At times, simply sniffing on a target network can yield the same results. In my view, attack-infect-extract is not the only way by which an attacker achieves their goal. Typically, the sniffing network traffic on the target network is given less importance during penetration testing activities. This task is often very tedious the success of the attack depends on various factors, such as the software’s patching cycle, security applications/appliances deployed, user security awareness, and so on. Once the machines on the target network are compromised, attackers get a foothold on the target network and extract sensitive information. When the staff in an organization, unaware of the phishing e-mail, clicks on the links in the phishing e-mail and compromise their credentials, they even get infected by executing the malicious attachments that come with the phishing e-mail. To achieve this goal, they perform tedious tasks, such as crafting and sending spear phishing e-mails with malicious attachments.
(For more resources related to this topic, see here.)Įxtracting sensitive information from a target network is often the goal of an attacker. Also, we will discuss various ways to capture, decrypt, and analyze traffic with WireShark to sniff and extract sensitive information from wireless networks.
In this article by Raghu Reddy, author of the book Mastering Kali Linux Wireless Pentesting, we will be introduced to advanced wireless sniffing.
0 kommentar(er)
