Sondag 26 April 2020

TERMINOLOGIES OF ETHICAL HACKING

What is the terminologies in ethical hacking?

Here are a few key terms that you will hear in discussion about hackers and what they do:


1-Backdoor-A secret pathway a hacker uses to gain entry to a computer system.


2-Adware-It is the softw-are designed to force pre-chosen ads to display on your system.


3-Attack-That action performs by a attacker on a system to gain unauthorized access.


4-Buffer Overflow-It is the process of attack where the hacker delivers malicious commands to a system by overrunning an application buffer.


5-Denial-of-Service attack (DOS)-A attack designed to cripple the victim's system by preventing it from handling its normal traffic,usally by flooding it with false traffic.


6-Email Warm-A virus-laden script or mini-program sent to an unsuspecting victim through a normal-looking email message.


7-Bruteforce Attack-It is an automated and simplest kind of method to gain access to a system or website. It tries different combination of usernames and passwords,again & again until it gets in from bruteforce dictionary.


8-Root Access-The highest level of access to a computer system,which can give them complete control over the system.


9-Root Kit-A set of tools used by an intruder to expand and disguise his control of the system.It is the stealthy type of software used for gain access to a computer system.


10-Session Hijacking- When a hacker is able to insert malicious data packets right into an actual data transmission over the internet connection.


11-Phreaker-Phreakers are considered the original computer hackers who break into the telephone network illegally, typically to make free longdistance phone calls or to tap lines.


12-Trojan Horse-It is a malicious program that tricks the computer user into opening it.There designed with an intention to destroy files,alter information,steal password or other information.


13-Virus-It is piece of code or malicious program which is capable of copying itself has a detrimental effect such as corrupting the system od destroying data. Antivirus is used to protect the system from viruses.


14-Worms-It is a self reflicating virus that does not alter  files but resides in the active memory and duplicate itself.


15-Vulnerability-It is a weakness which allows a hacker to compromise the security of a computer or network system to gain unauthorized access.


16-Threat-A threat is a possible danger that can exploit an existing bug or vulnerability to comprise the security of a computer or network system. Threat is of two types-physical & non physical.


17-Cross-site Scripting-(XSS) It is a type of computer security vulnerability found in web application.It enables attacker to inject client side script into web pages viwed by other users.


18-Botnet-It is also known as Zombie Army is a group of computers controlled without their owner's knowledge.It is used to send spam or make denial of service attacks.


19-Bot- A bot is a program that automates an action so that it can be done repeatedly at a much higher rate for a period than a human operator could do it.Example-Sending HTTP, FTP oe Telnet at a higer rate or calling script to creat objects at a higher rate.


20-Firewall-It is a designed to keep unwanted intruder outside a computer system or network for safe communication b/w system and users on the inside of the firewall.


21-Spam-A spam is unsolicited email or junk email sent to a large numbers of receipients without their consent.


22-Zombie Drone-It is defined as a hi-jacked computer that is being used anonymously as a soldier or drone for malicious activity.ExDistributing Unwanted Spam Emails.


23-Logic Bomb-It is a type of virus upload in to a system that triggers a malicious action when certain conditions are met.The most common version is Time Bomb.


24-Shrink Wrap code-The process of attack for exploiting the holes in unpatched or poorly configured software.


25-Malware-It is an umbrella term used to refer a variety of intrusive software, including computer viruses,worms,Trojan Horses,Ransomeware,spyware,adware, scareware and other malicious program.


Follow me on instagram-anoymous_adi

Related links


  1. Hacking Gif
  2. Grey Hat Hacking
  3. Wifi Hacking
  4. Hacking Informatico
  5. Blog Hacking
  6. Hacking 2018
  7. Hacking Programs
  8. Experto En Seguridad Informática
  9. Aprender Hacking Desde Cero

Saterdag 25 April 2020

How To Start PHP And MYSQL | The Best Server For PHP And MYSQL | Tutorial 1


Many of people want to start PHP programming embedded with MYSQL databases concepts. So i thought that I should start a series about PHP and MYSQL. So in this series of video tutorials you exactly got the content about PHP and MYSQL.

As PHP is server side scripting language. So it requires a server to get execute over the web browser. First of all you have to download and install a server that may be XAMPP, WAMPP or LAMPP. I'm using XAMPP server in the tutorials. So if you wanna follow me then download a XAMPP server. I'm using this because it has a good interface to work  and it's really simple. XAMPP is compatible with windows, MAC and Linux operating as well. WAMPP is only for windows and LAMPP is used for MAC and Linux operating system. So i prefer XAMPP for this series.

How to create Database

Step 1:

Open Your XAMPP control panel and start Apache and Mysql services.

Step 2:

Go to your Web browser and type "localhost/phpmyadmin". It will open your databases area. If you have an error then your services are not in running state. If you have any error then comment below.

Step 3:

Click over the "new" to create a new database.

Step 4:

Write Database_Name and click over the Create button. For example Facebook, Students etc.

Step 5:

Write Table_Name like admin, users etc. your can increase and decrease the size of rows. Click over Save/Create button.

Step 6:

Write your Attribute_Names in first column like Username, Email, Passwords etc. In the next data type column you have to select the data type whether it is integer or string type etc. In the next column you have to set the length of string/words.

Step 7:

If you wanna go through with a Primary_Key. Then just you have to checked the Auto_Increment box as you will shown in the video. For further watch the video for better understanding. 



wafw00f's installation
   If you're using Debian-based distro, enter this commands to install wafw00f: sudo apt update && sudo apt install wafw00f

   But if you're using another Linux distro, enter these commands to install wafw00f:

How to use wafw00f?
   The basic usage is to pass an URL as an argument. Example:

Final Words to you
   Questions? Pull up an issue on GitHub Issue Tracker or contact to EnableSecurity.
   Pull requests, ideas and issues are highly welcome. If you wish to see how WAFW00F is being developed, check out the development board.

   Some useful links:

   Presently being developed and maintained by:

Continue reading


  1. Raspberry Hacking
  2. Hacking Books
  3. Hacking Y Seguridad

Top 5 Best TV Series Based On Hacking & Technology 2018

Best TV Series Based On Hacking & Technology 2018

Top 5 Best TV Series Based On Hacking & Technology 2018

Top 5 Best TV Series Based On Hacking And Technology 2018

Well, if you are a tech fanatic then you will love watching TV shows which are based on hacking and technology. If you are a tech geek, then you will know that hacking stuff in movies/serials always generates glamor and mystery and adds that special oomph factor to the movie or Tv SHOW.
However, there are not much movies/ or TV serials made on hacking and technology. Technology is rapidly becoming the key point in human lives. The previous year we have seen how hackers had made their marks on giant companies. So, in this article, we are going to discuss top TV shows which have to hack as the central theme. So, have a look at the list.

#1 Mr. Robot

Mr. Robot: Best TV Series Based On Hacking & Technology 2018
Mr. Robot: Best TV Series Based On Hacking & Technology 2018
Well, the reason why I listed Mr. Robot on the top is because this show has millions of followers and this is the first show that portrays an elite hacker. The elite hacker group uses computers, smartphones and many other technologies to penetrate secure network to take down evil corporation while being anonymous. The show displays the life of a young programmer named Elliot who works as a cyber-security engineer and a vigilante hacker by night.

#2 Silicon Valley

Silicon Valley
Silicon Valley
This TV series displays the tech and hacking with a bit of comic touch. The series shows the competition between techies in the high-tech gold rush of modern Silicon Valley. What's more interesting is the people who are more qualified are least successful whereas underdogs are making it big. This show is running successfully for three years now.

#3 The IT Crowd

The IT Crowd
The IT Crowd
The IT Crowd is very popular series and is running successfully for eight years from 2006 to 2013. It is not like Mr.Robot it has its moments of hacks. The series shows the comedic adventures of a rag-tag group of technical support workers at a large corporation.

#4 Person Of Interest

Person Of Interest
Person Of Interest
It is one of the best TV series made till now. You will get to see the humor, twists, and lots of other things. In this show and intelligent programmer built and AI (Artificial intelligence) that helps to stop the crimes in the city. The show will definitely give you chills.

#5 Chuck

Chuck: Best TV Series Based On Hacking & Technology 2018
Chuck: Best TV Series Based On Hacking & Technology 2018
The TV series was somehow popular and ran from 2007 to 2013. The show shows the character of a young hacker and nerd who accidentally downloads US Govt, secrets into his brain and there is where the story starts CIA and NSA agents protect him and at the same time exploit him.

