Initial Access with WiFi-Pumpkin

Focused View

Ricardo Reimao

22:56

99 View

Module 1 - Course Overview

1. Course Overview.mp4

00:50

Module 2 - Credential Harvesting with Fake Captive Portals

1. Understanding WiFi-Pumpkins Place in Initial Access.mp4

07:54

2. Installing WiFi-Pumpkin.mp4

03:03

3. Creating Rogue Access Points and Fake Captive Portals.mp4

04:14

4. Eavesdropping Traffic.mp4

03:13

Module 3 - Resources

1. Increasing Your Chances of Success.mp4

03:42

Description

During a red team exercise, getting access to the internal network is one of your first tasks. In this course, we cover the WiFi-Pumpkin tool, which allows you to create rogue access points with fake captive portals.

What You'll Learn?

Having valid credentials is one of the most effective ways of getting access to the internal network of a company. It gives you the same level of access of a target employee, which often includes VPN access to the internal network as well as several external systems. In this course, Initial Access with WiFi-Pumpkin, you will explore the WiFi-Pumpkin tool, which is a rogue access point framework developed by Marcos Bomfim from the P0cL4bs. First, you will learn how to create rogue access points that look exactly like the WiFi network of your target company. Then, you will see how to set up captive portals, so that when users try to login to your rogue access point, they will be prompted to type their domain credentials and you can harvest them to use in other attacks. Finally, you will discover how to set up a rogue access point, how to set up a fake captive portal, how to customize the login page, and how to harvest the credentials that were submitted. By the end of this course, you will know two important tactics from the MITRE ATT&CK framework: Rogue WiFi Access Points (T1465) and Valid Accounts (T1078).

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Wireless Networking

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.