Now that we have discussed some tools used to test web applications, we will discuss tools hackers commonly use to attack web apps with. One of the most common tools hackers use for web app attacks is called Autopwn. This tool is designed to test for browser vulnerabilities that are used for web application attacks. Autopwn was first developed in 2008 by Egyp7. What makes this tool unique and powerful is the ability to launch multiple browser exploits at once until one is successful. This process of finding the right browser exploit is automated. In 2015, a new version of Autopwn was written. The new version is called Autopwn2. It uses a Browser Exploit Server (BES) to determine the type of browser the victim is using. There is also support for multi-platform plugin detection. When a victim's browser connects to the BES, Autopwn2 begins to launch a list of browser exploits against the victim...
Applied Network Security
Applied Network Security
Overview of this book
Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network. The book begins by showing you how to identify malicious network behaviour and improve your wireless security. We will teach you what network sniffing is, the various tools associated with it, and how to scan for vulnerable wireless networks. Then we’ll show you how attackers hide the payloads and bypass the victim’s antivirus. Furthermore, we’ll teach you how to spoof IP / MAC address and perform an SQL injection attack and prevent it on your website. We will create an evil twin and demonstrate how to intercept network traffic. Later, you will get familiar with Shodan and Intrusion Detection and will explore the features and tools associated with it. Toward the end, we cover tools such as Yardstick, Ubertooth, Wifi Pineapple, and Alfa used for wireless penetration testing and auditing. This book will show the tools and platform to ethically hack your own network whether it is for your business or for your personal home Wi-Fi.
Table of Contents (18 chapters)
Introduction to Network Security
Sniffing the Network
How to Crack Wi-Fi Passwords
Creating a RAT Using Msfvenom
Social Engineering Toolkit and Browser Exploitation
Passing and Cracking the Hash
Web Application Exploits
Evil Twins and Spoofing
The Internet of Things
Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra