Offensive Sniffing for Defensive Purpose
Mobile devices, Wireless Networks and modern Gadgets have become ubiquitous in today’s world. Millions of people use them worldwide every day at their homes, offices, and public hotspots to log on to the internet and do both personal and professional work.
Insecure communication channel have been exploited by “Offensive Sniffer” to break into companies, banks and government organizations.
Most of the Administrator, Security Engineer and Security Architect are still clueless on how to secure communication channel in robust and foolproof way.
This is the first version of my article named HOS v 2.0 and titled as “Offensive Sniffing for Defensive Purpose”.
I have tried to explain in a very simple way what sniffers are, how they work, method of detecting sniffers, various sniffing tools and finally how to protect against sniffers. We have chosen Kali OS and Ubuntu X LTS as the platform to test all communication channel in this book.
I would love to hear from you, specifically if you want more details to be added to this document. Are there any doubt/queries of yours that this article didn’t clear up? Do you want more information on a particular topic? If yes, please mail me.
ISBN: 978-93-5396-900-4
Summary:
The Offensive Sniffing starts with proper planning, scoping and recon, then deep dive into sniffing, target exploitation analysis, password attack analysis, and web application traffic analysis, packet manipulation and ssl traffic analysis with detailed hands-on labs throughout.
For Payment Option:
- Use Paypal for faster checkout.
- The Stripe Payment Gateway will be available from next week.
Membership Benefits:
- Candidate Discussion Panel (Forum / IRC Chat Channel)
- Official Offensive Sniffing Digi Membership Letter
- Offensive Sniffing Badge
- Offensive Sniffing Lab Files will be available for Download
- Author Full Support
- Latest Events/Conference Update
- White Paper/Research Paper on Technological Domains
🔎 If you want to become an offensive sniffer, 👃 then this book is for you! 📚💪💥
Hardware Requirement:
Devices: Alfa Card 📶
Device2: Wi-Fi Pineapple Mark VII🍍
RAM : 8 GB
Hardisk: 300 GB
Note:
Suppose if you don't have "Alfa Card" and "Wi-Fi Pineapple" 🚫📶, you will still be able to perform all the labs using Ethernet and Home Wifi Connection 🖥️📶. Additionally, you will be able to capture "Live Traffic" and analyze all the traffic 📊🔍.
Modules:
Offensive Sniffing for Defensive Purpose (Sniff everybody traffic)
"Decrypt & analyze the network traffic of all your devices."
1. Penetration Testing
1.1 - What is Penetration Testing
1.2 - Types of Hacker’s
1.3 - Hacker’s Terminology
1.4 - Ethics of Penetration Tester
2. Offensive Sniffing
2.1 - What is Offensive Sniffing
2.2 - Types of Sniffer
2.3 - Types of Sniffing
2.4 - Intrude Sniffing
2.5 - Welcome into the world of sniffing
2.6 - Getting Started in the air
3. Lab Configuration
3.1 - System Requirement
3.1.1- Hardware Requirement
3.1.2 - Software Requirement
3.1.3 - Virtualization Software Requirement
3.2 -Setting up the Lab
3.2.1 - Installation process of Sniff-OS
3.2.2 - Checking the Network Connectivity
4 - Configuring Repository
4.1 - Updating the Repository for Sniffing Script
4.2 - Adding the Repository for Sniffing Script
5 - Getting started with Sniffing
5.1 - Introduction to Wireshark
5.2 - Introduction to Tshark
5.3 - Installation process of Wireshark and Tshark
5.4 - Wireshark GUI Interface
5.5 - Playing with Tshark
6 – Capturing Traffic on Specific Interface
6.1 - Interfaces
6.2 - Tshark- Interface finding
6.3 - Capturing Packets
6.4 - Different types of Interface modes
7 - Sniff everybody traffic
7.1 - Monitoring all nodes traffic
7.2 - Enabling promisc
8 - Packet Analysis
8.1 - Exporting packets in. PCAP
8.2 - Tshark command modes (-r, -w and –c)
8.3 – Detailed packet analysis
8.4 – Packet analysis using PDML, PSML and JSON
