Career Technology Cyber Security INDIA

DNSMAPS: KALI LINUX TOOLS   SUMMARY: DNSmap [Domain Name System] is a kali Linux tool. it maps domain names like example.com to IP addresses like 93.184.216.34. This allows computers and network devices to communicate with each other using IP addresses, which are unique numbers that are hard for humans to remember. DNSMAP, as the name suggests, is DNS Network Mapper, which is used for multiple purposes. WHAT IS DNSMAPS? DNSMAP is an passive Network Mapper, often called a sub domain brute force tool. This tool is mainly used by penetration testers and hackers for DNS and sub domain information gathering. This is the process of assigning IP addresses to domains, which allows users to access websites and other services using human-readable domain names. HOW IT WORKS: A DNS resolver finds the correct IP address for a hostname. When a user requests a DNS record, their web browser checks its cache first. If the record is not in the cache, the browser sends a query to a DNS resolver, whic...

DNS REBIND: A KALI LINUX TOOL what is DNS rebind? DNS rebinding is a cyberattack that uses the Domain Name System (DNS) to trick a victim's browser into running a malicious script that attacks devices on the victim's private network. In a DNS rebinding attack, hackers trick the victim’s browser into running a client-side script that attacks machines on the victim’s private network that are not exposed to the public internet. These attacks also establish communication between the attacker’s server and a web application on the victim’s network, typically for running malware or facilitating other malicious acts. how does it work:  1. A malicious website pretends that IP addresses reserved for local networks are part of their domain.  2. The victim's browser runs a client-side script that attacks machines on the victim's private network.  3. The attacker's server establishes communication with a web application on the victim's network.  4. The attacker can then run ...

                       DNSCHEF IN KALI LINUX  WHAT IS DNSCHEF IN KALI LINUX? DNSChef is a DNS proxy tool in Kali Linux that can be used for network security testing. It's also known as "Fake DNS". DNSChef is a versatile DNS proxy designed for penetration testers and malware analysts. It is used to intercept and process DNS traffic. It allows various network security operations, such as redirecting traffic to a specific IP address or capturing DNS queries for analysis. WHAT DOES DNSCHEF DO? DNS Chef is a tool that helps manage DNS configurations. DNS stands for Domain Name System, which translates domain names into IP addresses HOW DOES DNSCHEF WORK? dnschef can help spoof domain and url for example; dnschef spoofing attack where DNS servers cache to redirect traffic to malicious server.   a simple DNS spoofing attack using the following command:  for example                ...

 Install and Use ADB Tool in Kali Linux What is ADB? ADB is part of the Android SDK Platform Tools and acts as a bridge between your computer and an Android device. It allows you to: Install and debug applications. Access the Android file system. Execute shell commands on the device. Perform port forwarding for network-related tasks. For ethical hackers and pentesters, ADB is particularly useful for application testing and network traffic analysis. Step 1: Installation  a. Type the command to ensure your system is upto date- sudo apt update && sudo apt upgrade -y b. Install ADB using your package manager: sudo apt-get install adb   or  apt-get install adb (inroot access)   c. Verify the Installation After installation, check the ADB version to confirm it’s installed correctly: adb version  Step 2: Install Genymotion If you haven’t installed Genymotion yet, follow these s...

 Simplified with MobSF, JADX GUI, APKTool GUI, OnlineAPK Decompiler, and AndroChef In today’s fast-paced mobile app development environment, security testing is a crucial step that developers must prioritize. One of the most efficient ways to conduct security testing on Android apps is through APK pentesting . Traditionally, this process required extensive technical knowledge and command-line tools. However, with the emergence of drag-and-drop tools, this process has become much more accessible, allowing even non-technical users to perform thorough testing of APK files. In this blog post, we'll explore how you can use MobSF , JADX GUI , APKTool GUI , OnlineAPK Decompiler , and AndroChef for live drag-and-drop APK testing. 1. MobSF: Automated Security Testing with a GUI   Installation : Download MobSF from its official GitHub repository . Set it up by following the detailed instructions on the GitHub page. Testing with Drag-and-Drop :  You will find a link for liv...

 How to Decompile and Recompile APKs for Penetration Testing When conducting penetration testing on Android applications, understanding the internals of an APK file is essential. This blog covers the process of decompiling and recompiling APK files using APKTool , a powerful tool for reverse engineering Android apps. By the end, you'll be equipped to modify APKs, analyze vulnerabilities, and recompile apps for testing. What is APKTool? APKTool is an open-source tool designed for decoding and rebuilding Android APK files. It enables testers to- Access app resources like XML files, images, and strings Modify the app logic in smali code Rebuild APKs after making changes Perform deeper analysis of app behaviors    Prerequisites 1. Java Development Kit (JDK) installed on your system.   java -version    2. An APK file you want to analyze.  3. Update the files in Linux by the command: sudo apt update Step 1: Decompiling an APK Decompiling allows you to...