Information Security Bytes

What is TLS/SSL Information security plays a vital role in this ever changing world of Digitization. Of course, you won't like someone keeping an eye on you or eavesdrop and try to tamper the information while you are in an important conversation with your boss or colleague or anyone for that matter. We have seen several cases where information being manipulated by attackers using specific attacks like MITM (Man In The Middle) and lead the organization to lose confidential data. To avoid such incidents and also keeping privacy concerns in mind, SSL(Secure Socket Layer) protocol was developed in 1995 and has been highly preferred to use to avoid any chances of getting compromised. The SSL and its successor TLS(Transport Layer Security) are both sometimes referred to as SSL. These are the cryptographic protocols used with several encryption/decryption algorithms(ciphers) to provide a secure network to communicate from one device to another. The protocol is highly recommended, ...

              The post is to demonstrate the basic usage of Reconnaissance tools like Recon-ng, Netcraft etc. These are quite useful and must have tools being a pen tester. As we know that being a pen tester, its very important to gather target information as much as possible. The tools can help you collect enough useful information like, Scanning target for possible subdomains registered, IP addresses, ports numbers, geo location etc... Gathering Subdomain Information Using recon-ng application is quite easier as it has various modules. In addition to this, we can use Netcraft to collect additional information as follows: Disclaimer: The sites used here are solely for educational purpose as its a freely available site to validate Pen testing capabilities and has no intention to harm. 1. To open the application, type the command as below Execute the command as follows to invoke recon-ng application 2. Using Netcraft with Recon-...