how to hack a wifi password using kali linux


Frequently asked question online, how to hack a wifi password! Most people will probably answer by referring you to funny phone apps lol. I’m not gonna do that, instead, I’ll share with you a better and more efficient way of pulling off this hack; How to hack a wifi password and get connected using Kali Linux.


Plus this method is a bonus since it exposes you a little to the hack hood.


I didn’t want to give you, my audience what you can easily find elsewhere on the net, so I went to work and manipulated some commands using Kali.


I’m sure you’re quite familiar with and already installed Kali Linux, if not, you’re in luck because I’ve pretty much covered it here.


The purpose of this particular attack is to capture as many traffic as we can get using airodump-ng. Each data packet has an associated 3-byte Initialization Vector called IV’s.

The goal after the hack is initiated is to obtain as many encrypted IV’s as possible, then use aircrack-ng on the captured file to reveal the password.


Don’t know much about hacking? Worry not bro/sis, because we’re gonna do it together.




Get your computer.



STEP 1


The very first thing we’ll need to do is to verify the router configuration. Normally we wouldn’t have this option in a real penetration test, but we got some flexibility since we’re operating in a home lab.


For the purpose of this tutorial, the passphrase Cisco123 is used in the lab access point to secure the wireless network with WPA2-PSK.


Use any wireless router to set up your wireless lab.

Setup an old router, log in and set it up as WEP, so wireless security can use it as a test router.

Connect your phone or any other device to its wireless. This is so to capture the encrypted data between the two.

STEP 2


The iwconfig command will show all wireless cards in any system. We'll use a RealTek wireless card(this is a Linux plug and play wireless card).


The operating system will recognize a wireless interface called Wlan0

how to hack a wifi password using kali linux




STEP 3


The next step we’ll make is to enable the wireless interface. This is done using the ifconfig wlan0 up command.

how to hack a wifi password using kali linux



STEP 4


Now, you need to know the specific wireless network your wireless card sees. So carry out the iwlist wlan0 scanning command.

how to hack a wifi password using kali linux

This command instructs the wireless card to reveal all wireless networks in your area.
You’ll clearly see in the below image that it found my target network; wireless lab.


It found also the MAC address of my access point; 0E:18:1A:36:D6:22. It’s important you note yours’s because you’d want to limit your attack to a specific access point to ensure you’re not breaking into anyone’s password(Illegal bruh).



Also, note the fact that the AP is transmitting on channel 36. This is important because it allows you to know what wireless channel you’ll want your wireless card to capture traffic from.

how to hack a wifi password using kali linux



STEP 5


Change the wireless card to monitoring mode. This allows the wireless card to check all the packets available.


You can do this by creating a monitor interface using airmon-ng. Issue this command to verify that airmon-ng sees your wireless card.


Create the monitor interface by writing the command; airmon-ng start wlan0

how to hack a wifi password using kali linux



Run the ifconfig command to verify that the monitor interface has been created.

how to hack a wifi password using kali linux



Now verify that the mono interface has been created.

how to hack a wifi password using kali linux


STEP 6


Use the airodump-ng to capture the WPA2 handshake. Airodump-ng will show a valid handshake when it captures it. This will be shown in the upper right-hand corner of your computer screen.


You’ll have to manually connect to the wireless to force a handshake. I’ll soon write an article describing how to force a reauthorization, making a device automatically disconnect and reconnect with no need for a manual intervention.


Use the command in this format; airodump-ng mon0 --bssid 20:aa:4b:1f:b0:10 =used to capture packets from your AP

--channel 6 =limits channel hopping

--write BreakingWPA2 =the name of the file you wish to save to


Airodump-ng mon0 --bssid 0E:18:1A:36:D6:22 --channel 36 --write breakingWPA2


NOTE: MAKE SURE YOU LIVE NO SPACE BETWEEN “_ _”




To successfully capture the handshake, you’re gonna monitor a legitimate client to authenticate to the network.


To fix the hassle of having to wait for a client to legitimately authenticate. I’m gonna show you to force a client to re-authenticate.


Look out for the WPA Handshake Command, this tells you that you just captured a valid handshake.




STEP 7


Now, we’re gonna use aircrack-ng together with the dictionary file to crack the password.
Our chances of breaking into the password are largely dependent on the password file.