Related articles

OVER $60 MILLION WORTH OF BITCOINS HACKED FROM NICEHASH EXCHANGE

Over $60 Million Worth of Bitcoins Hacked from NiceHash Exchange. Bitcoin mining platform and exchange NiceHash has been hacked, leaving investors short of close to $68 million in BTC.
As the price of Bitcoin continues to rocket, surging past the $14,500 mark at the time of writing, cyberattackers have once again begun hunting for a fresh target to cash in on in this lucrative industry.
Banks and financial institutions have long cautioned that the volatility of Bitcoin and other cryptocurrency makes it a risky investment, but for successful attackers, the industry potentially provides a quick method to get rich — much to the frustration of investors.
Unfortunately, it seems that one such criminal has gone down this path, compromising NiceHash servers and clearing the company out.
In a press release posted on Reddit, on Wednesday, NiceHash said that all operations will stop for the next 24 hours after their "payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen."
NiceHash said it was working to "verify" the precise amount of BTC stolen, but according to a wallet which allegedly belongs to the attacker — traceable through the blockchain — 4,736.42 BTC was stolen, which at current pricing equates to $67,867,781.
"Clearly, this is a matter of deep concern and we are working hard to rectify the matter in the coming days," NiceHash says. "In addition to undertaking our own investigation, the incident has been reported to the relevant authorities and law enforcement and we are co-operating with them as a matter of urgency."
"We are fully committed to restoring the NiceHash service with the highest security measures at the earliest opportunity," the trading platform added.
The company has also asked users to change their online passwords as a precaution. NiceHash says the "full scope" of the incident is unknown.
"We are truly sorry for any inconvenience that this may have caused and are committing every resource towards solving this issue as soon as possible," the company added.
Inconvenience is an understatement — especially as so much was left in a single wallet — but the moment those coins shift, we may know more about the fate of the stolen investor funds.
Related word
  1. Curso Hacking Etico
  2. Growth Hacking Tools
  3. Hacking Pages
  4. Que Es Growth Hacking
  5. Growth Hacking Instagram
  6. Hacking Tor Funciona
  7. Hacking Videos
  8. Hacking Ethical
  9. Libros Para Aprender A Hackear
  10. Curso Completo De Hacking Ético

Memcrashed DDoS Exploit | Install | Github

Related word

  1. Curso De Ciberseguridad Y Hacking Ético
  2. Hacking Wifi Windows
  3. Sean Ellis Hacking Growth
  4. Growth Hacking Definicion
  5. Growth Hacking Instagram
  6. Que Es El Hacking Etico
  7. Hacking Tools
  8. Mind Hacking
  9. Que Es Hacker En Informatica
  10. Hacking Movies
  11. Hacking Etico 101 Pdf

Maandag 20 April 2020

DOS (Denial Of Service) Attack Tutorial Ping Of Death ;DDOS

What is DoS Attack?

DOS is an attack used to deny legitimate users access to a resource such as accessing a website, network, emails, etc. or making it extremely slow. DoS is the acronym for Denial oService. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. This results in the server failing to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.


Cutting off some business from the internet can lead to significant loss of business or money. The internet and computer networks power a lot of businesses. Some organizations such as payment gateways, e-commerce sites entirely depend on the internet to do business.

In this tutorial, we will introduce you to what denial of service attack is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

Types of Dos Attacks

There are two types of Dos attacks namely;

  • DoS– this type of attack is performed by a single host
  • Distributed DoS– this type of attack is performed by a number of compromised machines that all target the same victim. It floods the network with data packets.

Ultimate guide to DoS(Denial of Service) Attacks

How DoS attacks work

Let's look at how DoS attacks are performed and the techniques used. We will look at five common types of attacks.

Ping of Death

The ping command is usually used to test the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes) that TCP/IP allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the sent data packages are larger than what the server can handle, the server can freeze, reboot, or crash.

Smurf

This type of attack uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at an Internet Broadcast Address. The reply IP address is spoofed to that of the intended victim. All the replies are sent to the victim instead of the IP used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attack amplifies a single ping 255 times.  The effect of this is slowing down the network to a point where it is impossible to use it.

Buffer overflow

A buffer is a temporal storage location in RAM that is used to hold data so that the CPU can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds. An example of a buffer overflow is sending emails with file names that have 256 characters.

Teardrop

This type of attack uses larger data packets. TCP/IP breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victim to crash as it tries to re-assemble the packets.

SYN attack

SYN is a short form for Synchronize. This type of attack takes advantage of the three-way handshake to establish communication using TCP. SYN attack works by flooding the victim with incomplete SYN messages. This causes the victim machine to allocate memory resources that are never used and deny access to legitimate users.

DoS attack tools

The following are some of the tools that can be used to perform DoS attacks.

