pardon hackers

guptachari HTTP based trojan

noreply@blogger.com (yeshwanth) — Wed, 05 Sep 2012 16:44:00 +0000

guptachari is a bit different from other trojans for this you dont need a client to connect to the vitims server because it is HTTP based and your browser itself acts as client.

What is Guptachar ?
Guptachar is a remote administration tool. This means that once you install Guptachar on computer A, you can control computer A from any computer B provided that both computer A and computer B are on the same IP based network like the Internet.
Guptachar also differs from most remote administration tools in one respect. It does not require its own client. This is because Guptachar runs as a web server. So once you've installed Guptachar on Computer A, all you need on Computer B is a web browser.
Guptachar has various features which allow you to administer the remote computer (aka Computer A) like browsing files, uploading files, executing programs, logging keys, shutting down and restarting, etc.
I've got Guptachar installed, how do I do the controlling ?
Say you've got Guptachar installed on Computer A whose IP address is 10.7.1.5, just point your web browser to http://10.7.1.5/ and enjoy.
If you've chosen to install Guptachar on a port other than 80 (discussed in the section on installation), say 8081, simply point your browser to http://10.7.1.5:8081/ instead.
How do I get to know the remote computer's IP Address ?
That's a good question. If computer A accesses the internet through dialup, it is likely to have a different IP address every time it logs on. This is why Guptachar has the facility of an IRCBOT.
Basically, if the IRCBOT feature is activated,whenever the remote computer (Computer A) goes online, Guptachar will connect to an IRC server with a predefined nickname, providing its IP address as its real name. So, whenever you want to know Computer A's IP address, you also connect to the same IRC server (use an IRC client like mIRC) and type /whois nickname.
While installing Guptachar (or by changing its server options), you can specify which IRC server and with what nick to logon. In case, the nickname you specify is already occupied, it'll try to logon with variations of the nick. Say, the nick you specified was gupt, it'll try to login as gupt, then gupt1, then gupt2, etc.
You can also ask Guptachar to connect to IRC via an HTTP proxy. Beware though, some IRC servers do not allow you to connect through a proxy (especially an open one).
How do I install Guptachar ?
Normal Installation
Just run the install.exe file. It'll ask you a series of questions and then install Guptachar on your machine.
Firstly, it'll ask you which port you want Guptachar to work on. Now webservers usually work on port 80. But it might not be such a good idea to operate on that port. Also, if you are installing it on an account with insufficient priveleges, you may be forced to use a higher port no. Remember this though, if you use a port other than 80, say 8081, you'll need to point your browser at http://ipaddress:8081/ instead of http://ipaddress/ or just ipaddress.
Then, it'll ask you whether you want access to the machine to be restricted and if so, it'll ask you for a username password pair.
Then it'll ask you whether you want Keylogging to be enabled. Following this, it'll ask you details about the IRCBOT feature.
Most of these options can be changed later through Guptachar, mostly using Server Options.
Making a Quick Installer
A quick installer is a stand alone .exe file, which has both the guptachar binaries as well as your inputted options stored within itself. Just running the .exe file will install Guptachar on the system without any user interaction.
To make a quick installer, just run makeqinst.exe. It'll first ask you for the filename of the quickinstaller (ie. the name of the .exe file) and then the same questions that it asks during normal installation.
Running makeqinst.exe does not install Guptachar on your system.
You'll need to run the generated .exe file to actually install Guptachar

CLICK TO DOWNLOAD file in pardon hackers group
like pardon hackers in fb http://www.facebook.com/PardonHackers

armadax keylogger 3.0 with serial

noreply@blogger.com (yeshwanth) — Tue, 04 Sep 2012 02:09:00 +0000

Download The Ardamax Keylogger 3.0

Download it and Install in your computer.

2-.Now right-hand click it and click ‘Enter registration key….

3-Enter the Name and password in the box fields

4.Once done click ‘Ok’ and you should get a pop-up saying ‘Registration code is accepted. Thank you for registration!

II. Creating the Keylogger Remote file:

1. Now your going to make the Keylogger Remote file (The thing you give to your victim). Click ‘Remote Installation…’,

click ‘Next’
2.Now,you should see this.

3.If you want to bind Keylogger Remote file with another application or file click the box that says ‘Append keylogger Remote file to file or another application’ and browse file or application that you want to bind it with.. I would prefer to skip this and bind the keylogger after creating the remote file.

4. Now click ‘Additional components’ and tick ‘Installation Package Bilder’ like done in the screenshot.

5.Now you should be at ‘Invisibility’, make sure all the boxes are ticked, then click ‘Next’.

6. Now you should be at ‘Security’, click ‘Enable’ and put your password (it can be any password you like, make it something easy so you can remember). Once done, make sure all the boxes are ticked and click ‘Next’.. Or else SkIp this also

7-untik the update optiong

8. Ok, you should now be at ‘Options’, use setting like done in screenshots.You can also select it destruction date

9. Ok, now you should be at ‘Control’, click the box that says ‘Send logs every’, now make it so it sends logs every 20 minutes, then where it says ‘Delivery’, un-tick ‘Email’ and tick ‘FTP’, then where it says ‘Include’ un-tick ‘Screenshots’, now un-tick the box where it says ‘Send only if log size exceeds’, once thats done, it should all look like it does in this screenshot:

10. Now you should be at ‘FTP’, create a free account at http://www.drivehq.com then make sure your at ‘Online Storage’, then make a new folder called: Logs (this is where the logs are sent to when you keylogg someone), Now on your FTP on Ardamax Keylogger, where it says ‘FTP Host:’, put this:
FTP.DriveHQ.com
Now where it says ‘Remote Folder:’, put this: Logs
Now where it says ‘Userame:’ and ‘Password:’, put your DriveHQ username and password, then it should look something like this:

Now Click ‘Test’ and it should pop up like this

If not then see if the password and username is right.

Once done, do NOT change your DriveHQ password or rename/delete the folder called ‘Logs’, if you do, the logs will not come through.

11. You should now be at ‘Control’, un-tick ‘Enable Screenshots Capturing’ then click ‘Next’.

12. Now you can change name and icon your Keylogger Engine as you want it to look like.

ust click ‘Finish’.
13.After you click ‘Finish’ you should see this:

Now Your Remote File Is Created

happy hacking ;]

back orifice trojan horse

noreply@blogger.com (yeshwanth) — Fri, 24 Aug 2012 05:20:00 +0000

Back Orifice 2000

BO2K or Back Orifice 2000 is one of the most POWERFULL trojans/admin tools out there well for the microsoft environment its not just a trojan , its also a remote network administration tool
so you can use it to hack and if ur an admin
it can make your life a bit eisier i belive if you can master this trojanyou can master any trojan this is realy only foradvanced users (as it was first made for linux) its default TCP port is18006 if its UDPIO the port will be 54320.

