Friday, December 21, 2018

Encryption using Dictionary in py

Try this piece of code for encrypting in python:

my_dict={"A":"D","B":"E","C":"F","D":"G","E":"H",
"F":"I","G":"J","H":"K","I":"L","J":"M","K":"N",
"L":"O","M":"P","N":"Q","O":"R","P":"S","Q":"T",
"R":"U","S":"V","T":"W","U":"X","V":"Y","W":"Z",
"X":"A","Y":"B","Z":"C","1":"5","2":"6","3":"7",
"4":"8","5":"9","6":"0","7":"1","8":"2","9":"3",
"0":"4"," ":" "}

message=input("Enter msg to encrypt: ").upper()
encrypted=""

>>> for letters in message:
...     if letters in my_dict:
...             encrypted+=mydict[letters]
...     else:
...             encrypted+=letters
... print(encrypted.lower())

Learn Cyber Security here for free !!

Beginner to advanced, Cybrary has free cyber security training for everyone. Cybrary is the best place to learn on Cyber Security on free of cost. Courses are divided into segments such as
1. Beginner
Includes classes such as:
2. Intermediate
Includes classes such as:
3. Advanced/Leadership
Includes classes such as:

Tuesday, December 18, 2018

What to learn Machine Learning or Deep Learning

It depends on objective

If the objective is to apply machine learning in traditional industries or settings, with limited data availability, then you’re probably better off to go with machine learning. 

If the objective is to apply machine learning on data rich application db / content/media (more than 10,00,000+ data points) or in media content (like images / audio / video), then you’re probably better off to go with deep learning.

To learn deep learning, you must learn concepts like over-fitting, regularization, cost function and so on. These are like traditional “machine learning concepts” However, there isn’t any need for learning specific machine learning models and  algorithms such as SVMs, K nearest neighbors, K means clustering, Hidden Markov Models, etc.,

If you’d like to learn both machine learning and deep learning, here are the resources: 
Learn Machine Learning: from novice to expert [29-part course, 19T+4P+6Q]
consists of tutorials on ML concepts and algorithms, as well as end-to-end follow-along ML examples
                                      and 
Learn Deep Learning: from novice to expert[24-part course, 16T+2P+6Q]
consists of tutorials on deep learning concepts and neural networks

Encryption and Decryption in Python

In cryptography, encryption is the process of encoding the message that only authorized people can access it

Encryption is different from hashing, because the message need to be decrypted in encryption

So a key is required to decrypt and encrypt the message

In cryptography, Cipher is an algorithm used for encryption and decryption

Cipher requires a key. This key will be known by only two parties, sender and receiver

This allows transmission of message over public channels but it is only readable by intended parties

Let us install cryptography using PIP and see a demo
C:\Users\username>pip install cryptography

>>>
>>> from cryptography.fernet import Fernet
>>>
>>> key=Fernet.generate_key()
>>>
>>> cipher_send=Fernet(key)
>>> cipher_send.encrypt(b"Namaste")
b'gAAAAABcGZzS79dzaWvwOSTXFvQT0fn0e5v_bfoYh-bxlPHOC4DUR1eS0nM0S920hrSx8BkaIU4gQl2iKk4I2LiUu1M7wHyLTw=='
>>>

Now get the value of 'key' variable to decrypt the string back

>>> key
b'sW3O6ErXS_eJ829vLaSSkFhzn477btpu7yw_28-lUb8='
>>>

>>> cipher_reciever=Fernet(b'sW3O6ErXS_eJ829vLaSSkFhzn477btpu7yw_28-lUb8=')
>>> cipher_reciever.decrypt(b'gAAAAABcGZzS79dzaWvwOSTXFvQT0fn0e5v_bfoYh-bxlPHOC4DUR1eS0nM0S920hrSx8BkaIU4gQl2iKk4I2LiUu1M7wHyLTw==')
b'Namaste'
>>>

Now let us create our own key:

>>> import hashlib
>>> keyword=b"1234$"
>>> key=hashlib.sha3_256(keyword)
>>> key
<_sha3.sha3_256 object at 0x000001F6486339E0>

