Wel Come to The hackers-earth.blogspot.in

adfly bot works with adfocus too

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 03 Dec 2016 08:00:00 +0000

Adfly Bot Works With Adfocus too - 2015 Updated

Here i am providing is the best and only working adf.ly bot which can also works for adfoc.us. just download and boost your earnings for sure.

I am providing free proxy resources too by which you can able to find good HTTP anoymous proxies used bythis awesome bot.

So Here It Is.

DOWNLOAD LINK

CLICK THIS FOR HTTP PROXIES

Backling Power Indexer free download

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 03 Dec 2016 07:57:00 +0000

Get Backlink Power Indexer Software Free. Backlink Power Indexer Automatically Creates a Backlink On Many Who Is and Valuation Sites.

SALES PAGE

http://www.warriorforum.com/warrior-special-offers-forum/475947-search-engine-optimization-software-one-click-backlink-builder-indexer-software-crazy-dimesale-95-discount.html

DOWNLOAD

Best Hacking tool Resource

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 03 Dec 2016 07:55:00 +0000

The Best Hacking Tools Resources Everyone Have To Have with. This Resource Pack Is Ultimate and Latest Version -2014 and for Those Newbie Hackers Who Don't want to waste their time to searching Forums and other resource sites for your hacking related needs.

BEST HACKING FORUMS

BEST HACKING TUTORIAL RESOURCES

BEST BLACKHAT FORUMS

http://blackhatworld.com
http://best-blackhatforum.com
http://seoblackhat.com
http://blackhatseo.com
http://blackhat.com

BEST SECURITY TOOLBOX

http://sourceforge.net
http://securityxploded.com/
http://sectools.org/
http://insecure.org/
http://scanwith.com/
http://github.com/

BEST VULNERABLITY EXPOSURE & EXPLOITS

BEST BUG BOUNTY PROGRAMS

free bitcoin bot earn bitcoins without mining

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 03 Dec 2016 07:15:00 +0000

Free bitcoin Bot [Earn Bitcoins without Mining]

Earn free bitcoins like a boos. her i am presenting is an amazing bot which are fully automated and help you in getting free bitcoins. so don't waste your time just download this awesome bot for free.

DOWNLOAD LINK

Top 10 Best Android SmartPhones For Selfie 2016

noreply@blogger.com (BAUDHIK DUDHATRA ) — Tue, 05 Apr 2016 16:54:00 +0000

Top 10 Best Android Smart Phones For Selfie 2016

So Here mukeshtricks4u brings you best and top Best selfie Android mobiles of 2016. About every phone that is launched now will have a camera module as the companies know the value of it in their sales.Camera is the second most reason for the sale of any smartphone after its software and hardware.People love to take selfies with the front cameras from their phones.Keeping that in mind the list given below has been created of the phones that packs the best class front cameras hence called selfie phones.

Top 10 Best Selfie Android Phones 2016

1) Huawei Honor 7

It packs a huge primary camera module i.e 20 MP with a dual-LED flash and the secondary camera of 8 MP sensor with LED flash.The main feature of this phone is that it has LED flash with front camera too that makes it a great cameraphone for selfies.The quality of both the cameras is very good,overall it is the best cameraphone too.

2) Motorola Moto X pure edition

The stock android running giant that packs in quality hardware that includes quad HD panel,stereo speakers,hexa-core snapdragon 808 chip,3GB ram etc,but the main feature that makes it the best selfie phone is its camera modules that are 21 MP primary camera and 5 Mp secondary camera units.It performs very well in case of photo shooting and for selfies also.

3) HTC Desire EYE

There are just very few devices that manages to retain their place in the list of the best camera phone and Htc Desire Eye is the one that leads all of them.This could be called the selfie flagship of camera phones as it consists of all about same camera sensors at both front and rear sides and both provides exceptional experience in case of photo shooting.

4) Sony Xperia c4

We know that the Sony leads the market in case of its cameras and also in race of smartphone cameras too.Here is the another product Sony Xperia c4 that packs a sony made 5 MP Exmor RS and LED flash-toting selfie cam that performs really well.You can consider to buy it as it is a very stylish phone that was made keeping the still photography in mind by the company.

5) Sony Xperia C5 Ultra

Although slightly cheaper than Sony Xperia c4 it is a 6 inches phablet with about 1 inch bigger screen.It evolves a pair of identical 13 MP cams,featuring everything from Exmor RS to autofocus,wide angle lenses and superior auto modes.Because it have great camera sensors,it is therefore one of the best selfie phones.

6) Asus Zenfone Selfie

This 5.5 inch screened phablet has a duo of 13 MP snapers and dual-LED flash too on both front and back.With all other great features like 1080p screen,octa-core processor,3 GB ram and 32 GB ROM this device is surely the best that could buy.Including many features this phone is great selfie expert too.

7) Samsung Galaxy J7

With great hardware combination this phone excells in case of selfie photoshooting.With its great camera module on the front panel you can create best selfies as it is 5 MP camera with LED flash too.It also has great software support by samsung in the camera app that gives its best to just make the great performance.

8) Sony Xperia C3

Large screen phablet that consists of 5.5 inch screen is also endorsed by 5 MP secondary cam that is also furnished with a soft LED flash,smile detection and Superior Auto functions.The camera in the front is great with some more features like 25mm wide-angle lens at 80 degrees that is great for taking selfies.

9) Samsung Galaxy J5

The smaller model of J7 is surprisingly is not that great although it is a decent smartphone for those who just wants 13 MP camera module at the rear and a 5 MP shooter at the front that do performs decent in such a price range.Both front and back cameras has a LED flash combined to it.

10) Blu Selfie

The most affordable smartphone in the list has a very good camera module attached to its hardware.It has the astounding 13 MP LED Flash camera at its front and the same type of module on its rear that is just a great deal in such a price range.You also get some great software and hardware features packed on this device.

Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark 2016

noreply@blogger.com (BAUDHIK DUDHATRA ) — Tue, 05 Apr 2016 16:53:00 +0000

Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark

Wireshark Software to capture cookies:

Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.

Requirements:

Cain and Abel : http://www.oxid.it/cain.html
Wireshark : http://www.wireshark.org/
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic

Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.

Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.

Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.

Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:

Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay
should look like this:

These are all the devices it was able to detect.

Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.

Now we have to poison them so we choose the little yellow hazard symbol towards the top left. should now look like this:

we are done here, just minimize Cain for now.

Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.

Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them:http://www.md5decrypter.co.uk/ )

Here is an image:

You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forumfreerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).

What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.

Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.

Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:

The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com”
mine looks like this:

You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!

Download Backtrack 5r3 Free - Latest (32 & 64 Bit)

noreply@blogger.com (BAUDHIK DUDHATRA ) — Tue, 05 Apr 2016 16:51:00 +0000

If You are here to Download Backtrack 5r3 Free - Latest (32 & 64 Bit) So, You are Landed at Right Webpage because here we Discuss all BackTrack 5 R3 and Below we also Share the Direct Download Backtrack 5r3 Free - Latest (32 & 64 Bit)

BackTrack 5 R3 is one of the Most Powerful Linux Distribution used for Penetration and Find Loopholes in Websites, Software and Application. Basically, it is Based on GNOME Linux Distribution and Include many of Top used Security Tools Like MetaSploit, Wireshark, AirCrack, Nmap and other Digital Forensic Tools. BackTrack 5 R3 is Developed by Offensive Securities and Soon They are Stop BackTrack Linux Series. The Last Edition of this Operating System is BackTrack 5 R3 and Further They Starting a new Project that is also a Newest Version of This Operating System Known as Kali Linux. It is the Successor of Backtrack 5 R3 and Include all the Tools that you have in BackTrack 5 R3. BackTrack is also Found as Best Operating System Used by Hackers.

Download Backtrack 5r3 Free - Latest (32 & 64 Bit)

There are Millions of Security Researchers (White Hat) who use BackTrack 5 R3 for Digital Forensics, Testing Systems, Networks and Other Penetration work. But On the Other Hand, It is also the Favourite Operating System Picked by Hackers because of their Tools and Features. Hackers and Crackers use this Operating System, not For Testing Instead to Breaking Systems, Cracking Passwords, Hacking Accounts and other Notorious Work. BackTrack have all the Deadly Tools and Programs that you need to Break the Digital Systems. The Last Edition of BackTrack 5 R3 is released on August 13, 2012. After that, They Start Project Kali.

Features of BackTrack 5R3:

Available in Different Flavours.
Include all Hacking Tools.
Preinstalled Digital Forensics.
Simple and Easy Interface.
Open Source for All People World Wide.
Preinstalled Drivers.

Download Backtrack 5r3 Free - Latest (32 & 64 Bit) with Below Links:

Internet Guide

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 26 Sep 2015 05:47:00 +0000

Internet

The Internet is a computer network made up of thousands of networks worldwide. No one knows exactly how many computers are connected to the Internet. It is certain, however, that these number in the millions.

No one is in charge of the Internet. There are organizations which develop technical aspects of this network and set standards for creating applications on it, but no governing body is in control. The Internet backbone, through which Internet traffic flows, is owned by private companies.

All computers on the Internet communicate with one another using the Transmission Control Protocol/Internet Protocol suite, abbreviated to TCP/IP. Computers on the Internet use a client/server architecture. This means that the remote server machine provides files and services to the user's local client machine. Software can be installed on a client computer to take advantage of the latest access technology.

An Internet user has access to a wide variety of services: electronic mail, file transfer, vast information resources, interest group membership, interactive collaboration, multimedia displays, real-time broadcasting, shopping opportunities, breaking news, and much more.

The Internet consists primarily of a variety of access protocols. Many of these protocols feature programs that allow users to search for and retrieve material made available by the protocol.