Make your server

Like SubSeven there is an edit server this is called bo2kcfg open it it willask you for ports and passwords just use thedefault port 18006 for TCP networking then it will go onto BO2K serverconfiguration select your server (BO2K) and insertthe BO_PEEP plugin this comes in the zip file adding this plugin will addthe vid streem option and hijack option BO_PEEPalso lets the server communicate better with the client then go to thestealth sub folder and enable the server to start upon the victims startup and you can change some default ports if you want butits not a good idia another good plugin to haveis Rattler v10 this send an email when the user is online but you need toconfigure this from the client. again re-namethe server and then get the IP from netstat -n now heres some thingdiffernet open bo2kgui this is the client then click thelittle computer in the bottom left it will come up with edit server settingsname of server well say you named the servermy pic put my pic in there the server address if there ip is http://www.facebook.com/l/165e3O03koA-Kq_cybr5mBOftCg/123.456.78.910and ur port is 18006 put in there http://www.facebook.com/l/165e3O03koA-Kq_cybr5mBOftCg/123.456.78.910:18006 then click ok then connect...it will say something like <BO2K BACK ORIFICE 1.0> in the server responcesection now this is pritty hard to master lets sayyou wanna log the victims key strokes you go to keylogging log keystrokesthen it will say diskfile this is where you wannalog the key strokes to type in a path likeC:\windows\system\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} some wheretheywill never look then wait for around 20mins then go to stop keylogging andsend the command then to view keystroke logsC:\windows\system\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} then sendcommand it will the let you view the logs in theserver responce section just mess around with it you will get it its one ofthose trojan that you need to work out your selftheres just so many commands for me to go frew them all but heres someoptionsKeyloggingM$ networkingTCP\IPnetwork mappingfile managerREGEIDTand more and belive me there is loads more also you can infect networks withthis trojan but its not a good idia becausean admin will spot it right away unless your an admin your self and want touse it to well admin things....:-)

trojan horse Guptachari

noreply@blogger.com (yeshwanth) — Fri, 24 Aug 2012 04:50:00 +0000

What is Guptachar ?
Guptachar is a remote administration tool ( trojan ) . This means that once you install Guptachar on computer A, you can control computer A from any computer B provided that both computer A and computer B are on the same IP based network like the Internet.
Guptachar also differs from most remote administration tools in one respect. It does not require its own client. This is because Guptachar runs as a web server. So once you've installed Guptachar on Computer A, all you need on Computer B is a web browser.
Guptachar has various features which allow you to administer the remote computer (aka Computer A) like browsing files, uploading files, executing programs, logging keys, shutting down and restarting, etc.

I've got Guptachar installed, how do I do the controlling ?
Say you've got Guptachar installed on Computer A whose IP address is 10.7.1.5, just point your web browser to http://10.7.1.5/ and enjoy.
If you've chosen to install Guptachar on a port other than 80 (discussed in the section on installation), say 8081, simply point your browser to http://10.7.1.5:8081/ instead.

How do I get to know the remote computer's IP Address ?
That's a good question. If computer A accesses the internet through dialup, it is likely to have a different IP address every time it logs on. This is why Guptachar has the facility of an IRCBOT.
Basically, if the IRCBOT feature is activated,whenever the remote computer (Computer A) goes online, Guptachar will connect to an IRC server with a predefined nickname, providing its IP address as its real name. So, whenever you want to know Computer A's IP address, you also connect to the same IRC server (use an IRC client like mIRC) and type /whois nickname.
While installing Guptachar (or by changing its server options), you can specify which IRC server and with what nick to logon. In case, the nickname you specify is already occupied, it'll try to logon with variations of the nick. Say, the nick you specified was gupt, it'll try to login as gupt, then gupt1, then gupt2, etc.
You can also ask Guptachar to connect to IRC via an HTTP proxy. Beware though, some IRC servers do not allow you to connect through a proxy (especially an open one).

How do I install Guptachar ?
Normal Installation
Just run the install.exe file. It'll ask you a series of questions and then install Guptachar on your machine.
Firstly, it'll ask you which port you want Guptachar to work on. Now webservers usually work on port 80. But it might not be such a good idea to operate on that port. Also, if you are installing it on an account with insufficient priveleges, you may be forced to use a higher port no. Remember this though, if you use a port other than 80, say 8081, you'll need to point your browser at http://ipaddress:8081/ instead of http://ipaddress/ or just ipaddress.
Then, it'll ask you whether you want access to the machine to be restricted and if so, it'll ask you for a username password pair.
Then it'll ask you whether you want Keylogging to be enabled. Following this, it'll ask you details about the IRCBOT feature.
Most of these options can be changed later through Guptachar, mostly using Server Options.
Making a Quick Installer
A quick installer is a stand alone .exe file, which has both the guptachar binaries as well as your inputted options stored within itself. Just running the .exe file will install Guptachar on the system without any user interaction. This quick installer will be considered as a virus by most of the antivirus to avoid detection use techinques like binding
To make a quick installer, just run makeqinst.exe. It'll first ask you for the filename of the quickinstaller (ie. the name of the .exe file) and then the same questions that it asks during normal installation.
Running makeqinst.exe does not install Guptachar on your system.
You'll need to run the generated .exe file to actually install Guptachar.

click here to download

send free anonymous email using online fake mailer

noreply@blogger.com (yeshwanth) — Sat, 18 Aug 2012 18:32:00 +0000

Email spoofing is email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails.

Although there are legitimate uses, these techniques are also commonly used in spam and phishing emails to hide the origin of the email message.

By altering an email's identifying fields, such as the From, Return-Path and Reply-To (which can be found in the message header), email can be made to appear to be from someone other than the actual sender.^[2]

Occasionally (especially if the spam requires a reply from the recipient, as in advance-fee frauds), the source of the spam email is indicated in the Reply-To field (or at least a way of identifying the spammer); if this is the case and the initial email is replied to, the delivery will be sent to the address specified in the Reply-To field, which could be the spammer's address. However, most spam emails (especially malicious ones with a trojan/virus payload, or those advertising a web site) forge this address too, and replying to it will annoy an innocent third party.

Prior to the advent of unsolicited commercial email (spam) as a viable business model, "legitimately spoofed" email was common. For example, a visiting user might use the local organization's SMTP server to send email from the user's foreign address. Since most servers were configured as open relays, this was a common practice. As spam email became an annoying problem, most of these "legitimate" uses fell victim to antispam techniques.

It is much more difficult to spoof or hide the IP or Internet Protocol address. The IP address is a 32 or 128 bit numerical label assigned to each device participating in a network and originates through the network provider making it more difficult to spoof or hide. Although this kind of verification is difficult for individual users, companies can use this technology as well as others such as cryptographic signatures (e.g., PGP "Pretty Good Privacy" or other encryption technologies) to exchange authenticated email messages. Authenticated email provides a mechanism for ensuring that messages are from whom they appear to be, as well as ensuring that the message has not been altered in transit. Similarly, sites may wish to consider enabling SSL/TLS in their mail transfer software. Using certificates in this manner increases the amount of authentication performed when sending mail.

