PC-ROM

Some Nokia Secret Codes

2013-12-11T01:01:00.001-08:00

Some Nokia Secret Hack Codes

Hey friends, today i will share with you some Nokia hack codes. These codes provide some interesting and unique information to Nokia Phone users, some of these codes unlock hidden functions. Secret hacks code are mainly beneficial in knowing your device properly. What else you can do just from calling and messaging from your mobiles.

Universal Nokia Hack Codes:

These are called universal because these hack codes works on almost all Nokia mobile phones.

*#06# Displays the IMEI (Standard GSM command, works on all phones)

Information you get from the IMEI-

XXXXXX XX XXXXXX X

TAC FAC SNR SP

*TAC = Type approval code

*FAC = Final assembly code

*SNR = Serial number

*SP = Spare

*#0000# Displays the firmware version and date

Information you get from the Software revision-

V 6.1.0.5

18-12-10

NSE-3

*1ST Line = Software revision

*2ND Line = The date of the software release

*3RD Line = Phone type

*#92702689# *#war0anty# Here you can view the S/N and the IMEI as well as the life timer (newer models). The date the phone left the factory and the date it was purchased. If your phone has been repaired the date of the repair is also visible. You will need to turn the phone off to exit this menu. Newer phones simply require you to press ok.

NOKIA 40 SERIES CODES

The following codes are specific to older series Nokia(40 series) Mobile phones:

Entering the following codes will restart the phone.

Note: If main code doesn't work try the alternate one given in brackets for each code. As on some devices standard code works and in some alternate only might work.

*4720# (*hra0#) Activates Half Rate, Half Rate is 5.6kbit/s and uses half the bandwidth at the cost of call quality. Network operators often activate half rate on overloaded towers during peak times to save costs.

#4720# (#hra0#) Deactivates Half Rate

*3370# (*efr0#) Activates Enhanced Full Rate, EFT attempts to match wire quality. The calls are 12.2kbit/s and are not supported by all operators. It is compatibale with the hightest AMR mode.

#3370# (#efr0#) Deactivates Enhanced Full Rate

*#746085685# (*#sim0clock#) Display the SIM clock status

SPECIFIC PHONE CODES

The following codes are phone specific or phase related.

*#7220# (*#pca0#) Activate the GPRS PCCCH support (Packet Common Control Channel)

*#7230# (*#pcd0#) Deactivate the GPRS PCCCH support

*#7760# (*#ssn0#) Display the manufacturing serial number

This only works on the 3310 and 3330:

*#67705646# (*#opr0logo#) Clear the operator logo, the logo will be reset to the default network operator logo.

NOKIA 60/80 SERIES CODES

The following codes work on newer series 40 & series 60/80 phones:

*#2820# (*#bta0#) Display the Bluetooth MAC address (Phone must have a built in bluetooth adapter)

*#7370925538# (*#res0wallet#) Reset the mobile wallet (Phone must have the mobile wallet feature)

*#7370# (*#res0#) Soft-format the memory (Symbian)

*#7780# (*#rst0#) Reset to factory defaults, confirmation required (also known has a Hard-format), all phone contents will be wiped clean including contacts and sms if they are stored on the phone.

#From the hackingloops

How To Search On Google Like Elite Hackers

2013-12-10T16:02:00.001-08:00

Learn To Use Google Like An Elite Hacker

People think Google's popularity is because its simple and fast searching interface but friends, its more popular because it has rich operators and query support that will make your searching experience even better.

Without wasting much time lets get started

Google operators:

Google operators are classified into two basic categories:

1. Basic Google Operators like and, or, not etc.

2. Advanced google operators like inurl, intitle etc.

I am also including bonus search queries that are extremely useful for hackers.

Basic Google Operators:-

1) And (+) :- This operator is used to include multiple terms in a query which is to be searched in google.

example:- if we type "hacker+yahoo+science" in google search box and click search, it will reveal the results something which are related to all the three words simultaneously i.e. hacker, yahoo and science.

2 ) OR (|) :- The OR operator, represented by symbol( | ) or simply the word OR in uppercase letters, instructs google to locate either one term or another term in a query.

3) NOT :- It is opposite of AND operator, a NOT operator excludes a word from search.

example:- If we want to search websites containing the terms google and hacking but not security then we enter the query like "google+hacking" NOT "security".

Advanced Operators:-

1) Intitle :- This operator searches within the title tags.

Description:- intitle:hacking returns all pages that have the string "hacking" in their title.

intitle:"index of" returns all pages that have string "index of" in their title.

Similar operator:- "allintitle".

2) Inurl :- Returns all matches, where url of the pages contains given word.

Description:- inurl:admin returns all matches, where url of searched pages must contains the word "admin".

Companion operator:- "allinurl".

3) Site :- This operator narrows search to specific website.

Description : It will search results only from given domain. Can be used to carry out information gathering on specific domain.

example:- site:www.microsoft.com will find results only from the domain www.microsoft.com

4) Link :- This operator allows you to search for pages that links to given website.

example:- link:www.microsoft.com

Here, each of the searched result contains asp links to www.microsoft.com

5) Info :- This operator shows summary information for a site and provides links to other google searches that might pertain to that site.

example:- info:www.yahoo.com

6) Define :- This operator shows definition for any term.

example:- define:security

It gives various definitions for the word "security" in different manner from all over the world.