The command is; aircrack-ng “title of the cap file you created and stored” –W “title of your dictionary file”




The BreakingWPA2-01.cap file was created when we ran the airodump-ng command. The valid WPA2 captured airodump handshake is saved in the BreakingWPA2-01.cap file


Backtrack 5 comes with a basic dictionary, darkc0de.lst. This is a popular worldlist that ships with BackTrack5. We used our password Cisco123 in this file to make the test run smoother. Many hackers use large dictionaries which increases their chances of cracking passwords. Lots of dictionaries contain passwords from real users and websites that was cracked and posted on the web.


You can download the darkc0de.Ist here since Kali Linux does not come with it preinstalled.

If the password is found in the dictionary file, rest assured that aircrack-ng will crack it and you'll be able to connect.

how to hack a wifi password using kali linux


SUCCESS!


Whew, just got that out of the way.

Now, let's hope my hack also works for you. If it doesn't, hit me up. We'll figure it out together.

how to hack a wifi password using kali linux


Learning how to hack a wifi password using Kali linux is only complicated when you try to use someone else's hacking technique.

My job is to turn you into a real hacker, that way you can also manipulate your own hacks.

Don't forget to join me on Facebook.

Just like most people of similar profession, we all love to talk to other hackers using hacker terms and hacker words, because it gives a sense of belonging.

you're probably reading this either because you find it tough to know most of the hacker terms, or you just wanna see if you'll add extra sauce to your knowledge bank. Whichever one it is, you've come to the right place.

Article on the various hacker terms and words



NOTE: To begin, you first need to know that the list I've compiled below isn't nearly all there is, but a fraction. 



Let's go!!


Acronyms on hacker terms and words

    Let's look at some of the most used acronyms;

    • R.A.T:-> Remote Administration Tool

    • DrDOS:-> Distributed Reflected Denial of Service Attack.


    • VPS:-> Virtual Private Server


    • SE:-> Social Engineering


    • HTTP:-> Hyper Text Transfer Protocol. The foundation of data communication for the World Wide Web.


    • SSH:-> Secure Shell, used to connect to Virtual Private Servers.


    • FTP:-> File Transfer Protocol. Used for transferring files over an FTP server.


    • XSS (CSS):-> Cross Site Scripting


    • CSS:-> Cascading style sheet


    • Malware:-> Malicious Software


    • Skid:-> Script Kid/Script Kiddie


    • DDOS:-> Distributed Denial of Service

    • IP:-> Internet protocol address. Sometimes called a Computer's fingerprint, the IP is used to track the location of a device.


    • VPN:-> Virtual Private Network


    • Nix:-> An operating system based on Unix. This is usually mentioned when referring to DOS'ing.


    • SQL:-> Structured Query Language.


    • FUD :-> Fully Undetectable

    The above terms are super important, however, knowing them without actually knowing stuff on the basics of hacking won't be of much help.


    Meaning of some Hacker terms and Words

    Frequently used words in the field of hacking and their meanings.

    Article on the various hacker terms and words


    • FUD :-> Fully undetectable. Can be used in many terms. Usually in combination with crypters, or when used to infect someone.


    • LOIC/HOIC:-> Tool(s) used by many anonymous members to conduct DDoS attacks. The only people that use these are kiddies that think it will be effective. LOIC and HOIC are largely scams riddled with malware. I won’t recommend anyone to use these under any circumstances.

    • DrDoS:-> Using a list of reflection servers or other methods such as DNS to spoof an attack to look like it's coming from multiple ips. Amplification of power in the attack could occur.

    • Spoofing:-> Tampering a genuine email so it appears like coming from a trusted source.



    • Botnet:-> A Computer infected by Trojans or worms, and taken over by a hacker or hackers to get into networks in order to send spam, create more viruses, or launch denial of service attacks.

    • Trojan:-> A Trojan is a type of malware that masquerades as a legitimate file or helpful program with the ultimate purpose of granting a hacker unauthorized access to a computer.

    • SQL:-> It usually goes along with a word after it, such as "SQL Injection." This is the language used to manipulate data from a relational database. You can programmatically interact and modify the data stored there. That is; adding new data, deletion, edit, and to retrieve data in a specified format.


    • SQL Injection:-> An SQL injection is a method often used to hack SQL databases via a website, and gain admin control of the site. This is an attempt to feed an SQL statement into a program in such a way that it’ll be executed by the database application, instead of stored as data.


    • Root:-> Highest permission level on a nix box, being able to modify anything on the system without restriction.


    • System:-> The highest permission on a Windows box.


    • Warez:-> Software piracy


    • White Hat:-> Also referred to as ‘ethical hacking’. This is a computer security professional, who specializes mainly in penetration testing to ensure there’s no vulnerability in an organization’s security system. (The good guy, per say). You can refer to our friend Wikipedia for more info.