--------------------------------------------------------------------------------

COMPONENTS OF THE INTERNET

--------------------------------------------------------------------------------

WORLD WIDE WEB

The World Wide Web (abbreviated as the Web or WWW) is a system of Internet servers that supports hypertext to access several Internet protocols on a single interface. Almost every protocol type available on the Internet is accessible on the Web. This includes e-mail, FTP, Telnet, and Usenet News. In addition to these, the World Wide Web has its own protocol: HyperText Transfer Protocol, or HTTP. These protocols will be explained later in this document.

The World Wide Web provides a single interface for accessing all these protocols. This creates a convenient and user-friendly environment. It is no longer necessary to be conversant in these protocols within separate, command-level environments. The Web gathers together these protocols into a single system. Because of this feature, and because of the Web's ability to work with multimedia and advanced programming languages, the Web is the fastest-growing component of the Internet.

The operation of the Web relies primarily on hypertext as its means of information retrieval. HyperText is a document containing words that connect to other documents. These words are called links and are selectable by the user. A single hypertext document can contain links to many documents. In the context of the Web, words or graphics may serve as links to other documents, images, video, and sound. Links may or may not follow a logical path, as each connection is programmed by the creator of the source document. Overall, the Web contains a complex virtual web of connections among a vast number of documents, graphics, videos, and sounds.

Producing hypertext for the Web is accomplished by creating documents with a language called HyperText Markup Language, or HTML. With HTML, tags are placed within the text to accomplish document formatting, visual features such as font size, italics and bold, and the creation of hypertext links. Graphics and multimedia may also be incorporated into an HTML document. HTML is an evolving language, with new tags being added as each upgrade of the language is developed and released. The World Wide Web Consortium (W3C), led by Web founder Tim Berners-Lee, coordinates the efforts of standardizing HTML. The W3C now calls the language XHTML and considers it to be an application of the XML language standard.

The World Wide Web consists of files, called pages or home pages, containing links to documents and resources throughout the Internet.

The Web provides a vast array of experiences including multimedia presentations, real-time collaboration, interactive pages, radio and television broadcasts, and the automatic "push" of information to a client computer. Programming languages such as Java, JavaScript, Visual Basic, Cold Fusion and XML are extending the capabilities of the Web. A growing amount of information on the Web is served dynamically from content stored in databases. The Web is therefore not a fixed entity, but one that is in a constant state of development and flux.

E-MAIL

Electronic mail, or e-mail, allows computer users locally and worldwide to exchange messages. Each user of e-mail has a mailbox address to which messages are sent. Messages sent through e-mail can arrive within a matter of seconds.

A powerful aspect of e-mail is the option to send electronic files to a person's e-mail address. Non-ASCII files, known as binary files, may be attached to e-mail messages. These files are referred to as MIME attachments.MIME stands for Multimedia Internet Mail Extension, and was developed to help e-mail software handle a variety of file types. For example, a document created in Microsoft Word can be attached to an e-mail message and retrieved by the recipient with the appropriate e-mail program. Many e-mail programs, including Eudora, Netscape Messenger, and Microsoft Outlook, offer the ability to read files written in HTML, which is itself a MIME type.

TELNET

Telnet is a program that allows you to log into computers on the Internet and use online databases, library catalogs, chat services, and more. There are no graphics in Telnet sessions, just text. To Telnet to a computer, you must know its address. This can consist of words (locis.loc.gov) or numbers (140.147.254.3). Some services require you to connect to a specific port on the remote computer. In this case, type the port number after the Internet address. Example: telnet nri.reston.va.us 185.

Telnet is available on the World Wide Web. Probably the most common Web-based resources available through Telnet have been library catalogs, though most catalogs have since migrated to the Web. A link to a Telnet resource may look like any other link, but it will launch a Telnet session to make the connection. A Telnet program must be installed on your local computer and configured to your Web browser in order to work.

With the increasing popularity of the Web, Telnet has become less frequently used as a means of access to information on the Internet.

FTP
FTP stands for File Transfer Protocol. This is both a program and the method used to transfer files between computers. Anonymous FTP is an option that allows users to transfer files from thousands of host computers on the Internet to their personal computer account. FTP sites contain books, articles, software, games, images, sounds, multimedia, course work, data sets, and more.

If your computer is directly connected to the Internet via an Ethernet cable, you can use one of several PC software programs, such as WS_FTP for Windows, to conduct a file transfer.

FTP transfers can be performed on the World Wide Web without the need for special software. In this case, the Web browser will suffice. Whenever you download software from a Web site to your local machine, you are using FTP. You can also retrieve FTP files via search engines such as FtpFind, located at /http://www.ftpfind.com/. This option is easiest because you do not need to know FTP program commands.

E-MAIL DISCUSSION GROUPS

One of the benefits of the Internet is the opportunity it offers to people worldwide to communicate via e-mail. The Internet is home to a large community of individuals who carry out active discussions organized around topic-oriented forums distributed by e-mail. These are administered by software programs. Probably the most common program is the listserv.

A great variety of topics are covered by listservs, many of them academic in nature. When you subscribe to a listserv, messages from other subscribers are automatically sent to your electronic mailbox. You subscribe to a listserv by sending an e-mail message to a computer program called a listserver. Listservers are located on computer networks throughout the world. This program handles subscription information and distributes messages to and from subscribers. You must have a e-mail account to participate in a listserv discussion group. Visit Tile.net at /http://tile.net/ to see an example of a site that offers a searchablecollection of e-mail discussion groups.

Majordomo and Listproc are two other programs that administer e-mail discussion groups. The commands for subscribing to and managing your list memberships are similar to those of listserv.

USENET NEWS

Usenet News is a global electronic bulletin board system in which millions of computer users exchange information on a vast range of topics. The major difference between Usenet News and e-mail discussion groups is the fact that Usenet messages are stored on central computers, and users must connect to these computers to read or download the messages posted to these groups. This is distinct from e-mail distribution, in which messages arrive in the electronic mailboxes of each list member.

Usenet itself is a set of machines that exchanges messages, or articles, from Usenet discussion forums, called newsgroups. Usenet administrators control their own sites, and decide which (if any) newsgroups to sponsor and which remote newsgroups to allow into the system.

There are thousands of Usenet newsgroups in existence. While many are academic in nature, numerous newsgroups are organized around recreational topics. Much serious computer-related work takes place in Usenet discussions. A small number of e-mail discussion groups also exist as Usenet newsgroups.

The Usenet newsfeed can be read by a variety of newsreader software programs. For example, the Netscape suite comes with a newsreader program called Messenger. Newsreaders are also available as standalone products.

FAQ, RFC, FYI

FAQ stands for Frequently Asked Questions. These are periodic postings to Usenet newsgroups that contain a wealth of information related to the topic of the newsgroup. Many FAQs are quite extensive. FAQs are available by subscribing to individual Usenet newsgroups. A Web-based collection of FAQ resources has been collected by The Internet FAQ Consortium and is available at /http://www.faqs.org/.

RFC stands for Request for Comments. These are documents created by and distributed to the Internet community to help define the nuts and bolts of the Internet. They contain both technical specifications and general information.

FYI stands for For Your Information. These notes are a subset of RFCs and contain information of interest to new Internet users.

CHAT & INSTANT MESSENGING

Chat programs allow users on the Internet to communicate with each other by typing in real time. They are sometimes included as a feature of a Web site, where users can log into the "chat room" to exchange comments and information about the topics addressed on the site. Chat may take other, more wide-ranging forms. For example, America Online is well known for sponsoring a number of topical chat rooms.

Internet Relay Chat (IRC) is a service through which participants can communicate to each other on hundreds of channels. These channels are usually based on specific topics. While many topics are frivolous, substantive conversations are also taking place. To access IRC, you must use an IRC software program.

A variation of chat is the phenomenon of instant messenging. With instant messenging, a user on the Web can contact another user currently logged in and type a conversation. Most famous is America Online's Instant Messenger. ICQ, MSN and Yahoo are other commonly-used chat programs.

Other types of real-time communication are addressed in the tutorial Understanding the World Wide Web.

MUD/MUSH/MOO/MUCK/DUM/MUSE

MUD stands for Multi User Dimension. MUDs, and their variations listed above, are multi-user virtual reality games based on simulated worlds. Traditionally text based, graphical MUDs now exist. There are MUDs of all kinds on the Internet, and many can be joined free of charge.

How To Identify Fake Facebook Accounts....

noreply@blogger.com (BAUDHIK DUDHATRA ) — Mon, 07 Sep 2015 14:39:00 +0000

How can you detect the Fake FB Profile. On these days we are getting so many friend request specially by girls, but there is no way to identify that account is fake or original. So don't worry we are going to tell you simple method to detect fake Facebook account.

So this is a Facebook account which named by Sarikha Agarwal. Now we need to verify this account real or fake, so our first step is going to the images.google.com and click on camera image.

So when you click on search by image you will get popup like below image.

Now go to that profile, right click on image and click on copy image URL

Now profile pic URL has copied.. now again go to images.google.com Tab and paste image URL

When you enter then you get related images search...

Now you can better see that this profile is real or fake..So here is a proof that this profile is fake. Enjoy the trick..

Be aware when you will going to add an beautiful or smart unknown person as your friend. So be checked first.. there are lot of fake profiles are create everyday.
This person might be spy on your profile and steal personal information like your photos, etc for their hacking stuffs.. So Be Safe Online..

Install window XP In 10Min......

noreply@blogger.com (BAUDHIK DUDHATRA ) — Mon, 07 Sep 2015 14:37:00 +0000

As We all know that During Formatting a Computer After the File Copying is Completed then windows Require 39 Minutes Time...But What Extreme In It.... Yes We can Bypass this faking Time .... How TO DO IT??? So read On..
I have Included Snaps Shots That will help you.

>> INSTALLING WIN XP IN 10 MINUTES! <<

STEP1 : After the Copy Part is Over ... System is Rebooted as we all know In general Foramatting Procedure...
Now After Reboot The Below Image Will Appear....

