Cryptography and some tool and techniques for hiding information

 In computer science, cryptography is a method of hiding information in storage and during communication so that only authorized people can access that information. Cryptography contains a lot of cryptology methods for securing communication and information like hiding text or messages behind images, Asymmetric encryption (public key cryptography) for securing Networks. In this article, we are going to discuss some common and popular cryptography tools and techniques.

Steganography is a method of hiding information, messages, or files behind an image especially from the people who could snoop on our messages. A picture file contains some unused space in it and that space can be used for storing messages or some information in it. The good part is, a snooper would have no idea that the picture has some hidden information in it.

Recommend tool: You can use LSB-Steganography for hiding files into an image which is an open-source software program for steganography.

Rot13 or Rotated by 13 is a simple cryptography system where the first letter of a word gets replaced with the 13 letters down the alphabet as there are 26 letters alphabet so the algorithm that encodes the message also decodes it. We can also use Rot12, Rot14, and a lot of other Rot ciphers.

Recommend tool: There are lots of sites that provide Rot13 encode and decode service which you can use I would recommend using Rot13.com to use.

Secure shell provides secure communication by securing a network. It is a cryptographic network protocol so that you can secure your communication over an insecure connection. The most common use of this protocol is in remote login services where the connection is encrypted with a secure shell so that no third party can snoop on the password in that network. Secure shell is also used for secure file transfer which Secure File Transfer Protocol (SFTP). SFTP is a subsystem of a secure shell for handling file transfer, some advantage of SFTP is it encrypts username as well as password and the file which is being transferred over that network.

Recommend Tool: There are a lot of applications for secure shell but I will provide IronSFTP which is an open-source program for Secure end-to-end encrypted file sharing over a secure shell.

Author: Shaquib Izhar, Cyber Security Researcher, and Ethical hacking Trainer.

Resourse By:- https://jntechnetworks.com/cryptography-and-some-tool-and-techniques-for-hiding-information/

For More Details :-

Contact Us :- 7042628560

Phishing Attack With Social Engineering Techniques

 

This is how easy to phish someone with good Social engineering Techniques

It’s been a while since I posted my last post. So I decided to do a quick write-up on social engineering attacks. I will show how easy it is to phish someone using a Good social engineering attack. I will try to make this post-noob-friendly to prove that how easy it is for anyone with good social engineering skills but with little to zero technical knowledge can phish a user. Even though I am not an expert at soc engineering I was able to take down some accounts.

Attack scenario

This time I decide to attack random people, this was to see how difficult or easy it to phish some random people.

Preparing the Attack

First I need to make a fake Facebook profile and it’s better to not use those type of profile which could be easily reverse search like some celebrity photo etc, so I used “thispersondoesnotexist.com” which generate fake person pic using AI techniques every time you refresh the page, so it would be good the choice for making this type of fake profiles. As shown below I decided to choose the below pic which looks easy to convince people.

I updated the profile pic. 

Pic 1: Create a profile

Then I sent a friend request to some girl’s profile, this can make it easy to lure the target if a girl’s profile has more female friends than any male that will look more legit.

Pic 2: Sent Friend Request

Then I got some requests from some male profiles and also got comments on my profile pic.

Pic 3: Comments Over profile Pic

I decided to wait so that one of them start conversion with me and after some time I got a message from both of them.

Pic 4: Getting Messages

I did some usual chat with both of them for some time, I did not reply immediately to their message when I was AFK. After some long conversation, when they will get comfortable with the fake person, I will ask them to do a favor

Pic 5: More Messages Building Trust

Preparing The Attack

This time I decided to use automation for this phishing attack, this can save some time also. For the attack, I am going to use socialphish this comes with some phishing templates and also with ngrok as my current target isn’t techie this time this is a good choice for tunneling.

“I installed it”

Pic 6: Preparing Attack

And after running it gave me choices of what type of template I want to use.

Pic 7: Option in the tool

I chose the first template FbRobotCaptcha on visiting this page will ask to prove if the person is not some bot which looks like as shown below.

Pic 8: Choose Selection 1

Visiting the page will show something like this

Pic 9: Verification Image

Now when the user will choose login with FB it will get redirected to the Facebook login page as shown below

Pic 10: Login page

Now on after submitting the password, the user will be redirected to the URL shown below

Pic 11: Error 404

Now the server is up and it’s time to send the link

Pic 12: Attack Prepared

Sending The link

The first target seems to get offended by asking about his career so I move on to the second target and ask him to do me a favor

Pic 13: Got a message from Victim

Then I told him how to sign up for this petition and then sent the short link.

Pic 14: Another Message

Pic 15

Now I waited for him to make the login attempt and after some minutes I got the credentials.

Pic 16

Final words

Above article proof that doesn’t believe everything you see online second never open any link without complete verification by scanning on virustotal or urlscan.io which is send by some stranger.

Source By :- https://jntechnetworks.com/phishing-attack-with-social-engineering-techniques/