CLICK HERE to go to online fake mailer tool

cehv7 ethical hacking course download

noreply@blogger.com (yeshwanth) — Sat, 18 Aug 2012 04:05:00 +0000

To penetrate delicate information and confidential information, hackers are needed to have some large finish competencies and in-depth knowledge of penetrating computer systems and network. When we think with the expression hacker, we envisage a gloomy picture of a youthful tech-freak who insert few codes and instructions at the laptop display and in turn get some good hugely confidential information and some account quantities. Even so, reality is not that dramatic!...Right here, an ethical hacker is a person who understands and features a operating knowledge of pc systems and also provides the understanding of particular tools which can be integrated to locate the vulnerabilities within the operating of the computer system method and community.
What is CEHv7 education about?
The Certified Ethical HackerCEHv7 is proven and offered from the Global Council of E-Commerce Consultants (EC-Council). CEHv7 coaching and certification program validates and certifies the skills than me professionals with all the abilities and skills to perform specific responsibilities within a distinct task role.
CEHv7 coaching and certification is one of the high-in-demand IT certifications, the strain of IT professionals using this credential is soaring large in history. This really is a single of the greatest resorts for organizations, in these susceptible times, to guard their IT infrastructure. Each and every generally, IT experts are required within the firm to audit security policies and safe the delicate information and conserve their company in the security wreckage.
Hired by the employers, moral hacker's works include acknowledging the loopholes in the community or even the program and reporting the implications towards the owner in the method or the network. The recommended measures also are intended to become talked about and the best way to tackle the vulnerabilities is also recognized and labored upon. The entire process revolves about acquiring gaps inside the method set up and actions to rectify the security difficulties. This complete course of action is worked upon from the IT specialists that have pursued CEHv7 certification.
What would be the importance of CEHv7 education and certification system?
Malicious hacking crimes are inescapable as of late, together with the developing technologies, the security threats will also be increasing. Malicious hackers try to acquire unauthorized entry towards the corporate community, simply to fetch some sensitive information and make difficulty or steal delicate data from the systems.
Mainly, CEHv7 training
Finding the correct expert or possibly a applicant for such career profile is incredibly critical and 1 with the toughest decisions. Factors which can be meant to become taken care of when picking a applicant are lots of, like acquiring out whether or not the professional is equipped with most current understanding of the technologies, the certifications are genuine and to locate out the qualified truly understands what's claimed.
What right after CEHv7 training and certification?
• Security experts• ITDirector / Manager• IT Security Auditors• Method tray network administrators
Surpass IT Safety Difficulties With CEHv7 Instruction and Certification Program
To penetrate delicate data and confidential info, hackers are essential to have some high finish capabilities and in-depth understanding of penetrating laptop or computer techniques and community. When we believe from the expression hacker, we envisage a gloomy image of a youthful tech-freak who insert couple of codes and commands at the laptop or computer screen and consequently have some very confidential information and a few account numbers. Nonetheless, actuality will not be that remarkable!...Right here, an ethical hacker is actually a person who understands and has a working information of laptop systems and also gets the information of certain equipment that is incorporated to locate the vulnerabilities

I got numerous Information Technology Certification. I have written many articles in different ITcertification as well as he has a vast experience in IT industry. In this article I guide the students that how they can pass the exams and how can they get the certification for the latest knowledge this certification exam students click at Microsoft Windows Embedded or visit its Windows Embedded Certification its better for your bright future and will helpful to attain the IT certification for more information touch with me.

Course details:

Certified Ethical Hacker

Certified Ethical Hacker (312-50) CEH

Prepare for the Certified Ethical Hacker CEH certification in InfoSec Insitute's Ethical Hackingcourse.

Exam Details
Number of Questions:	250
Passing Score:	70%
Test Duration:	4 Hours
Test Format:	Multiple Choice
Test Delivery:	Onsite at every InfoSec Institute Ethical Hacking class

Skills Measured
The Exam 312-50 tests Certified Ethical Hacker, CEH certification, candidates on the following 22 domains.


1.	CEH Ethics and Legal Issues	12.	CEH Web Application Vulnerabilities
2.	CEH Footprinting	13.	CEH Web Based Password Cracking Techniques
3.	CEH Scanning	14.	CEH SQL Injection
4.	CEH Enumeration	15.	CEH Hacking Wireless Networks
5.	CEH System Hacking	16.	CEH Virus and Worms
6.	CEH Trojans and Backdoors	17.	CEH Hacking Novell
7.	CEH Sniffers	18.	CEH Hacking Linux
8.	CEH Denial of Service	19.	CEH IDS, Firewalls and Honeypots
9.	CEH Social Engineering	20.	CEH Buffer Overflows
10.	CEH Session Hijacking	21.	CEH Cryptography
11.	CEH Hacking Web Servers	22.	CEH Penetration Testing Methodologies

Certified Ethical Hacker (CEH) Module 1: Ethics and Legality

What is an Exploit?
The security functionality triangle
The attacker's process
Passive reconnaissance
Active reconnaissance
Types of attacks
Categories of exploits
Goals attackers try to achieve
Ethical hackers and crackers - who are they
Self proclaimed ethical hacking
Hacking for a cause (Hacktivism)
Skills required for ethical hacking

Categories of Ethical Hackers
What do Ethical Hackers do?
Security evaluation plan
Types of Ethical Hacks
Testing Types
Ethical Hacking Report
Cyber Security Enhancement Act of 2002
Computer Crimes
Overview of US Federal Laws
Section 1029
Section 1030
Hacking Punishment

Certified Ethical Hacker (CEH) Module 2: Footprinting

What is Footprinting
Steps for gathering information
Whois
http://tucows.com
Hacking Tool: Sam Spade
Analyzing Whois output
NSLookup
Finding the address range of the network

ARIN
Traceroute
Hacking Tool: NeoTrace
Visual Route
Visual Lookout
Hacking Tool: Smart Whois
Hacking Tool: eMailTracking Pro
Hacking Tool: MailTracking.com

Certified Ethical Hacker (CEH) Module 3: Scanning

Determining if the system is alive?
Active stack fingerprinting
Passive stack fingerprinting
Hacking Tool: Pinger
Hacking Tool: Friendly Pinger
Hacking Tool: WS_Ping_Pro
Hacking Tool: Netscan Tools Pro 2000
Hacking Tool: Hping2
Hacking Tool: KingPing
Hacking Tool: icmpenum
Hacking Tool: SNMP Scanner
Detecting Ping sweeps
ICMP Queries
Hacking Tool: netcraft.com
Port Scanning
TCPs 3-way handshake
TCP Scan types
Hacking Tool: IPEye
Hacking Tool: IPSECSCAN

Hacking Tool: nmap
Port Scan countermeasures
Hacking Tool: HTTrack Web Copier
Network Management Tools
SolarWinds Toolset
NeoWatch
War Dialing
Hacking Tool: THC-Scan
Hacking Tool: PhoneSweep War Dialer
Hacking Tool: Telesweep
Hacking Tool: Queso
Hacking Tool: Cheops
Proxy Servers
Hacking Tool: SocksChain
Surf the web anonymously
TCP/IP through HTTP Tunneling
Hacking Tool: HTTPort
Hacking Tool: Tunneld
Hacking Tool: BackStealth

Certified Ethical Hacker (CEH) Module 4: Enumeration

Determining if the system is alive?
What is Enumeration
NetBios Null Sessions
Null Session Countermeasures
NetBIOS Enumeration
Hacking Tool: DumpSec
Hacking Tool: Hyena
Hacking Tool: NAT
SNMP Enumertion
SNMPUtil
Hacking Tool: IP Network Browser
SNMP Enumeration Countermeasures

Windows 2000 DNS Zone transfer
Identifying Win2000 Accounts
Hacking Tool: User2SID
Hacking Tool: SID2User
Hacking Tool: Enum
Hacking Tool: UserInfo
Hacking Tool: GetAcct
Hacking Tool: smbbf
SMB Auditing Tools
Active Directory Enumeration
W2K Active Directory attack