7) Filetype :- This operator allows us to search specific files on the internet. The supported file types can be pdf, xls, ppt, doc, txt, asp, swf, rtf, etc..

example:- If you want to search for all text documents presented on domain www.microsoft.com then we enter the query something like following.

"inurl:www.microsoft.com filetype:txt"

Other Popular Search Terms

For searching active webcams online:

In Google Search Box type :-

"Active Webcam Page" inurl:8080

Description- Active WebCam is a shareware program for capturing and sharing the video streams from a lot of video devices. Known bugs: directory traversal and cross site scripting.

For accessing the deleted messages on forums:

In Google Search Box type:-

"delete entries" inurl:admin/delete.asp

Description- AspJar contains a flaw that may allow a malicious user to delete arbitrary messages. The issue is triggered when the authentication method is bypassed and /admin/delete.asp is accessed directly. It is possible that the flaw may allow a malicious user to delete messages resulting in a loss of integrity.

For searching personal information of person:

In Google Search box type :-

"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"

Description- This search gives hundreds of existing curriculum vitae with names and address. An attacker could steal identity if there is an SSN in the document.

For searching secret financial spread sheets:

In Google Search box type :-

intitle:"index of" finance.xls

Description- Secret financial spreadsheets 'finance.xls' or 'finances.xls' of companies may revealed by this query.

In Google Search box :-

intitle:"index.of" robots.txt

Description- The robots.txt file contains "rules" about where web spiders are allowed (and NOT allowed) to look in a website's directory structure. Without over-complicating things, this means that the robots.txt file gives a mini-roadmap of what's somewhat public and what's considered more private on a web site. Have a look at the robots.txt file itself, it contains interesting stuff. However, don't forget to check out the other files in these directories since they are usually at the top directory level of the web server!

For locating admin directories of websites:

In Google Search box type :-

intitle:index.of.admin

Description- Locate "admin" directories that are accessible from directory listings.

For searching proxies online:

In Google Search box type :-

inurl:"nph-proxy.cgi" "start browsing"

Description- Returns lots of proxy servers that protects your identity online.

Some Ways To Hack Or Deface Websites Online

2013-12-10T15:18:00.002-08:00

Six Ways To hack or Deface Websites Online

What are basic things you should know before website hacking?

First of all everything is optional as i will start from very scratch. But you need atleast basic knowledge of following things..

1. Basics of HTML, SQL, PHP.

2. Basic knowledge of Javascript.

3. Basic knowledge of servers that how servers work

4. And most important expertise in removing traces otherwise you have to suffer consequences.

You can learn the basics of html, sql, php and javascript from a a good website like:

W3SCHOOLS

And for the fourth point that, you should be expert in removing traces. It will be explained in future articles. So keep reading.. or simply subscribe to my posts..

As we know traces are very important. Please don't ignore them otherwise you can be in big trouble for simply doing nothing. so please take care of this step.

METHODS OF HACKING WEBSITE:

1. SQL INJECTION

2. CROSS SITE SCRIPTING

3. REMOTE FILE INCLUSION

4. LOCAL FILE INCLUSION

5. DDOS ATTACK

6. EXPLOITING VULNERABILITY.

SQL INJECTION

First of all what is SQL injection?

SQL injection is a type of security exploit or loophole in which a attacker "injects" SQL code through a web form or manipulate the URL's based on SQL parameters. It exploits web applications that use client supplied SQL queries.

The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently concatenated into a dynamic SQL command, the malicious code is executed.

CROSS SITE SCRIPTING

Cross site scripting (XSS) occurs when a user inputs malicious data into a website, which causes the application to do something it wasn’t intended to do. XSS attacks are very popular and some of the biggest websites have been affected by them including the FBI, CNN, Ebay, Apple, Microsft, and AOL.

Some website features commonly vulnerable to XSS attacks are:

Search Engines
Login Forms
Comment Fields

Cross-site scripting holes are web application vulnerabilities that allow attackers to bypass client-side security mechanisms normally imposed on web content by modern browsers. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Cross-site scripting attacks are therefore a special case of code injection.

REMOTE FILE INCLUSION

Remote file inclusion is the most often found vulnerability on the website.

Remote File Inclusion (RFI) occurs when a remote file, usually a shell (a graphical interface for browsing remote files and running your own code on a server), is included into a website which allows the hacker to execute server side commands as the current logged on user, and have access to files on the server. With this power the hacker can continue on to use localexploits to escalate his privileges and take over the whole system.

RFI can lead to following serious things on website :

Code execution on the web server
Code execution on the client-side such as Javascript which can lead to other attacks such as cross site scripting (XSS).
Denial of Service (DoS)
Data Theft/Manipulation

LOCAL FILE INCLUSION

Local File Inclusion (LFI) is when you have the ability to browse through the server by means of directory transversal. One of the most common uses of LFI is to discover the /etc/passwd file. This file contains the user information of a Linux system. Hackers find sites vulnerable to LFI the same way I discussed for RFI’s.

Let’s say a hacker found a vulnerable site, www.target-site.com/index.php?p=about, by means of directory transversal he would try to browse to the /etc/passwd file:

www.target-site.com/index.php?p= ../../../../../../../etc/passwd

Will explain it in detail with practical websites example in later sequential classes on Website Hacking.

DDOS ATTACK

Simply called distributed denial of service attack. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. In DDOS attack we consumes the bandwidth and resources of any website and make it unavailable to its legitimate users.

