摘要:
Injecting Code in HTTPS Pages: 阅读全文
posted @ 2019-09-24 23:29
晨风_Eric
阅读(242)
评论(0)
推荐(0)
摘要:
HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. -> not secure Solution: Use HTTPS. HTTPS is an ad 阅读全文
posted @ 2019-09-15 17:12
晨风_Eric
阅读(503)
评论(0)
推荐(0)
摘要:
Basic BeEF commands: Login the BeEF Control Panel, and go to Commands page. Create Alert Dialog: Run Raw JavaScript Spyder Eye Redirect Browser Delive 阅读全文
posted @ 2019-09-15 08:07
晨风_Eric
阅读(225)
评论(0)
推荐(0)
摘要:
Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets are hooked once they load Javascript code. Hook co 阅读全文
posted @ 2019-09-14 22:21
晨风_Eric
阅读(310)
评论(0)
推荐(0)
摘要:
Recalculating Content-Length: 阅读全文
posted @ 2019-09-13 17:42
晨风_Eric
阅读(272)
评论(0)
推荐(0)
摘要:
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Analyzing HTTP Responses Execute the Pyt 阅读全文
posted @ 2019-09-10 23:46
晨风_Eric
阅读(521)
评论(0)
推荐(0)
摘要:
MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Modifying HTTP Requests on the Fly: Brow 阅读全文
posted @ 2019-09-04 22:22
晨风_Eric
阅读(467)
评论(0)
推荐(0)
摘要:
What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. Analyze the following DNSRR records. Redirecting DNS Responses The set_payload() 阅读全文
posted @ 2019-09-01 17:56
晨风_Eric
阅读(498)
评论(0)
推荐(0)
摘要:
INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/receive packets. But it can't be used to intercept packet 阅读全文
posted @ 2019-09-01 15:21
晨风_Eric
阅读(320)
评论(0)
推荐(0)
摘要:
Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Target a computer on the same network. arp_spoof to re 阅读全文
posted @ 2019-09-01 00:04
晨风_Eric
阅读(265)
评论(0)
推荐(0)
浙公网安备 33010602011771号