Search the Community

Hello, I am a high school teacher and I recently obtained a Wi-Fi Pineapple from my school in-order to aid in teaching a new computer science class which has a whole unit dedicated to cyber security. I was successful in setting it up, going through the configuration of the device, and I have successfully captured packets / viewed internet traffic. However, I wish to move away from simply “showing off” and demonstrating the abilities of the Wi-Fi Pineapple to the classroom. I wish to set up the device in a way that students can walk through labs that teach important lessons on cyber security. My goal is to set up the Wi-Fi Pineapple in a way students can experiment with device in a safe environment that is educational. I wish for students to walk away from this lab with the sense that information sent over the web is not necessarily private and that they should be careful about what information they make public. The only problem is that I am at a COMPLETE LOSS on how to do this. I have very limited cyber security/ network skills... does anyone have any ideas? Thanks in advance, any leads would be appreciated.

I guess you could say that I'm a tech enthusiast, but admittedly a lazy programmer/coder. If I wanted to buckle down and learn linux, networking, and even other coding languages; where would I go? I want to be a skilled user and play with all the great toys out there (rubber ducky, pineapple, etc.). I know there is a 'google machine,' and I've looked at a lot of sites, but I would like some [pro] advice on which is the best. I'd even be willing to pay for it if I knew I was getting 'quality instruction.' For example, you can see a bunch of courses available at: http://itpro.tv/course-library/#/ But, before I pay out monthly $$$, and it is pricey, I wanna be sure I'm going the right direction. I want to do this right. Where can I go to learn from scratch and go all the way to intermediate to skilled knowledge? I am sincere in this venture. -Krum NSS30 NSS30

Hi, I bought the pineapple as an educational tool, so I'm looking at putting together some material to go with it. Has anyone seen any good resources or examples I could use when giving sessions on encryption, WPS, tracking of mobile devices, threat from MiTM? I came across these examples in the last week... European Parliament reports HACK ATTACK, turns off public Wi-Fi Online Hacking Victim Warns of Attack on Airline Miles Cheers.

I've been using computers since I was 8 and I have my share of degrees, but thanks to a really horrible undergrad adviser computers and formal education almost never coincided for me. I'm very busy and couldn't pay much, but is there any good online network/security/programming training that you'd recommend? My tuition preferences would be free, nearly free, or expensive-but-you-can-get-a-full-scholarship.

Could some of you IT wizards help me understand something about DHCP and NAT? I haven't studied these in the classroom, but I've done my share of reading and have certainly renewed DHCP and toggled NAT a few thousand times in the course of troubleshooting over the years. I was also just reviewing again the episode of hak5 where Darren + the cutie set up PPTP in BT5 and he shows how to disable DHCP for stealthiness. My limited understanding is basically that NAT allows my army of home computers to share a single external IP address by use of internal/local IP addresses and DHCP helps devices communicate with one another. So my question is "what happens when I disable one of both of these?" Empirically, I can see that I'm usually able to continue using the Internet as normal, on several devices at once. Does lack of NAT just slow down the process of identifying which of my babies (computers) a packet is meant for? Thanks

Version 0.70 of the open source phishing education tool "spt" (Simple Phishing Toolkit) was released this week. Notable features and improvements in this version include: Vast improvements in the editing functionality for templates and education packages. Major changes include: two different editors to choose from (the oroginal spt text editor and TinyMCE), copy templates or education to new version and then customize them. Added education completion tracking, now you can determine if your targets completed the assigned education in a campaign. Support for the Google and TinyURL URL shortener services. Now your phishing emails can have shortened URLs, making them harder to detect. Support for sending SMTP using SSL secured connections. Enhancements to the viewing of campaign information including SMTP relay used and destination URL used. Initial support for using spt in SSL/TLS secured installations, code updates to prevent insecure content warnings. All forms now generate inline errors with entered value retention, allowing easy correction of incorrect or missing items without requiring all information to be entered again. Email tracking times are now more accurate when viewing campaign information. Most items in the Quick Start module now feature links allowing you to quickly access the desired location in the spt UI. Enhancements to the browser detection script for more information on what you need vs. what you have. Many security and usability issues fixed. Additional improvements in authentication and session management security. You can track all current, past, and future planned, changes on the spt project site on the "Change Log" tab of the Download page at http://www.sptoolkit.com/download/.'>http://www.sptoolkit.com/download/. If the project sounds interesting to you, please consider taking a look at it by downloading and testing it your environment. (We opted to remove the online demo of the spt after receiving some complaints from sites that were used to highlight the incredible effectiveness and ease of use of our site scraper). We always welcome all feedback and ideas as we continue to develop the project. Please feel free to contact us via replies to this thread, or via the contact form on the project web site. http://www.sptoolkit.com/ Thanks! - The spt project