Identifying security software installed on a MacBook or other Apple computer is important to hackers and penetration testers needing to compromise a device on the network. With man-in-the-middle attacks, packets leaving the Mac will tell us a lot about what kind of antivirus and firewall software is installed.
After gaining access to a Wi-Fi router, a hacker will perform a variety of network-based and reconnaissance attacks. Data traversing the network is viewable to anyone with the password without ever authenticating to the router. While that method is excellent for passive observations, we'll instead perform a man-in-the-middle attack to learn what's happening on the network.
We'll start by installing a man-in-the-middle tool in Kali Linux. Packets moving through the network are redirected to the attacker's system and collected with Wireshark. The traffic is then vulnerable to packet inspection, allowing an attacker to identify installed security software on the macOS computer.
Step 1: Install Bettercap in Kali Linux
Bettercap, developed by evilsocket and some cool people, is an extensible and portable offensive security framework. While it features several useful tools, let's focus on the < ..
Support the originator by clicking the read the rest link below.
