“MAC Address Scrambling“- By name itself we can understand, instead of using burned-in address, the machines uses random MAC address every time. The machine/device changes MAC address regularly to improve security. MAC address is 48 bit hexadecimal digit which is burned in every electronic device has capability of “connectivity” such as mobile devices, smart TV, PC, etc. “Apple” added this feature to iPhones from iOS8 to protect user’s privacy.
So, how static MAC address causes some security issues? First thing caught in my mind is this
According to Edward Snowden, the National Security Agency has a system that tracks the movements of everyone in a city by monitoring the MAC addresses of their electronic devices. As a result of users being trackable by their devices’ MAC addresses, Apple has started using random MAC addresses in their iOS line of devices while scanning for networks.If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.
Continue reading “MAC Address Scrambling in Linux”
*Below links I found useful, collected from various sites.
- How to recover lost Python source code if it’s still resident in-memory
- Android Internals [PDF] by Jonathan Levin: Talked about Linux vs Android, File system, Partitions, Boot, Backup & recovery, Init, Daemons
- USG is a firewall for your USB ports, protecting your computer from BadUSB
- CHIPSEC A framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI)
- Cpython Internals: Codewalk through the Python interpreter source codes [Youtube Playlist]: Talked about Opcodes, Frames, Function calls, PyObjets, Python Datatypes, Iterators, Generators, Clases, etc
- Dive in to BPF: A list of reading materials for BPF
- Run Levels & How to make init scripts
- Simple BFP implementation in Python
- Problem Solving with Algorithms and Data Structures using Python [BOOK] By Brad Miller and David Ranum, Luther College: Talked about Basic Data Structures, Recursions, Sorting & Searching, Tree Algorithms and Graphs Algorithms
- Natural Language Processing with Python [BOOK] by Steven Bird, Ewan Klein, and Edward Loper: Talked about Processing Raw Text, Writing Structure Programs, Categorizing and Tagging words, Classify Text, Extract Info, Analyzing Sentences, Basic Grammars, Linguistic Data, etc
- Capturing Wireless LAN Packets on Ubuntu with tcpdump and Kismet
- BPF Compiler Collection [Github Repo] A toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples
- An Introduction to Linux Permissions
htop explained visually with screenshot
- How to Make a Computer Operating System
- Python for Android
- DNS Queue – A Parallelised DNS Prober
- Python Cheat Sheets
- Where Am I[Git Repo] Uses WiFi signals and machine learning (sklearn’s RandomForest) to predict where you are. Even works for small distances like 2-10 meters.
- Explain Shell
- Infinite possibilities with the Scapy Module
VIM while playing
- BASH Cheat Sheet
- VirusTotal – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
- Python Anti-Patterns – Best Python Coding Practices
- How Linux CPU Usage Time and Percentage is calculated
- Linux Memory Managment Frequently Asked Questions
- Live Hacking Attack Map
- Python Plays: Grand Theft Auto V – By sentdex : Self Driving Car, Neural Network Training Data for self-driving, Balancing self-driving training data ,etc
- Pythonic Data Structures and Algorithms
- Removing Your PDF Metadata & Protecting PDF Files
- https://ngrok.com/ – Secure tunnels to localhost
- Tool for in-depth analysis of USB HID devices communication
- An Illustrated Guide to the Kaminsky DNS Vulnerability
- Spear Phishing 101
- What is
sticky bit in Linux?
- Set up your own malware analysis lab with VirtualBox, INetSim and Burp
- Step by step Metasploit walkthrough
- Linux Bridge – how it works
- SSH Check
- Shutit – An automation tool that models a user’s actions on a terminal.
- Phishing With a Rogue Wi-Fi Access Point
- Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs
- WiFi-Pumpkin[Github Repo] Framework for Rogue Wi-Fi Access Point Attack
- https://stackhackr.barkly.com/ – Creating your own malware in 5 minutes or less.
- Writing a Simple Operating System — from Scratch [PDF]
- A collective list of free JSON APIs for use in web development
- Learn Regular Expression in Easy Way
- fast DDoS analyzer with sflow/netflow/mirror
- Metadata: a hacker’s best friend
- A Python Package for creating backdoors!
- malware-traffic-analysis.net – A source for pcap files and malware samples
- 30 interesting commands for the Linux shell
- How security flaws work: The buffer overflow
- From SQL Injection to Shell
- Realmode Assembly – Writing bootable stuff
- Hardware Hacking & Circuitry: Part 2: Amount of electricity, Resistance, Power, AC/DC
- Understanding and generating the hash stored in /etc/shadow
- Blockchains: How They Work and Why They’ll Change the World
- Everything You Wanted To Know About Blockchains
- Build Your Own Blockchain
- Writing a Bootloader
- Using Python To Get A Shell Without A Shell
- China’s Man-on-the-Side Attack on GitHub
Some times you might need https to securely send data to an API(Or access website), but the API might not officially support https or it could be some other reasons will stick to HTTP which is insecure. I also encountered similar situation, I used TSDB to store time series date, but the TSDB supports only http , but not https. So, I decided to put a HTTPS proxy in front of original API. Since I don’t have much knowledge on apache, after a long Internet search, I finally found the solution and I just want to share
Continue reading “How to create HTTPS proxy in apache”
GNU Screen is a terminal multiplexer, a software application that can be used to multiplex several virtual consoles, allowing a user to access multiple separate login sessions inside a single terminal window, or detach and reattach sessions from a terminal. It is useful for dealing with multiple programs from a command line interface, and for separating programs from the session of the Unix shell that started the program, particularly so a remote process continues running even when the user is disconnected. [more]
sudo apt-get install screen -y
Continue reading “GNU screen commands(Cheat Sheet)”
A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.
As you can see, this type of attack is pretty powerful and difficult to detect who is attacking. There are some tools for this attack like “aircrack-ng”(You can check the commands here).
So, basically the concept is the attacker broadcasts a wifi management “De-authentication” frame to victim’s to tell deauthenticate. It is like, “Hey client! can you please deauthenticate and authenticate”. Then the client will reconnect to AP(Access Point). These type of frames are supposed to send by valid “AP” to its clients, but the attacker can mimic these frames and broadcasts in the network.
Continue reading “Automated Wifi De-authentication attack”
Before installing Python 3.5, it is recommended to install build dependencies.So, run the following commands
sudo apt-get install build-essential checkinstall
sudo apt-get install libreadline-gplv2-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev
Now download the python 3.5 tar ball
Extract and install Continue reading “Install Python 3.5 in Ubuntu 14”
I have tested in Ubuntu 14 (I don’t know about other distros). As you know, sometimes port mirroring is useful for monitoring the network traffic for intrusion detection system,Passive probing, etc. Basically, it sends a copy of packet to destination which was received on the interface(depends on your configuration). And again depends on your need, you can use Netflow also.
Continue reading “Port Mirroring with iptables”