Certified Ethical Hacker (CEH) Module 5: System Hacking

Administrator Password Guessing
Performing Automated Password Guessing
Legion
NTInfoScan
Defending Against Password Guessing
Monitoring Event Viewer Logs
VisualLast
Eavesdroppin on Network Password Exchange
Hacking Tool: L0phtCrack
Hacking Tool: KerbCrack
Privilege Escalation
Hacking Tool: GetAdmin
Hacking Tool: hk
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Password Types
Types of Password Attacks
Dictionary Attack
Brute Force Attack
Distributed Brute Force Attack
Password Change Interval
Hybrid Attack
Cracking Windows 2000 Passwords
Retrieving the SAM file
Redirecting SMB Logon to the Attacker
SMB Redirection
Hacking Tool: SMBRelay
Hacking Tool: SMBRelay2
Hacking Tool: pwdump2
Hacking Tool: SAMdump
Hacking Tool: C2MYAZZ
Win32 Create Local Admin User
Offline NT Password Resetter
Hacking Tool: psexec
Hacking Tool: remoxec
SMBRelay Man-in-the-Middle (MITM)
SMBRelay MITM Countermeasures
Hacking Tool: SMBGrinder
Hacking Tool: SMBDie
Hacking Tool: NBTDeputy
NetBIOS DoS Attack
Hacking Tool: nbname
Hacking Tool: John the Ripper
LanManager Hash

Certified Ethical Hacker (CEH) Module 6: Trojans and Backdoors

What is a Trojan Horse?
Overt and Covert
Hacking Tool: QAZ
Hacking Tool: Tini
Hacking Tool: Netcat
Hacking Tool: Donald Dick
Hacking Tool: SubSeven
Hacking Tool: BackOrifice 2000
Back Oriffice Plug-ins
BoSniffer
Hacking Tool: NetBus
ComputerSpy Key Logger
Hacking Tool: Beast Trojan
Hacking Tool: CyberSpy Telnet Trojan
Hacking Tool: SubRoot Telnet Trojan
Hacking Tool: LetMeRule
Wrappers
Hacking Tool: Graffiti
Hacking Tool: Silk Rope 2000
Hacking Tool: EliteWrap
Hacking Tool: IconPlus
Packaging Tool: Microsoft WordPad

Hacking Tool: Whack a Mole Trojan Construction Kit
Writing Trojans in Java
Hacking Tool: FireKiller 2000
Covert Channels
ICMP Tunneling
Hacking Tool: Loki
Reverse WWW Shell
Backdoor Countermeasures
BO Startup and Registry Entries
NetBus Startup and Registry Keys
Port Monitoring Tools
fPort
TCPView
Process Viewer
Inzider - Tracks Processes and Ports
Trojan Maker
Hacking Tool: Hard Disk Killer
Man-in-the-Middle Attack
Hacking Tool: dsniff
System File Verification
TripWire

Certified Ethical Hacker (CEH) Module 7: Sniffers

What is a Sniffer?
Hacking Tool: Ethereal
Hacking Tool: Snort
Hacking Tool: WinDump
Hacking Tool: EtherPeek
Passive Sniffing
Active Sniffing
Hacking Tool: EtherFlood
How ARP Works?
Hacking Tool: ArpSpoof
Hacking Tool: DSniff
Hacking Tool: Macof
Hacking Tool: mailsnarf
Hacking Tool: URLsnarf
Hacking Tool: Webspy
Hacking Tool: Ettercap

Hacking Tool: WebMiTM
IP Restrictions Scanner
Hacking Tool: sTerm
Hacking Tool: Cain and Abel
Hacking Tool: Packet Crafter
Hacking Tool: SMAC
MAC Changer
ARP Spoofing Countermeasures
Hacking Tool: WinDNSSpoof
Hacking Tool: Distributed DNS Flooder
Hacking Tool: WinSniffer
Network Tool: IRIS
Network Tool: NetInterceptor
SniffDet
Hacking Tool: WinTCPKill

Certified Ethical Hacker (CEH) Module 8: Denial of Service

What is Denial of Service Attack?
Types of DoS Attacks
How DoS Work?
What is DDoS?
Hacking Tool: Ping of Death
Hacking Tool: SSPing
Hacking Tool: Land
Hacking Tool: Smurf
Hacking Tool: SYN Flood
Hacking Tool: CPU Hog
Hacking Tool: Win Nuke
Hacking Tool: RPC Locator
Hacking Tool: Jolt2
Hacking Tool: Bubonic
Hacking Tool: Targa
Tools for Running DDoS Attacks

Hacking Tool: Trinoo
Hacking Tool: WinTrinoo
Hacking Tool: TFN
Hacking Tool: TFN2K
Hacking Tool: Stacheldraht
Hacking Tool: Shaft
Hacking Tool: mstream
DDoS Attack Sequence
Preventing DoS Attack
DoS Scanning Tools
Find_ddos
SARA
DDoSPing
RID
Zombie Zapper

Certified Ethical Hacker (CEH) Module 9: Social Engineering

What is Social Engineering?
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Important User
Tech Support
Third Party Authorization
In Person
Dumpster Diving

Shoulder Surfing
Computer Impersonation
Mail Attachments
Popup Windows
Website Faking
Reverse Social Engineering
Policies and Procedures
Social Engineering Security Policies
The Importance of Employee Education

Certified Ethical Hacker (CEH) Module 10: Session Hijacking

What is Session Hijacking?
Session Hijacking Steps
Spoofing Vs Hijacking
Active Session Hijacking
Passive Session Hijacking
TCP Concepts - 3 way Handshake
Sequence Numbers
Sequence Number Example
Guessing the Sequence Numbers

Hacking Tool: Juggernaut
Hacking Tool: Hunt
Hacking Tool: TTYWatcher
Hacking Tool: IP Watcher
Hacking Tool: T-Sight
Remote TCP Session Reset Utility
Dangers Posed by Session Hijacking
Protection against Session Hijacking

Certified Ethical Hacker (CEH) Module 11: Hacking Web Servers

Apache Vulnerability
Attacks against IIS
IIS Components
ISAPI DLL Buffer Overflows
IPP Printer Overflow
msw3prt.dll
Oversized Print Requests
Hacking Tool: Jill32
Hacking Tool: IIS5-Koei
Hacking Tool: IIS5Hack
IPP Buffer Overflow Countermeasures
ISAPI DLL Source Disclosure
ISAPI.DLL Exploit
Defacing Web Pages
IIS Directory Traversal
Unicode
Directory Listing
Clearing IIS Logs
Network Tool: LogAnalyzer
Attack Signature
Creating Internet Explorer (IE) Trojan
Hacking Tool: IISExploit

Hacking Tool: UnicodeUploader.pl
Hacking Tool: cmdasp.asp
Escalating Privilages on IIS
Hacking Tool: IISCrack.dll
Hacking Tool: ispc.exe
IIS WebDav Vulnerability
Hacking Tool: WB
RPC Exploit-GUI
Hacking Tool: DComExpl_UnixWin32
Hacking Tool: Plonk
Unspecified Executable Path Vulnerability
Hacking Tool: CleanIISLog
File System Traversal Countermeasures
Microsoft HotFix Problems
UpdateExpert
Cacls utility
Network Tool: Whisker
N-Stealth Scanner
Hacking Tool: WebInspect
Network Tool: Shadow Security Scanner

Certified Ethical Hacker (CEH) Module 12: Web Application Vulnerabilities

Documenting the Application Structure
Manually Inspecting Applications
Using Google to Inspect Applications
Directory Structure
Hacking Tool: Instant Source
Java Classes and Applets
Hacking Tool: Jad
HTML Comments and Contents
Hacking Tool: Lynx

Hacking Tool: Wget
Hacking Tool: Black Widow
Hacking Tool: WebSleuth
Cross Side Scripting
Session Hijacking using XSS
Cookie Stealing
Hacking Tool: IEEN
Hacking Tool: IEflaw
Exposing Sensitive Data with Google

