github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add content for evil twin (#6613)

Browse Source 
* Update evil-twin@O1fY2n40yjZtJUEeoItKr.md

* Update src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md

* Update src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md

---------

Co-authored-by: Kamran Ahmed <kamranahmed.se@gmail.com>
pull/6513/head^2
falc 2 months ago committed by GitHub
parent 6197368133
commit 1168ac7fe7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 21 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md

21
src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md
Unescape View File

@ -0,0 +1,21 @@
# What is Evil Twin attack
An Evil Twin is a type of wireless network attack where an attacker sets up a rogue Wi-Fi access point that mimics a legitimate Wi-Fi network. The rogue access point has the same SSID (network name) as the legitimate network, making it difficult for users to distinguish between the two. The attacker's goal is to trick users into connecting to the rogue access point, allowing them to intercept sensitive information, inject malware, or launch other types of attacks.
## Types of Evil Twin Attacks
- **Captive Portal Attack:** The most common evil twin attack scenario is an attack using Captive Portals, this is a common scenario where an attacker creates a fake captive portal that mimics the legitimate network's login page.
The goal is to trick users into entering their credentials, which the attacker can then use to gain access to the network.
- **Man-in-the-Middle (MitM) Attack:** In this scenario, the attacker intercepts communication between the user's device and the legitimate network. The attacker can then inject malware, steal sensitive information, or modify data in real-time.
- **SSL Stripping Attack:** The attacker downgrades the user's connection from HTTPS to HTTP, allowing them to intercept sensitive information, such as login credentials or credit card numbers.
- **Malware Injection:** The attacker injects malware into the user's device, which can then spread to other devices on the network.
## How Evil Twin Attacks are Carried Out
- **Rogue Access Point:** The attacker sets up a rogue access point with the same SSID as the legitimate network. This can be done using a laptop, a portable Wi-Fi router, or even a compromised device on the network.
- **Wi-Fi Scanning:** The attacker uses specialized software to scan for nearby Wi-Fi networks and identify potential targets.
- **Network Sniffing:** The attacker uses network sniffing tools to capture and analyze network traffic, allowing them to identify vulnerabilities and intercept sensitive information.
Visit the following resources to learn more:
- [@website@Common tool - airgeddon](https://www.kali.org/tools/airgeddon/)
Write Preview
Loading…
Cancel
Save