    • Black Hat:-> A hacker whose hacking actions are illegal(Bad guy, per se).

    • Grey hat:-> A person who hacks, but not necessarily for personal or financial gain. An example would be a hack done by hackers as part of a protest to bring down an organisation whose policies contradict their belief.


    • Rootkit (ring3 ring0):-> This a list of malicious computer software designed to trigger access to a computer, or parts of its software that isn’t allowed. It often masks its existence.

    Ring3 - Can be removed easily without booting in safe mode.

    Ring0 - Hard to eradicate and very rare in the wild. It's so hard to remove certain ring0 rootkits without safe mode.



    • Script Kiddie:-> ‘Script kid’, or ‘Skid’ is a term used in describing guys who use scripts created by others to hack computer systems. Usually used as a form of insult, meaning; they know nothing about hacking.


    • IP Grabber:-> A link that grabs someone's IP when they visit it.


    • DDoS:-> Distributed denial of service. Flooding someone’s connection with packets. Web-hosted shells or servers can send packets to any connection on a website, usually from a booter.


    • VPS:-> A Virtual private server. The term is used to highlight that the virtual machine, is in many aspects, practically equivalent to a separate physical computer. This is dedicated to personal customer needs, as it has the privacy capability of a separate physical computer, and can be modified to run server software.


    • Malware:-> This is what I call “The breaker”. A software basically designed to do all kinds of black hat stuff, like running DDOS attacks, stealing identity information and soliciting money from the slave.



    • Phreak:-> Phone Freaks. Hackers who hack cell phones for free calling. Free Long distance calling. Etc.



    • Bot:-> A malware used to connect a computer to an attacker, usually using the HTTP or IRC protocal to wait for malicious instructions.



    • Shell:-> This is a hacked web server, often with DOS script uploaded in it to conduct DDOS attacks from a booter.


    • ANSI Bomb:-> ANSI.SYS key-remapping commands consisting of cryptic-looking text. It is a type of virus that tends to reprogram keys, triggering them to display unwanted graphics by using character sequencing.


    • DOX:-> Personal information about someone on the Internet usually contains the real name, address, phone number, SSN, credit card number, etc.



    • Worm:-> Software designed to spread malware without the need for a human interaction.


    • Phishing:-> This means duping people into giving you their personal information, such as; login details, credit card details etc.



    • Deface:-> A website deface is a type of attack on a website, that changes the overall look of the site or a certain page on the site.



    • Keylogger:-> A program that records all keystrokes on a computer's keyboard. Often used as a surveillance tool or as a spyware.

    • Spyware:-> Malware programmed to stay unnoticed in a system and collect data for the hacker.



    • Remote Administration Tool:-> A general hacking term for a hack that lets someone remotely control any of your computer with admin access.





    That's all for now, be sure to check back for more on the hacker terms/hacker words.
    Article on the various hacker terms and words

    Join me on facebook to stay updated on latest hacks

    YEAH!


    Do well to contribute in the comment section if there's any you know I missed.

    You can equally ask any question on any that confuse you.

    Keep strong hacker!




    HACKER NEWS | HACK OF US NAVY CONTRACTOR



    China supposedly exfiltrated classified data pertaining to the US Navy projects after a successful cyber-attack on an unnamed Navy contractor caused the loss of 614 gigabytes of cryptographic information, sensor data, the exposure of a classified project known as Sea Dragon, and submarine electronic warfare.


    The said contractor assumed to work for the Naval Undersea Warfare Center, allegedly collected and stored the information on an unclassified network.


    The Sea Dragon scheme seems to be a Pentagon project aimed at causing disruptive offensive capability by combining an already existing weapon system with an existing Navy platform.


    All the trove of data supposedly also contains information about a supersonic anti-ship missile that’s expected to be fixed onto US submarines by 2020, escalating the tactical military value of the theft.


    Officials have predicted that the Chinese government was responsible for the attack, as this kind of military intelligence is exactly what China requires to bridge the technology gap between the United States’ navy and it’s Navy.


    “So anything that demeans our comparative benefit in undersea warfare is of severe significance if we ever had to carry out our war plans for dealing with China,” said James Stavridis, the dean, Fletcher School of Law and Diplomacy at Tufts University.


    While this is one of many times the US has blamed China for breaches on government contractors resulting in the loss of sensitive military research and information, this event has been credited to the Chinese Ministry of State Security, a civilian agency tasked with counterintelligence.