  • Nemesy– this tool can be used to generate random packets. It works on windows. This tool can be downloaded from http://packetstormsecurity.com/files/25599/nemesy13.zip.html . Due to the nature of the program, if you have an antivirus, it will most likely be detected as a virus.
  • Land and LaTierra– this tool can be used for IP spoofing and opening TCP connections
  • Blast– this tool can be downloaded from http://www.opencomm.co.uk/products/blast/features.php
  • Panther- this tool can be used to flood a victim's network with UDP packets.
  • Botnets– these are multitudes of compromised computers on the Internet that can be used to perform a distributed denial of service attack.

DoS Protection: Prevent an attack

An organization can adopt the following policy to protect itself against Denial of Service attacks.

  • Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks.
  • Intrusion detection systems can also be used to identify and even stop illegal activities
  • Firewalls can be used to stop simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.
  • Routers can be configured via the Access Control List to limit access to the network and drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to do so. This is why you will need to setup your own network for this exercise.

Open the command prompt on the target computer

Enter the command ipconfig. You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

For this example, we are using Mobile Broadband connection details. Take note of the IP address. Note: for this example to be more effective, and you must use a LAN network.

 Switch to the computer that you want to use for the attack and open the command prompt

We will ping our victim computer with infinite data packets of 65500

Enter the following command

ping 10.128.131.108 –t |65500

HERE,

  • "ping" sends the data packets to the victim
  • "10.128.131.108" is the IP address of the victim
  • "-t" means the data packets should be sent until the program is stopped
  • "-l" specifies the data load to be sent to the victim

You will get results similar to the ones shown below

Ultimate guide to DoS(Denial of Service) Attacks

Flooding the target computer with data packets doesn't have much effect on the victim. In order for the attack to be more effective, you should attack the target computer with pings from more than one computer.

The above attack can be used to attacker routers, web servers etc.

If you want to see the effects of the attack on the target computer, you can open the task manager and view the network activities.

  • Right click on the taskbar
  • Select start task manager
  • Click on the network tab
  • You will get results similar to the following

Ultimate guide to DoS(Denial of Service) Attacks

If the attack is successful, you should be able to see increased network activities.

 

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going to use Nemesy to generate data packets and flood the target computer, router or server.

As stated above, Nemesy will be detected as an illegal program by your anti-virus. You will have to disable the anti-virus for this exercise.

Ultimate guide to DoS(Denial of Service) Attacks

Enter the target IP address, in this example; we have used the target IP we used in the above example.

HERE,

  • 0 as the number of packets means infinity. You can set it to the desired number if you do not want to send, infinity data packets
  • The size field specifies the data bytes to be sent and the delay specifies the time interval in milliseconds.

 

Click on send button

You should be able to see the following results

Ultimate guide to DoS(Denial of Service) Attacks

The title bar will show you the number of packets sent

Click on halt button to stop the program from sending data packets.

You can monitor the task manager of the target computer to see the network activities.

Summary

  • A denial of service attack's intent is to deny legitimate users access to a resource such as a network, server etc.
  • There are two types of attacks, denial of service and distributed denial of service.
  • A denial of service attack can be carried out using SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow
  • Security patches for operating systems, router configuration, firewalls and intrusion detection systems can be used to protect against denial of service attacks.
@EVERYTHING NT
Related word

Top System Related Commands In Linux With Descriptive Definitions


Commands are just like an instructions given to a system to do something and display an output for that instruction. So if you don't know how to gave an order to a system to do a task then how it can do while you don't know how to deal with. So commands are really important for Linux users. If you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well.
In this blog you will get a content about commands of Linux which are collectively related to the system. That means if you wanna know any kind of information about the system like operating system, kernel release information, reboot history, system host name, ip address of the host, current date and time and many more.

Note:

If you know about the command but you don't have any idea to use it. In this way you just type the command, then space and then type -h or --help or ? to get all the usage information about that particular command like "uname" this command is used for displaying the Linux system information. You don't know how to use it. Just type the command with help parameter like: uname -h or uname --help etc.

uname 

The "uname" is a Linux terminal command responsible of displaying the information about Linux system. This command has different parameter to display a particular part of information like kernel release (uname -r) or all the information displayed by typing only one command (uname -a).

uptime

This command is used to show how long the system has been running and how much load on it at current state of the CPU. This command is very useful when you system slows down or hang etc and you can easily get the info about the load on the CPU with the help of this command.

hostname

The "hostname" is the the command in Linux having different parameters to display the information bout the current host which is running the kernel at that time. If you wanna know about the parameters of hostname command then you just type hostname --help or hostname -h to get all the info about the command and the usage of the command.

last reboot

The "last reboot" is the command in Linux operating system used to display the reboot history. You just have to type this command over the Linux terminal it will display the reboot history of that Linux system.

date

The "date" is the command used in Linux operating system to show the date of the day along with the current time of the day.

cal

The "cal" command in Linux used to display the calendar which has the current date highlighted with a square box along with a current month dates and days just like a real calendar.

w

The "w" is the command used in Linux distro for the sake of getting the information about current user. If you type this command it will display who is online at the time.

whoami

The "whoami" is the command in Linux operating system used to show the information that who you are logged in as. For example if you are logged in as a root then it'll display "root" etc.

finger user

The "finger user" is the command used in Linux distribution to display the information about user which is online currently over that Linux system.