STEP 2:
Now As This Image APPEARS You Have to Press "Shift + F10 " . This Will Open The command Prompt... Now type taskmgr in it. This will open the Task manager .

STEP 3 :
After The task Manager Opens Goto Processes ... And Find "Setup.exe" process and Right CLICK on It.... and set the Priority to Highest....

STEP 4:
Now Just Watch the Set It will take around 9 minutes and 2 minutes for Tolerance(depends System to system)....

Thats the Overall Tutorial...Hope You all Have LIKED IT...
So When you Format your PC Next Time It will Really Save Your TIME i.e around 20 to 25 minutes....Enjoy Hacking.~

Hacking Tools.....

noreply@blogger.com (BAUDHIK DUDHATRA ) — Thu, 03 Sep 2015 11:16:00 +0000

WINAUTOPWN ACTIVE SYSTEMS TRANSGRESSOR GUI [ C4 - WAST ]

is a Systems and Network Exploitation Framework built on the famous winAUTOPWN as a backend.
C4 - WAST gives users the freedom to select individual exploits and use them.
BSDAUTOPWN has been compiled, like always for various flavours and has been upgraded to version 1.8 alongwith all applicable exploits
WINAUTOPWN requires PERL,PHP,PYTHON,RUBY and its dependencies alongwith a few others' too for smooth working of exploits included in it.
Download

***********************************************************************************************************

ARPwner

is a tool to do ARP poisoning and DNS poisoning attacks, with a simple GUI and
a plugin system to do filtering of the information gathered, also has a implementation of SSLstrip and is coded in python.
Download

***********************************************************************************************************

Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a Boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily.

Download

***********************************************************************************************************

Sqlninja 0.2.6

Features:
- Fingerprint of the remote SQL Server (version, user performing the queries, user privileges, xp_cmdshell availability, DB authentication mode)
-Bruteforce of 'sa' password (in 2 flavors: dictionary-based and incremental).
- Creation of a custom xp_cmdshell if the original one has been removed
- Upload of netcat (or any other executable) using only normal HTTP requests (no FTP/TFTP needed).
- TCP/UDP portscan from the target SQL Server to the attacking machine, in order
   to find a port that is allowed by the firewall of the target network
    and use it for a reverse shell.
- Direct and reverse bindshell, both TCP and UDP
- ICMP-tunneled shell, when no TCP/UDP ports are available for a direct/reverse
shell but the DB can ping your box. - DNS-tunneled pseudo-shell, when no TCP/UDP ports are available for
a direct/reverse shell, but the DB server can resolve external hostnames
(check the documentation for details about how this works). - Evasion techniques to confuse a few IDS/IPS/WAF.
- Integration with Metasploit3, to obtain a graphical access to the remote DB
    server through a VNC server injection.
Download

***********************************************************************************************************

HexorBase - The DataBase Hacker Tool

To Audit Management and Multiple Databases

HexorBase is a database application designed for management and audit multiple database servers simultaneously from a single location, is able to perform SQL queries and brute force attacks against servers common database ( MySQL, SQLite, Microsoft
SQL Server, Oracle, PostgreSQL ).
This tool is simple to use and very practical, may have to know a little SQL, but the basics.

HexorBase runs on Linux and presumably Windows, and requires:

python-qt4 python python-MySQLdb cx_Oracle python-psycopg2 python-python-qscintilla2 pymssql

To install it you must download and from the console:
root @ host: ~ # dpkg-i hexorbase_1.0_all.deb

Project website and download HexorBase:

http://code.google.com/p/hexorbase/

Net Tools 5.0 (Net Tools 5.x)

This tools is a hacker friendly. Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.
There has a 175 tools list in one software.. Tools Content

Download

Intercepter is a sniffer tool which offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/
WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/
AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.

Download

Havij v1.15 Advanced SQL Injection

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

Download

Ani-Shell

Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization.

Customisation
1. Email Trace back is set to Off as default and emails will not be sent , If you are setting
this feature on make sure you change the default email address (lionaneesh@gmail.com)
to Your email address , Please Change it before using.
2. Username and Passwords are set to lionaneesh and lionaneesh respectively , Please change them for better
security.
3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed.

Default Login
Username : lionaneesh
Password : lionaneesh

Features
    Shell
    Platform Independent
    Mass - Mailer
    Small Web-Server Fuzzer
    DDoser
    Design
    Secure Login
    Deletion of Files
    Bind Shell
    Back Connect
    Fixed Some Coding errors!
    Rename Files
    Encoded Title
    Traceback (Email Alerts)
    PHP Evaluate
    Better Command Execution (even supports older version of PHP)
    Mass Code Injector (Appender and Overwriter)
    Lock Mode Customization

Latest Version Addition
    Mail Bomber (With Less Spam detection feature)
    PHP Decoder
    Better Uploader
    Fixed some Coding errors

Download

SQL MAP 0.9

sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine.

Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Its a good tools for find Sql Vulnerability.

New Features/Changes-->

Rewritten SQL injection detection engine (Bernardo and Miroslav).
Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
Implemented support for Firebird (Bernardo and Miroslav).
Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
Added support to fetch unicode data (Bernardo and Miroslav).
Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.

Download

DRIL – Domain Reverse IP Lookup Tool:

DRIL (Domain Reverse IP Lookup) Tool is a Reverse Domain Tool that will really be useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which uses a Bing API key.

DRIL has a simple user friendly interface which will be helpful for penetration tester to do their work fast without a mess, this is only tested on Linux but as it is JAVA it should work on Windows too.
There are various other tools which carry out similar tasks..

Download

Types OF Hackers....

noreply@blogger.com (BAUDHIK DUDHATRA ) — Thu, 03 Sep 2015 10:59:00 +0000

1. White hat hacker

2. Gray hat hacker

3. Black hat hacker

White Hat and Grey Hat Hacker & What is the Real Difference?

What is worse, the public is not able to understand terms like grey hat, white hat, Linux OS, or cracker.
However, the truth is that the subculture of the hacker world is more complex than we think. Especially if we consider that, these are very intelligent people.

So, what is ethical hacking white hat and how does it differentiate from grey hackers? The only way to find out is to submerge ourselves in the world of hackers and understand, at least, the most basic concepts.

WHITE HAT HACKER

What Is A White Hat Hacker?

A hacker can be a wiz kid who spends too much time with computers and suddenly finds himself submerged in the world of cyber-security or criminal conspirators. On the other hand, he can be a master criminal who wants to obtain huge amounts of money for him, or even worse, dominate the world.

In the movie Matrix, the concept of hackers changed a bit. Although the agents of the Matrix considered them terrorists, the truth is that they were rebels fighting for the liberty of humanity. Things do not need to reach that extreme, though. We are not at war with intelligent ma chines so that kind of scenario is a bit dramatic.

Therefore, a hacker is an individual who is capable of modifying computer hardware, or software. They made their appearance before the advent of computers, when determined individuals were fascinated with the possibility of modifying machines. For example, entering a determine code in a telephone in order to make free international calls.

When computers appeared, this people found a new realm where they could exploit their skills. Now they were not limited to the constraints of the physical world, instead, they could travel through the virtual world of computers. Before the internet, they used Bulletin Board Systems (BBS) to communicate and exchange information. However, the real explosion occurred when the Internet appeared.

Today, anyone can become a hacker. Within that denomination, there are three types of hackers. The first one is the black hacker, also known as a cracker, someone who uses his computer knowledge in criminal activities in order to obtain personal benefits. A typical example is a person who exploits the weaknesses of the systems of a financial institution for making some money.

On the other side is the white hat hacker. Although white hat hacking can be considered similar to a black hacker, there is an important difference. A white hacker does it with no criminal intention in mind. Companies around the world, who want to test their systems, contract white hackers. They will test how secure are their systems, and point any faults that they may found. If you want to become a hacker with a white hat, Linux, a PC and an internet connection is all you need.

Grey Hat Hackers

A grey hat hacker is someone who is in between these two concepts. He may use his skills for legal or illegal acts, but not for personal gains. Grey hackers use their skills in
order to prove themselves that they can accomplish a determined feat, but never do it in order to make money out of it. The moment they cross that boundary, they become black hackers.

For example, they may hack the computer network of a public agency, let us say, NOAA. That is a federal crime.

If the authorities capture them, they will feel the long arm of justice. However, if they only get inside, and post, let us say, their handle, and get out without causing any kind of damage, then they can be considered grey hackers.

If you want to know more about hackers, then you can attend one of their annual conventions. Every year, hackers from all over the US, and from different parts of the world, reunite and meet at DEF CON. These conventions are much concurred. In the last one, 6,600 people attended it.

GRAY HAT

Every year, DEF CON is celebrated at Las Vegas, Nevada. However, hackers are not the only ones who go to this event. There are also computer journalists, computer security professionals, lawyers, and employees of the federal government. The event is composed by tracks of different kind, all of them related, in some way, to the world of hackers (computer security, worms, viruses, new technologies, coding, etc). Besides the tracks, there are contests that involve hacking computers, l ock picking and even robot related events. Ethical hacking, white hat hacking or whatever names you wish to use, at the end, it has a purpose: to protect the systems of organizations, public or private, around the world. After all, hackers can now be located anywhere, and they can be counted by the millions. Soon, concepts like white hat, linux operating system or grey hat will become common knowledge. A real proof of how much has our society been influenced by technology.

Black Hat Hackers

Black hat hackers have become the iconic image of all hackers around the world. For the majority of computer users, the word hacker has become a synonym for social misfits and criminals.
Of course, that is an injustice created by our own interpretation of the mass media, so it is important for us to learn what a hacker is and what a black hacker (or cracker) does. So, let's learn about black hat techniques and how they make our lives a little more difficult.
Black hat is used to describe a hacker (or, if you prefer, cracker) who breaks into a computer system or network with malicious intent. Unlike a white hat hacker, the black hat hacker takes advantage of the break-in, perhaps destroying files or stealing data for some future purpose. The black hat hacker may also make the exploit known to other hackers and/or the public without notifying the victim. This gives others the opportunity to exploit the vulnerability before the organization is able to secure it.

