SQLi: String Based!

Hey Guys this is SK

Today i'm gonna explain you how to bypass some admin panels with sqli vulnerability!

This is useful for both the site owners and the HACKERS!

And There's a video tut too..!!

This is not meant to harm anyone...

And Be very careful while using the given techniques...|
You may/may not have heard about SQLi before also...
Still i'm explaining about sqli..
This is not a new vulnerability on websites...

While many programmers and developers are aware about this..
Many are not :(
Hacker's use this for bypassing the panels like admin panels and many more
And

Just For Info : This is not the only type of SQLi..
There are about 20 types of SQLi... So Keep Learning :)

So let me start with the first and the most basic technique i.e.

1. Username----- admin
Password----- 'or''='

This has worked for most of the people....

2. Username-----admin
Password-----1'or'1'='1

Well, this may also help ..

The list is endless just understand the technique.. Don't just blindly try it..

Spread the Knowledge..

Keep Learning!!

THE VIDEO:--

XSS(CROSS SITE SCRIPTING) + Video Tutorial!

HEY guys this is SK!

I remember the promise i made during posting on XSS!!

I if you haven't read the previous post follow the link: http://www.darkhtu.net/2013/09/xsscross-site-scripting.html


Follow the below link for the video tutorial of XSS!!..


Remember to subscribe and share it ..

ALSO REMEMBER TO LIKE IT :]

Keep Learning


:)

Difference between Viruses, Trojans, Worms and Malware.

I. What is Malware?

The word Malware is short for malicious software, and is a general term used to describe all of the viruses, worms, spyware, and pretty much anything that is specifically designed to cause harm to your PC or steal your information.

II. Viruses --> Wreak Havoc On Your Files

The term computer virus is often used interchangeably with malware, though the two don’t actually have the same meaning. In the strictest sense, a virus is a program that copies itself and infects a PC, spreading from one file to another, and then from one PC to another when the files are copied or shared.

Most viruses attach themselves to executable files, but some can target a master boot record, autorun scripts, MS Office macros, or even in some cases, arbitrary files. Many of these viruses, like CIH, are designed to render your PC completely inoperable, while others simply delete or corrupt your files—the general point is that a virus is designed to cause havoc and break stuff.

You can protect yourself from viruses by making certain your antivirus application is always updated with the latest definitions and avoiding suspicious looking files coming through email or otherwise. Pay special attention to the filename—if the file is supposed to be an mp3, and the name ends in .mp3.exe, you’re dealing with a virus.

III. Spyware --> Steals Your Information

Spyware is any software installed on your PC that collects your information without your knowledge, and sends that information back to the creator so they can use your personal information in some nefarious way. This could include keylogging to learn your passwords, watching your searching habits, changing out your browser home and search pages, adding obnoxious browser toolbars, or just stealing your passwords and credit card numbers.

Since spyware is primarily meant to make money at your expense, it doesn’t usually kill your PC—in fact, many people have spyware running without even realizing it, but generally those that have one spyware application installed also have a dozen more. Once you’ve got that many pieces of software spying on you, your PC is going to become slow.

What many people don’t realize about spyware is that not every antivirus software is designed to catch spyware. You should check with the vendor to make sure the application you are using to protect you from malware is actually checking for spyware as well. If you come across a PC that is already heavily infected, run a combination of MalwareBytes and SuperAntiSpyware to clean it thoroughly.

IV. Trojan Horses --> Install a Backdoor

Trojan horses are applications that look like they are doing something innocuous, but secretly have malicious code that does something else. In many cases, trojans will create a backdoor that allows your PC to be remotely controlled, either directly or as part of a botnet—a network of computers also infected with a trojan or other malicious software. The major difference between a virus and a trojan is that trojans don’t replicate themselves—they must be installed by an unwitting user.

Once your PC has been infected with the trojan, it can be used for any number of nefarious purposes, like a denial of service (DoS) attack against a web site, a proxy server for concealing attacks, or even worse—for sending out buckets of spam. Protection against trojans works the same way as viruses—make sure that your antivirus application is up to date, don’t open suspicious attachments, and think long and hard before you try and use a downloaded crack for Photoshop—that’s one of malware authors’ favorite spots to hide a trojan.

V. Worms --> Infect Through the Network

Computer worms use the network to send copies of themselves to other PCs, usually utilizing a security hole to travel from one host to the next, often automatically without user intervention. Because they can spread so rapidly across a network, infecting every PC in their path, they tend to be the most well-known type of malware, although many users still mistakenly refer to them as viruses.

Because worms often exploit a network vulnerability, they are the one type of malware that can be partially prevented by making sure your firewall is enabled and locked down.

How Does SSL Work?

I. What is SSL Certificate?

The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This SSL certificate will have lot of information like owner details, location, email id, Encryption method, thumb print, expiration details, who digitally signed this certificate and etc.

II. How does SSL work?

Step-1,2,3: Before Browser sends the request a quick basic TCP 3-way handshake is performed to synchronize information with packet size details, source-destination info and etc. Once this is done the SSL Hello session starts.

Step-4: A browser requests a secure page (usually https://). Client will send Ciphers details ( i.e. information about encryption method and hashing algorithm that client is going to use)

Step-5: The web server receives the Cipher details, and sends its Public key with SSL certificate in return.
Note: Server will always have a key pair (Private Key + Private Key). It will never share the Private key with outside world, it can only share the Public Key with others. The interesting fact is anything encrypted using public Key can only be decrypted using Private key and vice-versa.

Step-6: Client sends acknowledgment

Step-7: Before sending critical information over the internet. First, The browser checks that the SSL certificate that server sent is correct one and was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site.

Step-8,9: The browser then encrypt the URL using a randomly generated key called as Session Key or Symmetric Key. Then it encrypts the Symmetric key using Public key. Then it combines both encrypted symmetric key with encrypted URL and encrypt the whole message using the public key that it received from the web server and passes it over the network to the server

Step-10: Web Server will decrypt the encrypted message using its PRIVATE Key. Once decrypted it will get an encrypted Symmetric Key and an encrypted URL data

Step-11: The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.

Step-12: The web server sends back the requested html document and http data encrypted with the symmetric key.

Step-13: The browser decrypts the http data and html document using the symmetric key and displays the information.

Now both the sides have the symmetric key and can send/receive the information securely by encrypting the data using symmetric key(session key).

CMD/COMMAND PROMPT: The greatest command line tool ever developed for Windows!!

CMD / Command Prompt!!

Hey Guys this is $K Again :]

Well i know some may be thinking that this new admin has gone mad
And writing tutorials on CMD??
Isn't it...?
For the people thinking like this..
I have a surprise pack in this post :)
And I am very serious about that :)

For any hacker,programmer or any windows user thinking about going to use Linux..
knowing this command line interface is very important
ACCORDING TO WIKIPEDIA:-
Command Prompt (executable name cmd.exe) is the Microsoft-supplied command-line interpreter on OS/2, Windows CE and on Windows NT-based operating systems (including Windows 2000, XP, Vista, 7, 8, Server 2003, Server 2008, Server 2008 R2 and Server 2012). It is the analog of COMMAND.COM in MS-DOS and Windows 9x systems (where it is called "MS-DOS Prompt"), or of the Unix shells used on Unix-like systems.
When anyone thinks about the command line a image comes to his/her mind which is like :-

Isn't it??
Well let's come to the point haha :)
First let's start the cmd :p
Just being type of manual
OS Command Notes Windows 3.1,.3.11, 95, 98, ME command.com This program when run will open up a command prompt window providing a DOS shell. Windows NT, 2000, XP, 2003 cmd.exe This program will provide the native command prompt. What we call the command prompt. Windows NT, 2000, XP, 2003 command.com This program will open up a emulated DOS shell for backwards compatibility. Only use if you must.
Now the steps :-

Step 1: Click on the Start Menu
Step 2: Click on the Run option
Step 3: Type the appropriate command in the Open: field. For example if we are using Windows XP we would type cmd.exe.
Step 4: Click on the OK button :)
That's it!!

Now let's learn some useful codes..!

Well For having some fun and excitement i have divided that into different catagories :)

Top 3 Basic Commands :

• cd- cd stands for choose directory


• cls- --"-- clear screen


• exit- --"-- to close cmd window..

Top 3 most needed Commands:

• ping- this gives you the ip address of any server or website :)


• netstat- gives a list of all the current ports and connected ips..


• netusers - give a list of all the users on the computer and also the passwords *__*

Top 3 commands for having Fun :D

• color 0a( i would prefer this as this gives u a feeling like a pro) - this changes the text color to green


• tasklist- displays all running tasks :)


• choice - actually this command is usedd in batch programming for giving options.. if u type this in cmd it will give u a set of options *__*

Let's see how a pro cmd window looks like :p

Keep Learning

Download GTA V For Free | No Surveys | | Mediaifre |

Download GTA V

Today i am going to give you link to download GTA V For free of cost. This is the best version of GTA series with awesome graphics , storyline , a lot of new stuff.

Gta V not only comprises of one player but Three . Ya you can control 3 players to switch between.
Screenshots

 


 
Characteristics of the three players

1. Amidst the turmoil, three very different criminals plot their own chances of survival and success:

2. Franklin, a street hustler looking for real opportunities and serious money; Michael, a professional ex-con whose retirement is a lot less rosy than he hoped it would be;

3. Trevor, a violent maniac driven by the chance of a cheap high and the next big score.Running out of options, the crew risks everything in a series of daring and dangerous heists that could set them up for life.

Note this version is only for PS3 users .

Installation instructions are included in game file

Download it From Here :- http://kickass.to/grand-theft-auto-v-ps3-duplex-p2pdl-t7865550.html

Please Remember this is only for For PS3 Users

For PC,We are soon going to post on our blog,so keep visiting this blog and don't forget to bookmark our website...
 

Very Useful Google Tricks of 2013 |Must See|

 

Here some of the very useful GOOGLE Tricks try it out..
=========================================
1. Hacking Security Cameras


inurl:”viewerframe?mode=motion”

Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows

As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.
intitle:”Live View / – AXIS”

Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.



2. Hacking Personal and Confidential Documents


Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.
filetype:xls inurl:”email.xls”

Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query
intitle:index.of finances.xls

3. Hacking Google to gain access to Free Stuffs
Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.
“?intitle:index.of?mp3 eminem“

Now you’ll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3? with “pdf” or “zip” or “rar...

Use Hard Disk As Ram

In this post,Me gonna introduce u a very simple but effective trick on Using Hide Disk As RAM..Hope you guys gonna like..Please let us know and help us grow into a big community...So,Lets start Hacking....

Steps

Step 1: Go to Start-> Computer(right click)-> Properties

Step 2: Now on the left pane, under Control Panel Home, click on Advanced system settings

Step 3: Navigate to Advanced tab, under Performance tab, click on Settings...

Step 4: When Performance Options window, click on Advanced tab.

Step 5: Under Virtual memory, you get to change the paging file size for all drives. Click on Change... button (step 3-5 are shown below)

Step 6: Here you can uncheck Automatically manage paging file size for all drives and set values as per your requirements

Click OK. It will ask you for a restart. Restart your system and we are done!



Thanks for staying and please comment your views here

XSS:Cross Site Scripting!

Hey guys This is $K..

Today i'm gonna explain complete XSS...

XSS is also called -Cross Site Scripting

According to Wikipedia

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007.[1] Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.

Cross site scripting(XSS) are mainly of two types :

• Presistent


• Non-Presistent

1. Presistent:- XSS Presistent is also called stored XSS.. This occurs when --'' The data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping. A classic example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read..

This is usually found in search,find etc. fields... Its too dangerous... Cookie stealing,pishing can also be performed *__*

2.Non-Presistent:- XSS Non-Presistent is also called reflected XSS... This occurs when --'' The data provided by a web client, most commonly in HTTP query parameters or in HTML form submissions, is used immediately by server-side scripts to parse and display a page of results for and to that user, without properly sanitizing the request.

These also are same as XSS Presistent usually found in empty fields..

XSS today is one of the most common Vulnerability Found on web...

Today i'm gonna explain you how to perform XSS presisitent...

1. Find a XSS presistent vulnerable site..
2. Then watch the url carefully...
3. Type ur name in the search field..
4. If its XSS vulnerable ur name should be shown in the url :]
5. Use some scripts that can proof that this web-page is really vulnerable to XSS.. Type :< script >alert("$K Magic")
(remove the spaces between < and Script >
Did it opened a pop-up saying $K Magician ??..
Thus, it is XSS Presistent vulnerable..!! :)

I will Post about more XSS Non-Presistent And even new XSS'S!!

Thank You For Reading

Video Tutorial Coming Soon!!!!!!!!!!

Keep learning.....

$K....

How to Find the IP address of your Friends?

 anyway ... some were asking about finding IP addresses , but they didnt tell about whose IP address to find and where so m trying to make a post on this .IM (instant messangers ) like Facebook , gtalk , MSN , or any local IRC .. all of these have different topology or architecture or algorithm for chat function lets first discuss about it .

MSN or local IRC

When u chat with your friend using MSN or local IRC , behind the scene you are actually directly connected to the person's system itself .

[in MSN or local IRC] YOUR SYSTEM <=====> YOUR FRIEND'S SYSTEM.

When you start chat with any of your friend , first the chat server connects itself to you as well as your friend and when both connections are fully established , it removes itself from the middle and connects both the system's to one another.

