Add content for evil twin (#6613)
* Update evil-twin@O1fY2n40yjZtJUEeoItKr.md * Update src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md * Update src/data/roadmaps/cyber-security/content/evil-twin@O1fY2n40yjZtJUEeoItKr.md --------- Co-authored-by: Kamran Ahmed <kamranahmed.se@gmail.com>pull/6513/head^2
parent
6197368133
commit
1168ac7fe7
1 changed files with 21 additions and 0 deletions
@ -0,0 +1,21 @@ |
||||
# What is Evil Twin attack |
||||
|
||||
An Evil Twin is a type of wireless network attack where an attacker sets up a rogue Wi-Fi access point that mimics a legitimate Wi-Fi network. The rogue access point has the same SSID (network name) as the legitimate network, making it difficult for users to distinguish between the two. The attacker's goal is to trick users into connecting to the rogue access point, allowing them to intercept sensitive information, inject malware, or launch other types of attacks. |
||||
|
||||
## Types of Evil Twin Attacks |
||||
|
||||
- **Captive Portal Attack:** The most common evil twin attack scenario is an attack using Captive Portals, this is a common scenario where an attacker creates a fake captive portal that mimics the legitimate network's login page. |
||||
The goal is to trick users into entering their credentials, which the attacker can then use to gain access to the network. |
||||
- **Man-in-the-Middle (MitM) Attack:** In this scenario, the attacker intercepts communication between the user's device and the legitimate network. The attacker can then inject malware, steal sensitive information, or modify data in real-time. |
||||
- **SSL Stripping Attack:** The attacker downgrades the user's connection from HTTPS to HTTP, allowing them to intercept sensitive information, such as login credentials or credit card numbers. |
||||
- **Malware Injection:** The attacker injects malware into the user's device, which can then spread to other devices on the network. |
||||
|
||||
## How Evil Twin Attacks are Carried Out |
||||
|
||||
- **Rogue Access Point:** The attacker sets up a rogue access point with the same SSID as the legitimate network. This can be done using a laptop, a portable Wi-Fi router, or even a compromised device on the network. |
||||
- **Wi-Fi Scanning:** The attacker uses specialized software to scan for nearby Wi-Fi networks and identify potential targets. |
||||
- **Network Sniffing:** The attacker uses network sniffing tools to capture and analyze network traffic, allowing them to identify vulnerabilities and intercept sensitive information. |
||||
|
||||
Visit the following resources to learn more: |
||||
|
||||
- [@website@Common tool - airgeddon](https://www.kali.org/tools/airgeddon/) |
Loading…
Reference in new issue