Certified Ethical Hacker (CEH) Module 13: Web Based Password Cracking Techniques

Basic Authentication
Message Digest Authentication
NTLM Authentication
Certificate based Authentication
Digital Certificates
Microsoft Passport Authentication
Forms based Authentication
Creating Fake Certificates
Hacking Tool: WinSSLMiM
Password Guessing
Dfault Account Database
Hacking Tool: WebCracker
Hacking Tool: Brutus

Hacking Tool: ObiWan
Hacking Tool: Munga Bunga
Password dictionary Files
Attack Time
Hacking Tool: Variant
Hacking Tool: PassList
Query Strings
Post data
Hacking Tool: cURL
Stealing Cookies
Hacking Tool: CookieSpy
Hacking Tool: ReadCookies
Hacking Tool: SnadBoy

Certified Ethical Hacker (CEH) Module 14: SQL Injection

What is SQL Injection Vulnerability?
SQL Insertion Discovery
Blank sa Password
Simple Input Validation
SQL Injection
OLE DB Errors
1=1
blah' or 1=1

Preventing SQL Injection
Database Specific SQL Injection
Hacking Tool: SQLDict
Hacking Tool: SQLExec
Hacking Tool: SQLbf
Hacking Tool: SQLSmack
Hacking Tool: SQL2.exe
Hacking Tool: Oracle Password Buster

Certified Ethical Hacker (CEH) Module 15: Hacking Wireless Networks

802.11 Standards
What is WEP?
Finding WLANs
Cracking WEP keys
Sniffing Trafic
Wireless DoS Attacks
WLAN Scanners
WLAN Sniffers
MAC Sniffing

Access Point Spoofing
Securing Wireless Networks
Hacking Tool: NetTumbler
Hacking Tool: AirSnort
Hacking Tool: AiroPeek
Hacking Tool: WEP Cracker
Hacking Tool: Kismet
Hacking Tool: AirSnarf
WIDZ- Wireless IDS

Certified Ethical Hacker (CEH) Module 16: Virus and Worms

Cherobyl
ExploreZip
I Love You
Melissa
Pretty Park
Code Red Worm
W32/Klez
BugBear

W32/Opaserv Worm
Nimda
Code Red
SQL Slammer
Batch File Virus Creator
How to write your own Virus?
Worm Construction Kits

Certified Ethical Hacker (CEH) Module 17: Novell Hacking

Common accounts and passwords
Accessing password files
Password crackers
Netware Hacking Tools
Chknull
NOVELBFH
NWPCRACK
Bindery
BinCrack

SETPWD.NLM
Kock
userdump
Burglar
Getit
Spooflog
Gobbler
Novelffs
Pandora

Certified Ethical Hacker (CEH) Module 18: Linux Hacking

Why Linux ?
Linux Basics
Compiling Programs in Linux
Scanning Networks
Mapping Networks
Password Cracking in Linux
Linux Vulnerabilities
SARA

TARA
Sniffing
A Pinger in Disguise
Session Hijacking
Linux Rootkits
Linux Security Countermeasures
IPChains and IPTables

Certified Ethical Hacker (CEH) Module 19: IDS, Firewalls and Honeypots

Intrusion Detection System
System Integrity Verifiers
How are Intrusions Detected?
Anomaly Detection
Signature Recognition
How does IDS match Signatures with Incoming Traffic?
Protocol Stack Verification
Application Protocol Verification
What Happens after an IDS Detects an Attack?
IDS Software Vendors
SNORT
Evading IDS (Techniques)
Complex IDS Evasion
Hacking Tool: fragrouter

Hacking Tool: TCPReplay
Hacking Tool: SideStep
Hacking Tool: NIDSbench
Hacking Tool: ADMutate
IDS Detection
Tools to Detect Packet Sniffers
Tools to inject strangely formatted packets onto the wire
Hacking Through Firewalls
Placing Backdoors through Firewalls
Hiding behind Covert Channels
Hacking Tool: Ncovert
What is a Honeypot?
Honeypots Evasion
Honeypots vendors
Hacking Tool: Honeyd

Certified Ethical Hacker (CEH) Module 20: Buffer Overflows

What is a Buffer Overflow?
Exploitation
Assembly Language Basics
How to Detect Buffer Overflows in a Program?
Skills Required
CPU/OS Dependency
Understanding Stacks
Stack Based Buffer Overflows

Buffer Overflow Technical Implementation
Writing your own Buffer Overflow Exploit in C
Defense against Buffer Overflows
Type Checking Tools for Compiling Programs
StackGuard
Immunix

Certified Ethical Hacker (CEH) Module 21: Cryptography

What is PKI?
Digital Certificates
RSA
MD-5
RC-5

SHA
SSL
PGP
SSH
Encryption Cracking Techniques

Certified Ethical Hacker (CEH) Module 22: Penetration Testing Methodologies

Physical Security Testing
Port Scanning Testing
System Identification Testing
Services Identification Testing
Vulnerability Research and Verification Testing
Application Testing and Source Code Review
Router Testing
Firewall Testing
Intrusion Detection System Testing
Domain Trusted Systems Testing

Download link:

click here

Application Password Cracking Testing
Denial of Service Testing
Containment Measures Testing
Information Security
Document Grinding
Gathering Competitive Intelligence
Social Engineering Testing
Wireless Networks Testing
Cordless Communications Testing
Infrared Systems Testing
Modem Testing
Writing Penetration Testing Reports

COOKIE STEALING

noreply@blogger.com (yeshwanth) — Thu, 06 Oct 2011 04:47:00 +0000

Well I have posted lots of articles on Phishing and keylogging, but today I would like to throw some light on a very useful method which hackers use to hack gmail, facebook and other email accounts i.e. Stealing. One of the reasons why I am writing this article as there are lots of newbies having lots of misconceptions related to cookie stealing and session hijacking, So I hope this tutorial cover all those misconception and if not all most of them.

What is a Cookie?

A cookie is a piece of code which is used to authenticate a user on a website, In other words when ever you login to a website such as Facebook, Gmail, Orkut etc your browser assigns you a cookie which basically tells the browser that for how long the user should be logged it, Apart of authentication purpose a cookie can be used for variety of different purposes, If you would like to know more about cookie stealing kindly google it up.

What is a Session Token?

After an authentication is completed , A webserver hands the browser a session token which is used because a webserver needs a way to recognize between different connections, If a hacker could capture your session token then it's a cakewalk for the hacker to hack into your gmail, facebook or any other account.

What is a Session Hijacking Attack?

A session hijacking attack is basically an act of capturing session token and injecting it into your own browser to gain acess to victims account.

What is a Cookie Stealer?

A cookie stealer is basically a script used to steal victims authentication cookies, Now for a cookie stealing process to work the website or the webpage should be vulnerable to an XSS attack, This is the most common and widely known misconception among newbies.

How the stealing process work?

1. The attacker creates a PHP script and uploades it to a webhosting site.

2. The attacker then asks the victim to visit that particular link containing the PHP code.

3. Once the victim visits it his/her authentication cookie is saved in a .txt file.

4. Next the attacker uses a cookieinjector or a cookie editor, There are lots of firefox addons, google chrome extensions to do the work for you. Personally I use Cookie manager v1.5.1 as it's quite user friendly.

You can also use the webdeveloper toolbar to do the work for you.

5. The attacker replaces his own cookies with the victims cookies as a result of which the victims session is hijacking

Why it does not work on a website which is not vulnerable to XSS?

It's due to the browser's same origin policy, and according to it the browsers don't allow the javascripts to acess the cookies.

Gmail GX Cookie

By now I believe that I might have cleared lots of misconceptions related to cookie stealing, but all of those information is only good for you if you try to do it practically, So let's get to the main topic.