    “We treat the larger subject of cyber-intrusion against our contractors very seriously,” said Cmdr. Bill Speaks, a Navy spokesman. “If such an interference were to occur, the suitable parties would be looking at the exact incident, taking actions to protect current information, and mitigating the impacts that might result from any data that might have been compromised.”
    If you’re a beginner and you have interest in learning the basics of hacking, what hacking is all about, and how to go about surfing anonymously.

    You’ve come to the right place.

    basic hacking for beginners


    I'm gonna break it down in the below contents


    1. About hacking
    2. How hacking started
    3. Types of hackers
    4. Hacker terms
    5. Choosing which to become
    6. How to stay anonymous
    7. Protecting yourself


    Disclaimer: this post contains affiliate links.


     What is hacking?

    In computer networking, ‘hacking’ refers to any technical attempt to influence the standard behaviour of any network connection and connected systems.  

    A hacker is any person engaged in hacking practices. The term ‘hacking’ traditionally means any intelligent, constructive, technical work that was not essentially related to computer systems.

    Today, however, hacking is often related to malicious programming attacks on the Internet and security networks.


    How and where did hacking originate?


    M.I.T. Engineers in the 1950s to 1960s first popularized the word and concept of hacking. Begining at the model train club, then in the mainframe computer rooms, the ‘hacks’ pulled off by these hackers were meant to be harmless tech experiments and cool educational activities.

    In later years, outside of M.I.T., others began applying the term to less principled pursuits. Before the Internet boomed, for example, several hackers in the U.S. and beyond experimented with methods to alter telephones for making free long-distance calls over the phone network illegally.

    As internet and Computers exploded in popularity and status, data systems became by far the most likely common target for hackers.

    What are the types of hackers?

    basic hacking for beginners


    To efficiently describe hacking, you need to first understand the concept “hackers”. 

    One can easily presume them to be highly intelligent and skilled in computers. In reality, breaking a security system needs more intelligence and proficiency than actually creating one.

    Lots of people desire to be hackers these days. Most of them neither know where to start nor the type of hacker they wish to be. If you’re among those guys, I say howdy sir. It does us lot of good to have some extra stuff in our knowledge bank.

    So now, let’s start with the basics of hacking for beginners, by grasping and understanding the different types of hackers. Although there are mainly 3 types of hackers, I have decided to add some extra juice.

    Read em up!



    Black Hat Hackers(BHH)

    This category of hackers is widely known as "crackers". The hackers in this subcategory are always tempted to gain privileges of someone’s system without proper authorization or permission.

    Usually, these people work individually for their own gain. In some scenarios though, some might decide to form a team, only so they can be deadlier, and their impact causes trouble to a greater extent.

    Their activities often include D-DOS attacks on websites, Identity theft, Vandalism, Site Defacing, and so much more.

    You’ll get to know more on these terms in the following tutorials.



    White Hat Hackers(WHH)

    In contradiction to Black hat hackers, this category of hackers are life-saving angels to many individuals and organisations. They are also referred to as "Ethical Hackers". In fact, Ethical Hacking is considered a career in today's world for many.

    To be an approved WHH, you first need to be certified. Though most WHH doesn’t really care about certification. That is because they already know they’re great in what they do.

    To be more specific about what White hat hackers do; they perform security tests on different systems with proper authorization which would, of course, be definitely illegal if, in any way, the hands of a Blackhat hacker gets involved.

    Grey Hat Hackers(GHH)

    As you can probably picture, these are those categories of hackers hacking for both good and bad.

    According to some definitions of a grey hat hacker, when he or she finds out vulnerabilities, they wouldn’t tell the vendor ways to exploit it. Rather, he or she will demand to be paid some fees to fix the problem.

    However, such practice tends to decline with time due to the willingness of organizations to prosecute.

    Another interesting definition of grey hat maintains that GHH perhaps only violate the law in an attempt to improve security.

    GHHs usually do both black hacking for their malicious intentions, as well as white hacking with good intentions. They help but have potential to harm. The majority of Hackers fall into this subcategory.


    Which One Should I Become?



    If you ask me, I’d definitely advise against BHH. But you don't have to listen to me. What you need to know though, it’s always better to know what you are getting into. Hackers sometimes get caught and prosecuted according to the law.

    Your best bet is to keep on learning until you gain some good knowledge, and know how to remove all traces of your hack.

