MidTermCyber

Throughout this year I have been studying many different ethical hacking topics and this topic seemed to be a perfect exercise that I could do at home. Demonstrating how to hack into my home Wi-Fi network is mainly just for "fun" and to cement some of these techniques into my skill set. Disclaimer: DO NOT DO THIS TO ANY NETWORK THAT IS NOT YOUR OWN. Be a white hat hacker, not black hat one. Let's quickly discuss the Wi-Fi encryption standards to see how they evolved. WEP is an encryption protocol that was a part of the original standard for 802.11. Used for protecting 802.11a and 802.11b networks, WEP uses the RC4 encryption algorithm with either a 64 bit or a 128 bit key size. In 2001 critical cryptographic vulnerabilities were brought to light that made it known how easy it would be to crack a WEP key. A hacker only needs a certain amount of network traffic to uncover the keystream that can be used to decrypt the ciphertext. It is possible to quickly hack the WEP netwo...

Phishing and Social Engineering Not to be confused with fishing, phishing is a cyber-attack. As CompTIA puts it: “You don’t need a pole, but it does involve reeling in unsuspecting victims”. This attack has many different methods of communication and can be used to seek out a plethora of personal data from an unsuspecting user. Phishing attacks can be received via a phone call, text message, or an E-mail (we will focus on E-mail in this article). Some sensitive information the attackers might be after may include passwords, bank accounts, or social security numbers. In some cases, the attacker might just have you buy several gift cards from Taco Bell to congratulate the accomplices for a job well done. (Source: https://www.comptia.org/content/articles/what-is-phishing ) So how do the attackers convince users to give up private data — by asking nicely? Not necessarily. These attackers employ social engineering techniques to convince you that giving up this piece of informat...

  eJPT Review Back Story Originally I purchased the Penetration Testing Student v4 (PTSv4) bundle from eJPT at the end of 2020 which included training materials and the test voucher. I believe at the time there was a sale going on and this was something that I always wanted to dive into. I took a few side steps between now and then and acquired two other certifications–the Cysa+ and AZ104. While studying for and taking the Cysa+, eJPT joined INE, which meant nothing to me yet.  Studying for test The PTSv4 platform had three total sections, with two of them being preliminary skills– Prerequisites and Programming . The prereqs included networking, web applications, and (an introduction) to penetration testing. To be honest I lightly skimmed through the study materials for each of these sections. The PowerPoint format for the study guides was not my favorite format. I did, however, watch each video and complete the labs. I would highly suggest doing these for the prerequisites a...