Polycarp max

31/08/2022

https://poltechsolutionsllc.com
Learn about our services and cyber security courses offered.
Infinite Solutiones

Infinitae Solutiones Welcome to Poltech Solutions. Building on a strong base of IT technology and solutions expertise, strategic partnership and professional consulting services, We deliver globally to give your organizations the edge in knowledge revolution Get Started How can we help you? Poltech....

03/05/2022

https://github.com/Polycarp29/numpingosint
New OSINT tool for phone number fingure-printing and also Operating System Fingureprinting using ping . Be able to bruteforce hashes at the least speed possible check it out on GitHub

Phone Number and DNS look-up OSINT tool . Contribute to Polycarp29/numpingosint development by creating an account on GitHub.

03/02/2022

Short for "fragmentation" and "aggregation", Frag attacks allow hackers to bypass firewalls to inject code into Wi-Fi traffic.
Wi-Fi network

A new set of vulnerabilities known as Frag attacks have been discovered in Wi-Fi-enabled devices. Some of these issues date back to the original Wi-Fi standard that was first established in 1997.

So, how do Frag attacks happen? Which devices are most vulnerable? And how can you protect against them?
What Are Frag Attacks?

Belgian academic and security researcher Mathy Vanhoef discovered twelve different vulnerabilities in Wi-Fi devices which have the potential to turn into security issues. These are better known as Frag attacks.

A Frag attack does one of the two things:

It captures traffic passing through unsecured networks, mimics it, and then impersonates servers.
It injects the network traffic with malicious plaintext frames that resemble handshake messages.
To put it simply, the Frag attacks dupe your WI-Fi-connected devices into thinking they are conducting safe business.
Which WI-Fi Flaws Are Responsible for Frag Attacks?

During the discovery of Wi-Fi vulnerabilities, it was concluded that three of the issues pertained to design flaws within the Wi-Fi protocol, while the rest were programming mistakes.

The biggest downside to these vulnerabilities is that they make it possible to access even fully secure Wi-Fi networks with WPA2 or WPA3 encryption in place.

One major vulnerability was found in the fragmentation process which is an integral feature of a Wi-Fi network used for improving performance degradation for excessive background noise. By splitting data into manageable fragments or "chunks" for transmission, they can be reassembled with ease when received.

Unfortunately, Vanhoef discovered security weaknesses in the process. He said:

“You can cause a receiver to reassemble two fragments that belong to different packets or even store malicious data and combine it with legitimate information. Under the right conditions, this can be used to exfiltrate data.”
Also, in certain cases, attackers can inject malicious packets of data through a router's firewall if a connected device is vulnerable. This allows the hackers to unmask IP addresses and destination ports used to access the device.
Which Devices Are Most Vulnerable to Frag Attacks?

Unfortunately, every Wi-Fi device to date is vulnerable to Frag attacks as the discovered vulnerabilities go back to 1997 when the Wi-Fi base standard was first released.

The good news is that the vulnerability was not revealed to the public until nine months after its discovery. This gave most companies ample time to release security patches and update their devices against these attacks.

In its attempt to protect Windows against the Frag attacks, Microsoft published an update on March 9, 2021.
Main Risk Factors for Frag Attacks

Worried about falling prey to potential Frag attacks? Then you should know about the two main risk factors for these attacks.

Data Theft
A Frag attack can be used by an attacker to steal and intercept data from a Wi-Fi network. Most websites and applications that employ HTTPS and other types of encryption are protected against such attacks.

However, if unencrypted data is sent over an encrypted Wi-Fi connection, a Frag attack can potentially bypass the encryption and cause data theft.

Related:
Does HTTPS Protect Data in Transit?

Attacks Against Vulnerable Devices
Most smart home and IoT devices can be vulnerable to a Wi-Fi Frag attack. Smart devices manufactured by unknown brands such as an inexpensive smart plug or smart light bulbs might not offer the necessary long-term support and updates, causing these devices to easily fall victim to Frag attacks.

In reality, it should not matter because every device, whether big or small, is connected to a trusted home network. But since Frag attacks can bypass a Wi-Fi network's encryption, any device can be targeted directly just as if it was connected to the same network.
Should You Be Worried About Frag Attacks?