EXPLOTING VULNERABILITY

Its not a new category it comprises of above five categories but i mentioned it separately because there are several exploits which cannot be covered in the above five categories. So i will explain them individually with examples. The basic idea behind this is that find the vulnerability in the website and exploit it to get the admin or moderator privileges so that you can manipulate the things easily.

Note : This Post is For Educational Purpose Only

#From the hackingloops

Tips To Help You Master Programming Faster (Part 2)

2013-12-05T00:20:00.000-08:00

Publish code : If you keep a private journal and write the sentence "The car green is", you may keep writing that hundreds of times without realizing its bad grammar, until you happen to come upon the correct way of doing things. If you write that in an email, someone will instantly correct you and you probably won't make the mistake again. You can speed up your learning 1-2 orders of magnitude by sharing your work with others. Its embarrassing to make mistakes, but the only way to become great is to trudge through foul smelling swamp of embarrassment.

Use Github.: The term version control used to scare the hell out of me. Heck, it still can be pretty cryptic. But version control is crucial to becoming a great programmer. Every other developer uses it, and you can't become a great programmer by coding alone, so you'll have to start using it. Luckily, you're learning during an ideal time. Github has made learning and using version control much easier. Also, Dropbox is a great tool that your mom could use and yet that has some of the powerful sharing and version control features of something like git.

Treat yourself : Build things you think are cool. Build stuff you want to use. Its more fun to work on something you are interested in. Programming is like cooking, you don't know if what you make is good until you taste it. If something you cook tastes like dog food, how will you know unless you taste it? Build things you are going to consume yourself and you'll be more interested in making it taste not like dog food.

Write English : Code is surprisingly more like English than like math. Great code is easy to read. In great code functions, files, classes and variables are named well. Comments, when needed, are concise and helpful. In great code the language and vocabulary is not elitist: it is easy for the layman to understand.

Be prolific : You don't paint the Mona Lisa by spending 5 years working on 1 piece. You create the Mona Lisa by painting 1000 different works, one of them eventually happens to be the Mona Lisa. Write web apps, iPhone apps, Javascript apps, desktop apps, command line tools: as many things as you want. Start a small new project every week or even every day. You eventually have to strike a balance between quantity and quality, but when you are young the goal should be quantity. Quality will come in time.

Learn Linux : The command line is not user friendly. It will take time and lots of repetition to learn it. But again, its what the world uses, you'll need at least a basic grasp of the command line to become a great programmer. When you get good at the command line, its actually pretty damn cool. You'll appreciate how much of what we depend on today was written over the course of a few decades. And you'll be amazed at how much you can do from the command line. If you use Windows, get CYGWIN! I just found it a few months ago, and it is much easier and faster than running virtualized Linux instances.

That's it, go get started !

Invent Your Own Computer Games with Python, 2nd Edition

2013-11-13T17:44:00.001-08:00

Learn to invent your own computer games with python

"Invent Your Own Computer Games with Python" teaches you computer programming in the Python programming language. Each chapter gives you the complete source code for a new game and teaches the programming concepts from these examples. "Invent with Python" was written to be understandable by kids as young as 10 to 12 years old, although it is great for anyone of any age who has never programmed before. This second edition has revised and expanded content, including using the Pygame library to make games with graphics, animation, and sound.

User Reviews

I would highly recommend this book to anyone who wants to learn to program and has no previous experience.

The structure of the book allows you to learn critical programming and pythonic concepts by creating fun games that keep you interested and wanting more.

For starters, each concept that is introduced is explained thoroughly and in a way that is easy to understand.

About the Author

Albert Sweigart (but you can call him Al), is a software developer in San Francisco, California who enjoys bicycling, reading, volunteering, computer security, haunting coffee shops, and making useful software. He is originally from Houston, Texas. He finally put his University of Texas at Austin computer science degree in a frame. He is a friendly introvert, an atheist, a cat person, and fears that he is losing brain cells over time. He laughs out loud when watching park squirrels, which makes people think he's a simpleton. His childhood Nintendo habit led him into programming and all the joys that come of it.

Tips To Help You Master Programming Faster

2013-11-13T17:32:00.000-08:00

Master programming quickly and become an expert.

A lot of you have passion for computers but not a thorough understanding for them, some of you also want to become great coders. I saw this post on the web and I'd like to share it on my blog. I know it will be of great help to you. Let's get started:

Saying 1 : 10,000 hours

There is a saying that it takes 10,000 hours of doing something to master it.

So, to master programming, it might take you 10,000 hours of being actively coding or thinking about coding. That translates to a consistent effort spread out over a number of years.

Saying 2 : No Speed Limit

In that post, Derek Sivers claims that a talented and generous guy named Kimo Williams taught him 2 years worth of music theory in five lessons. You have been learning to program for 2 years, and despite the fact that you've made great progress, your process might be slow and inefficient.

You did not have a Kimo Williams. But now that I know a bit, I'll try and emulate him and help you learn faster by sharing this post.

The Tips

Get Started : Do not feel bad that you are not an expert programmer yet. In 10,000 hours, you will be. All you need to do is start. Dedicate some time each day or week to checking things off this list. You can take as long as you want or move as fast as you want. If you've decided to become a great programmer, you've already accomplished the hardest part (planting the seed). Now you just have to add time and your skills will blossom.

