Safe, Educational Simulations of Common Cybersecurity Attacks, Including a KeyLogger, Phishing, Ransomware & DDoS
The showcase includes the following modules:
A keylogger is a type of malware that records the keys pressed on a keyboard. This can be used to steal passwords, credit card numbers, and other sensitive information.
Simulation:
The keylogger simulation in this project is safe and only captures keystrokes within the application's console window. It does not record anything permanently or to a file. This demonstrates the basic principle of a keylogger without any malicious activity.
Protection:
- Use a reputable antivirus and anti-malware solution.
- Be cautious about what you download and install.
- Keep your software and operating system up to date.
- Use a virtual keyboard for sensitive information.
Phishing is a type of social engineering attack where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.
Simulation:
The phishing simulation presents a fake login page for a fictional "Bank of Rust." When you enter a username and password, the simulation shows how an attacker would capture that information.
Protection:
- Always check the URL of a website before entering any sensitive information.
- Be wary of suspicious emails, even if they look like they are from a legitimate source.
- Enable two-factor authentication (2FA) on your accounts.
- Use a password manager to generate and store strong, unique passwords.
Ransomware is a type of malware that encrypts a victim's files, making them inaccessible. The attacker then demands a ransom payment in exchange for the decryption key.
Simulation:
The ransomware simulation creates a temporary directory with dummy files. It then "encrypts" these files using a simple character substitution cipher. A ransom note is displayed, and then the files are "decrypted" to show the full cycle of the attack. This is a safe simulation and does not affect any of your real files.
Protection:
- Regularly back up your important files to an external drive or cloud storage.
- Be cautious about opening suspicious email attachments or clicking on suspicious links.
- Use a reputable antivirus and anti-malware solution.
- Keep your software and operating system up to date.
A DDoS attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.
Simulation:
The DDoS simulation demonstrates the concept of a DDoS attack by simulating a server's health decreasing as it is hit with waves of requests. This is a conceptual demonstration and does not generate any real network traffic.
Protection:
- For businesses, use a DDoS mitigation service.
- Have a strong firewall and network security in place.
- Monitor your network for unusual traffic patterns.
- Make sure you have Rust installed.
- Save the code files in a
srcdirectory. - Run the project with
cargo run. - Follow the on-screen instructions to select a module.
This project is for educational purposes only. Do not use this code for any malicious activities.