In this case getting IP is very easy , follow these :

• before starting chat issue a command netstat -a or netstat -an or netstat -an -p tcp in ur command prompt .(i'll explain)
• now start chat and after exchanging 2-3 messages again issue same command .
• now compare both results .. is there any new connection in 2nd scan which was not there in previous scan !!!
• thats the IP of your friend.

[PS: make sure no other connections are opened in your browser]

Explanation of the commands : (you can get this by typing netstat /? in your command prompt :P )

• netstat -a : this command is used to display all connection and listening ports (this command takes time )
• netstat -an : this is almost same as netstat -a but it works faster as it diaplays data in numerical form
• netstat -an -p tcp : this command is an extension of netstat -an just a filter is used by adding -p tcp in it , it displays tcp connections only . (u'll need this)

Facebook and Gtalk

the topology in this is something like below :
Your system <===> facebook/gtalk server <====> your friend's system.

so if u use above method in this u'll end up getting no result , even if u get any result that will be the IP of the server so wat to do in this case ???
well u can use this method :

• go to
  
  http://www.myiptest.com/staticpages/index.php/how-about-you .
• there you'll find 3 fields
  
  1. Link for the person
  2. Redirect URL
  3. Link for you
• Field 1 for the person you want to get the IP of , give that link and say something so that he'll go there
• field 2 is for you to choose ... enter any url u want to redirect that person to .
• field 3 is for you to use ... save that url in field 3 and keep checking for your victim's IP

By E-mails

Well this is a bit complecated so i'll cover this on next post

So guys thats it .. these are some ways to get their IP. Let me know if you know some other methods .. whoops i forgot to mention something

"trick: if u own a domain .. and u want to know about someone's IP .... just give him a address of ur domain which doesnt exist like http://www.urdomain.com/something.jpg .. provided something.jpg doesnt exist . then check ur log u'll find a IP who visited that fake url :)"

Hope you enjoyed this .. thanks for reading :)
Stay Tuned !!!

Difference between DDR2 and DDR3 RAM

How to figure out the type of RAM in your system ?

Well the question is simple and so is the answer(dont try to find it in BIOS) . If you have the catalog of your system then you can refer it to know your RAM type or you can go to your system's manufacturer website to find the answer .
But still the above suggestion will only give tell you weather you have DDR2 or DDR3 RAM in your system .
I was still not satisfied and went a step ahead.
Here is a nice piece of software that gives you details about every hardware installed on your system ranging from processor to RAM to graphics etc . It gives every detail about the hardware profile of your system . The software is called CPU-Z and it can be downloaded from HERE.

What is the difference between DDR2 and DDR3 RAM?

In late 2008, Intel released the first Core i7 processors. These processors were paired with a new motherboard chipset called X58. This chipset introduced the need for a new type of memory called DDR3.
In the last two years the entire industry has converted over to DDR3. All of Intel’s new processors can only be used with a motherboard that requires DDR3. Recent AMD motherboards are also changing over to DDR3.

The term “DDR” stands for Double Data Rate RAM. This term came into use at the turn of the century when the first Double Data Rate RAM modules arrived. Double Data Rate RAM was capable of two data transfers per clock cycle, giving it twice the theoretical peak bandwidth of previous SDRAM while running at the same clock speed.

DDR2 and DDR3 are improvements on the same technology and further increase the number of data transfers per clock cycle. DDR2 RAM provides 4 data transfers per cycle, while DDR3 increases the number to 8. Assuming a base clock speed of 100Mhz, DDR RAM will provide 1600 MB/s of Bandwidth, DDR2 provides 3200 MB/s, and DDR3 provides 6400 MB/s. More is always better!

Here is a table to distinguish the performance.

Specifications
	DDR 2	DDR3
Transfer Speed	400 – 800 Mbps	800 – 1600 Mbps
Voltage	1.8V +/- 0.1V	1.5V +/- 0.075V
Internal Banks	4	8
Prefetch	4bits	8 bits
Termination	Limited	All DQ signals
Topology	Conventional T	Fly-by
CAS Latency	3 – 5	6 – 10
Thermal Sensor	No	Yes (optional)

Source : JDEC standard specification.


However, purchasing DDR2 or DDR3 RAM isn’t usually a matter of preference. DDR2 and DDR3 RAM are not compatible. If your motherboard uses DDR2, you cannot upgrade to DDR3 without upgrading your motherboard. This means that if you currently own a computer with DDR2 RAM and you want to upgrade to a brand new processor and motherboard you have to throw your your perfectly good DDR2 RAM and buy new DDR3 RAM.
In case you have any queries, you can post here in the comments section.