Why Worry : Do not be intimated by how much you don't understand. Computers are still largely magic. There are endless topics in computer science and endless terms that you won't understand. But if you stick with it, eventually almost everything will be demystified. So don't waste time or get stressed worrying about what you don't know. It will come, trust me. Remember, every great programmer at one time had no idea what assembly was, or a compiler, or a pointer, or a class, or a closure, or a transistor. Many of them still don't! That's part of the fun of this subject, you'll always be learning.

Read books : I spent a few hundred dollars on programming books. I bought like 20 of them because I had no idea where to begin. I felt guilty spending so much money on books back then. Looking back, it was worth it hundreds of times over. You will read and learn more from a good $30 paperback book than dozens of free blogs.

Get Mentors : I create websites for small businesses. Sometimes my clients would want something I didn't know how to do, simple things back then like forms. I used to search Google for the answers, and if I couldn't find them, I'd panic! Don't panic. When you get in over your head, ping mentors. They don't mind, trust me. Something that you'll spend 5 hours panicking to learn will take them 2 minutes to explain to you.

Object Oriented : This is the "language" the world codes in. Just as businessmen communicate primarily in English, coders communicate primarily in Object Oriented terms. Terms like classes and instances and inheritance. They were completely, completely, completely foreign and scary to everyone. They'd make you sick to your stomach. Get and read a good book, and slowly practice the techniques, and see how you will totally get it. Soon, you can communicate and work with other programmers.

Here are soon techniques to make your programming studies faster. Stay updated for the Part 2 of this post. Thank you and remember, you too can be a great coder.

Making Games with Python & Pygame

2013-11-09T19:08:00.001-08:00

Written to be understandable by kids as young as 10 to 12 years old.

Making Games with Python & Pygame is a programming book that covers the Pygame game library for the Python programming language. Each chapter gives you the complete source code for a new game and teaches the programming concepts from these examples. This book was written to be understandable by kids as young as 10 to 12 years old, although it is great for anyone of any age who has some familiarity with Python.

User Review

The code in the book is very easy to understand and follow.

All in all, "Making Games with Python and Pygame" is a great book for anyone wanting to begin making their own games.

I would highly recommend this book and have already recommended it to friends interested in programming.

About the Author

Albert Sweigart (but you can call him Al), is a software developer in San Francisco, California who enjoys bicycling, volunteering, haunting coffee shops, and making useful software. He is originally from Houston, Texas. He finally put his University of Texas at Austin computer science degree in a frame. He is an atheist, a cat person, and fears that he is losing brain cells over time. He laughs out loud when watching park squirrels, which makes people think he’s a simpleton.

Hacking Secret Ciphers with Python

2013-11-09T18:35:00.002-08:00

A beginner's guide to cryptography and computer programming with Python

Hacking Secret Ciphers with Python not only teaches you how to write in secret ciphers with paper and pencil. This book teaches you how to write your own cipher programs and also the hacking programs that can break the encrypted messages from these ciphers. Unfortunately, the programs in this book won’t get the reader in trouble with the law (or rather, fortunately) but it is a guide on the basics of both cryptography and the Python programming language. Instead of presenting a dull laundry list of concepts, this book provides the source code to several fun programming projects for adults and young adults.

User Review

This is an excellent Python book that teaches the language through fascinating cryptographic algorithms.

This is a wonderful book both for learning Python and for some cryptography basics. I can't recommend this more. I would suggest this to anyone regardless of programming experience.

I am learning Python and basic ciphers and this fit my needs to a tee.

About the Author

Albert Sweigart (but you can call him Al), is a software developer in San Francisco, California. He is originally from Houston, Texas. He laughs out loud when watching park squirrels, which makes people think he’s a simpleton. His previous books are "Invent Your Own Computer Games with Python" and "Making Games with Python & Pygame".

19 Deadly Sins of Software Security

2013-11-08T17:56:00.000-08:00

Programming Flaws and How to Fix Them

This essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book.

Coverage includes:

Windows, UNIX, Linux, and Mac OS X
C, C++, C#, Java, PHP, Perl, and Visual Basic
Web, small client, and smart-client applications

User Review

I highly recommend this book to software developers and application support.

What you read in these pages go into more detail about each of those issues, but in a very concise, practical, no-nonsense fashion.

The book gives a great overview of software security issues yet at the same time provides granular examples and solutions that can be readily implemented.

About the Authors

Michael Howard is a senior security program manager in the security engineering group at Microsoft Corporation, and a co-author of the award-winning Writing Secure Code. He is a co-author of Basic Training in IEEE Security and Privacy Magazine and a co-author of the National Cyber Security Task Force “Processes to produce Secure Software” document for the Department of Homeland Security. As an author of the Security Development Life cycle, Michael spends most of his time is spent defining and enforcing security best practice and software development process improvements to deliver more secure software to normal humans.

David LeBlanc, Ph.D., is currently Chief Software Architect for Webroot Software. Prior to joining Webroot, he served as security architect for Microsoft's Office division, was a founding member of the Trustworthy Computing Initiative, and worked as a white-hat hacker in Microsoft's network security group. David is also co-author of Writing Secure Code and Assessing Network Security, as well as numerous articles. On good days, he'll be found riding the trails on his horse with his wife, Jennifer.

John Viega discovered the 19 deadly programming flaws that received such press and media attention, and this book is based on his discovery. He is the Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and co-author of Building Secure Software (Addison-Wesley), Network Security with Open SSL (O'Reilly) an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. He is the author or co-author of nearly 80 technical publications, including numerous referred research papers and trade articles. He is co-author of Building Secure Software, Network Security and Cryptography with Open SSL and The Secure Programming Cookbook for C and C++.