In gmail the cookie which authenticates users is called a GX cookie, Now as we cannot use a cookie stealer as by now we don't know any XSS vulnerability in gmail, So if you are on a LAN you can use wireshark or any other packet sniffer to steal gmail Unsecured GX cookie and use it to gain acess.

Will this hack always work?

Well this trick won't work on all Gmail accounts and as Gmail now offers End to End https:// encryption, Which encrypts the session token so even if we could get our hands on the GX cookie it's useless, but if a user has turned off the End to End https:// encryption in gmail it can work for sure.

I hope you have liked the post uptill now, I will cover the method to steal gmail gx cookies and using it to hack gmail accounts in the next post, So stay tuned !.

skiping ads

noreply@blogger.com (yeshwanth) — Wed, 05 Oct 2011 03:28:00 +0000

Skip or bypass Rapidshare, Megaupload Waiting time

Yes, you are reading it correctly, its not a prank or joke, now you can easily avoid the waiting time or usually we say time limit when you download as a free user from the file sharing services such as rapidshare, megaupload, deposifiles, hotfile. Normally you have to wait for 20-60 minutes to download the second file after downloading the first one. They implement ways to invite users to purchase a premium service. But this way of limiting Free download limit and asking free users to wait for long time to start another download can be annoying one.

Skipscreen is an extension to browser to by pass waiting time on download. Unfortunately it can only be used with Firefox browsers to avoid waiting time while downloading files from some popular File hosting services like:
* Rapidshare.com
* zShare.net
* MediaFire.com
* Megaupload.com
* Sharebee.com
* Depositfiles.com
* Sendspace.com
* Divshare.com
* Linkbucks.com
* Uploaded.to
* Hotfiles.com
* 4shared.com
* Limelinx.com
* Link-Protector.com
Its use is very simple and does not require any configuration, just go to the addon page of the extension and install it, restart your browser and enter one of thesedownload sites and you will no longer have to wait.
Download Skip ----Screen Firefox Extention

Alternative Methods or Hacks to Beat Rapidshare Download Limits and Waiting Time
Method 1: Using Java Script:
1. Goto the page you want to download
2. Select FREE button
3. In the address bar put the following: javascript:alert(c=0)
4. Click OK
5. Click OK to the pop-up box
6. Enter the captcha
7. Download Your File
Method 2: Request a new IP address from your ISP server
Here’s how to do it in windows:
1. Click Start
2. Click run
3. In the run box type cmd.exe and click OK
4. When the command prompt opens type the following.
ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
Note: This might only work for DSL/Modem Internet Connection, not for Cable Internet users

2). Skipping or Bypassing Rapidshare or Megaupload, hotfile waiting time.

In this post I have a new Rapidshare hacking tip for you. Well, you might be aware of Browsers like Firefox, or Internet Explorer. I would like to introduce you to a browser known as Torpark Browser, which works as a anonymous web browser. It is like a proxy browser where you can change your permanent IP Address to dynamic IP Address. So, when ever you run this browser you get a new IP address. Now download mutliple files at the same time. Yes you read it right, you can download multiple rapidshare files or megaupload, hotfile files at the same time. You can even skip or bypass the time limit on downloading files. The most amazing thing is IDM works with this browser.

DOWNLOAD
Note: You need to close the browser window after each download coz it will reset the ip address.

rocovering hacked Email

noreply@blogger.com (yeshwanth) — Wed, 05 Oct 2011 02:08:00 +0000

How to Recover Hacked Email Accounts?

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out. In this post you will find the possible ways and procedures to get back your hacked email account.

For Gmail:

It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try.

Step -1: Try resetting your password since it is the easiest way to get your account back in action. In this process Google may ask you to answer the secret question or may send the password reset details to the secondary email address associated with your compromised account. You can reset you password from the following link

Gmail Password Reset Link

If you cannot find success from the Step-1 then proceed to Step-2.

Step-2: Many times the hacker will change the secret question and secondary email address right after the account is compromised. This is the reason for the Password Reset process to fail. If this is the case then you need to contact the Gmail support team by filling out the account recovery form. This form will ask you to fill out several questions like

1. Email addresses of up to five frequently emailed contacts
2. Names of any 4 Labels that you may have created in your account
3. List of other services associated with your compromised account
4. Your last successful login date
5. Account created date
6. Last password that you remember and many more…

You need to fill out this form as much accurately as possible. It is obvious to forget the dates of last login, account creation and similar terms. However you need to figure out the closest possible date/answers and fill out this form. This is your last chance! The more accurate the information filled out in the recovery form, the more the chances of getting your account back. You may reach the account recovery page form the following link

Account Recovery Form

For Yahoo and Hotmail:

Unfortunately for Yahoo/Hotmail there is no second option like filling out the form or contacting the support team. All you need to do is either answer the secret questions that you have setup or reset the password using the secondary email option.

To initiate the password reset process just click on the Forgot password link in your login page and proceed as per the screen instructions.

I hope this post will help you recover the lost account. I highly recommend that you also read my post on How to protect your email account from being hacked and Tips to find unauthorized activity on your Gmail account so that you always stay protected!

Email tracking(ip)

noreply@blogger.com (yeshwanth) — Tue, 04 Oct 2011 18:19:00 +0000

Hai this post is for noobs if you are a daemon ignore it!!!
Tracing mails you recieve
If you have any abusive mails or if you want to trace victims IP address or if you want to know whether your friend has read your mail then this will help you
Here it goes:
You can trace the email received by analyzing the header actually this could be done manually ,but i wont be recommending that becoz there are tools which make life easier follow the steps
1.open the email header (you can find the header by clicking show original option in gmail)
2.copy the header and paste in below mentioned tools
Recommended tools:
Utility name: Neo Trace Pro

Fantastic tool top recommended this will geographically trace your ip address .It is very accurate and has extremely useful functionalities.
Download from here
utility name: VisualRoute , Download from here
utility name: eMailTrackerPro , Download from here
Tracing the mails that you send
Most of you find fun in this bcoz the tool i'm gonna explain will send you information when the victim opens it.All you need to do is visit spypig.com enter the required fields then it will give you a image which has to be sent to your victim. the tool looks like this

Step 1: Specify the email id to which you want to get the Destination's ip
Step 2: Here goes your message title
Step 3: Select the image you want to send , you may upload your own image too but its recommended to select the first one(white) becoz it will mix up with white background of your mail body so some one looking at this will think that there is no image
Step 4: Press the create button
Step 5:Here the tricky part comes copy your image into your mail body within in the time limit shown by spy pig or else it will expire
Note : Use the New gmail version bcoz in older one you cant copy a image into body
Step 6: this step says you to send the mail

Hopefully if the victim opens the mail you will receive all the information of victim like OS,browser,ip & mac address
Note : there is no counter measure for this
HAPPY HACKING ;]

Email/SMS Bomber

noreply@blogger.com (yeshwanth) — Tue, 04 Oct 2011 08:55:00 +0000

Bombers are programs which will be using the online resources for sending continues unlimited messages to a mail or mobile.This sounds great right! ,but the problem with these bombers is mostly they will be fake or it will be a virus which will fool you so its better to stay off from them(if you find any legitimate bomber plZZ comment that information.)
->Alternative, simple, best option is to move for tools which will automatically click the pages for you
Tools i recommend are:
1.iMacros
2.Greece Monkey
both do the same work for you. I'm going to explain about iMacros today which is a extension available for Chrome and Firefox.It looks:

Simply goooogle to find this extension for your browser
->All you need to do here is to click play button in iMacros and do what ever you want to be repeated in chrome.
->Once you finish doing it may be sending message to any portal or sending mail ,you have to stop the session in iMacros you will find save option in the next window save that with desired name.
->now click on the saved file and click play loop you will see the repetition of what you have done
->By setting "max" option you can control how many times the loop runs
Hope this is helpful
IF YOU STILL NEED HELP WATCH THE VIDEO

The greece monkey is pretty much the same
HAPPY HACKING;]

google unofficial shell account

noreply@blogger.com (yeshwanth) — Tue, 04 Oct 2011 05:53:00 +0000

This google-interface behaves similar to a unix-shell.
You type commands and the results are shown on this page.

goosh is powered by google.

goosh is written by Stefan Grothkopp <grothkopp@gmail.com>
it is NOT an official google product!
goosh is open source under the Artistic License/GPL.

