in a browser is one of the aspects of using the internet. This originally unremarkable problem has gradually become a big topic, which affects not only security, but marketing as well. Let us look at how displaying SSL certificates in browsers has developed. You might be surprised how often this changes and how much it has deviated from its original purpose. ThE BEGINNINGS Encrypting the web with an SSL certificate has its origins in the 1990s. One of the first certification authorities – Thawte – was founded in 1995 and is still very popular today. The HTTP and HTTPS web protocols for encrypted web have been with us (with forced modernization) for 20 years. Connecting to the internet was not common for computer users at the time, and web encrypting was an exception.Besides, until 2007, there were only two types of certificates – simple ones without information about the owner (domain va...

GITHUB CORNER - WIRELESS HACKING EDITION Infernal-  Wireless  This is  automated  wireless  hacking tool ##Infernal-Wireless v2.6 Release 2.6.11 ##Features added and improved: • Menu to retrieve logs are added ##Infernal-Wireless v2.6 Release 2.6.10 ##Features added and improved: • Added BeeF XSS framework Integration • Added HTTP Traffic View within tool • Improved Infenral Wireless Attack • Visual View of some of the panel improved • Improved Basic Authentication during Social engineering assessment over wireless network Infernal-Wireless v2.6 This tool is created to aid the penetration testers in assessing wireless security. Author is not responsible for misuse. Please read instructions thoroughly.Usage: python InfernalWireless.py (from the same folder where your code exists) For any comments and suggestions please email on 1337[@]gmail[dot]com ##BUG Fixes: 1. Non ASCII SSID Name used to crash the software. It is fixed now 2. ...