How To Crack or Reset BIOS Password.

2013-11-08T04:43:00.000-08:00

The BIOS software is built into the PC, and is the first code run by a PC when powered on ('boot firmware'). The primary function of the BIOS is to set up the hardware and load and start a boot loader. When the PC starts up, the first job for the BIOS is to initialize and identify system devices such as the video display card, keyboard and mouse, hard disk drive, optical disc drive and other hardware. The BIOS then locates software held on a peripheral device (designated as a 'boot device'), such as a hard disk or a CD/DVD, and loads and executes that software, giving it control of the PC. This process is known as booting, or booting up, which is short for bootstrapping.

Bios password is usually used to protect the user's BIOS settings on the computer. If you want to reset the password on the BIOS does not need to bother to connect bateray CMOSnya, with a little trick on the Dos you can reset the BIOS password on it in 2 ways:

1. Clear CMOS

This way I consider the most ancient and most easy to break down the password on the BIOS. The steps are easy, first open the casing cover computer CPU. Then find the bios battery that looks something like the battery just a little more big clock. After the meet and consider the area around the battery there is usually a jumper with 3 pins, 2 pins and 1 pin not connected.

Suppose the three pins with the code 1 - 2 - 3. Connector that connects the initial position usually is 2-3. To reset the bios do I move the position of the plug that connects pins 2-3 to position 1-2 for about 5 seconds. Then plug it back into the starting position (2-3). Try restarting the computer back on, secured the bios password is gone.

If the above looks complicated, is easy to clear cmos by unplugging the BIOS battery and then put it back. But with the consequences of removing the label is the warranty on the battery BIOS.

2. Through DOS

First out of the windows with me restart your computer, start the computer in MS-DOS mode, use the option "Command Prompt Only"

At c: prompt, type: DEBUG

press enter. You will see the sign (-) at the DEBUG prompt, then type:

o 70 2e

at the DEBUG prompt will be displayed as-o 70 2e.

press enter and type:

-O 71 ff

press enter, the last type:

hit enter, then you will get out of the DEBUG prompt and return to the C:> prompt.

Now restart your computer, and see the results.

Metasploit

2013-11-08T04:41:00.000-08:00

The Penetration Tester's Guide

User Review

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit Project

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

Find and exploit unmaintained, misconfigured, and unpatched systems
Perform reconnaissance and find valuable information about your target
Bypass anti-virus technologies and circumvent security controls
Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
Use the Meterpreter shell to launch further attacks from inside the network
Harness standalone Metasploit utilities, third-party tools, and plug-ins
Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond

Gray Hat Hacking "The Ethical Hackers Handbook"

2013-09-26T19:03:00.000-07:00

The Ethical Hackers Handbook, 3rd Edition

Thwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource.

Develop and launch exploits using BackTrack and Metasploit
Employ physical, social engineering, and insider attack techniques
Build Perl, Python, and Ruby scripts that initiate stack buffer overflows
Understand and prevent malicious content in Adobe, Office, and multimedia files
Detect and block client-side, Web server, VoIP, and SCADA attacks
Reverse engineer, fuzz, and decompile Windows and Linux software
Develop SQL injection, cross-site scripting, and forgery exploits
Trap malware and rootkits using honeypots and SandBoxes

User Review

This book was perfect for my class. I was able to find what I needed to help me through it.

Let me start by saying that my background is in enterprise configuration, system configuration and trouble-shooting, and information security policy. With that said I would heartily recommend that anyone working in the IT field would benefit from the lessons and skills which can be learned from this epitome of concise writing. Thank you for a wonderful read full of things which can never be learned to well

About the Author

Allen Harper, CISSP, a retired Marine Corps Major, is the president and founder of N2NetSecurity, Inc., and a faculty member for the Institute for Applied Network Security, He has worked as a security consultant for the Internal Revenue Service and for Logical Security, LLC.

Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and a bestselling author. She was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Jonathan Ness is a software security engineer at Microsoft. He is a member of an Air National Guard unit where he leads network penetration tests against military facilities across the country and helps define the information warfare aggressor mission for the Air Force.

Chris Eagle is a senior lecturer in the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California. A computer engineer/scientist for 25 years, his research interests include computer network attack and defense, computer forensics, and reverse/anti-reverse engineering. He can often be found teaching at Black Hat or spending late nights working on capture the flag at Defcon

Gideon J. Lenkey, CISSP co-founded Ra Security Systems, a network security monitoring and consultancy. He has provided advanced training to the FBI and is the sitting president of the FBI's InfraGard chapter in New Jersey.

Terron Williams, NSA IAM-IEM, CEH, CSSLP, works for Elster Electricity as a Senior Test Engineer with his primary focus on Smart Grid

Noitce : Please leave a comment below telling us what you think about this book.

Python Programming for the Absolute Beginner

2013-09-26T18:05:00.000-07:00

Python Programming for the Absolute Beginner, 3rd Edition

If you are new to programming with Python and are looking for a solid introduction, this is the book for you. Developed by computer science instructors, books in the "for the absolute beginner" series teach the principles of programming through simple game creation. You will acquire the skills that you need for practical Python programming applications and will learn how these skills can be put to use in real-world scenarios. Throughout the chapters, you will find code samples that illustrate concepts presented. At the end of each chapter, you will find a complete game that demonstrates the key ideas in the chapter, a summary of the chapter, and a set of challenges that tests your new found knowledge. By the time you finish this book, you'll be well versed in Python and be able to apply the basic programming principles you've learned to the next programming language you tackle.