If you own a device that is connected to a Wi-Fi network, then you should be concerned even though no known cases of Frag attacks have been documented yet. The mere fact that the vulnerabilities were discovered in the Wi-Fi design poses a risk for a potential attack at all times.

Welcome to P-ChatRoom

02/02/2022

Get a chance to be part of us through our website, forum , shop and e-learning platform

A Kenyan based company, Poltech solutions is a value-added reseller and solutions provider based in Nairobi serving the African market .Poltech Solutions is a proud member of TechSelect , an international community of technology manufacturers and resellers who leverage others expertise.

07/01/2022

Here is a chance for guys to attend an open cyber security discussion . We are having an online boot camp at 10 East African time . We will be live in all social media plat-forms . Interested parties will get a link openly through the page.

03/01/2022

Let me take time to do some explanation on the technology behind cryptography because encryptions would need some little bit of understanding.
1. When you are doing web development especially for those guys who use PHP or asp.net to do a POST request to MySQL server or Even get but our main attack is on the POST request. Passwords are commonly stored with Md5 encryption technology that would include like 60% of web application that support user login entries . Technology behind MD5 encryption is salting and hashing . Attacks on this can be on various ways we can decide to do a bruteforce attack on this particular entry point . We can do it by choice of wordlist (which I don't term it as bruteforce) also hash cracking given the fact you got entry on PMA . Hash cracking now because the most interesting part with rainbow tables involved and also J***y the ripper( have my own hash cracking tool) anyone interested can get it in condition you are running python3 in your computer you can use it either in windows or Linux your choice.
2. We have sha254 encryption which is the cryptography behind bitcoin . One of the best cryptography with 8bit worth of combinations . Still cracking it would involve rainbow tables and the main part here is getting the specific hash to the password. You will need a good graphics computer to carry out a successful attack on that.
3. Either ways the most strainfree attack on a login is spidering and also phishing . Client side attacks works better than server side attacks .

Build web apps and services that run on Windows, Linux, and macOS using C #, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS.

01/01/2022

Hello guys ? As we celebrate the new year let's make a reflection of some things. For those who have no idea of what pe*******on testing might entail or those who might want to get to pe*******on testing as a full time career . There are key specifications that we have to make consideration on:
1. Hacking or pe*******on testing is mainly determined by what information you have on a targeted system. It being a systematic approach and we term computers or other gadgets as systems . There must be a systematic approach to compromise them.
2. Another reflection on pe*******on testing would entirely depend on the networking concept the learner has have an idea for instance:. Am doing an ARP scan , maybe DNS spoofing attack , ARP poisoning attack or even MITM attack heavily would depend on how you can compromise a network.
3. Sometimes I say for those guys taking up a course in computer science a deeper understanding of OS as a unit is much more very key . This comes into handy when you making payloads maybe based on DLL or os architecture , binary compilation and also the low level languages like C. Object oriented programming languages are very much responsible for creating responsive payloads or malwares.
4. Another reflection is Batch , Bash and python as scripting languages . In web development we might employ php to do our Cron jobs without our interventions . Also when dealing with Linux or windows we would need this scripting languages. Remember *Any operating system can hack* be it windows or Linux . Just a deeper understanding of how they work would propell to it .
5. Patience and practice is always a virtue in the tech world . Being perfect in this would make it easier for anyone to make everything better.
6. I decided to include coding as part of the least reflection but it too plays a major role in the pe*******on testing world . We have vulnerability and also bugs that would need coding knowledge. Let's say am doing a client side attack on a web application

31/12/2021

Happy new year 2022

28/12/2021

I was able to meet OSINT journalist @ Samuel Baker from Rwanda .
Here we had intimate discussions on the importance of cyber
security to the present world. We tried to relate both Cyber Security and Journalism In detailed OSINT Journalism

07/03/2020

Be the first people to be amongst POLTECHSOLUTIONS fraternity . Be the first to be on the big deal to the IT solutions . Make official polls , Ask unlimited questions . We will be able to respond In due time. Remember we make things happen in the IT field
*Have a chance to improve you programming skills
*Have a chance to know more about ethical hacking and video tutorials
*Be a compitent pe*******on tester
*Be able to interuct with the technical team and find solutions to your issue on the cyber underworld .

18/12/2014