9 - Packet Analysis using Browser
9.1 – Packet analysis using Browser
10 – Packet Filtering
10.1 – Capturing packet with help of Wireshark
10.2 – Filtering the packet with the help of Wireshark
10.3 - Filtering the packet with the help of Tshark
11 – Web Traffic Analysis
11.1 – Web traffic analysis
12 – Tshark Multiple File Technique
12.1 – Creating multiple file for capture
13 – SSL Traffic Analysis and SSL traffic decryption
13.1 – HTTP and HTTPS basics
13.2 - SSL and HTTPS
13.3 - SSL in Networking
13.4 - SSL Cryptography
13.5 - SSL traffic analysis using Wireshark
13.6 - SSL traffic decryption using Tshark
14 – Malicious Sniffing
14.1 – Introduction to Malicious sniffing
14.2 - Malicious User
14.3 - Malicious sniffing using Ettercap
14.4 - Countermeasure
15 – WLAN Traffic
15.1 – Wireless Terminology
15.2 - Sniffing in the air
15.3 - Finding all nearby roaming devices (Wireless Clients)
15.4 - Enumerating Wireless Clients associated with BSSID
16 – WLAN Traffic Packet Analysis
16.1 – WLAN packets Filtering options
17 – WLAN conversation endpoints
17.1 – WLAN packets inspection using conversation end points
17.2 - WLAN, IP, TCP, UDP and BSSID conversation analysis
Additional Modules
- Trial Limitations
-
NA — Network Analysis Module
- NA Module
- Raw packets of your targets with Wireshark
-
WM - Wi-Fi Monitoring Module
- WM module
- Differences with NA module
-
SSL — SSL/TLS Decryption Module
- How it works
-
Clients SSL/TLS warnings/failures
- Examples
- Key Pinning
-
Installation of Certificate Authority (CA)
- Target traffic decryption
- Own Traffic decryption
- Private certificate store
- How to work with Wifi-Pineapple Mark VII [ Master it ]
About Me:
Aloha, I am Harshad Shah, Founder & CEO of Hacker Associate known as a Technologist & also a Technology Motivational Speaker, Sr. Information Security Consultant & Corporate Trainer having Expertise in Latest and High-End Technologies like IoT, Machine Learning, Artificial Intelligence, Splunk, Docker, DevSecOps, AWS, Cloud Computing, Big Data Analytics.
📲: Email: harshadciso@hackerassociate.com
🔗: Web: hackerassociate.com
🖥️: LinkedIn: 95K+ (Join our channel now for latest updates & exploits)
Being a member of the International Council of Hacker Association in the United States of America, I am here to substantially improving the ability of cybersecurity in India and to defend its critical cyber-crimes. I have initiated various free Penetration Testing and Hacking Conferences all over the world. I am Penetration Tester and had done Penetration Testing in many Computer System, Wireless Network, Web Application, Cloud infrastructure, VOIP based System, and Mobile Phone System and introduced various Cryptographic method to secure Cyberspace.
International Hacking Conference Speaker, my InfoSec certification in Penetration Testing includes SANS, Offensive Security, RedHat, EC-Council, ISC2, ISACA, etc. I also initiated "SMS based Penetration Testing" using iPhone and Android.
Along with this, I am also working with Government agencies like the Army, Air Force, Navy, and other Intelligence Defence agencies across the globe. I had started the "Offensive Hacking for Defensive Purposes" for Government agencies.
🖥 MY TECHNOLOGIES
-AWS/AZURE Penetration Testing
-Cloud Penetration Testing
-DEVSECOPS
-Offensive API Exploitation and Security
-Offensive Web Attack and Security-OWAS
-DevOps
-IoT(Internet of Things)
-REDHAT, InfoSec, etc.
-SIEM(Security Incident Event Management)
-Ops Intelligence & Other Tools – Splunk, PingFederate, Delphix, AppDynamics
-Digital Forensics and Incident Response
-Malware and Reverse Engineering
✍️ MY SUCCESSFUL CLIENTS
Cognizant, World Bank, DELL, Cognizant, IBM, JP Morgan, Accenture, Wipro, Samsung, E & Y, Principal Global, Micro Labs Ltd, Deloitte, HP, and many more…
📞. LET's CONNECT
I am easy to reach M- at +918861948401