BLACK HAT

What Is Black Hat Hacking?

A black hat hacker, also known as a cracker or a dark side hacker (this last definition is a direct reference to the Star Wars movies and the dark side of the force), is someone who uses his skills with a criminal intent. Some examples are: cracking bank accounts in order to make transfernces to their own accounts, stealing information to be sold in the black market, or attacking the computer network of an organization for money.

Some famous cases of black hat hacking include Kevin Mitnick, who used his black hat hackers skills to enter the computers of organizations such as Nokia, Fujitsu, Motorola and Sun Microsystems (it must be mentioned that he is now a white hat hacker); Kevin Poulsen, who took control of all the phone lines in Los Angeles in order to win a radio contest (the prize was a Porsche 944 S2); and Vladimir Levin, which is the handle of the mastermind behind the stealing of $10'000,000 to Citigrou.

Hack Windows Admin......

noreply@blogger.com (BAUDHIK DUDHATRA ) — Wed, 02 Sep 2015 05:32:00 +0000

Today, i am going to show you many aspects of the Windows Password Storage path, Method of Encryption, and breaking into Windows by cracking the admin password. We need this often for many reasons:

1) Sometime we have forgotten our old password and Hint isn't helping out.
2) We want to break into someone computer to get the information.
3) Just want to take revenge from someone.
4) Stealing computer data.

Lets, take a deep dive in Cracking Windows password and also where these are stored and in which format.

SAM file and Password Hashes~Place where these passwords are stored in Hashes:

Password Hashes - When you type your password into a Windows NT, 2000, or XP login Windows Seven, Vista etc Windows encrypts your password using a specific encryption scheme that turns your password into something that looks like this:

7524248b4d2c9a9eadd3b435c51404eddc5

This is a password Hash. This is what is actually being checked against when you type your password in. It encrypts what you typed and bounces it against what is stored in the Registry and/or SAM File.

You can break this hash password from

www.md5hash.com

www.passcracking.ru

SAM File - Holds the user names and password hashes for every account on the local machine, or domain if it is a domain controller.

Location of SAM/Hashes:

You can find what you're looking for in several locations on a given machine.
It can be found on the hard drive in the folder %systemroot%system32config (i-e C:\windows\system32\config). However this folder is locked to all accounts including Administrator while the machine is running. The only account that can access the SAM file during operation is the "System" account.

The second location of the SAM or corresponding hashes can be found in the registry. It can be found under HKEY_LOCAL_MACHINESAM. This is also locked to all users, including Administrator, while the machine is in use.(GO to Run and Type Regedit and Hit enter, Now scroll to HKEY_LOCAL_MACHINESAM, However you may not access to it.)

So the two (Some other also) locations of the SAMHashes are:

- %systemroot%system32config
- In the registry under HKEY_LOCAL_MACHINESAM

Cracking or Breaking Into Admin Account:
How to get Hashes form SAM file?

Well, Below are the methods to do so:

1) Well, the easiest way to do this is to boot your target machine to an alternate OS like NTFSDOS or Linux and just copy the SAM from the %systemroot%system32config folder.

It's quick, it's easy, and it's effective. You can get a copy of NTFSDOS from Sysinternals(http://www.sysinternals.com) The regular version of NTFSDOS is freeware, which is always nice, but only allows for Read-Only access. This should be fine for what you want to do, however, if you're the kind of person that just has to have total control and has some money to burn. NTFSDOS Pro, which is also by Sysinternals has read/write access but it'll cost you $299.

2) You can also get password hashes by using pwdump2 (Google It to get software ~ Search at openwall.com). pwdump uses .DLL injection in order to use the system account to view and get the password hashes stored in the registry. It then obtains the hashes from the registry and stores them in a handy little text file that you can then paste them into a password cracking utility like l0phtcrack or John the ripper (Linux Based works well) also cain and abel can be used.

3) Import Hashes directly from l0phtcrack, and let them open to you by cracking.

Obtained Hashes? Now crack them:

Well, as i have said that these can't be reversed but somehow automated famous cracking softwares can be used to achieve the target. Yes, it is possible, All we have to do is to have a bit patience. The software will use a lot of strings and will compare these hashes also, Inshort it will decode them.

1) John the Ripper - John the Ripper is to many, the old standby password cracker. It is command line which makes it nice if you're doing some scripting, and best of all it's free and in open source. The only real thing that JtR is lacking is the ability to launch Brute Force attacks against your password file. But look at it this way, even though it is only a dictionary cracker, that will probably be all you need. I would say that in my experience I can find about 85-90% of the passwords in a given file by using just a dictionary attack.

2) L0phtCrack - Probably the most wildly popular password cracker out there. L0phtCrack is sold by the folks at @Stake. And with a pricetag of $249 for a single user license it sure seems like every one owns it. This is probably the nicest password cracker you will ever see. With the ability to import hashes directly from the registry pwdump and dictionary, hybrid, and brute-force capabilities. No password should last long. Well, I shouldn't say "no password". But almost all will fall to L0phtCrack given enough time.

Making Your Own Password in Windows:

Injecting Password Hashes into the SAM:
Easiest ways to gain Administrator privileges on a machine, is by injecting your own password hashes into the SAM file. In order to do this you will need physical access to the machine and a brain larger than a peanut. Using a utility called "chntpw" by Petter Nordhal-Hagen you can inject whatever password you wish into the SAM file of any NT, 2000, or XP machine thereby giving you total control, just burn the .iso on a disk and use it. I would give a tip like backing up the SAM file first by using an alternate OS.Make a USB disk of linux or Windows Live dsik can also work. Go in, inject the password of your choosing. Login using your new password. Do what you need to do. Then restore the original SAM so that no one will know that i was hacked.

You need to have admin access to perform this change from the command line. This is an especially handy trick if you want to change a password on an account but you’ve forgotten the original (going through the Control Panel can require confirmation of the old password).

Now we hack Admin Password To verify the user name, by simply typing net user, I get a list of all the user names on that windows machine. Now, go to the command prompt and enter:

cd\

cd windows\system32
net user

If there are people near you and you don’t want them to see the password you type, enter:
net user *

                                                             E.g. > net user username *
                                                      > Type a password for the user:
                                                      > Confirm the password:

Another Easy method, Using ophcrack to Hack into Admin Account:

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

This is a type of offline cracking, Just grab .iso of ophcrack from here. Burn it and enjoy using.

1. Opchrack can crack passwords for Windows 7, Windows Vista, and Windows XP.
2. Ophcrack can recover 99.9% of passwords from Windows XP, usually in a matter of seconds. Any 14-character or smaller password that uses any combination of numbers, small letters, and capital letters should be crackable.
3. Ophcrack can recover 99% of passwords from Windows 7 or Windows Vista. A dictionary attack is used in Windows 7 and Vista.
4. The Ophcrack LiveCD option allows for completely automatic password recovery.
5. LiveCD method requires no installation in Windows, making it a safe alternative to many other password recovery tools.
6. No Windows passwords need to be known to use the Ophcrack LiveCD to crack your Windows passwords.

Download

I think this ophcrack method is far better, Try this one just get a disk and write it, Or else USB disk can aslo be used.

Some security Tips ~ Making strong passwords:

Now, You might have come to know that how passwords can be cracked, So there are some tips for you.
1) Do not make common passwords like 123456 or the one of your own name.
2) Use @, *, # or other symbols in your passwords to ensure maximum security in this case John the ripper and Ophcrack and also other cracking tools may take long time, it will be frustrating for hacker.
3) Keep changing your password. So, that if long time is taken by one hash to decode, until it decodes you have generated another hash.

Hack WhatsApp Account......

noreply@blogger.com (BAUDHIK DUDHATRA ) — Wed, 02 Sep 2015 05:15:00 +0000

On Daily we have heard news about online services is suffering from a lack of security. In February WhatsApp has been down for nearly four hours,
as if this were not enough, people became aware of the security flaw that allows conversations that should be read by anyone provided it learn properly perform the procedures.

Steps to follow:

1 - First of all you need to have the device at hand, use the Social Engineering and be quick in getting the e-mail and backup files msgstore-2014-05-02.1.db.crypt5.
To get the email for this follow the procedures below.

Enter the Play Store and view the e-mail, or write down mentalize somewhere without the person noticing.

Now Go to the device settings from Settings -> Accounts & Sync, look for the email from Google and mentalize or write down somewhere without the person noticing.

2 - Now let's take the msgstore-2014-05-08.1.db.crypt7 file To do this, use Polaris Office or any other app that allows you to navigate between folders and manage files.

Follow this path: My files -> WhatsApp -> Databases - In this directory you will find all the backup files of your messenger.
When you do find the file sharing for your mobile phone via bluetooth.

3 - Have we got the e-mail and file backup http://whatcrypt.com/?cmd=_decrypt
we enter the site and send the backup file.

To Submit follows:
Account: Enter the email of the victim
Database: Select the database backup
Click Process / download zip
Save the zip file on your desktop

4 - Once you have downloaded the backup file in zip format we now need to download the tool to extract the backup and we have access to conversations. Save on the desktop.