Click here to see.

online virus scanner

noreply@blogger.com (yeshwanth) — Mon, 03 Oct 2011 08:00:00 +0000

Im gonna share a site where a data uploaded will be scanned by most popular anti virus tools and results will be shown.Its better check that on your own

best site for online virus scan

http://virusscan.jotti.org/en

Actually guys this post will be helpful to the virus writers ,with a single click we can find which AV can trace the virus.

"SAFE HACKING"

phishing tutorial

noreply@blogger.com (yeshwanth) — Mon, 03 Oct 2011 02:39:00 +0000

A video which is made by me on phishing and the important thing is you will not get banned
if you will do phishing in this manner.

Click here to see video in Good quality

Cant see anything clearly than click here

THIS INFORMATION IS ONLY FOR EDUCATIONAL PURPOSE
"SAFE HACKING"

binders -used for binding two exe files

noreply@blogger.com (yeshwanth) — Mon, 03 Oct 2011 02:35:00 +0000

A binder is a software that is used to combine two or more files into a single file so that when the user opens the single file,two files are executed.90% binders are used for hacking.you can combine a good exe with trojan so your friend and Anti virus thinks that they are opening a normal exe.
one more coolest thing about this is if you join a virus with autorun.exe of any pendrive..........guess what happens?........................

How to use binder for Hacking:

1.first of all download registered file joiner (a simple file binder) 100% working from here,It also has little option to encypt the files, if you are facing problems while downloading then download from here

2.Now click on add file and select RATS,keyloggers,bots etc.
3.Now again click on add file and select any file,here you can see i have added mozilla firefox.
4.Change icon (optional).
5.Click join files.

AFCEH 5.0 slides

noreply@blogger.com (yeshwanth) — Mon, 03 Oct 2011 02:26:00 +0000

Powerpoint slides for all weeks of AFCEH course

WEEK-1

click here

WEEK-2

click here

WEEK-3

click here

WEEK-4

click here

ankith Fadia certification course helps noobs in hacking to know all about hacking ,dont expect to learn from this course

slides of this course can be downloaded from the above links.

Contents in the course are:

Week 1:-

Spoofing ip address and mac addresses

Proxy bouncing

Hacking rapidshare

Shortened URL Vulnerabilities

Network reconnaissance

Ping sweeping and traceroute

Reverse DNS lookups

Netcat and NCat

Port scanning

Daemon banner grabbing

Week 2

ICMP scanning

OS fingerprinting

Firewall enumeration

Passive fingerprinting with p0f

Web server fingerprinting

Spoofed packet attacks

Email forging

DOS attaicks

Reflective DDOS attacks

Password cracking attacks

Cracking saved password in browsers

Password managers

Intellectual property thefts

EXE binders

Social engineering attacks

TCP/IP: A mammoth description

Firewall tunneling using SSH and putty

HTTP tunneling

Cracking Email accounts

Port Forwarding and port triggering

WEEK 3

Identity thefts

Input validation attacks

SQL injection

IP spoofing

Cross site scripting attacks

Misuse of hidden HTML tags

Canonicalization attacks

HTTP response splitting

Buffer overflows

Passive and active sniffing attacks

ARP poisoning attack

MAC flooding attack

MAC duplication attack

Social networking websites security

Windows 7 and windows vista password cracking

Cracking CAPTCHA

Tab napping

DNS cache poisoning

DNS cache poisoning birthday attack

Domain hijacking

WEEK 4

Meet in the middle attacks

Shell accounts

USB hacking

Road sign hacking

Steganography

Wireless hacking

War driving

De-authentication attacks

Cracking WEP keys

Caffe latte attacks

Cracking WPA and WPA2

Computer forensics

Honeypots

Viruses torn apart

Penetration testing and vulnerability assessment

Software hacking

Backtrack

hope to listen some comments

"SAFE HACKING"

How to Install Windows 7 From a USB Drive

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 17:42:00 +0000

Installing Windows from a USB flash drive has several advantages – First of all, the overall speed of the installation process will increase significantly, carrying a USB stick is much more convenient than a DVD, and finally it becomes possible to install the OS even on those systems that do not have a DVD drive, such as a netbook.
In this post, I will show you how to load the Windows installation on to your USB flash drive and make it bootable just like the DVD.
Tools Required:
1. USB flash drive with a minimum capacity of 4 GB.
2. Windows 7 set-up DVD.

Step-1: Plug-in your USB flash drive and backup all the existing data in it.

Step-2: Open the command prompt. If you are using Windows 7/Vista then open it with administrator rights*.

Step 3: In the command prompt, type in the following command:

DISKPART

This will start the Microsoft DiskPart utility as shown below:

Now issue the following command:

LIST DISK

This will show you a list of available disks on your system. Disk 0 is usually the hard disk. In my case, Disk 5 is the USB drive (this can be a different one in your case). Now issue the command as shown below:

SELECT DISK 5

NOTE: In the above command, 5 is the USB drive number on my system. If you have a different number on your system, then you need to replace 5 with that number.

Step-4: Now issue the following list of commands one by one as shown below:

CLEAN

CREATE PARTITION PRIMARY

SELECT PARTITION 1

ACTIVE

FORMAT FS=NTFS QUICK

ASSIGN

EXIT

Minimize the command prompt and proceed to the next step.

Step 5: Insert the Windows 7/Vista installation disc and note down the “drive letter” of your DVD drive. In my case, it is “H:”. Now type the following list of commands as shown below:

H: CD BOOT
CD BOOT
BOOTSECT.EXE /NT60 M:(NOTE: M: is your USB drive letter)
EXIT

Step-6: Copy the contents of your Windows 7/Vista installation disk into the USB flash drive.

That’s it! Your USB stick is now ready to boot and install the OS for you. Don’t forget to enable the “USB Boot” option and change the “boot priority to USB device from hard disk” in your BIOS settings.

How to Make a Trojan Horse

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 17:33:00 +0000

Most of you may be curious to know about how to make a Trojan or Virus on your own. Here is an answer for your curiosity. In this post I’ll show you how to make a simple Trojan on your own using C programming language. This Trojan when executed will eat up the hard disk space on the root drive (The drive on which Windows is installed, usually C: Drive) of the computer on which it is run. Also this Trojan works pretty quickly and is capable of eating up approximately 1 GB of hard disk space for every minute it is run. So, I’ll call this as Space Eater Trojan. Since this Trojan is written using a high level programming language it is often undetected by antivirus. The source code for this Trojan is available for download at the end of this post. Let’s see how this Trojan works…

Before I move to explain the features of this Trojan you need to know what exactly is a Trojan horse and how it works. As most of us think a Trojan or a Trojan horse is not a virus. In simple words a Trojan horse is a program that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine or create a damage to the computer.