Anonymous-OS: Download and installation progress

Anonymous-OS is a special operating system for hackers, which based on linux operating system. In this OS a lot of tools for hacking. To install this OS on your computer you need to download VirtualBox and install that program on your computer. Then download Anonymous-OS.iso file, DOWNLOAD TORRENT FILE. 
After this all we can start operating system installation progress.
Open VirtualBox program, and in left side press new

in new opened small windows write your OS name( for example: Anonymous-OS ) , in Type select Linux, version select Ubuntu and press next

then select the RAM which need to used on that operating system and press next( for this operating system 512 Mb ram is ok )

in next step choose create a virtaul hard drive now and press create button, then opened a new windows select VDI ( virtualbox disk image ) and press next and in this time choose Dynamically allocated  and again press next. So now we need to choose folder for installing this op.system and set the limit size( for this op.system 4 Gb is normally ) and press create button.

Then we need to start op.system. Choose your op.system name on VirtualBox and press start button.

in new opened windows need to select optical disk drive( that .iso file we download ) and press start.

Our op.system is start. Choose live - boot the Live System and press enter.

So after that op.system need password. 
Password: anon
Write password and hit enter

ok we have op. system with a lot of hacking tools

Have a nice hacking :)

Exclusive Giveaway-WinX HD Video Converter Deluxe License Keys

Exclusive Giveaway – Win Free Copy of WinX HD Video Converter Deluxe

WinX HD Video Converter Deluxe, all-in-one video software as a HD video converter, slideshow maker, video editor and YouTube video downloader, gives you an ultimate control over video files. With over 320 video codecs & 50 audio codecs, it owns powerful capability to meet fast and high-quality video conversion needs without assistance of any third-party tool.

This video software enables you to convert between all mainstream video formats, like 1080p multi-track high definition videos MKV, M2TS, MTS, AVCHD, MOD, HD camcorder videos, Blu-ray videos, and standard definition videos AVI, MPEG, MP4, M4V, WMV, MOV, VOB, FLV, RM, RMVB, WebM, Google TV, etc. Moreover, it has 280+ built-in preset profiles to convert videos for iPhone (iPhone 5 included), iPad (iPad 4/iPad Mini included), Google New Nexus 7, iPod, HTC One, HTC Desire, Samsung Galaxy S4, Galaxy Note, Galaxy Tab, WP8, PSP, etc on the way or on the fly.

Special Features:)

• ^ All-in-one HD Video converter, YouTube downloader and DVD burner.
• ^ Convert among MKV, AVCHD, M2TS, AVI, FLV, MP4, WMV, etc.
• ^ Convert videos to iPhone, iPad, iPod, PSP, Android, etc.
• ^ Built with versatile video audio editing features.

$49.95    $0               

Download Trial version first.......

Sharing is caring! It can be fun.

Share to your Facebook page.

Tweet to your friends.


How to get keys......

Follow this simple steps


1] First Subscribe our blog....


2] Share this post on your facebook timeline

3] Follow us on twitter

4] Comment below your email address if you have done all the steps......

We will Choose 5 winners :)


Best of Luck...Giveaway gonna be closed on 26 september 2013....................

 


Keys Published

Here are the keys of WinX HD Video Converter Deluxe:

AF-VTEOVPEM-SAMAIX
AF-VPELVLEY-CHAMIX
AF-VPVDJJEQ-CUCHLX
AF-VEEQVQVS-RRBCIX
AF-VZEYVYEO-OGZQIX

The best hacking tools collection

Here, i have collect some best hacking tools for you. That are listed below:

Nessus
The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

Ethereal
Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.



Snort
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

Netcat
Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol.   

TCPdump
TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

Hping
Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

DNSiff
DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

GFI LANguard
GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities.

Ettercap
>Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix.

OpenSSH
OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

TripWire
Tripwire is a tool that can be used for data and program integrity assurance.

Kismet
Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.

NetFilter
NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.

IP Filter
IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.

pf
OpenBSD Packet Filter

fport
fport identifys all open TCP/IP and UDP ports and maps them to the owning application.

SAINT
SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited.

OpenPGP
OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.


Metasploit
Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only.

Fast-track
Fast-Track is a python based open source security tool aimed at helping penetration testers conduct highly advanced and time consuming attacks in a more methodical and automated way. Fast-Track is now included in Backtrack version 3 onwards under the Backtrack --> Penetration category. In this talk given at Shmoocon 2009, the author of Fast-Track Dave Kennedy runs us through a primer on the tool and demonstrates 7 different scenarios in which he breaks into systems using the Fast-Track tool. These scenarios include automated SQL injection, MSSQL brute forcing, Query string pwnage, Exploit rewrite, Destroying the Client and Autopwnage.