WhatsApp Decrypt MediaFire: http://www.mediafire.com/download/hw7m1590ld27vd5/WhatsApp_Decrypt.rar

Scanner Virus Total: https://www.virustotal.com/pt/file/c58bbef257e1ada303478b468a2b68523cbd307e1620d76d53489763e0ef5e15/analysis/1399523236/

5 - From the desktop to extract the file WhatsApp Decrypt.zip install python-3.4.0 folder and enter the WhatsApp.
Browse by: WhatsApp -> Whatsapp_Xtract_V2.1_2012-05-10-2

When you install python-3.4.0 do the following steps:

1 - Go to My Computer, click with the right mouse button and Properties -> Advanced System Settings

2 - In the System Properties navigate to the Advanced tab -> Environment Variables

3 - Environment Variables look for Path

4 - Edit the PATH

5 - At the end of PATH add ;C:\Python34

6 - Click ok and close

6 - Now extract the file from step 3 msgstore_decrypted on the desktop, copy and paste it on WhatsApp folder -> Whatsapp_Xtract_V2.1_2012-05-10-2 and replace the file

7 - Replace the WhatsApp folder -> Whatsapp_Xtract_V2.1_2012-05-10-2 from step 5 and
look for msgstore.dll file, drag it onto the whatsapp_xtract_drag'n'drop_database file (s) _here

After you drag it will create a file called msgstore.db.html the folder and ask you to press any key at the command prompt to continue ...
Pressing any key it will open in your default browser displaying the file msgstore.db.html all conversations, dates, numbers, etc...

Note: In step 2 print shows the crypt 7 but the crypt is correct 5!

Disclaimer: This tutorial is educational purpose only. HOC is not responsible for any kind of illegal activities. We believe in Security.

Hack Victim Computer...

noreply@blogger.com (BAUDHIK DUDHATRA ) — Wed, 02 Sep 2015 05:13:00 +0000

How To Hack & Access Same LAN Computers ?

If you are working in Office / Colleges and want to hack your friends & college mate PC then here is a trick.

First Step press win+ R

Go to Run> Type Cmd

now type command net view

It will be look as below

C:\>net view

Server Name Remark
-----------------------------------------------
\\xyz
\\abc

Here you can get all the names of all the computers machine names which connect with your LAN.

Now you got the name. Lets start hacking into the systems.

After you get server name now type tracert command for knowing IP of the victim machine.

Example: C:\> tracert xyz

Here you get the IP address of the XYZ computer machine.

Now go to windows start button and type Remote Desktop Connection

After click on Remote Desktop Connection you get below image..

Now type the IP address or computer name of victim machine.

Click on Connect <-|
It will also ask administrator password which is common as usual you known about.

After few second Victim machine shown in your Computer..
Now you can access that machine to open website, files, Software's, etc

Hack iCloud Activation Lock.....

noreply@blogger.com (BAUDHIK DUDHATRA ) — Wed, 02 Sep 2015 05:10:00 +0000

iCloud Apple iD BruteForcer

This tool is released by "Pr0x13" at GitHub. Attackers to break into any iCloud account, potentially giving them free access to victims’ iOS devices.

How to Install:

Put in HtDocs Folder in your Xampp installation.

Install cUrl for your OS

Navigate to http://127.0.0.1/iDict/ in your web browser (preferably Firefox, Chrome, or Safari).

Wordlist.txt is from iBrute and it satisfies iCloud password Requirements

It's been reported if icloud server responds with an error restart xampp or

your computer

-=Reports coming in that Server is now Patched with Rate Limiter=-

-=Server Fully Patched, Discontinue use if you don't want to lock your account!!=-

What is this?

A 100% Working iCloud Apple ID Dictionary attack that bypasses

Account Lockout restrictions and Secondary Authentication on any account.

What this isn't:

A bypass or fully automated removal

Why?

This bug is painfully obvious and was only a matter of time before it was

privately used for malicious or nefarious activities, I publicly disclosed it so apple will patch it.

Download now

How to Unlock iCloud Activation Lock

First is need to Download the hack tool on your pc. Go on Download Button below and get this software. We give this for free, not is need to pay.

Unlock iCloud Lock Download BypassTool

Server – 1

Server - 2

Server – 2

Step 1. Download and Unzip the file on your PC.

Step 2. Start this hack tool on your PC. Connect your iPhone via USB cable.

Step 3. Then click on Start button to process bypass icloud lock service.

Step 4. Wait five min to be complete this process. When will be done click OK.

The finaly process is when this will be complete to install the latest versizon on iTunes on your PC. Then make Restore Update on your device and icloud lock will be permanent removed from your apple device. This is official factory unlock on iCloud lock directly from Apple Database Servers.

Many services in the world talk for this on net, but be careful, many of them is scam. We this service give you for free, and not like to give money to us. Only Download this hack tool and enjoy.

Dear Readers if like to Unlock for Not free in five min your iCloud Lock on your iPhone go here on this Factory Unlock iPhone company. This is safely service we test. – iPhoneOfficialUnlock

Source

Hack iCloud Activation Lock

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 15:09:00 +0000

iCloud Apple iD BruteForcer

This tool is released by "Pr0x13" at GitHub. Attackers to break into any iCloud account, potentially giving them free access to victims’ iOS devices.

How to Install:

Put in HtDocs Folder in your Xampp installation.

Install cUrl for your OS

Navigate to http://127.0.0.1/iDict/ in your web browser (preferably Firefox, Chrome, or Safari).

Wordlist.txt is from iBrute and it satisfies iCloud password Requirements

It's been reported if icloud server responds with an error restart xampp or

your computer

-=Reports coming in that Server is now Patched with Rate Limiter=-

-=Server Fully Patched, Discontinue use if you don't want to lock your account!!=-

What is this?

A 100% Working iCloud Apple ID Dictionary attack that bypasses

Account Lockout restrictions and Secondary Authentication on any account.

What this isn't:

A bypass or fully automated removal

Why?

This bug is painfully obvious and was only a matter of time before it was

privately used for malicious or nefarious activities, I publicly disclosed it so apple will patch it.

Download now

How to Unlock iCloud Activation Lock

First is need to Download the hack tool on your pc. Go on Download Button below and get this software. We give this for free, not is need to pay.

Unlock iCloud Lock Download BypassTool

Server – 1

Server - 2

Server – 2

Step 1. Download and Unzip the file on your PC.

Step 2. Start this hack tool on your PC. Connect your iPhone via USB cable.

Step 3. Then click on Start button to process bypass icloud lock service.

Step 4. Wait five min to be complete this process. When will be done click OK.

Many services in the world talk for this on net, but be careful, many of them is scam. We this service give you for free, and not like to give money to us. Only Download this hack tool and enjoy.

Dear Readers if like to Unlock for Not free in five min your iCloud Lock on your iPhone go here on this Factory Unlock iPhone company. This is safely service we test. – iPhoneOfficialUnlock

Source

Google Hacking

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 15:04:00 +0000

Google queries for locating various Web servers
“Apache/1.3.28 Server at” intitle:index.of
Apache 1.3.2
“Apache/2.0 Server at” intitle:index.of
Apache 2.0
“Apache/* Server at” intitle:index.of
any version of Apache
“Microsoft-IIS/4.0 Server at” intitle:index.of
Microsoft Internet Information Services 4.0
“Microsoft-IIS/5.0 Server at” intitle:index.ofMicrosoft Internet Information Services 5.0
“Microsoft-IIS/6.0 Server at” intitle:index.of
Microsoft Internet Information Services 6.0
“Microsoft-IIS/* Server at” intitle:index.of
any version of Microsoft Internet Information Services
“Oracle HTTP Server/* Server at” intitle:index.of
any version of Oracle HTTP Server
“IBM _ HTTP _ Server/* * Server at” intitle:index.of
any version of IBM HTTP Server
“Netscape/* Server at” intitle:index.of
any version of Netscape Server
“Red Hat Secure/*” intitle:index.of
any version of the Red Hat Secure server
“HP Apache-based Web Server/*” intitle:index.of
any version of the HP server
Queries for discovering standard post-installation
intitle:”Test Page for Apache Installation” “You are free”
Apache 1.2.6
intitle:”Test Page for Apache Installation” “It worked!” “this Web site!”
Apache 1.3.0 – 1.3.9
intitle:”Test Page for Apache Installation” “Seeing this instead”
Apache 1.3.11 – 1.3.33, 2.0
intitle:”Test Page for the SSL/TLS-aware Apache Installation” “Hey, it worked!”
Apache SSL/TLS
intitle:”Test Page for the Apache Web Server on Red Hat Linux”
Apache on Red Hat
intitle:”Test Page for the Apache Http Server on Fedora Core”
Apache on Fedora
intitle:”Welcome to Your New Home Page!”
Debian Apache on Debian
intitle:”Welcome to IIS 4.0!”
IIS 4.0
intitle:”Welcome to Windows 2000 Internet Services”
IIS 5.0

intitle:”Welcome to Windows XP Server Internet Services”
IIS 6.0
Querying for application-generated system reports
“Generated by phpSystem”

operating system type and version, hardware configuration, logged users, open connections, free memory and disk space, mount points
“This summary was generated by wwwstat”
web server statistics, system file structure
“These statistics were produced by getstats”
web server statistics, system file structure
“This report was generated by WebLog”
web server statistics, system file structure
intext:”Tobias Oetiker” “traffic analysis”
systemperformance statistics as MRTG charts, network configuration
intitle:”Apache::Status” (inurl:server-status | inurl:status.html | inurl:apache.html)
server version, operating system type, child process list, current connections
intitle:”ASP Stats Generator *.*” “ASP Stats Generator” “2003-2004 weppos”
web server activity, lots of visitor information
intitle:”Multimon UPS status page”
UPS device performance statistics
intitle:”statistics of” “advanced web statistics”
web server statistics, visitor information
intitle:”System Statistics” +”System and Network Information Center”

system performance statistics as MRTG charts, hardware configuration, running services
intitle:”Usage Statistics for” “Generated by Webalizer”
web server statistics, visitor information, system file structure
intitle:”Web Server Statistics for ****”
web server statistics, visitor information
nurl:”/axs/ax-admin.pl” -script
web server statistics, visitor information
inurl:”/cricket/grapher.cgi”
MRTG charts of network interface performance
inurl:server-info “Apache Server Information”
web server version and configuration, operating system type, system file structure
“Output produced by SysWatch *”
operating system type and version, logged users, free memory and disk space, mount points, running processes, system logs

