Professional Documents
Culture Documents
CSE + CSF
Semester: IV
Name: Nishtha Sharma
Course Name: IT Data Security
UNIVERSITY OF PETROLEUM AND ENERGY STUDIES
Assignment-1
Task:
6 – Aircrack-ng
Aircrack is your go-to tool for wifi hacking—still one of the most vulnerable
aspects of most commercial networks. Weak wireless encryption protocols are
easily shattered by Aircrack’s WEP and WPA attacks. Sophisticated
deauthentication and fake access point attacks allow you to probe your security
aggressively. Packet sniffing capabilities allow you to simply snoop and keep an
eye on traffic even without making overt attacks. No wireless network security
staff should be without a copy of Aircrack-ng.
7 – Snort
Snort provides network intrusion detection that performs real-time traffic analysis
and packet logging on your network. Using rulesets that are updated daily, Snort
matches patterns against known attack signatures and alerts you to potential
assaults. The system can be configured to trigger even on less openly nefarious
activity, such as Nmap stealth port scans or operating system fingerprinting
attempts.
8 – John the Ripper
John the Ripper is a fast password cracker with a lot of features that make it a
breeze for slashing through your password files. It auto detects hash types to take
the guesswork out of the attack and supports several popular encryption formats
including DES, MD5, and Blowfish. It hits Unix, Kerberos, and Windows
LanManager passwords equally hard using either dictionary or brute force attacks.
If you haven’t checked your password hashes against John yet, you can be sure that
some hacker out there will do it for you soon.
John the Ripper password cracker. John the Ripper is a fast password cracker,
currently available for many flavors of Unix, Windows, DOS, BeOS, and
OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect
weak Unix passwords.
9 – OWASP ZAP
OWASP ZAP (short for Zed Attack Proxy) is an open-source web application
security scanner. It is intended to be used by both those new to application security
as well as professional penetration testers.
It is one of the most active OWASP projects[ and has been given Flagship status.[3]
When used as a proxy server it allows the user to manipulate all of the traffic that
passes through it, including traffic using https.
It can also run in a daemon mode which is then controlled via a REST API.
10 –Kismet
Kismet is a network detector, packet sniffer, and intrusion detection system for
802.11 wireless LANs. Kismet will work with any wireless card which supports
raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n
traffic. The program runs under Linux, FreeBSD, NetBSD, OpenBSD, and Mac
OS X. The client can also run on Microsoft Windows, although, aside from
external drones (see below), there's only one supported wireless hardware available
as packet source.
Distributed under the GNU General Public License,[2] Kismet is free software.