User Review

I HIGHLY recommend this book for anyone beginning to learn what programming is all about.

Very easy read and very well written.

Most of the code examples are focused on creating games, which makes it even more fun.

About The Author

Michael Dawson has worked as both a programmer and a computer game designer and producer. In addition to real world game industry experience, Mike earned his bachelor's degree in Computer Science from the University of Southern California. Currently, he teaches game programming in the Game Production Department of the Los Angeles Film School. Mike has also taught game programming to students through UCLA Extension and The Digital Media Academy at Stanford. He's the author of three other books: Beginning C++ through Game Programming, Guide to Programming with Python, and C++

Projects: Programming with Text-Based Games. You can visit his website at www.programgames.com to learn more or to get support for any of his books.

Noitce : Please leave a comment below telling us what you think about this book.

Social Engineering: The Art of Human Hacking

2013-09-25T14:15:00.001-07:00

The Art of Human Hacking

The first book to reveal and dissect the technical aspect of many social engineering maneuvers

From elicitation, pretexting, influence and manipulation all aspects of social engineering are picked apart, discussed and explained by using real world examples, personal experience and the science behind them to unraveled the mystery in social engineering.

Kevin Mitnick—one of the most famous social engineers in the world—popularized the term “social engineering.” He explained that it is much easier to trick someone into revealing a password for a system than to exert the effort of hacking into the system. Mitnick claims that this social engineering tactic was the single-most effective method in his arsenal. This indispensable book examines a variety of maneuvers that are aimed at deceiving unsuspecting victims, while it also addresses ways to prevent social engineering threats.

Examines social engineering, the science of influencing a target to perform a desired task or divulge information

Arms you with invaluable information about the many methods of trickery that hackers use in order to gather information with the intent of executing identity theft, fraud, or gaining computer system access

Reveals vital steps for preventing social engineering threats

Social Engineering: The Art of Human Hacking does its part to prepare you against nefarious hackers—now you can do your part by putting to good use the critical information within its pages.

User Review

Security professionals: If you read only one book in 2011, make it Social Engineering: The Art of Human Hacking by Chris Hadnagy.

This book is excellent, well written and organized in a natural flow.

This book will help you get started!

From the Author: Defining Neuro-Linguistic Hacking (NLH)

NLH is a combination of the use of key parts of neuro-lingusitic programming, the functionality of microexpressions, body language, gestures and blend it all together to understand how to “hack” the human infrastructure. Let’s take a closer at each to see how it applies.

Neuro-Lingusitic Programming (NLP): NLP is a controversial approach to psychotherapy and organizational change based on "a model of interpersonal communication chiefly concerned with the relationship between successful patterns of behavior and the subjective experiences underlying them" and "a system of alternative therapy based on this which seeks to educate people in self-awareness and effective communication, and to change their patterns of mental and emotional behavior"

Neuro: This points to our nervous system which we process our five senses:

Visual
Auditory
Kinesthetic
Smell
Taste

Linguistic: This points to how we use language and other nonverbal communication systems through which our neural representations are coded, ordered and given meaning. This can include things like:

Pictures
Sounds
Feelings
Tastes
Smells
Words

Programming: This is our ability to discover and utilize the programs that we run in our neurological systems to achieve our specific and desired outcomes.

In short, NLP is how to use the language of the mind to consistently achieve, modify and alter our specific and desired outcomes (or that of a target).

Microexpressions are the involuntary muscular reactions to emotions we feel. As the brain processes emotions it causes nerves to constrict certain muscle groups in the face. Those reactions can last from 1/25th of a second to 1 second and reveal a person’s true emotions.

Much study has been done on microexpressions as well as what is being labeled as subtle microexpressions. A subtle microexpression is an important part of NLH training as a social engineer as many people will display subtle hints of these expressions and give you clues as to their feelings.

BackTrack 5 Wireless Penetration Testing Beginner's Guide

2013-09-23T18:23:00.000-07:00

Master bleeding edge wireless testing techniques with Backtrack 5

Written in Packt's Beginner's Guide format, you can easily grasp the concepts and understand the techniques to perform wireless attacks in your lab. Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along. If you are an IT security professional or a security consultant who wants to get started with wireless testing with Backtrack, or just plain inquisitive about wireless security and hacking, then this book is for you. The book assumes that you have familiarity with Backtrack and basic wireless concepts.

User Review

An amazing book. This one wastes no time with a long pre-amble or justifying why you'd need to know how to pen-test; it just tells you what you need to know. You're sniffing wireless traffic right from the start, injecting packets by page 40 or so, and then you're off spoofing MAC addresses cracking WPA (even shared authentication), and doing man-in-the-middle attacks.

The structure and build up of the book is very well laid out and easy to follow.

Very useful and highly recommended "must have" for anyone new to BT5.

About the Author

Vivek Ramachandran is a world renowned security researcher and evangelist. He is the discoverer of the wireless "Caffe Latte Attack" and has delivered presentations in world renowned Information Security conferences such as Defcon and Toorcon in the US. His discoveries and talks have been widely quoted by the International media including - BBC Online, Network World, The Register, Mac World, Computer Online and others.