dork for finding admin page
admin1.php
admin1.html
admin2.php
admin2.html
yonetim.php
yonetim.html
yonetici.php
yonetici.html
admin/account.php
admin/account.html
admin/index.php
admin/index.html
admin/login.php
admin/login.html
admin/home.php
admin/controlpanel.html
admin/controlpanel.php
admin.php
admin.html
admin/cp.php
admin/cp.html
cp.php
cp.html
administrator/
administrator/index.html
administrator/index.php
administrator/login.html
administrator/login.php
administrator/account.html
administrator/account.php
administrator.php
administrator.html
login.html
modelsearch/login.php
moderator.php
moderator.html
moderator/login.php
moderator/login.html
moderator/admin.php
moderator/admin.html
account.php
account.html
controlpanel/
controlpanel.php
controlpanel.html
admincontrol.php
admincontrol.html
adminpanel.php
adminpanel.html
admin1.asp
admin2.asp
yonetim.asp
yonetici.asp
admin/account.asp
admin/index.asp
admin/login.asp
admin/home.asp
admin/controlpanel.asp
admin.asp
admin/cp.asp
cp.asp
administrator/index.asp
administrator/login.asp
administrator/account.asp
administrator.asp
login.asp
modelsearch/login.asp
moderator.asp
moderator/login.asp
moderator/admin.asp
account.asp
controlpanel.asp
admincontrol.asp
adminpanel.asp
fileadmin/
fileadmin.php
fileadmin.asp
fileadmin.html
administration/
administration.php
administration.html
sysadmin.php
sysadmin.html
phpmyadmin/
myadmin/
sysadmin.asp
sysadmin/
ur-admin.asp
ur-admin.php
ur-admin.html
ur-admin/
Server.php
Server.html
Server.asp
Server/
wp-admin/
administr8.php
administr8.html
administr8/
administr8.asp
webadmin/
webadmin.php
webadmin.asp
webadmin.html
administratie/
admins/
admins.php
admins.asp
admins.html
administrivia/
Database_Administration/
WebAdmin/
useradmin/
sysadmins/
admin1/
system-administration/
administrators/
pgadmin/
directadmin/
staradmin/
ServerAdministrator/
SysAdmin/
administer/
LiveUser_Admin/
sys-admin/
typo3/
panel/
cpanel/
cPanel/
cpanel_file/
platz_login/
rcLogin/
blogindex/
formslogin/
autologin/
support_login/
meta_login/
manuallogin/
simpleLogin/
loginflat/
utility_login/
showlogin/
memlogin/
members/
login-redirect/
sub-login/
wp-login/
login1/
dir-login/
login_db/
xlogin/
smblogin/
customer_login/
UserLogin/
login-us/
acct_login/
admin_area/
bigadmin/
project-admins/
phppgadmin/
pureadmin/
sql-admin/
openvpnadmin/
wizmysqladmin/
vadmind/
ezsqliteadmin/
hpwebjetadmin/
newsadmin/
adminpro/
Lotus_Domino_Admin/
bbadmin/
vmailadmin/
ccp14admin/
irc-macadmin/
banneradmin/
sshadmin/
phpldapadmin/
macadmin/
administratoraccounts/
admin4_account/
admin4_colon/
radmind-1/
Super-Admin/
AdminTools/
cmsadmin/
phpSQLiteAdmin/
server_admin_small/
database_administration/
system_administration/

Update Imp. Dorks.
Dork : "inurl:dettaglio.php?id="

Exploit :www.victim.com/sito/dettaglio.php?id=[SQL]

Example :http://www.cicloposse.com/dettaglio.php?id=61'
----------------------------------------------------------------------------------------------------------------
Dork: inurl:prodotto.php?id)

Exploit:
www.victim.com/prodotto.php?id=[SQL]

Example:http://www.poderimorini.com/en/prodotto.php?id=14'

sql injection dorks
allinurl: \”index php go buy\”
allinurl: \”index.php?go=sell\”
allinurl: \”index php go linkdir\”
allinurl: \”index.php?go=resource_center\”
allinurl: \”resource_center.html\”
allinurl: \”index.php?go=properties\”
allinurl: \”index.php?go=register\”

Error message queries

“A syntax error has occurred”filetype:ihtml

Informix database errors, potentially containing function names, filenames, file structure information, pieces of SQL code and passwords

“Access denied for user” “Using password”

authorisation errors, potentially containing user names, function names, file structure information and pieces of SQL code

“The script whose uid is ” “is not allowed to access”

access-related PHP errors, potentially containing filenames, function names and file structure information

“ORA-00921: unexpected end of SQL command”

Oracle database errors, potentially containing filenames, function names and file structure information

“error found handling the request” cocoon filetype:xml

Cocoon errors, potentially containing Cocoon version information, filenames, function names and file structure information

“Invision Power Board Database Error”

Invision Power Board bulletin board errors, potentially containing function names, filenames, file structure information and piece of SQL code

“Warning: mysql _ query()” “invalid query”

MySQL database errors, potentially containing user names, function names, filenames and file structure information

“Error Message : Error loading required libraries.”

CGI script errors, potentially containing information about operating system and program versions, user names, filenames and file structure information

“#mysql dump” filetype:sql

MySQL database errors, potentially containing information about database structure and contents

Dork for locating passwords

http://*:*@www” site

passwords for site, stored as the string “http://username:password@www…”

filetype:bak inurl:”htaccess|passwd|shadow|ht users”

file backups, potentially containing user names and passwords

mdb files, potentially containing password information

intitle:”Index of” pwd.db

pwd.db files, potentially containing user names and encrypted passwords

inurl:admin inurl:backup intitle:index.of

directories whose names contain the words admin and backup

“Index of/” “Parent Directory” “WS _ FTP.ini”

filetype:ini WS _ FTP PWD

WS_FTP configuration files, potentially containing FTP server access passwords

ext:pwd inurl:(service|authors|administrators |users) “# -FrontPage-”

files containing Microsoft FrontPage passwords

filetype:sql (“passwd values ****” | “password values ****” | “pass values ****” )

files containing SQL code and passwords inserted into a database

intitle:index.of trillian.ini

configuration files for the Trillian IM

eggdrop filetype:user

user configuration files for the Eggdrop ircbot

filetype:conf slapd.conf

configuration files for OpenLDAP

inurl:”wvdial.conf” intext:”password”

configuration files for WV Dial

ext:ini eudora.ini

configuration files for the Eudora mail client

filetype:mdb inurl:users.mdb

Microsoft Access files, potentially containing user account information

Searching for personal data and confidential documents

filetype:xls inurl:”email.xls”

email.xls files, potentially containing contact information

“phone * * *” “address *” “e-mail” intitle: “curriculum vitae”

CVs

“not for distribution”

confidential documents containing the confidential clause

buddylist.blt

AIM contacts list

intitle:index.of mystuff.xml

Trillian IM contacts list

filetype:ctt “msn”

MSN contacts list

filetype:QDF

QDF database files for the Quicken financial application

intitle:index.of finances.xls

finances.xls files, potentially containing information on bank accounts, financial summaries and credit card numbers

intitle:”Index Of” -inurl:maillog maillog size

maillog files, potentially containing e-mail

Network Vulnerability Assessment Report”
“Host Vulnerability Summary Report”
filetype:pdf “Assessment Report”
“This file was generated by Nessus”

reports for network security scans, penetration tests etc

dork for locating network devices

“Copyright (c) Tektronix, Inc.” “printer status”

PhaserLink printers

inurl:”printer/main.html” intext:”settings”

Brother HL printers

intitle:”Dell Laser Printer” ews

Dell printers with EWS technology

intext:centreware inurl:status

Xerox Phaser 4500/6250/8200/8400 printers

inurl:hp/device/this.LCDispatcher

HP printers

intitle:liveapplet inurl:LvAppl

Canon Webview webcams

intitle:”EvoCam” inurl:”webcam.html”

Evocam webcams

inurl:”ViewerFrame?Mode=”

Panasonic Network Camera webcams

(intext:”MOBOTIX M1″ | intext:”MOBOTIX M10″) intext:”Open Menu” Shift-Reload

Mobotix webcams

inurl:indexFrame.shtml Axis

Axis webcams

intitle:”my webcamXP server!” inurl:”:8080″

webcams accessible via WebcamXP Server

allintitle:Brains, Corp.

camera webcams accessible via mmEye

intitle:”active webcam page”

Game CheatCodes

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 15:01:00 +0000

Clash of Clans Hack v1.72 for Gold, Elixier and Gems

working on Android and iOS - without Jailbreak - no Survey.

http://loadsnake.com/coc-hack/

FOR HITMAN

when you run the game if it shows this message
Fatal error Direct3D:Unable to create device. Try changing resolution or color depth

SOLUTION

Open the Hitman2.ini file on your hard drive and change the line
which reads DrawDll RenderD3D.dll to DrawDll RenderOpenGL.dll.

Your game error will be fixed.. :)

NFS WORLD CHEATCODES

Make Money A Little Bit Faster
The best way to get money faster is to enter a tier 1 team escape. Yeah, the cops are annoying but it's more fun and you get roughly $500 more!

Easy Money
In NFS:W, play team escape. It gets you $2000-$3000 each escape. So you can earn money quickly and easily.

Easily Evade Spots
The first 2 are in little cubby holes by the docks to the awy south (the lobster shacks). The third one is by the shipyard, it is behind a glitch wall, you can pass through but for some reason they cant. The fourth is between the other locations, there is a garage type thing with a fish above it, go in here and you wont get caught. All of these locales have cooldowns as well.

Car Gone Mad
At the stadium in riverfront the box thing if you put your front tire off it will start going crazy if you wait and if done correct.

