|Preview - Building a Hacking Kit with Raspberry Pi and Kali Linux.pdf|
The summer time is almost over, everyone is back to work. As sad as that is, we hope that you spend your vacation relaxing. Today we would like to present you our new issue: Building a Hacking Kit with Raspberry Pi and Kali Linux. Inside you will find various articles, like “P4wnP1 – Advanced USB attacks with a low cost Raspberry Pi Zero” that’s presented by the tool’s author in our magazine. You will learn how to hack a light bulb with bluetooth, bypass emulator detection on Genymotion and more! Make sure to check them all.
As always, we want to thank all our authors, reviewers, and proofreaders - everyone who helped make this issue a reality. Our betatesters put in a lot of extra effort this month, working on tight schedules, so let us reiterate once again: we appreciate your help immensely.
Enjoy the issue,
Google, at the upstream of the OSINT
by Cyrille Aubergier
Using Google to make a public data collection can be questionable as many tools can do an automated search. Managing a query using Google is the first initial step on data collection. But also to help you refine your target definition or compare results with other tools and procedures presented in this magazine.
Building a Hacking Kit with Raspberry Pi and Kali Linux
by Thauã C. Santos, Renato B. Borbolla and Deivison P. Franco
The Raspberry Pi has some unique features that are very powerful and easily accessible for a Hacking Kit. In particular, Pi is a joke and its components cost the price of a LEGO kit. So, Raspberry being highly discreet, small, thin and easy to hide and, of course, most important, runs Kali Linux natively (without any adaptations or VMs), it is very flexible and able to run a range of hacking tools, from badge cloners to scripts to cracking Wi-Fi networks. By swapping SD cards or adding custom components of marketplaces, like Adafruit1, Raspberry can be changed to withstand any kind of situation.
P4wnP1 – Advanced USB attacks with a low cost Raspberry Pi Zero
by Marcus Mengs
Today we are used to USB: We plug in a USB mouse, it works immediately. We plug in an USB mass storage device, no matter if it is a 1GB pen drive or a 10 TB hard drive, it works immediately. We plug in a USB WiFi adapter, it works immediately.We plug in an USB webcam, it works immediately. An attacker plugs in a malicious USB device, it works immediately! So why isn’t there a mechanism to prevent an attacker from doing this? Because USB was designed with usability in mind. Most of the devices mentioned above don’t even need custom drivers, because the USB standard uses well defined classes and the needed class drivers are delivered built-in with today's operating systems. So there exists an obvious attack vector and this is what this article is about! It is an article about a framework enabling penetration testers to explore the broad attack surface of USB devices with the low budget Raspberry Pi Zero: P4wnP1
An initial guide for cracking software
by Jonathan Lima
Have you ever wondered how Crackers can create various keygens and patches to circumvent non-free software licenses? How is it possible, only with the binary file compiled, to find out how the algorithm that validates a serial key works? This is possible through reverse engineering.Therefore, this article aims to serve as a "tutorial" on reverse engineering for those just starting in the field, where we will explain basic reverse engineering procedures as well as manually "debug" a "PE" removed from CrackMe site1 (the "PE" simulates a basic activation system using a ".dat" file as key).
OSSIM - Deploying, Configuring and Administering Part 2
by Luis Borralho
This article is intended to give an overview of OSSIM AlienVault USM (Unified Security Management). This overview will have topics on how to install and deploy OSSIM Alien Vault Server, configuration of OSSIM, adding an additional sensor to it and configuring this sensor. The OSSIM is a very powerful tool; with this tool you can have information about security and vulnerabilities associated with the devices connected to your network or networks, configuring many sources like Checkpoint firewalls, Cisco products, F5 BIG IP, WebSense, Forcepoint, Squid, pfSense firewalls, and many more.
Study: Password Expectations Don’t Match Actual Policies
by Kayla Matthews
Your security. It's something you may not always think about when using the internet. After all, it's so easy to lose yourself in Twitter and Facebook, and you can keep scrolling through pages and tweets for hours. Occasionally, you may follow a link to another site. Maybe, after a while, you get bored and pull up Netflix, or you get the sudden urge to order something awesome off Amazon. The whole time you do this, your security is at risk.
Secure the Smart Grid from Cyber Attack
by Seemant Bisht
The most targeted part in Smart Grids are its Control Networks and Management Controls. Basically, Control networks are those networks of an enterprise typically connected to equipment that controls physical processes and that is time or safety critical. The control network can be subdivided into zones, and there can be multiple separate control networks within one enterprise and site. The control network connects the supervisory control level to lower-level control modules. Similarly, Management Controls are the security controls, i.e., safeguards or countermeasures, for an information system that focuses on the management of risk and the management of information security.
What you need to know about OSINT - Overview
by Varun Sharma
Penetration testing is more than just performing vulnerability analysis/testing in the domain of security assessments. Vulnerability scanning is the process that examines the security of the networking nodes, computer systems or applications, whereas penetration testing assesses the security of the whole network, giving an insight to IT administrators/managers as to the potential consequences of a real attack/security breach in their network. Penetration testing also focuses light on the security weaknesses, which are typically missed during any vulnerability scan using automated tools, like Nessus, Nexpose or QualysGuard.
Bypassing emulator detection of mobile applications on Genymotion
by Navina Asrani
Today, most of the mobile applications we perform pentesting on, we see that there are certain checks as countermeasures for mobile applications, which put a check/control on emulator usage/root detection/jailbroken devices detection etc. This article will discuss the topic of Emulator detection and how it can be bypassed! Recently, I was testing a mobile application for a client and for the first time, I encountered a mobile application that was putting a check/control on emulator usage. But as a security researcher, you always have the mindset that for every defensive measure there is always a work around to bypass it.
How To Hack A Smart Bulb Using Bluetooth
by Nitesh Malviya
We have a mobile application that can be used for interacting with the smart bulb. But we will be controlling the smart bulb using Bluetooth CSR v4.0 dongle (henceforth dongle) remotely. (CSR v4.0 dongle is the tool that can be used for interacting and communicating with the bulb). More on dongle later. In simple words, we will be controlling the bulb even though we are not the owner of it.