    There are different potential traces (like logs of the system you hacked, your information that got captured by the hacked system etc) that may lead an expert to pinpoint the handcuffs on your hands.
    The different methods to remove the traces of the hacks will b lectured in the following tutorials.


    You might wanna check out how to hack a website

    Other types of Hackers


    “Wait a sec bruh! I thought you said there are only 3 types of hackers"

    Recall I said I’m gonna add a little juice. Well, you now know that there are only 3 types of hackers. But what you might not know is the different subcategories for these types.

    Let’s break it down!

    Ø  Elite Hacker - A rank meant to describe only the most skilled/ reputed hackers.

    Ø  Script Kiddie - Lower rank than the first. This designates someone that tends to use tools made by others to perform stuff.

    Ø  Neophyte - A much lower rank that describes a newbie to the world of hacking, and only got very little knowledge on the matter

    Ø  Green Hat Hackers - As the name implies, they love green. They hack only for money. That’s all. They bother not with the consequences of their actions.

    Do we really need all these labels?

    It has always been the norm to label stuff just because it sounds cool. But in some cases, it never truly applies and is very limiting.

    A single person can have several goals, each contradicting each other because us Humans are diverse in character. A befitting example I got from someone on Reddit was; 
    If someone works as a certified Ethical Hacker and does pentesting for a consulting firm, but then at night he/she writes banking Malware. What is he/she?

    In this context, you'll see that such person won't really fit in any of those above-mentioned types of hackers.

    To answer the question, NO!. Just be you.


    Hacker terms

    It's all fun and professional to converse with other hackers either online or in person with specific words only hackers understand.

    Sadly most people tend to get lost while trying to spin their head around the so many hacking terms.

    I got an email from someone who's willing to learn, so I decided to make a list of some of em here.

    Hacking vs. Cracking

    Hacking truly applies only to actions having good intentions, while malicious attacks on PC/Computer networks and servers are known as cracking.

    Most people fail to make this distinction. I don’t think it’s anyone’s fault though, because outside of academia, it’s so regular and common to hear the word "hack" misused and applied to crack.



    To skyrocket your dream as a hacker, here are books on both grey hat and ethical hacking specially written for both beginners and mediocre hackers I've found to be very helpful.



    OK! how am I gonna be anonymous while hacking?

    how to stay anonymous while hacking


    If you’re planning to be a hacker(not minding the type you choose), then you should be really worried about your anonymity. What should concern you the most gotta be "How to stay Anonymous?".

    I’ve compiled a list of some methods to stay anonymous when either surfing the internet or performing some hacks.


    Note these literally are basic anonymity techniques, and cannot guarantee 100% anonymity. The more advanced techniques will be brought to terms in upcoming tutorials.



    A. VPN

    basic hacking for beginners

    VPN stands for the acronym, Virtual Private Network. From my point of view, below are some facts that justify its need:

    1) Counterfeit the ISP's packet detection measures

    This maintains your anonymity by making sure your ISP does not prioritize, inspect and throttle the data going in and out of your system.

    2) Keep your IP address anonymous

    Prevents the locations your packets are traversing from identifying your connection information details and location.

    3) Hides your online activities from third parties. Cool right?

    As a VPN supplies a secure tunnel in making a connection to the outside world, it keeps the third parties away from finding your online activities.

    4) Not forgetting prevention of location identification and Geotargeting.


    No need to go into this. Yeah! The title says it all.

    Now to help you kickoff, below are some FREE VPN's that are available.

    However, you should note that free VPNs are only for newbies, as it does not guarantee full anonymity.

    1.       Cyberghost (Good for Germany)

    2.       USA IP 

    3.       Free VPN 

    4.       VPN Tool (good for US)

    5.       SecurityKIS 

    6.       Hotspot Shield

    7.       ProXPN 

    8.       Open VPN

    9.       Tor VPN

    10.   Its Hidden



    B. Proxies


    Proxies are some less secure alternative for VPN's. Proxies, however, do the same job as VPN's, as it hides your IP when surfing the internet.

    Different types of proxies exist, ranging from a list of less anonymous to high anonymous proxies. One thing you gotta keep in mind is that proxies will not last forever.

    The available proxy address tends to change from time to time (which is great for staying anonymous).

    Below are some of the Proxy sites that you can use as a starting leveller.

    1.       Proxify

    2.       Hidemyass

    3.       Hidefromyou

    4.      Proxy6

    5.       Httpsurf

    6.      Safersurfing

    7.       Unblocked

    8.       Proxeasy

    9.       Newipnow



    C. Virtual Machines


    I highly recommend using a virtual machine while doing your stuff. It is perhaps, the best way of testing your exploits without the pain of purchasing a new computer.