Related posts

  1. World No 1 Hacker Software
  2. Hacker Tools Software
  3. Game Hacking
  4. Pentest Tools Port Scanner
  5. Hacker Tools Mac
  6. Hacker
  7. Hacks And Tools
  8. Hack Tools For Pc
  9. Pentest Box Tools Download
  10. Pentest Tools For Ubuntu
  11. Pentest Tools For Android
  12. Pentest Tools Github
  13. Hack Tool Apk
  14. Usb Pentest Tools
  15. Hacking Tools Hardware
  16. World No 1 Hacker Software
  17. Nsa Hacker Tools
  18. How To Install Pentest Tools In Ubuntu
  19. Hacking Tools For Windows 7

How To Protect Your Private Data From Android Apps

protect-private-data-from-apps
In android there is lots of personal data that can be accessed by any unauthorized apps that were installed on the device. This is just because your Android data is openly saved in your file explorer that is not encrypted or protected by encryption method, so, even normal app can also hijack your data very easily as the media access permissions are granted when you click on accept button while installing the apps. And this may be endangering the private data that you might not want to share with anyone. So here we have a cool way that will help you to make your data private by disallowing the apps to access your media files without your permission. So have a look on complete guide discussed below to proceed.

How To Protect Your Private Data From Android Apps

The method is quite simple and just need a rooted android device that will allow the Xposed installer to run on the device. And after having the Xposed installer you will be using an Xposed module to disallow the apps to have access to your personal or say private data. For this follow the guide below.

Steps To Protect Your Private Data From Android Apps:

Step 1. First of all, you need a rooted android as Xposed installer can only be installed on a rooted android, so Root your android to proceed for having superuser access on your android.
Step 2. After rooting your Android device you have to install the Xposed installer on your android and thats quite lengthy process and for that, you can proceed with our Guide to Install Xposed Installer On Android.Xposed Installer
Step 3. Now after having an Xposed framework on your Android the only thing you need is the Xposed module that is DonkeyGuard – Security Management the app that will allow you to manage the media access for apps installed on your device.
Step 4. Now install the app on your device and after that, you need to activate the module in the Xposed installer. Now you need to reboot your device to make the module work perfectly on your device.
Step 5. Now launch the app and you will see all the apps that are currently installed on your device.
privacy 1
Step 6. Now edit the media permission for the apps that you don't want to have access to your media with private data.privacy 2
That's it, you are done! now the app will disallow the media access to that apps.

Manually Checking App Permission

Well, our Android operating system offers a nice feature in which we can manage a single app's permission. However, you need to have Android 6.0 Marshmallow or a newer version to get the option.
Step 1. First of all, open Settings and then tap on 'Apps'.
Manually Checking App Permission
Manually Checking App Permission
Step 2. Now you will see the list of apps that are currently installed on your Android smartphone. Now you need to select the app, and then you will see 'Permissions.'
Manually Checking App Permission
Manually Checking App Permission
Step 3. Now it will open a new window, which will show you all permissions that you have granted to the app like Camera access, contacts, Location, microphone, etc. You can revoke any permissions as per your wish.
Manually Checking App Permission
Manually Checking App Permission
Well, the same thing you need to perform if you feel that you have installed some suspicious app on your Android. By this way, you can protect your private data from Android apps.

More information


  1. Pentest Tools List
  2. Hack Tools
  3. Pentest Tools Linux
  4. Nsa Hacker Tools
  5. Usb Pentest Tools
  6. Hack Apps
  7. Hack Tools For Pc
  8. Hacker
  9. Pentest Tools Kali Linux
  10. Usb Pentest Tools
  11. Hak5 Tools
  12. Hack App
  13. Hacker Tools Mac
  14. Computer Hacker
  15. Hack Tools 2019
  16. Tools 4 Hack
  17. Kik Hack Tools
  18. Pentest Tools Kali Linux
  19. Beginner Hacker Tools
  20. Nsa Hack Tools Download
  21. How To Make Hacking Tools