SSL Stripping is a technique by which a website is downgraded from https to http. With standard SSL man-in-the-middle attacks, users have to click through the SSL certificate warning. Depending on the browser, this can be an involved process that is difficult, if not impossible, for a user to ignore. Most readers can probably think of a time they clicked through a security warning and continued to the page despite their better judgment. With SSL stripping, we man-in-the-middle the HTTP connection before it is redirected to SSL and add SSL functionality before sending the packets on to the web server. When the web server replies, SSL stripping again intercepts the traffic and removes the HTTPS tags before sending the packets to the client. Continue reading “SSl stripping with SSLstrip and Arpspoof”
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. This tool allows us to perform MiTM attack with ARP spoofing and attack SSL traffic. We can break the secure SSL connection by redirecting traffic to and from www .facebook.com to our Kali system so we can intercept sensitive information. Continue reading “Using Ettercap for SSL Man-in-the-Middle Attacks”
OPNSense is an stateful firewall which comes with almost all of the features that are expected from a commercial firewall, it has a sleek graphical interface, very lightweight application which is based on freeBDS. The meaning of stateful firewall is that it keep tracking network streams and it is programmed to distinguish legitimate packets for various connection currently active onto your network. A firewall can filter source and destination IP,source and destination protocol. This article explains how to install it step by step.
Continue reading “Installing OpenSense as ESXi VM”
This article describes deployment process of Windows Server 2016 Nano in VMware ESXi virtual machine. Step-by-step guide shows how to prepare Nano server image with VMware drivers, convert virtual machine’s disk to format supported by ESXi, create and configure virtual machine, deploy Nano server to VM and perform basic configuration. Continue reading “Deploying Nano server on VMware Virtual Machine”
Guacamole as free, open source, HTML5 based application prompted me to perform a deeper research to figure out, how I can quickly have it deployed. From first point of view, it was not that easy to do so, because of few stupid mistakes I made. But finally, after some time I’have successfully configured it on my fresh deployed Ubuntu Server 16.04 virtual machine. Now, I would like to describe it in a clean way, so in the furute me, aswell as you, will be able to quickly setup this awesome application, in order to grant easy access to the test environment. Continue reading “Remote desktop with Apache Guacamole”