Premium Resources

Training Courses

Free Resources

Wi-Fi Attacks

Major Wi-fi attacks are done by setting up a rogue Access Point.

Evil Twin attack:

Here the attacker sets up a fake access point with a similar name to that of a corporate AP near the company premises. When an employee unknowingly connects to this access point thinking that to be the genuine AP of the company, he/she gives away the authentication details of the original access point. The attacker, thus, is able to compromise the connection.

Image Source: http://syworks.blogspot.in/2014_04_01_archive.html

Jamming Signals:

An attacker can disrupt the network connection by jamming the signal, there are functioning tools for this purpose also called as creating noise.

Misconfiguration Attacks:

If a router is set up using the default configuration, weak credentials, weak encryption algorithms, then the attacker can easily break into the network.

Honey spot Attack:

An attacker can set up fake access points/hotspots with the same SSID as that of a public wi-fi AP; thus, he can set traps for the users who connect to these AP’s.

Unauthorised/Ad-Hoc connection attacks:

An attacker can enable an AD-HOC connection in a user’s system utilizing Trojan, malware, or if an employee is already using an AD-HOC connection to share the internet with peers. The attacker can compromise the connection operating in AD-HOC mode since this mode does not provide stronger encryption to the connection.

Methodology:

An attacker has to find out the wireless devices through methods like war-walking, warchalking, war-driving. There are tools like NetStumbler, Kismet to find out wireless access points and capture the traffic.

Once he captures the traffic of that connection, he has to analyse the traffic using protocol analysers to identify the authentication method used, SSID, and connected devices and how to compromise the connection.

Depending upon the protocol used for encryption, he has to follow different tools/methods to break into the network and gain access to the unauthorised network.

Countermeasures:

Always use WPA/WPA2 encryption.
Do not share your credentials.
Do not open untrusted emails.
Use IDS/Firewalls to filter the connections.
Change the default configurations.
Enable MAC-address filtering.
Use centralised server for authentication.
Do not connect to untrusted/public wifi hotspots.

What is Hacking? What is Ethical Hacking? Who is an Ethical Hacker?

CIA Triangle Important characteristics of Information Security, Functionality and Usability Triangle Phases of Hacking Different types of attacks Vulnerability Assessment Penetration Testing Information Security Laws, Standards and frameworks

What is Footprinting Objectives of Footprinting Footprinting Methodology

What is Scanning? Network Scanning Scanning Methodology

Enumeration and its Types NetBIOS Enumeration SNMP Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration DNS Enumeration

Goals of System Hacking Gaining Access Privilege Escalation Executing Applications Hiding Files Covering Tracks

Introduction to Malware Threats and its Types Virus Trojans Worms Rootkits, Spyware and Ransomware How to Detect Malicious Software

Sniffing and its Types ARP and CAM Table Active Sniffing Attacks DHCP Poisoning

Social Engineering and its Attacks Computer and Mobile Based Social Engineering

Denial of Service attacks and its Types

Session Hijacking and its Types Session Hijacking Process Session Hijacking Levels Network or TCP Session Hijacking

Web Server and its Types of Attacks

Web Application and its types of Attacks Injection Flaws Cross-Site Scripting Web Services Attacks Hacking Methodology

Introduction to SQL Injection Types of SQL Injection

Introduction to Hacking Wireless Networks Encryption Types Wi-Fi Attacks

Introduction to Hacking Mobile Devices Android Types of Android Attacks IOS Mobile Device Management

Firewall IDS: Intrusion Detection System Ways of Detecting Attacks

Introduction to Cryptography PKI: Public Key Infrastructure SSL: Secure Socket Layer

Introduction to Cloud Computing Types of Cloud Computing Benefits, Threats, and Attacks on Cloud Computing Security in Cloud

Premium Resources

Free Resources

Wi-Fi Attacks

Evil Twin attack:

Jamming Signals:

Misconfiguration Attacks:

Honey spot Attack:

Unauthorised/Ad-Hoc connection attacks:

Methodology:

Countermeasures:

PMP Home

Introduction to Project Management

The Project Environment

Role of the Project Manager

Integration Management

Scope Management

Schedule Management

Cost Management

Quality Management

Resource Management

Communication Management

Risk Mangement

Procurement Management

Stakeholder Management

Trends and Emerging Practices

Considerations for Agile/Adaptive Projects

PMI-ACP Home

Agile Estimation

Agile Frameworks and Terminologies

Introduction on Scrum

Agile Risk Management

Soft Skills

Introduction on Lean

Value Priority

Agile Techniques

Agile Metrics

Communications Management

Agile Planning

Ethical Hacking

Introduction to Ethical Hacking

Footprinting and Reconnaissance

Scanning

Enumeration

System Hacking

Malware Threats

Sniffing

Social Engineering

Denial of Service

Session Hijacking

Hacking Web Servers

Web Application Attacks

SQL Injection

Hacking Wireless Networks

Hacking Mobile Devices

Evading Firewall/IDS and Honey Bots

Cryptography

Cloud Computing

CAPM Home

CAPM Framework and Life Cycle

Project Management Processes

Integration Management

Scope Management

Time Management

Cost Management

Quality Management

Human Resource Management

Communication Management

Risk Management

Procurement Management

Stakeholder Management

Lean Six Sigma Black Belt Home

Define Phase

Measure Phase

Analyze Phase

Improve Phase

MiniTab

PRINCE2 Home

Overview of PRINCE2

PRINCE2 Business Case

Introduction on the Quality theme in PRINCE2