GTA Sandreas Cheat Codes
Armor, Health, And Money

hesoyam
Complete Pilot School With All Bronze Medals

Enter rustler as a code.
Never Get A Star Rating

To never get a star rating type AEZAKMI
Make All Traffic Fast Cars

Enter everyoneisrich as a code.
Get An Invisible Car

Enter wheelsonlyplease as a code.
Weapon Sets 1

lxgiwyl
Drive The Train

If you want to drive the train type 'lockit'
Spawn Rancher 4x4

jqntdmh
Never Get Hungry

Type in AEDUWNV.
Perform A Mega-jump

Enter kangaroo as a code.
Get Max Sex Appeal

Enter helloladies as a code.
Maxed Out On All Vehicle Skill Statistics

Enter naturaltalent as a code.
Pedestrians Attack With Guns

bgluawml
Max Respect

worshipme
Flying Cars

Unlike previous GTA Games, this allows you to stay in the air and go any where you want. But be careful landing, the car goes at least 500mph in the air. But I thought it was a big improvement. Anyway, onto the code, chittychittybangbang.
Spawn Army Tank

aiwprton
Sunny Weather

pleasantlywarm
Create A Sandstorm

Type in CWJXUOC.
CJ Is A Slut Magnet

Type in BEKKNQV.
Complete The Driving School With All Gold Medals

Enter hotknife as a code.
Make All Traffic Cheap Cars

Enter everyoneispoor as a code.
Commit Suicide

Enter goodbyecruelworld as a code.
Achieve Perfect Vehicle Handling

Enter sticklikeglue as a code.
While On A Bike To Perform A Huge Bunny Hop (ala E.T.)

Enter cjphonehome as a code.
Be At The Hitman Level In All Weapons Statistics

Enter professionalkiller as a code.
Six Star Wanted Level

bringiton
Raise Wanted Level

turnuptheheat
Pedestrians Riot

stateofemergency
Unlimited Health

baguvix
Speed Up Time

ysohnul
Spawn Parachute

aiypwzqp
Spawn Dozer

itsabull
Max Muscle

buffmeup
Max Stamina

vkypqcf
Spawn Stretch Limo

celebritystatus
Spawn Hearse

wheresthefuneral
Spawn Hydra (Fighter Jet), Spawn Monster

Tired of just driving on stupid cars and also having to wait to pass a test to get the Hydra well type in JUMPJET and the Hydra will appear. Also want a monster truck; Type in MONSTERMASH and you will get the MONSTER.
Lose All Body Fat

Type in KVGYZQK.
Maximum Body Fat

Type in BTCDBCB.
Have Infinite Air For Swimming Underwater

Type in CVWKXAM.
Have A Beach Party

Type in CIKGCGX.
Contract On CJ

Type in BAGOWPG.
Get VERY Sunny Weather

Enter toodamnhot as a code.
Spawn A Dozer

Enter itsallbull as a code.
Severely Reduce Traffic

Enter ghosttown as a code.
Recruit Anyone And Have Them Equipped With Rockets

Enter rocketmayhem as a code.
Remake The Hood In A Ninja Theme

Enter ninjatown as a code.
Make Gangs Take Over The Streets

Enter bifbuzz as a code.
Remake The 'hood In A Funhouse Theme

Enter crazytown as a code.
Accelerate Gameplay

Enter speeditup as a code.
Make Cars Float Away When Hit

Enter bubblecars as a code.
Make Boats Fly

Enter flyingfish as a code.
Permanent Midnight

Enter nightprowler as a code.
Suicide

SZCMAWO
Gang Members Everywhere

MROEMZH
Spawn Bloodring Banger

oldspeeddemon
Slow Motion

slowitdown
Pedestrians Have Weapons

foooxft
Pedestrians Are Elvis

bluesuedeshoes
Weapon Sets 2

professionalskit
Weapon Sets 3

uzumymw
Unlimited Ammo

fullclip
Super Punches

iavenjq
Rainy Weather

auifrvqs
Stormy Weather

scottishsummer
Sunny Weather

pleasentlywarm
Spawn 4xWheeler

fourwheelfun
Spawn Monster Truck

monstermash
Spawn Jetpack

rocketman
Spawn Hydra

jumpjet
Spawn Hunter

ohdude
Spawn Caddy

rzhsuew
Max Lung Capacity

cvwkxam
Lower Wanted Level

turndowntheheat
Destroy All Cars

cpktnwt
Cloudy Weather

alnsfmzo
Spawn Vortex

kgggdkp
Spawn Trashmaster

truegrime
Spawn Tanker

amomhrer
Spawn Stunt Plane

flyingtostunt
Note: Stunt Plane can do backflips, barrel rolls, and sky diving.

Spawn Racecar #2

vpjtqwv
Spawn Racecar #1

vrockpokey
Adrenaline Effects

anoseonglass
All Cars Have Nitrous

speedfreak
Aggressive Traffic

ylteicz

Forensic Tools

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 15:00:00 +0000

Unhide : To find processes hidden by rootkits:

Unhide is a forensic tool to find processes hidden by rootkits, Linux kernel modules or by other techniques. It detects hidden processes using six techniques:

    Compare /proc vs /bin/ps output
    Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for Linux 2.6 version
    Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning).
    Full PIDs space ocupation (PIDs bruteforcing). ONLY for Linux 2.6 version
    Compare /bin/ps output vs /proc, procfs walking and syscall. ONLY for Linux 2.6 version
    Reverse search, verify that all thread seen by ps are also seen in the kernel.
    6- Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for Linux 2.6 version.
    Unhide-TCP

Download

Hashbot Online Forensic Web Tool

Hashbot is a forensic web tool to acquire and validate, over time, the status of an individual web page or web document.
Acquire: Insert the URL to acquire, select your favorite user agent (default is Firefox) and click on submit. Wait for creating process finish and download the zip archive.

Validate: Unzip the archive downloaded by the creation service, open the <code>-code.txt file and use the "Validate Info" section to fill in the validation form. Click on submit and wait for the server response.
HashBot

Registry Decoder - Digital Forensics Tool

Digital forensics deals with the analysis of artifacts on all types of digital devices.
One of the most prevalent analysis techniques performed is that of the registry
hives contained in Microsoft Windows operating systems.

Registry Decoder was developed with the purpose of providing a single tool for the acquisition, analysis, and reporting of registry contents.

Download

Rifiuti v1.0

A Recycle Bin Forensic Analysis Tool.

Many important files within Microsoft Windows have structures that are
undocumented.
One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they must have an acceptable margin of error. Currently, there are a lack of open source methods and tools that forensic analysts
can rely upon to examine the data found in proprietary Microsoft files.

Many computer crime investigations require the reconstruction of a subject's
Recycle Bin. Since this analysis technique is executed regularly, we researched the structure of the data found in the Recycle Bin repository files (INFO2 files). Rifiuti,
the Italian word meaning "trash", was developed to examine the contents of the INFO2 file in the Recycle Bin.
The foundation of Rifiuti's examination methodology is presented in the white paper located here. Rifiuti will parse the information in an INFO2 file and output the results
in a field delimited manner so that it may be imported into your favorite spreadsheet program. Rifiuti is built to work on multiple platforms and will execute on Windows (through Cygwin), Mac OS X,
Linux, and *BSD platforms.

Usage:
rifiuti [options] <filename>
-t Field Delimiter (TAB by default)

Example Usage:
[kjones:rifiuti/rifiuti_20030410_1/bin] kjones% ./rifiuti INFO2 > INFO2.txt

Open INFO2.txt as a TAB delimited file in MS Excel to further sort and filter your
results.

Download

NetSleuth

Its identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.
NetSleuth is an opensource network forensics and analysis tool, designed for triage in incident response situations. It can identify and fingerprint network hosts and devices from pcap files captured from Ethernet or WiFi data (from tools like Kismet). It is a free network monitoring, cyber security and network forensics analysis (NFAT) tool

Download

Bug TraQ

Bugtraq system offers the most comprehensive distribution, optimal, stable and automatic security to date. Bugtraq is a distribution based on the 2.6.38 kernel has a wide range of penetration and forensic tools. Bugtraq can be installed from a Live DVD or USB drive, the distribution is customized to the last package, configured and updated the kernel. The kernel has been patched for better performance to recognize a variety of hardware, including wireless injection patches pentesting that other distributions do not recognize.
Features:

Patching the kernel 2.6.38 to recognize 4 gigs of RAM in 32-bit.
Tools perfectly configured, automated installation scripts and tools like Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira, BitDefender, ClamAV, Avast, AVG, etc...
Unique Scripts from Bugtraq-Team (SVN updates tools, delete tracks, backdoors, Spyder-sql, etc.

Download

Hex Workshop

The Hex Workshop Hex Editor is a set of hexadecimal development tools for Microsoft
Windows, combining advanced binary editing with the ease and flexibility of a word processor. With Hex Workshop you can
Edit, cut, copy, paste, insert, and delete of Hex Script.
Hex values can be grouped by 1, 2, 4, 8 or 16 bytes.
Search using Hex Strings (including wildcards).
Find and replace by Hex Strings, Text, Strings or values.
Sector edit partitions or physical disks.
Checksum either entire document or a selection.
Arithmetic operations: +, -, *, /, %, ().
C/C++ Plug-in API.
Hex/Decimal calculator supporting: +,-,*,/,|,&,^,<<,>>, ~

Download

Helix

Helix is more on the forensics and incident response side than the networking or pen-testing side. Still a very useful tool to carry.

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Download

Hiren’s BootCD 14.1

All in One Bootable CD which has all utilities..

Download

Firefox Imp. Addons.....

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 14:55:00 +0000

FOX TAB:
3D in your browser! FoxTab brings innovative 3D functionality to your Firefox.

New! Top Sites for FoxTab (aka Speed Dial).
Now you can access your most favorite sites from the familiar FoxTab interface.

FoxTab is a popular 3D tab management extension.
FoxTab powers Firefox with the following main features:
  ✔ Top Sites (aka Speed Dial) for quickly accessing your favorite web sites.
  ✔ Tab Flipper – to easily flip between opened tabs using mouse or keyboard gestures.
  ✔ Recently Closed Tabs – for reopening a tab that was recently closed.