>>> key.digest()
b'\xd6\x96\xaf\xd5\xfe\x9f\xce7\x86\x12\xaa\xb1\xa7x\x93!+\xc2V\xb8\x11\x16\x94\x06P\xed-\x970N1I'
>>>

This is not in the format , that a fernet object expects, import module base64

>>> import base64
>>> key_bytes=key.digest()
>>> fernet_key=base64.urlsafe_b64encode(key_bytes)
>>> fernet_key
b'1pav1f6fzjeGEqqxp3iTISvCVrgRFpQGUO0tlzBOMUk='
>>>

Now using the custom key , let us encrypt and decrypt our strings

>>> cipher_custom=Fernet(fernet_key)
>>> cipher_custom.encrypt(b"welcome")
b'gAAAAABcGaLgE1MZX5bF-HE8HfWdcbkBI771mGr6GOan71tmcAlULuF0B7ZAkNbdZIVfF5CXU5xBzFTIh1o7IScxzNCRGmJkSQ=='

Now decrypt,

>>> cipher_custom.decrypt(b'gAAAAABcGaLgE1MZX5bF-HE8HfWdcbkBI771mGr6GOan71tmcAlULuF0B7ZAkNbdZIVfF5CXU5xBzFTIh1o7IScxzNCRGmJkSQ==')
b'welcome'
>>>






Using hashlib in python

First install the module cryptography using PIP
C:\Users\username>pip install cryptography

Now you can verify by importing hashlib and check what all hashlib algorithms are available
>>> import hashlib
>>> hashlib.algorithms_available
{'blake2b', 'MD5', 'blake2s256', 'sha3_256', 'sha512', 'sha1', 'md4', 'blake2s', 'MDC2', 'sha224', 'sha3_384', 'ripemd160', 'sha384', 'SHA1', 'shake_256', 'MD5-SHA1', 'blake2b512', 'shake_128', 'sha3_512', 'md5', 'RIPEMD160', 'whirlpool', 'BLAKE2b512', 'md5-sha1', 'sha256', 'SHA512', 'SHA256', 'SHA384', 'BLAKE2s256', 'sha3_224', 'MD4', 'mdc2', 'SHA224'}

Let us use sha3_256() to encrypt a string

>>> h=hashlib.sha3_256()
>>> h.update(b"Hello")
>>> h.hexdigest()

And the output will be as follows :
'8ca66ee6b2fe4bb928a8e3cd2f508de4119c0895f22e011117e22cf9b13de7ef'

Let us check by a slight change in the string

>>> h.update(b"hello")
>>> h.hexdigest()
'e52212c71ea57784000b60cae4d0d6a8ab08e17ad72902525a2cbe7e87f77ab6'


Wednesday, September 19, 2018

Computer Forensics : Tools

Frameworks

  • DFF (Digital Forensics Framework) – an open source platform applicable for data retrieval and analysis.
  • PowerForensics is a PowerShell based utility intended for live disk forensic analysis.
  • The Sleuth Kit (TSK) is a C-based library and collection of command line tools facilitating the analysis of volume and file system data.

Real-Time Utilities

  • grr (GRR Rapid Response) is a remote live forensics tool for incident response.
  • mig (Mozilla InvestiGator) – a distributed real-time platform for investigating incidents on remote endpoints.

Windows Artifacts (Extracting Files, Downloads History, USB memory stick data, etc.)

  • FastIR Collector is an all-in-one tool for harvesting Windows information (registry, file system, services, startup programs, etc.).
  • FRED is a cross-platform Windows registry analysis utility.
  • MFT Parsers is a tool facilitating comparative analysis of Master File Table information.
  • MFTExtractor – another handy parser of Master File Table.
  • RecuperaBit reconstructs NTFS file system.
  • python-ntfs is a Python library for NTFS analysis.

OS X Analysis

  • OS X Auditor is a popular free forensics tool supporting Mac OS X that parses and hashes various system artifacts.

Internet Artifacts

  • chrome-url-dumper is intended for extracting different types of web surfing information from Google Chrome.
  • Hindsight analyzes Google Chrome/Chromium history.