Projects on Chief Dennis' Blog

WPA/WPA2 Protocol: Packet format analysis and attacks against it

Sun, 01 Jun 2025 15:43:16 +0100

Identification of the different types of WPA protocol packets. Link to heading

In this first phase, the analysis of a traffic capture corresponding to a WiFi network with WPA2-PSK authentication has been carried out. The tool used has been Wireshark, due to its ability to interpret and decompose network protocols in a detailed way. The purpose of this point is to identify the different types of packets involved in the WPA2 connection and authentication process, as well as to examine the most relevant fields of each and understand their function within the overall context of the capture.

Operational installation of a VPN with OpenVPN

Tue, 20 May 2025 15:43:16 +0100

Introduction Link to heading

Currently, Virtual Private Networks (VPNs) are a widely used solution to establish secure communication channels over public or shared networks. Its main objective is to offer confidentiality, authentication and integrity in the transmission of data between different devices, simulating a private local network by encrypting the information that circulates through the network.

In this practice, a VPN has been implemented using OpenVPN, an open-source toolthat allows you to create encrypted tunnels based on the SSL/TLS protocol. The work environment is composed of three Kali Linux virtual machines:

WifiChallenge Lab CTF

Thu, 15 May 2025 15:43:16 +0100

Introduction Link to heading

This write-up summarizes the completion of the WiFiChallenge Lab, a practical cybersecurity exercise focused on wireless network security. Throughout the lab, various Wi-Fi attack techniques were explored and executed, including packet capture, handshake extraction, password cracking, and exploiting common vulnerabilities in WEP and WPA/WPA2 networks. The objective was to simulate real-world scenarios, enhance practical skills in wireless penetration testing, and deepen understanding of Wi-Fi security protocols and their weaknesses. This walkthrough outlines the methodology, tools used, challenges encountered, and key takeaways from the experience.

Reconnaissance of Vulnerable Software with Nessus and OpenVAS

Sun, 23 Feb 2025 15:43:16 +0100

1. Introduction

2. Analysis Tools

3. Scan Settings

3.1. Nessus Scanning Parameters

3.2. OpenVAS Scanning Parameters

4. Analysis Process

4.1. Running the Scan with Nessus

4.2. Running the Scan with OpenVAS

5. Comparison of Results

6. Conclusions

Introduction Link to heading

The purpose of this report is to examine the security of a system through specialized tools for detecting vulnerabilities. To do this, exhaustive scans have been carried out using Nessus and OpenVAS on the Metasploitable3 virtual machine (Linux). After data collection, the findings will be analyzed and a detailed comparison of both tools will be made.

ARP and DNS spoofing with Bettercap

Sun, 09 Feb 2025 15:43:16 +0100

2.3. Fake Web Page Setup

2.4. Credential Theft

3. Stopping the attack

4. Conclusions

Introduction Link to heading

In the field of cybersecurity, analyzing vulnerabilities in local networks is a fundamental task for understanding potential threats and designing appropriate defense mechanisms. Among the most common attacks affecting the integrity and confidentiality of information in a network are ARP Spoofing and DNS Spoofing, techniques used to intercept, modify, and redirect traffic from devices connected to a LAN.

Steganographic techniques, analysis, and usage of S-Tools

Wed, 01 Jan 2025 15:43:16 +0100

1.- Introduction Link to heading

This post is about steganographic tools and analysis techniques in search of hidden information. In this case, the S-Tools tool is used. We will also use a custom python script to help us analyze the images bit by bit in search for hidden information. Lastly, we will also perform a histogram analysis, coding another custom python script.

S-Tools is a very powerful tool developed by Andy Brown. It allows you to hide messages using steganography in BMP, GIF, and WAV images. It is a very simple tool that allows drag-and-drop to process the relevant files. Additionally, it can encrypt the hidden information so that even if the message is discovered, the information cannot be decrypted without the password.

Configure and deploy Azure Firewall Manager Part 3: Test the Firewall

Thu, 11 Apr 2024 08:43:16 +0100

For part 3 of the series, test the firewall in two steps. First, we’ll test the application rule; then, we’ll test the network rule. To test the firewall rules, we’ll connect a remote desktop using the firewall’s public IP address, which is NATed to Workload-1. From there, we’ll use a browser to test the application rule and connect a remote desktop to Workload-2 to test the network rule. It is important to remember, as with all testing, firewall testing is essential to maintaining a secure network and mustn’t be overlooked.

Configure and deploy Azure Firewall Manager Part 2: Deploy the servers

Sat, 09 Mar 2024 08:43:16 +0100

For part 2 of the series, we will deploy our workloads/servers. This process is similar as to any virtual machine deployment in the Azure Cloud.

Deploy the servers Link to heading

Deploying servers involves setting up and preparing a server to host and run applications or services. When discussing deploying servers in a cloud environment, this process often consists of creating and configuring virtual machines, setting up network connectivity and security, and installing and configuring software, all done within the cloud provider’s management interface or using infrastructure as code (IaC) tools such as Terraform.

Configure and deploy Azure Firewall Manager Part 1: Create a hub and spoke architecture

Mon, 26 Feb 2024 08:43:16 +0100

Azure Firewall Manager is a central network security policy and route management service for globally distributed, software-defined perimeters. It can provide security management for two network architecture types, the secured virtual hub and the hub virtual network.

Using Azure Firewall Manager, you can create secured virtual hubs to secure your cloud network traffic destined to private IP addresses, Azure PaaS, and the Internet. Traffic routing to the firewall is automated, so there’s no need to create user-defined routes (UDRs).

GPS NMEA TCP/IP stream to COM port via com0com and com2tcp

Fri, 29 Dec 2023 15:43:16 +0100

In this project we will explore how we can serve TCP/IP data coming in through an open port, and turn it into a virtual serial port or COM port. In this case, I have a router that has an internal GPS that can serve the NMEA sentences to a given IP and port via TCP/IP. However, most programs that use GPS (like Google Earth) do it through a COM port. So, how can we ’translate’ the TCP/IP data into a serial COM stream?

Manage Entra ID users via Azure Portal

Sun, 03 Dec 2023 15:43:16 +0100

In this post we will learn how to create, edit and delete Microsoft Entra ID users. Microsoft Entra ID is an integrated cloud identity and access solution, and a leader in the market for managing directories, enabling access to applications, and protecting identities.

To create a user, first navigate to Microsoft Entra ID in the Azure Portal.

Then click on Users.

You will be seeing the Users page. On the left hand menu, we can see the following tabs: