Pentesting with Android – new Exploiting Software Hakin9 issue is out!
Are you curious how to turn your Wi-Fi smart phone or tablet into a pentesting tool? Check out the new issue of Exploiting Software Hakin9!
WHAT’S IN THIS ISSUE?
• Searching For Exploits, SCAPY Fuzzing
• Weak Wi-Fi Security, Evil Hotspots & Pentesting with Android
• An In-Depth Analysis on Targeted Attacks
• Automated security audit of a web application
• Reverse Engineer Obfuscated
• Cross Site Scripting(XSS)
• Implementing Rsylog to forward log messages
• They Are Offline But I Exploited Them
Weak Wi-Fi Security, Evil Hotspots and Pentesting with Android
By Dan Dieterle
Wireless networks and mobile Wi-Fi devices have saturated both the home front and business arena. The threats against Wi-Fi networks have been known for years, and though some effort has been made to lock down wireless networks, many are still wide open. In this article we will look at a few common Wi-Fi security misconceptions. We will also see how a penetration tester (or unfortunately, hackers) could set up a fake Access Point (AP) using a simple wireless card and redirect network users, capture authentication credentials and possibly gain full remote access to the client.
Finally we will look at the latest app for Android that allows you to turn your Wi-Fi smart phone or tablet into a pentesting tool. With it you can scan your network for open ports, check for vulnerabilities, perform exploits, Man-in-the-Middle (MitM) attacks and even sniff network traffic on both your Wi-Fi network and wired LAN.
Searching For Exploits, SCAPY Fuzzing
By Craig Wright
SCAPY is a series of python based scripts that are designed for network level packet manipulation. With it, we can sniff network traffic, interactively manipulate it, and fuzz services. More, SCAPY decodes the packets that it receives without interpreting them. The article is going into some of the fundamentals that you will need in order to understand the shellcode and exploit creation process, how to use Python as a launch platform for your shellcode and what the various system components are.
And much more…
For additional article information click here or…