If you know more, share with me via comment:)

List of Websites to download required Ebooks For free

Top 5 Websites to Download Free Ebooks

Hello Friends, today i am going to share with you world's best top 10 websites to download free ebooks in PDF format. Most of us thinks that's eBooks are very hard to find on internet, but that's not true. You can find almost each and every eBook in the sites that i will tell you today. So guys these are the Best Top 10 websites to download free eBooks on internet.

1. EBOOKS-IT

EBOOKS-IT is the world's biggest source to download computer eBooks for free. Here you can find a huge collection of eBooks from the world's leading publishers. To access thousands of eBooks you just have to browse the various categories on the left or simply to use search engine. Find eBooks that you are interested in and download it for free.

2. FreeBookSpot

FreeBookSpot is an online source of free ebooks download with 4485 FREE E-BOOKS in 96 categories which up to 71,97 GB.

You can search and download free books in categories like scientific, engineering, programming, fiction and many other books. No registration is required to download free e-books.

3.  ManyBooks

ManyBooks provides free ebooks for your PDA, iPod or eBook Reader. You can randomly browse for a ebook through the most popular titles, recommendations or recent reviews for visitors. There are 21,282 eBooks available here and they’re all free! On this website go to to book and at right you will see download option. Select the format and download the book.

4.  GetFreeEBooks

GetFreeEBooks is a free ebooks site where you can download free ebooks totally free. All the ebooks within the site are legal downloadable free ebooks.

5.  FreeComputerBooks

FreeComputerBooks consists of a huge collection of free online computer Programming, Mathematics, Technical Books, Lecture Notes and Tutorials. It is very well categorized by topics, with 12 top level categories, and over 150 sub-categories.

 

Share us if you have any other websites to download free E books

Samsung Galaxy S5 Concept and reviews

• 
  

The Samsung Galaxy S5 is probably going to be the most important phone of 2014 and there are a lot of rumors about it, along with really nice concepts made by fans. And this concept looks pretty realistic, also having decent features, though some might be exaggerated.
It’s most likely that Samsung Galaxy S5 will come with better features than the Galaxy S4, though I don’t believe it will sport 4GB of RAM, as this concepts shows. The concept also presents it at dustproof and waterproof, which might be real, considering that a lot of new smartphones have those features and they need to compete with them.

According to 91mobiles’ concept, it will feature a 2Ghz Octa-core CPU, 4GB of RAM, a 5.2-inch display, 3200 mAh battery, a 16MB primary camera and a 5MP frontal one, and it will come with 32GB, 64GB, or 128GB of internal storage. The operating system could be Android 5.0 Key Lime Pie, which I really believe will be released by then.

This concept also shows it with a metal body and we’ve even broken the news about this with a story from a trusted source of ours. This would be great, though personally I hope it doesn’t come with the cost a non-removable battery and lack of a microSD card slot. The Galaxy S4 case is pretty robust, despite the fact that it’s all polycarbonate. We expect Samsung to improve TouchWiz further along with the features it comes with. Every year we’ve seen really great features introduced by Samsung and while some might not work very well, I believe they will manage to improve them once with the release of the Galaxy S5. It should also feature the touch-less functions already seen in the Motorola Moto X.
The Samsung Galaxy S5 release date should be around May 2014, even though some rumors suggest that it might come much later. I don’t think they will wait too much since the previous version, because competition will then have much better devices, as the technology evolves very fast.
How would you like the Galaxy S5 to be and what do you expect it to come with ?

Introduction To Hacker's friendly BackBox

It is an Ubuntu-based Linux distribution penetration test and security assessment oriented providing a network and informatic systems analysis toolkit. BackBox desktop environment includes a minimal yet complete set of tools required for ethical hacking and security testing.

BackBox Linux project was born in south Italy in 2010. The project began on initiative of a single individual, but later, within a few months, became well populated community and expanding everyday.

BackBox Linux categories listed as follow:

- Information Gathering
- Vulnerability Assessment
- Exploitation
- Privilege Escalation
- Maintaining Access
- Documentation & Reporting
- Reverse Engineering
- Social Engineering
- Forensic Analysis
- VoIP Analysis
- Wireless Analysis
- Miscellaneous

More than 70 tools are included in BackBox:

- Metasploit/Armitage
- Nmap
- BeEF
- OpenVAS
- W3af
- The Social Engineering Toolkit
- Ettercap
- Scapy
- Wireshark
- Kismet
- Aircrack
- Ophcrack
- Sqlmap
- Crunch
- Reaver
- John The Ripper
etc...