In 2006, Microsoft declared Vivek as one of the winners of the Microsoft Security Shootout Contest held in India among an estimated 65,000 participants. In 2005, he was awarded a team achievement award by Cisco Systems for his work in the 802.1x and Port Security modules.

He is well known in the hacking and security community as the founder of SecurityTube.net , a free video based computer security education portal which gets an estimated 100,000 monthly visitors.

Vivek is also an accomplished trainer and travels around the world conducting workshops and training sessions for corporates and students. He holds a degree in B.Tech from IIT Guwahati and acts as an adviser to the computer science department's Security Lab.

Post Facebook Status Upside Down

2013-09-23T09:25:00.000-07:00

In this trick, I will share with you a simple facebook status trick. If you want to post something creative or something cool as your facebook status then this trick will let you post any facebook status upside down. Basically this is a website which allows you to flip your text. So lets get started.

How To Do ?

First go to FlipText website by Clicking Here.
Enter you message or text in text area and click on Flip.
Copy the upside down text and paste it in your facebook status or where ever you want to use it.

Enjoy!

Hack and Edit Facebook Login Page Using Browser

2013-09-23T08:42:00.000-07:00

In this post, I am going to teach you how to hack and edit the facebook ligin page using your browser.

First, go to Facebook. It shows the usual login page of Facebook. Now, clear the address from the address bar. Copy and Paste the below code and in your address bar

javascript:document.body.contentEditable='true'; document.designMode='on'; void 0

Make sure that javascript: is present at the beginning of the code or else this trick will not work.

Now press Enter.

When you are done with the previous step, you should be able to edit all the content present on the page. You can Edit/Delete content and texts on the page now.

Don't forget to leave a comment

Violent Python

2013-09-22T20:58:00.001-07:00

A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts.
Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices.
Data-mine popular social media websites and evade modern anti-virus.

User Review

The subject is very fun and interesting and if you are just getting started with Python then what a great way to get started than with this book on grey hat hacking.

These modifications have helped me truly understand the topics presented rather than trying to knock out the book ASAP.

It is well written, packed full of useful information, and presents material in an easy to read method.

About the Author

TJ O'Connor is a Department of Defence expert on information security and a US Army paratrooper. While assigned as an assistant professor at the US Military Academy, TJ taught undergraduate courses on forensics, exploitation and information assurance. He twice co-coached the winning team at the National Security Agency's annual Cyber Defence Exercise and won the National Defence University's first annual Cyber Challenge. He has served on multiple red teams, including twice on the North east Regional Team for the National Collegiate Cyber Defence Competition.

TJ holds a Master of Science degree in Computer Science from North Carolina State, a Master of Science degree in Information Security Engineering from the SANS Technical Institute, and a Bachelor of Science degree in Computer Science from the US Military Academy. He has published technical research at USE-NIX workshops, ACM conferences, security conferences, the SANS Reading Room, the Internet Storm Center, the Army Magazine, and the Armed Forces Journal. He holds expert cyber security credentials, including the prestigious GIAC Security Expert (GSE) and Offensive Security Certified Expert (OSCE). TJ is a member of the elite SANS Red and Blue Team Cyber Guardians.

TJ O'Connor is an active duty Army Major and former faculty member at the United States Military Academy, where he taught courses on forensics, exploitation, and information assurance. He has published research at USE-NIX workshops, ACM Conferences, and spoken at various security conferences, including ShmooCon. He has participated in numerous cyber defence exercises, including winning the National Defence University Cyber Challenge, coaching the winning team at the National Security Agency's Cyber Defence Exercise and working as a red team member of the North east Regional Collegiate Cyber Defence Competition. He has earned the SANS Certifications GIAC Gold certifications in GCFA, GCIH, GSEC, GCIA, and holds other GIAC certifications.

The Mac Hacker's Handbook

2013-09-21T20:44:00.000-07:00

The Mac Hacker's Handbook by Charlie Miller

As more and more vulnerabilities are found in the Mac OS X (Leopard) operating system, security researchers are realizing the importance of developing proof-of-concept exploits for those vulnerabilities. This unique tome is the first book to uncover the flaws in the Mac OS X operating system—and how to deal with them. Written by two white hat hackers, this book is aimed at making vital information known so that you can find ways to secure your Mac OS X systems, and examines the sorts of attacks that are prevented by Leopard’s security defences, what attacks are, and how to best handle those weaknesses.

User Review

The Mac Hacker's Handbook covers a lot of useful technical topics surrounding vulnerability analysis and exploit development for Mac OS X. That said, it doesn't so much teach you directly, as guide your learning. For example, it introduces the use of D Trace on OS X for dynamic analysis. It makes a very good case for D Trace's usefulness in reverse engineering, and for you to go out on your own and learn about it. Its D Trace examples aren't really free standing and require some background that you must get yourself. If the book were to give you the necessary background on every topic it introduces, it would be an enormous tome, and the authors probably would still be writing it.

The Mac Hacker's Handbook is the best reference for Mac-specific attack information that I have found. At 368 pages, it may appear small compared to the typical 750+ page security tome. That's because the authors have done a near-perfect job of sticking to the topic at hand, the Mac. The authors do not succumb to the usual temptation to try and teach assembly language or reverse engineering. Rather, they do an excellent job touching on those topics in an OS X context, and assume the reader has a little background in that area already, or can otherwise keep up. I have done some limited research into the areas of Mac malware and process injection in the past. This book has done a fantastic job of filling in many holes in my knowledge that I hadn't been able to take care of before. Plus, it introduced me to a number of Mac-specific security features I wasn't aware of before. Highly recommended for anyone interested in Mac security.