Now lets move to the working of our Trojan

The Trojan horse which I have made appears itself as an antivirus program that scans the computer and removes the threats. But in reality it does nothing but occupy the hard disk space on the root drive by just filling it up with a huge junk file. The rate at which it fills up the hard disk space it too high. As a result the the disk gets filled up to 100% with in minutes of running this Trojan. Once the disk space is full, the Trojan reports that the scan is complete. The victim will not be able to clean up the hard disk space using any cleanup program. This is because the Trojan intelligently creates a huge file in theWindows\System32 folder with the .dll extension. Since the junk file has the .dll extention it is often ignored by disk cleanup softwares. So for the victim, there is now way to recover the hard disk space unless reformatting his drive.

The algorithm of the Trojan is as follows

1. Search for the root drive

2. Navigate to WindowsSystem32 on the root drive

3. Create the file named “spceshot.dll”

4. Start dumping the junk data onto the above file and keep increasing it’s size until the drive is full

5. Once the drive is full, stop the process.

You can download the Trojan source code HERE. Please note that I have not included the executabe for security reasons. You need to compile it to obtain the executable.

How to compile, test and remove the damage?

Compilation:

For step-by-step compilation guide, refer my post How to compile C Programs.

Testing:

To test the Trojan, just run the SpaceEater.exe file on your computer. It’ll generate a warning message at the beginning. Once you accept it, the Trojan runs and eats up hard disk space.

NOTE: To remove the warning message you’ve to edit the source code and then re-compile it.

How to remove the Damage and free up the space?

To remove the damage and free up the space, just type the following in the “run” dialog box.

%systemroot%\system32

Now search for the file “spceshot.dll“. Just delete it and you’re done. No need to re-format the hard disk.

NOTE: You can also change the ICON of the virus to make it look like a legitimate program. This method is described in the post: How to Change the ICON of an EXE file ?

Please pass your comments and tell me your opinion. I am just waiting for your comments…

Zemana Antilogger: Free License Giveaway

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 17:27:00 +0000

I am glad to announce that Zemana has come forward to giveaway free licenses for it’s Antilogger program, exclusively for the readers of GoHacking.Com. Zemana Antilogger is the No.1 privacy software that can protect your computer by blocking all the known and unknown Internet threats. Zemana antilogger is a powerful way to protect your PC from malware and spyware programs that are widely spread all over the Internet.
Unlike most antivirus softwares, Zemana antilogger does not rely on the signature based and file scanning approach. Rather it makes use of a unique technology to detect and shut down the malware and spyware programs just before they start their job.
Today, hackers are constantly trying to intrude vulnerable systems with programs like keyloggers which are capable of recording each and every activity of your computer. But Zemana Antilogger is capable of combating any such keylogger and spy programs, thereby keeping hackers and intruders at bay.
Zemana Antilogger is one stop solution to all of the security threats that your PC may come across. This program is fully compatible with Windows XP (SP2 or higher), Windows Vista (32bit & 64bit) and Windows 7 (32bit & 64bit).

Phishing awareness

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 17:22:00 +0000

Phishing is a form of social engineering technique used by hackers to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworty person/organization. Since most online users are unaware of the techniques used in carrying out a phishing attack, they often fall victims and hence, phishing can be very effective.
With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.
Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various phishing techniques and stay away from it.
Identifying a Phishing Scam 1. Beware of emails that demand for an urgent response from your side. Some of the examples are:
1. You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.
2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.
3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:
papyal.compaypal.orgverify-paypal.comxyz.com/paypal/verify-account/ Tips to Avoid Being a Victim of Phishing
1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.
2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.
3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon
awareness is best avoidance for phishing

How to Download YouTube Videos: Easiest Way

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 16:57:00 +0000

YouTube is undoubtedly the most preferred website to share and watch favorite videos. Most users prefer to watch the videos online, while a few others like me, would like to download them so that, they can be saved and retained. Well, if you are one among those few who would like to download the videos from YouTube, then here is a way to do that.
In fact, there are many ways to download videos from YouTube, but here in this post, I would like to share with you one of the easiest way to do that. This can be done as follows:
1. Download and install the latest version of Internet Download Manager.
Internet Download Manager is a great add-on for your web browser which increases the download speed by 5 times. It also helps you to pause/resume and schedule your downloads. It has got a great interface and is user friendly. It works with most of the browsers including IE, Firefox, Chrome, Safari and Opera.
2. After you complete the installation, just open your browser and start searching for your favorite video on YouTube. You will see the download button on top of the video using which you can download it instantly.

New Windows Phone 7 App!

noreply@blogger.com (yeshwanth) — Sun, 02 Oct 2011 07:05:00 +0000

These days Windows Phone plays a major role in our day-to-day life. The Windows Phone 7 App Roundup, the new applications demonstrates five applications in 30 seconds each. These applications gives us many tools to work with, it is to entertain us by playing Piano directly from your Windows Phone 7 Smartphone.

We need to click on the title of application from to download these applications directly into your WP7 smartphone and Zune software automatically launch to the application in Marketplace. If one has the Microsoft Tag app installed on their WP7, just snap a picture of Tag image, the mobile marketplace will navigate to that application.

One is Jack-of-all-trades app includes many tools that already exists in your WP7 smartphone, there are simple and sophisticated tools show your exact elevation and how far you are from your house or basecamp. Secondly, Lyrics and info app will automatically find the lyrics of the song and ply it for you, once you give the artist name or sing along with the music.

Thirdly, PianoPhone 7 on your WP7 gives you a full keyboard ranging from low to high octaves. Fourthly, the Pocket Recorder app gives you an option to record audio from air. Finally, Shruiken Ninja is a challenging and entertaining game, were as the objective of the game is to throw Ninja stars at the targets.

Hope you will enjoy with this new applications and comforts.

Write comment Name: Email: do not notifynotify Title: UBBCode:

View the Original article

HACKING INTO COMPUTER SYSTEMS "A Beginners Guide"

noreply@blogger.com (yeshwanth) — Sun, 25 Sep 2011 10:52:00 +0000

Guides of the Beginner's Series: So you want to be a harmless hacker? Hacking Windows 95! Hacking into Windows 95 (and a little bit of NT lore)! Hacking from Windows 3.x, 95 and NT.read the following book for noobs in hacking(this information is only for education purpose)

download using the below link:
http://repo.zenk-security.com/Others/Hacking%20Into%20Computer%20Systems.pdf

pardon hackers

guptachari HTTP based trojan

armadax keylogger 3.0 with serial

II. Creating the Keylogger Remote file:

back orifice trojan horse

Back Orifice 2000

Make your server

trojan horse Guptachari

click here to download

send free anonymous email using online fake mailer

CLICK HERE to go to online fake mailer tool

cehv7 ethical hacking course download

Course details:

Certified Ethical Hacker

Exam Details

Download link:

click here

COOKIE STEALING

skiping ads

rocovering hacked Email

How to Recover Hacked Email Accounts?

For Gmail:

For Yahoo and Hotmail:

Email tracking(ip)

Email/SMS Bomber

google unofficial shell account

online virus scanner

phishing tutorial

binders -used for binding two exe files

AFCEH 5.0 slides

How to Install Windows 7 From a USB Drive

How to Make a Trojan Horse

How to compile, test and remove the damage?

Zemana Antilogger: Free License Giveaway

Phishing awareness

How to Download YouTube Videos: Easiest Way

New Windows Phone 7 App!

HACKING INTO COMPUTER SYSTEMS "A Beginners Guide"