This is the official website of Backbox: http://www.backbox.org/

Top Hackers Theme for Windows 7 and 8 using Rainmeter Skin

Download Top 5 inspiring windows 7 themes for Hackers

1st of all you need to install rainmeter on your computer, for installing these themes, rainmeter is best desktop customization software, download rainmeter , these themes are Made for windows 7, but you can use it on windows xp too.

1-  BlueVision Alpha

Blue vision aplha v2.0 is one of the best rainmeter skins, you'll Get lot of attractive widgets in this theme, you can make it more awesome by changing background.

Download
2- Jarvis (iRon Man Skin)
Jarvis is a Iron main inspired rainmeter skin, you can convert into hackers theme using new widgets and changing background image,Jarvis skin's centrel interface is damn cool.

Download
3-Tron Legacy ( 3D desktop )

download
4- Alien 3d Rainmeter Skin
alien 3d is amazing skin, it will give a 3d Look to your desktop

Download
5- Blue HDD

Download
Experiment : You can Make your desktop more amazing and awesome, by merging all skins's widgets/pulgins together , take a look, i've made it with blue vision alpha and jarvis.

Access Any Website Or Forum Without Registering(google bot)

hi everyone   

in this tutorial i will show you how to access any forum or any website without registering

using google bot 

first download this add-on for Firefox called 'user agent switcher’ here and install it. 

Now go to Tools > Default Agent Switcher > User Agent Switcher > Options 

now go to new > new user agent and type the following in the description

crawl-66-249-66-1.googlebot.com

and in user agent field type

Googlebot/2.1 (+http://www.googlebot.com/bot.html)

as shown in the screenshot below.

Select Google Bot as your User Script 

Security Tips By World's Most Wanted Hacker Kevin Mitnick

Kevin Mitnick came by his security expertise the hard way. In the 1990s, his electronic penetration of some of the biggest companies in the world made him a notorious tech boogieman, and ultimately landed him five years in prison.

Now free and clear, Mitnick has reinvented himself as a computer security consultant and writer. He travels the world teaching organizations how to secure their information in a world of corporate spies and younger versions of himself. He took a break from his jet-setting to share some practical security tips. The Tips is Posted BY Cyber Elite.Clip them and stick them on your parents' refrigerator or your IT administrator's white board.

Here is Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace:

• Back up everything! You are not invulnerable. Catastrophic data loss can happen to you -- one worm or Trojan is all it takes.

• Choose passwords that are reasonably hard to guess -- don't just append a few numbers to a no-brainer. Always change default passwords.

• Use an antivirus product like Kaspersky or Norton , and set it to update daily.

• Update your OS religiously and be vigilant in applying all security patches released by the software manufacturer.

• Avoid hacker-bait apps like Internet Explorer and disable automatic scripting on your e-mail client.

• Use encryption software like PGP (pretty good privacy) when sending sensitive e-mail. You can also use it to protect your entire hard drive.

• Install a spyware detection app -- or even several. Programs that can be set to run frequently, like SpyCop, are ideal.

• Use a personal firewall. Configure it to prevent other computers, networks and sites from connecting to you, and specify which programs are allowed to connect to the net automatically.

• Disable any system services you're not using, especially apps that could give others remote access to your computer (like Remote Desktop, RealVNC and NetBIOS).

• Secure your wireless networks. At home, enable WPA (Wi-Fi protected access) with a password of at least 20 characters. Configure your laptop to connect in Infrastructure mode only, and don't add networks unless they use WPA.

Today, Mitnick has been able to move past his role as a black hat hacker and become a productive member of society. He served five years, about 8 months of it in solitary confinement, and is now a computer security consultant, author and speaker.

Best Ways to boost Up your internet Speed

 Internet is fun if it's speed is high...So,here's some tricks to boost up internet speed...

Steps

1. Check to see if faster internet connections are in your area. Fiber optic and cable internet tend to be faster than DSL and Dial-Up.
   

   2) Do some basic maintenance on your PC. Run Disk Defrag, a scan disk, a virus scan, a malware scan, and clear your recycle bin. An unusually slow Internet connection experience is often the only sign that your computer is infected with viruses or other malware. Delete old files and temporary files. Never allow the free space on your C: drive to be less than 10% of the total size or twice the installed RAM (which ever is larger). A well maintained PC will operate much better than a PC that has never had any maintenance. Google or your local computer repair store should be able to help you with this if you don't know how or you can use any good system cleaner and PC optimizer tool for free such as [ Registry Cleaner and Wise Disk Cleaner] or purchase something.
   