Choose between 6 attractive 3D layouts.

Download Link:
https://addons.mozilla.org/en-US/firefox/addon/8879/

GREASE MONKEY:

Allows you to customize the way a webpage displays using small bits of JavaScript. ...!!

Download Link:
https://addons.mozilla.org/en-US/firefox/addon/748/

TAMPER DATA:

Use tamperdata to view and modify HTTP/HTTPS headers and post parameters...

Use tamperdata to view and modify HTTP/HTTPS headers and post parameters.

Trace and time http response/requests.

Security test web applications by modifying POST parameters.

FYI current version of Google Web Accelerator is incompatible with the tampering function of TamperData. Your browser will crash.

Download Link:
https://addons.mozilla.org/en-US/firefox/addon/966/

XSS ME:

Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities.

Download Link:
https://addons.mozilla.org/en-US/firefox/addon/7598/

Email Hacking...........

noreply@blogger.com (BAUDHIK DUDHATRA ) — Fri, 28 Aug 2015 14:51:00 +0000

Do U Think If Your Email Can Not Been Hackable, Then You Are Wrong...
Ur Email-ID Can Be Hack... But Its Can Be Hack Only Fault by User.. Most Of The Peoples Think That Their Has A Software to Hack A Email- ID's But Truth Is Their Is No Software Present For Hacking Ur Mail ID's..

Email Hacking can be possible to many ways like:-

1. Social Engineering

2.Phishing Attacks

3. Cookie Hijacking

4. By Keyloggers

Social Engineering:
This Process is defined as Hack the human mind without any tools...
This has become one of the hottest topics today and it seems to work out most of the times. Social Engineering doesn’t deal with the network security issues, vulnerabilities, exploits, etc. It just deals with simple Psychological tricks that help to get the information we want.
This really works!! But it requires a lot of patience.
We are all talking about network security and fixing the vulnerabilities in networks.
But what happens if some internal person of a network accidentally gives out the passwords. After all we are all humans; we are also vulnerable and can be easily
exploited and compromised than the computers.
Social Engineering attacks have become most common during the chat sessions.
With the increase in use of Instant Messengers, any anonymous person may have a
chat with another any where in the world. The most crucial part of this attack is to
win the trust of the victim.

Phishing Attack:
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surroundering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

Cookie Hijacking:
In cookie hijacking we can hack email accounts very easily.. This trick is very
dangereous because whenever user change a password then there is no need to
attacker for again hack Email- ID of victim. And it would take you to inbox of victim's yahoo account without asking for any password of victim account.

Keyloggers:
Keylogger is a software program or hardware device that is used to monitor and log
each of the keys a user types into a computer keyboard. The user who installed the program or hardware device can then view all keys typed in by that user. Because
these programs and hardware devices monitor the keys typed in a user can easily
find user passwords and other information a user may not wish others to know about.
Keyloggers, as a surveillance tool, are often used by employers to ensure employees
use work computers for business purposes only. Unfortunately, keyloggers can also
be embedded in spyware allowing your information to be transmitted to an unknown third party.

Phlashing-PDOS......

noreply@blogger.com (BAUDHIK DUDHATRA ) — Tue, 18 Aug 2015 14:11:00 +0000

A permanent Denial Of Service (PDOS), also known as "Phlashing". It's an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Phlashing used for hardware attack. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image a process which when done legitimately is known as flashing. This therefore "bricks" the device, rendering it unusable for its original purpose until it can be repaired or replaced.

The PDOS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard's Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London. Smith said remotely abusing firmware update mechanisms with a Phlashing attack, for instance, is basically a one-shot attack. “Phlashing attacks can achieve the goal of disrupting service without ongoing expense to the attacker; once the firmware has been corrupted, no further action is required for the DOS condition to continue,”

An attacker could use remote firmware update paths in network hardware, which are often left unprotected, to deliver corrupted firmware and flash this to the device. As a result, the device would become unusable.

Botnets

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 15 Aug 2015 10:52:00 +0000

Botnet

A botnet or robot network is a group of computers running a computer application controlled and manipulated only by the owner or the software source. The botnet may refer to a legitimate network of several computers that share program processing amongst them.

Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.

A botnet may be small or large depending on the complexity and sophistication of the bots used. A large botnet may be composed of ten thousand individual zombies. A small botnet, on the other hand may be composed of only a thousand drones. Usually, the owners of the zombie computers do not know that their computers and their computers’ resources are being remotely controlled and exploited by an individual or a group of malware runners through Internet Relay Chat (IRC)

There are various types of malicious bots that have already infected and are continuing to infect the internet. Some bots have their own spreaders – the script that lets them infect other computers (this is the reason why some people dub botnets as computer viruses) – while some smaller types of bots do not have such capabilities.

Different Types of Bots

Here is a list of the most used bots in the internet today, their features and command set.

XtremBot, Agobot, Forbot, Phatbot

These are currently the best known bots with more than 500 versions in the internet today. The bot is written using C++ with cross platform capabilities as a compiler and GPL as the source code. These bots can range from the fairly simple to highly abstract module-based designs. Because of its modular approach, adding commands or scanners to increase its efficiency in taking advantage of vulnerabilities is fairly easy. It can use libpcap packet sniffing library, NTFS ADS and PCRE. Agobot is quite distinct in that it is the only bot that makes use of other control protocols besides IRC.

UrXBot, SDBot, UrBot and RBot

Like the previous type of bot, these bots are published under GPL, but unlike the above mentioned bots these bots are less abstract in design and written in rudimentary C compiler language. Although its implementation is less varied and its design less sohisticated, these type of bots are well known and widely used in the internet.

GT-Bots and mIRC based bots

These bots have many versions in the internet mainly because mIRC is one of the most used IRC client for windows. GT stands for global threat and is the common name for bots scripted using mIRC. GT-bots make use of the mIRC chat client to launch a set of binaries (mainly DLLs) and scripts; their scripts often have the file extensions .mrc.

Malicious Uses of Botnets

Types Of Botnet Attack

Denial of Service Attacks

A botnet can be used as a distributed denial of service weapon. A botnet attacks a network or a computer system for the purpose of disrupting service through the loss of connectivity or consumption of the victim network’s bandwidth and overloading of the resources of the victim’s computer system. Botnet attacks are also used to damage or take down a competitor’s website.

Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies.

Any Internet service can be a target by botnets. This can be done through flooding the website with recursive HTTP or bulletin-board search queries. This mode of attack in which higher level protocols are utilized to increase the effects of an attack is also termed as spidering.

Spyware Adware Spamming and Traffic Monitoring

Its a software which sends information to its creators about a user's activities – typically passwords, credit card numbers and other information that can be sold on the black market. Compromised machines that are located within a corporate network can be worth more to the bot herder, as they can often gain access to confidential information held within that company. There have been several targeted attacks on large corporations with the aim of stealing sensitive information, one such example is the Aurora botnet.

Its exists to advertise some commercial entity actively and without the user's permission or awareness, for example by replacing banner ads on web pages with those of another content provider.

A botnet can also be used to take advantage of an infected computer’s TCP/IP’s SOCKS proxy protocol for networking appications. After compromising a computer, the botnet commander can use the infected unit (a zombie) in conjunction with other zombies in his botnet (robot network) to harvest email addresses or to send massive amounts of spam or phishing mails.

Moreover, a bot can also function as a packet sniffer to find and intercept sensitive data passing through an infected machine. Typical data that these bots look out for are usernames and passwords which the botnet commander can use for his personal gain. Data about a competitor botnet installed in the same unit is also mined so the botnet commander can hijack this other botnet.

Access number replacements are where the botnet operator replaces the access numbers of a group of dial-up bots to that of a victim's phone number. Given enough bots partake in this attack, the victim is consistently bombarded with phone calls attempting to connect to the internet. Having very little to defend against this attack, most are forced into changing their phone numbers (land line, cell phone, etc.).

Keylogging and Mass Identity Theft

An encryption software within the victims’ units can deter most bots from harvesting any real information. Unfortunately, some bots have adapted to this by installing a keylogger program in the infected machines. With a keylogger program, the bot owner can use a filtering program to gather only the key sequence typed before or after interesting keywords like PayPal or Yahoo mail. This is one of the reasons behind the massive PayPal accounts theft for the past several years.

Bots can also be used as agents for mass identity theft. It does this through phishing or pretending to be a legitimate company in order to convince the user to submit personal information and passwords. A link in these phishing mails can also lead to fake PayPal, eBay or other websites to trick the user into typing in the username and password.

Botnet Spread

Botnets can also be used to spread other botnets in the network. It does this by convincing the user to download after which the program is executed through FTP, HTTP or email.

Pay-Per-Click Systems Abuse

Botnets can be used for financial gain by automating clicks on a pay-per-click system. Compromised units can be used to click automatically on a site upon activation of a browser. For this reason, botnets are also used to earn money from Google’s Adsense and other affiliate programs by using zombies to artificially increase the click counter of an advertisement.

Anonymous Surfing

noreply@blogger.com (BAUDHIK DUDHATRA ) — Sat, 15 Aug 2015 10:18:00 +0000

HOLA VPN

Hola is a peer to peer network that provides everyone on the planet with freedom to

access all of the Web! It works through the community of its users - Hola users help you

to access the web.

Download

JonDo

JonDos publishes a new version of the JonDo-Software, an IP changer and IP anonymization program, that you can use for anonymous surfing in the Internet with high security anonymous proxy servers.

What is JonDo?
JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X.
It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers), the user's anonymity stays protected even against the providers (operators) of the anonymous IP address.

Download

TOR

Tor is very useful for online anonymity, its protect your privacy, defend against a form
of network traffic analysis. Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic
allows others to track your behavior and interests.

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create
new communication tools with built-in privacy features.

Tor to keep websites from tracking them and their family members, or to connect to
news sites, instant messaging services, or the like when these are blocked by their
local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site.