随笔分类 - 学问
摘要:Object-Oriented Programming Keylogger Classes Way of modeling program(blueprint). Logically group functions and data. Makes code more readable. More r
阅读全文
摘要:Report function: Run in the background. Don't interrupt program execution. Every X seconds, send the report. ->Great case for threading.
阅读全文
摘要:A program that records keys pressed on the keyboard. Common features: Store logs locally(local keyloggers). Report logs to an email or remote server(r
阅读全文
摘要:DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situati
阅读全文
摘要:Stealing WiFi Password Saved on a Computer
阅读全文
摘要:Filtering Command Output using Regex
阅读全文
摘要:WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Report. Download, Execute & Report. KEYLOGGER A program that r
阅读全文
摘要:ARPSPOOF_DETECTOR Watch value for gateway mac in the arp table Nice and simple, but will not detect an attack if the tool is executed after the attack
阅读全文
摘要:Injecting Code in HTTPS Pages:
阅读全文
摘要:HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. -> not secure Solution: Use HTTPS. HTTPS is an ad
阅读全文
摘要:Basic BeEF commands: Login the BeEF Control Panel, and go to Commands page. Create Alert Dialog: Run Raw JavaScript Spyder Eye Redirect Browser Delive
阅读全文
摘要:Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets are hooked once they load Javascript code. Hook co
阅读全文
摘要:Recalculating Content-Length:
阅读全文
摘要:MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Analyzing HTTP Responses Execute the Pyt
阅读全文
摘要:MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Modifying HTTP Requests on the Fly: Brow
阅读全文
摘要:What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. Analyze the following DNSRR records. Redirecting DNS Responses The set_payload()
阅读全文
摘要:INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/receive packets. But it can't be used to intercept packet
阅读全文
摘要:Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Target a computer on the same network. arp_spoof to re
阅读全文
摘要:PACKET_SNIFFER Capture data flowing through an interface. Filter this data. Display Interesting information such as: Login info(username&password). Vi
阅读全文
摘要:Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they did not send a request. 2. Clients trust response
阅读全文
浙公网安备 33010602011771号