GNU Privacy Guard (GPG)

GNU Privacy Guard (GnuPG or GPG) is a free software alternative to the PGP suite of cryptographic software.
GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ "owner" identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.

How to start making GPG in linux  :
1. Install Kleopatra to manage your GPG sertificate
    apt-get install kleopatra
2. Install Libakonadi-contact4
   apt-get install libakonadi-contact4
3. After two tools are installed, the next step is regristasionto get the key, by the following steps :
   1. Generate a private key
       gpg --gen-key

     You’ll have to answer a bunch of questions:
  1. What kind and size of key you want; the defaults are probably good enough.
  2. How long the key should be valid. You can safely choose a non-expiring key for your own use. If you plan to use a key for public signing, you might want to consider a yearly expiration.
  3. Your real name and e-mail address; these are necessary for identifying your key in a larger set of keys.
  4. A comment for your key, perhaps to distinquish a key used for special tasks like signing software releases. The comment can be empty.
  5. A passphrase. Whatever you do, don’t forget it! Your key, and all your encrypted files, will be useless if you do.

    2. Generate an ASCII version of your public key
        gpg -k
   3. Send your public key to server to easier for people to get your public key
       gpg --send-keys
Finis !! now you can encrypt your emair or file, but to encrypt an email we need Thunderbied and enigmail
  apt-get install thunderbird
  apt-get install enigmail

Now protect your data using GPG .....

Comments

Post a Comment

Popular posts from this blog

Grabbing Proxy With Selenium and Python

Image
Selenium is automated browser that can be controlled by script. Selenium support for many programming language like Java, csharp, python, ruby, php, perl, and javascript. This simple script for grabbing proxy list from freeproxylist.net website created with python. 1. Install python selenium        # apt-get install python-pip        # pip install selenium 2. Download browser driver     Chrome : https://sites.google.com/a/chromium.org/chromedriver/downloads Edge : https://developer.microsoft.com/en-us/microsoft-edge/tools/webdriver/ Firefox : https://github.com/mozilla/geckodriver/releases Safari : https://webkit.org/blog/6900/webdriver-support-in-safari-10/ Chose favorite browser you want. 3.  Run this script import os from selenium import webdriver from bs4 import BeautifulSoup from selenium.webdriver.common.keys import Keys chromedriver = "./chromedriver" # replace with your browser driver os.environ["webdriver.chrome.driver"] = chromed
Read more

Authorization Testing

Image
1. Testing for Path Traversal First, we test if it is possible to find a way to execute a path traversal attack and access reserved information About input vector: 2. Testing for bypassing authorization schema This kind of test focuses on verifying how the authorization schema has been implemented for each role/privilege to get access to reserved functions/resources. 3. Testing for Privilege Escalation During this phase, the tester should verify that it is not possible for a user to modify his or her privileges/roles inside the application in ways that could allow privilege escalation attacks.
Read more

Bypass HTML Field Restrictions

This time I learn about Bypass HTML Field Restrictions. I bypass the html form . In order to pass this lesson , I must submit the form with each field containing the value of unallowed . I have to submit an invalid value for all six fields in one delivery form provided . that is : select field which has two choices , radio button which has two choices , input field which retricted to 5 character, and disableinput field with a form that can not be filled . And this some way that I have tried to bypass it : First I submibt that form as usual and I did not find any change Then I tried to intercept request by webscarab, I change values that not provided there. but I not find any changes too. I studied again after it there are only 5 fields in the request when the procedure mentioned there are 6 fields . then I add a new field that is itself disableinput field , the parameter I get from the source web page . but I not find
Read more