09 2019 档案
摘要:Filtering Command Output using Regex
阅读全文
摘要:WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Report. Download, Execute & Report. KEYLOGGER A program that r
阅读全文
摘要:ARPSPOOF_DETECTOR Watch value for gateway mac in the arp table Nice and simple, but will not detect an attack if the tool is executed after the attack
阅读全文
摘要:Injecting Code in HTTPS Pages:
阅读全文
摘要:HTTPS: Problem: Data in HTTP is sent as plain text. A MITM can read and edit requests and responses. -> not secure Solution: Use HTTPS. HTTPS is an ad
阅读全文
摘要:Basic BeEF commands: Login the BeEF Control Panel, and go to Commands page. Create Alert Dialog: Run Raw JavaScript Spyder Eye Redirect Browser Delive
阅读全文
摘要:Browser Exploitation Framework. Allows us to launch a number of attacks on a hooked target. Targets are hooked once they load Javascript code. Hook co
阅读全文
摘要:Recalculating Content-Length:
阅读全文
摘要:MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Analyzing HTTP Responses Execute the Pyt
阅读全文
摘要:MODIFYING DATA IN HTTP LAYER Edit requests/responses. Replace download requests. Inject code(html/Javascript) Modifying HTTP Requests on the Fly: Brow
阅读全文
摘要:What is DNS Spoofing Sniff the DNSRR packet and show on the terminal. Analyze the following DNSRR records. Redirecting DNS Responses The set_payload()
阅读全文
摘要:INTERCEPTING & MODIFYING PACKETS Scapy can be used to: Create packets. Analyze packets. Send/receive packets. But it can't be used to intercept packet
阅读全文
摘要:Capturing passwords from any computer connected to the same network. ARP_SPOOF + PACKET_SNIFFER Target a computer on the same network. arp_spoof to re
阅读全文
