FAOU (Fatima Al-Fihri Open University), is a non-profit international online institute registered in Estonia as a European Digital Company. The university aims to offer high-quality, low-cost courses accessible by youth around the world, also to promote open access to scientific research and use technology to facilitate learning.

On the 11th of July, the IT department at FAOU organized a training session for the new interns to talk about slack essentials. Slack is an organized way for co-workers to connect with each other, discuss work and build a successful team relation. …


OWASP

The Open Web Application Security Project is an online community that produces freely available articles, methodologies, documentation, tools, and technologies for web application security audits.

Launching OWASP

We can download and install OWASP from the official site https://www.owasp.org/.

In Kali Linux, OWASP is preloaded in its toolkit so we don’t have to install it separately. We just need to launch OWASP from its menu.


Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network-based attacks on wireless or ethernet based networks. We are going to use this tool to brute force my home wireless network.

Firstly, we will update our kali to get the latest packages:

root@kali:~# apt-get update

After updating Linux packages, we launched Fern Wi-Fi Cracker from the terminal

root@kali:~# fern-wifi-cracker


WPA/WPA2 PSK

PSK stands for Pre-Shared Key. WPA/WPA2 PSK is a technique to secure the wireless network with Pre-Shared Key (PSK) authentication. It is not designed for enterprise use but for home users.

How it works

A plain English passphrase ranging between 0 to 63 characters is used in WPA/WPA2 PSK instead of the encryption key. Using TKIP, passphrase along with network SSID are used to generate encryption keys that are unique for each client, and these encryption keys changes constantly.

Vulnerability Analysis

In WPA/WPA2 PSK, there is a four-way handshake required in order to connect to the wireless network. Both client and AP attempt to prove…


VMware Workstation is a virtualization software developed by the company VMware company, established in 1998. VMware Workstation was launched in 2001 as a platform to install multiple instances of different operating systems, especially the client and server systems. It supports hardware compatibility for hard disks, CD Roms and USB devices, and provides a bridge between the host and virtual machines. The purpose of building such a platform was to enable system administrators to test and verify the client-server environment for software and hardware. The VMware administrator can also switch between different virtual machines at the same time.

VMware Installation

Please download VMware…


What is MITM?

Man in the middle attack is carried to intercept the communication between two parties either to eavesdrop or to modify the content of the data that is being shared. In this attack, the attacker put himself between the two communicating parties to sniff all the outgoing and incoming traffic. The targets of these attacks are usually financial applications, SaaS businesses, e-commerce sites, and other websites to steal login credentials or valuable information like credit cards.

Proof of Concept (PoC)

To carry out this attack, we are going to use Kali Linux and Windows 10. The first software we are going to use is Ettercap…


Phishing attacks are nothing but a way of convincing people to perform certain actions. Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack, or the revealing of sensitive information.

Characteristics of legitimate websites

The first step is to distinguish between a…


The second week of the Jadu fellowship came to an end. We were all so much excited to learn new skills, getting comfortable with the new environment, and talking to each other. The week was full of opportunities so my fellows and I continued to explore this program. We had three classes, two technicals, and one non-technical.

Sir Saad Hamid taught us, “personal branding” in his class. He touched on various topics. He talked about how a person can stand out from a huge crowd. He talked about swot analysis. Capturing attention is very crucial. And if we can’t capture…


This is the very first write-up of my new blog post series in which I’m going to share my weekly experience as a Jadu Fellow and I’ll publish these articles every weekend.

Before I share my experience let's quickly check what Jadu Full Stack Developer Fellowship is:

This program is an immense, hands-on, online program taught by pioneers in the tech industry, aimed to impart technical and soft skills in people and help them into remote job placement.

The 4-month remote work fellowship is focused not only on developing technical skills but also on polishing interpersonal skills essential to take…


Amidst the distances and the chaos created by the Coronavirus, we have strived hard to bring all the valuable and remarkable partners on a single platform and work better in a highly effective way. No matter where we belong, what ethnicity we represent, and which time zones separate us, our unwavering struggles are going to keep us alive under the flag of the Microsoft community. With the aim of bringing exciting and productive opportunities for our enthusiastic audience, we stand together despite all the trials and tribulations.

We are separated by distance but united by our love. Stay home. Stay Safe.

-Microsoft Student Partners

MUHAMMAD USMAN SABIR

DIGITAL EVANGELIST | MICROSOFT STUDENT PARTNER | CYBERSECURITY ENTHUSIAST | FREELANCER | TECHNICAL WRITER

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store