    This is heaven for White hat hackers because you can use a Virtual machine to test the servers(Remote Administration Tools) without the fear of a breach of your actual working environments.

    Below are some of the Popular VM's that you can use.

    1.       VMLite

    2.       VMWare

    3.       Virtual Box



    D. Be Easy With Your DOX Info


    A common mistake beginners make is to use real-life nicknames, email address, country etc on their slaves. I don’t suggest you do that unless you feel that much confidence.

    As you are reading this now bruh/sis, I am pretty sure you’re gonna take my word. Don’t be too overconfident just yet. Don't put any kind of information after you’re done.

    There’s a site for Fake Name Generation - Fakenamegenerator which helps you generate some fake profiles. You can get random profiles with lots and lot of information from this site.


    Protecting yourself

    basic hacking for beginners




    If you’re working in a Linux system, do not attempt to work as a root user, especially when trying with new stuff. Else you may compromise your entire system.


    You might wanna check out how to install Kali Linux(The hacker's OS)


    You can, however, switch to your root user when you know what you’re doing. But beware of the fact that, even if you choose to run the application as a non-root user, the trojan can still work and get the user files/keyloggers etc.

    So in my personal opinion, never download untrusted contents especially from small sites, IRC, IM, torrents, warez etc.

    Pheew! hope I’m not boring you -). Don’t live yet man.

    Now, it is of great importance that you know some of the hacking techniques commonly used to get your personal information in an unauthorized way.

    10. Keylogger

    A keylogger is a simple tool that records the key sequence and strokes from your keyboard into your machine’s log file. These log files might in some cases contain your personal email IDs and passwords.

    Keyloggers are perhaps the sole reason online banking websites tend to give you an option to use their virtual keyboards.

    9. Denial of Service (DOS\DDOS)

    A Denial of Service is mostly used on websites. The attack is a hacking technique to bring down a site or server by bombarding that site or server with very high traffic that the server is incapable to process all the requests in real time and finally crashes.

    For DDOS attacks, most hackers make use of botnets or zombie computers which its only work is to overflow your system with request packets.

    8. Waterhole attacks

    Are you a big fan of National Geographic channels? If yes, then you should relate easily to the waterhole attacks. To attack a place, in this scenario, the hacker hits the most reachable physical point of the victim.

    Example, if the source of a river is attacked and poisoned, it’ll really hit the entire stretch of animals during summer.

    In the exact same way, hackers often aim at the most accessed physical location to attack the victim. This could be a restaurant, game shop etc.

    Once a black hat hacker spies on you and is aware of your schedule, he might create a fake Wi-Fi access point and alter your most viewed website and redirect them to you to get your personal information.

    7. Fake WAP

    Maybe just for fun, not necessarily targeting you. A hacker might just create a fake wireless access point.

    This WAP will connect to the official public place WAP. Immediately you connect to the fake WAP, a hacker can access your data. Somehow like in the above case.

    6. Eavesdropping (Passive Attacks)

    Unlike the above attacks which are pretty active. Using a passive attack, a hacker monitors your computer systems and networks to gain some unwanted information.

    The motive behind eavesdropping, however, is not to harm the system, but to get some information without being identified.

    5. Phishing

    In this type, the hacker duplicates the most accessed sites and traps the victim by sending a spoofed link.

    Once the victim tries to log in to his account and enters some data, boom! the hacker gets all the private information of the victim using the trojan running on the fake site.

    4. Virus, Trojan etc

    Virus or trojans are malicious software programs which are installed into the victim’s computer system and keeps sending the victim’s data to the hacker.

    3. ClickJacking Attacks

    ClickJacking is known as UI Redress to some. In this type of hack, the hacker hides the authentic UI the victim is supposed to click.

    In other words, the hacker usurps the clicks that aren’t meant for that exact page, but for a different page where the hacker desires you to be.

    2. Cookie theft

    The cookies in a browser keep our personal data such as username, passwords and browsing history for different websites that we access.

    Once the hacker gets access to your cookie, he can do plenty things as you. To the extent of authenticating himself as you on any browser.

    1. Bait and switch

    Using this type of hacking technique, the hacker runs a malicious program which the user think is authentic.

    This way, when installation is complete, the hacker gets unprivileged access to your computer.



    Let’s call it for today.

    Keep in mind that this isn’t close to the end. More parts are coming real soon.

    For now, practice what I’ve been preaching.