2. 

            3) Reset Your Home Network. Sometimes restarting (or unplugging and replugging the electric power on) your home network or your router -- if you have one -- will drastically increase the speed of your connection.
   
   4) Check your home network equipment in general. If you have multiple computers sharing a connection, make sure all the computers are physically connected to a router or switch, and not just to a hub. Hubs are "dumb", low-level equipment, while routers are capable of prioritizing and directing traffic effectively.
   
   
   5)Optimize your cache or temporary Internet files. These files improve your Internet connection performance by not downloading the same file over and over. When a web site puts their logo graphic on every page your computer only downloads a new one when it changes.
   
   
   • Caution: If you delete the temporary files (graphics and such), they must be downloaded again when you go to that site. If you disable the cache (loaded software, data), then it must be downloaded every time you view the page that uses it. This can be fixed by opening Internet Explorer, clicking on "Tools" at the top and choosing "Internet Options". On the General tab, click the "Settings" button next to Temporary Internet Files. Set a check mark for newer versions to handle downloading new versions "Automatically". Set the amount of disk space to use to 2% of your total harddisk size or 512 MB, which ever is smaller. On Firefox, click "Tools" then "Options," and go to the privacy tab. Then click on the Cache tab within this to set it to automatic.
   6)If you are using a Wireless router, make sure it doesn't conflict with a cordless phone or wireless camera. Wireless routers come in three varieties; 802.11 b, g, and n (2.4Ghz) or 802.11 a (5.8Ghz) If you are using a 2.4Ghz Cordless phone and 2.4Ghz Wireless router then your Internet connection speed will slow while you use the cordless phone. The same is true of wireless security cameras. Check on your phone and camera, if it's 900Mhz then it's fine. If it says 2.4Ghz or 5.8Ghz then it could be the cause of your slow connection speed while they're in use.
   
   
   7)Call your Internet service provider (ISP). Sometimes you just have bad service. They can usually tell if your connection is substandard without having a technician come to your home. Just be nice and ask.
   
   
   8)Upgrade your computer. If your computer is slow, it doesn't matter how fast your Internet connection is, the whole thing will just seem slow. You can only access the Internet as fast as your PC will allow you to.
   
   
   9)Upgrade your router/firewall equipment. Specifically, look into any speed specifications (many older routers are not capable of transmitting to/from the internet faster than 10 Mbps, even though the local ports transmit in 100 Mbps). Also, older routers may be underpowered, so that even though the theoretical speed is 10 Mbps, the processor on the router is too weak to reach maximum speed.
   
   
   10)Upgrade your router firmware. Check the manufacturer's web site for firmware downloads for your router. Compare this with your version, and upgrade if necessary. Most routers have web interfaces for managing this, check for any labels on your router specifying default address, username and password.
   
   
   11)Replace your old cable modem. Any solid-state electronics will degrade over time due to accumulated heat damage. Your broadband modem will have a harder and harder time 'concentrating' on maintaining a good connection as it gets older (signal to noise ratios will go down, and the number of resend requests for the same packet will go up). An after-market cable modem as opposed to a cable-company modem will frequently offer a better connection.
   
   
   12)Often your connection speed is slow because other programs are using it. To test if other programs, such as anti-virus and other updates, are accessing the Internet without your knowing, Click Start, Click Run. Type "cmd" (without quotes). Type "netstat -b 5 > activity.txt". After a minute or so, hold down Ctrl and press C. This has created a file with a list of all programs using your Internet connection. Type activity.txt to open the file and view the program list.
   
   
   13)Try pressing Ctrl-Alt-Delete simultaneously and open up the Task Manager. Go to the process menu and close those processes that may be stealing your valuable bandwidth. (NOTE: Closing processes with unknown filenames may cause known programs to not function properly). There is a column with the User Name, and if that is "System", you'd better leave it alone until you stop using the program that needs it. But if the User is your own login name, then it is not crucial to the operating system, but may be needed by other programs, however you may experiment. Often the system will not allow closing of -- or will reopen -- needed system programs.
   
   
   14)After you have tried some of this try your connection again and see if it's running any faster. If it is better you may need to close those extras each time you restart your system until you set the startup list to not open them anymore.
   
   
   15)Check to see somebody else is using the internet on your home network. If somebody is downloading a lot of media from the internet, such as watching video or downloading large files, the host computer is using a lot of bandwidth and the other computers are using the remaining bandwidth.
   
   

   16) If you are using satelite internet, your internet connection might be altered because of wind (vibrations) and electrical activity in/among clouds, heavy snow, or rain and lightning, static, or other electrical interference.