About the Author

CharlIe Millerwon the second CanSecWest Pwn2Own contest in 2008 and was named one of the Top 10 Computer Hackers of 2008 by Popular Mechanics. Dino Dai Zovi won the first CanSecWest Pwn2Own contest in 2007 and was named one of the 15 Most Influential People in Security by eWEEK.

Hacking: The Art of Exploitation

2013-09-20T09:31:00.000-07:00

The Art of Exploitation, Second Edition

Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, Second Edition introduces the fundamentals of C programming from a hacker's perspective.

The included Live CD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

Program computers using C, assembly language, and shell scripts

Corrupt system memory to run arbitrary code using buffer overflows and format strings
Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
Outsmart common security measures like non-executable stacks and intrusion detection systems
Gain access to a remote server using port-binding or connect-back shell code, and alter a server's logging behaviour to hide your presence
Redirect network traffic, conceal open ports, and hijack TCP connections
Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, Second Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

User Review

This is the second edition of a well known book about hacking and contains a lot about hacking. Jon Erickson has expanded the book from the first edition doubling the number of pages to 450 pages and a Linux based Live-CD is also included.

This book details the steps done to perform buffer overflows on Linux on the x86 architecture. So detailed that any computer science student can do it, and they should. Every computer science student or aspiring programmer should be forced to read this book along with another book called 19 deadly sins of software programming.

About the Author

Jon Erickson has a formal education in computer science and speaks frequently at computer security conferences around the world. He currently works as a cryptologist and security specialist in Northern California.

Hacking Exposed Web Applications

2013-09-20T07:15:00.001-07:00

3rd Edition, Web Application Security Secrets & Solutions

Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource

Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster

See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation
Understand how attackers defeat commonly used Web authentication technologies
See how real-world session attacks leak sensitive data and how to fortify your applications
Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques
Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments
Safety deploy XML, social networking, cloud computing, and Web 2.0 services
Defend against RIA, Ajax, UGC, and browser-based, client-side exploits

Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures

User Review

Gives good basic ideas how to test some applications-- Georgi - Goodreads

The Tangled Web

2013-09-19T15:12:00.000-07:00

A Guide to Securing Modern Web Applications

Modern web applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.

In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:

Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization
Use mordern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing
Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs
Build mashups and embed gadgets without getting stung by the tricky frame navigation policy
Embed or host user-supplied content without running into the trap of content sniffing

For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

User Review

"Thorough and comprehensive coverage from one of the foremost experts in browser security."

--Tavis Ormandy, Google Inc.

About the Author

Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.

The Basics of Hacking and Penetration Testing

2013-09-19T09:53:00.001-07:00

Second Edition: Ethical Hacking and Penetration Testing Made Easy

The Basics of Hacking and Penetration Testing Second Edition. serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. No prior hacking experience is needed. You will learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack and Kali Linux, Google reconnaissance, MetaGooFil, DNS interrogation, Nmap, Nessus, Metasploit, the Social Engineer Toolkit (SET) , w3af, Netcat, post exploitation tactics, the Hacker Defender rootkit, and more.

The book provides a simple and clean explanation of how to effectively utilize the tools and introduces a four-step methodology for conducting a penetration test or hack. You will be provided with the know-how required to jump start your career or gain a better understanding of offensive security. The book walks through each of the steps and tools in a structured, orderly manner, allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases function and relate.

The second edition includes updated information covering Kali Linux as well as focusing on the seminal tools required to complete a penetration test
New tools added including the Social Engineer Toolkit, Meterpreter, w3af and more!
Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases

Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University

User Review

Although this book is ideal for beginners, most security professionals will have been involved with penetration testing during some point in their career. This book is thus an excellent refresher for those of us who fondly recall Nmap, Nessus and Netcat as being the tools of choice for both whitehat and blackhat hackers, but have long-since forgotten the full command-line syntax and would benefit from a refresh. Patrick Engebretson gets the reader involved in the art of hacking from page one and makes this book a fascinating and productive read."--Best Hacking and Pen Testing Books in InfoSecReviews Book Awards

Hackers Underground Hanbook

2013-09-19T08:13:00.002-07:00

Learn How to Hack and What It Takes to Crack Even the Most Secure Systems

The information given in this underground handbook will put you into a hacker's mindset and teach you all of the hacker's secret ways. The Hacker's Underground Handbook is for the people out there that wish to get into the the amazing field of hacking. It introduces you to many topics like programming, Linux, password cracking, network hacking, Windows hacking, wireless hacking, web hacking and malware. Each topic is introduced with an easy to follow, real-world example. The book is written in simple language and assumes the reader is a complete beginner.

User Review

"Although this book is ideal for beginners, most security professionals will have been involved with penetration testing during some point in their career. This book is thus an excellent refresher for those of us who fondly recall Nmap, Nessus and Netcat as being the tools of choice for both whitehat and blackhat hackers, but have long-since forgotten the full command-line syntax and would benefit from a refresh. Patrick Engebretson gets the reader involved in the art of hacking from page one and makes this book a fascinating and productive read."--Best Hacking and Pen Testing Books in InfoSecReviews Book Awards

About The Author

David has been in the security/hacking scene for many years. He currently runs a hacking blog and podcast at http://www.MrCracker.com