7 Must Have Tools For Every Hacker (Hacking tools)

Its been a while since I have posted about some hacking tools and with increasing number of emails asking

 me to do an  article on it, I finally decided to cover it up.Hacking tools are developed by some really good
 coders out there to ease out many complex tasks which have to be done manually and took painstakingly 
great deal of time and effort.All these tools provided here are free of cost,are tried hands on and are being
 actively developed by community,and if not,their alternatives are provided.To summarize it up, these are 
the 7 must have tools for every hacker out there.

1. Nmap 
I think everyone has heard of this one, Nmap (Network Mapper) is a free open source utility for network 
exploration or security auditing. It was designed to rapidly scan large networks, although it works fine 
against single hosts.Many systems and network administrators also find it useful for tasks such as network
 inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP 
packets in novel ways to determine what hosts are available on the network, what services
 (application name and version) those hosts are offering, what operating systems (and OS versions)

 they are running, what type of packet filters/firewalls are in use,and dozens of other characteristics. It may be 

used to discover computers and services on a computer network, thus creating a “map” of the network.Nmap

 runs on most types of computers and both console and graphical versions are available. Nmap is free and

open source.Can be used by beginners (-sT) or by pros alike (packet_trace). A very versatile tool, once you

 fully understand the results.

Download Nmap

2. Nessus Remote Security Scanner 
Recently went closed source, but is still essentially free. Works with a client-server framework.Nessus is the worlds most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds 
largest organizations are realizing significant cost savings by using Nessus to audit business-
critical enterprise devices and applications.

Download Nessus

3. Wireshark 
Wireshark is a GTK+-based  network protocol analyzer, or sniffer, that lets you capture and interactively browse
 the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and 
to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and
 Windows (with a GUI), easy to use and can reconstruct TCP/IPStreams! .

Download Wireshark

4. Cain and Abel 
The swiss knife of hacking tools..Cain & Abel is a password recovery tool for Microsoft Operating Systems. 
It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords 
using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Download Cain and Abel

5. Kismet 
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with  any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a,
 and 802.11g traffic. A good wireless tool as long as your card supports rfmon

Download Kismet

6. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use
 and has a nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you
 to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

1. Verify that your network is set up the way you intended.
2. Find locations with poor coverage in your WLAN.
3. Detect other networks that may be causing interference on your network.
4. Detect unauthorized rogue access points in your workplace.
5. Help aim directional antennas for long-haul WLAN links.
6. Use it recreationally for WarDriving.

Download NetStumbler

7. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port 
scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest
 you check this out, it’s pretty nice.

Download Superscan

Alternatively, you can try Angry IP Scanner which is a pretty good replacement for it

Read More

Top 5 Websites To Learn How To Hack Like Hackers

Whether you’re a college student, a well experience 

networking trainer or a computer games 

addicted – everyone comes across a situation where we 

make life a lot easier with some type of hacking.Maybe

 you’ve lost the license key that came with your genuine 

anti-virus or games package that you  paid for. Maybe

 you want to make a backup copy of your Favorite'Games,

 DVD Movies, but there is a copy-protection 

encoded into the disk. or May be your stuck on a your favorite online games and you want

 to know if any hacks available to leave up in the game.

In today’s age of computer and Internet technologies, everything is written in one or 

anther programming language. No programmer is perfect – they all make mistakes and always

 there are back door, secret codes and vulnerabilities in any application you come across.

 Believe me if you just following the efforts of active hacking communities or if you learn how

 to hack on your own, it shows you tremendous into the inner-working of your most “Trusted”

 games & software applications.

As we are exploring the hacking world , It should be keep some thing in your mind, there are

 two major type of hackers, we call them “White hat” and “Black hat” (today’s people also

 refereed gray hat which is a middle in black hat & white hat ). “White hat” hackers call themselves as “ethical hackers,” in that they find vulnerabilities and exploit to make the 

application’s programming more secure for everyone. However, there are many hackers 

community who find vulnerabilities to exploit in a application for crack or in server to break

 them and gain illegal access. Now you know what sort of community you may take interest

 to join them. Let’s get on top 5 Hackers communities where you can learn how to hack like 

hackers.

Top 5 Website, Where you can learn How to hack like Hackers

#1.  Hackfourms — Hacking and Market place

The no. 1 hackers communities with 225,405 memeber with 1,514,999 threads. where you can
 even learn computing, coding, Gaming, Graphics, in Market place you can buy code or can
 sell your own code of apps, games, tools, software anything. i recommend you this website
to learn hacking and also you’ll able to find many real hackers there from all over the world.

#2. EvilZone— Hacking and Warez 

It is the second largest Hacking communities and warez fourm with 6,500 members with active
 100,000 post ( old statistics ), likely this forums is very active and help you in any coding help,
 but be care full with “noob” they can’t handle and misguide you so always check reputation,
 position of members.

#3. Hack-a-Day

this website has no competition in amazing information for anyone who is looking for specific categories like gadget, cellphone, GPS devices, digital cameras, you’ll find all categories in right column. Unlike then other websites hack-a-day is more likely based on hardware. it’s dedicated to new, amazing innovation in physical hacking with gadget old hardware in your warehouses.

#4. Hack in the Box
If any website which help you to learn How to hack, this would be hack in the box, hack in
 the box is more about security and ethical hacking, it provide classes and conference , you can subscribe HITB magazine or HITB news from there main website, HITB has 14669
 members with  active 13879 topic and more interesting to learn how to hack.

#5 – Hack this site 

Hack this site is coolest website ever for free programmer training site where you can learn
 how to hack by accepting the different challenges, unlike then other website, hack this
site provide you different level of hacking challenges where you can check your level, it
 is a kind of honeypottype of website.

Hacking level are like mission design by this site designer, you need to carefully read &
 studies all the articles on this site and you have to find out the vulnerabilities of a site and
 attempts to use your new founded hacking skills to hack web page. missions include basic Realistic, application, programming. I’m sure you’ll be earn tittle of professional hackers if
you’re able to figure out how to properly hack the most difficult missions on this site.

Read More

How hackers hack facebook, gmail, yahoo accounts

How hackers hack facebook, 

gmail, yahoo accounts

These are the most common ways how hackers hack facebook, gmail and other accounts 

on social networking sites :

1.Phishing – It is technique in which hacker creates a fake page (login page) of the site. As the user fills his user id and password in the fields the hacker gets them .

2.Keyloggers -Keyloggers are used to record the key strokes typed by the victim. A hacker installs a keylogger in the pc of the victim and gets all the logs of password via mail or physical access .

3.Social engineering – Social engineering is understood to mean the art of manipulating  people into performing actions or divulging confidential information. Here a hacker uses his ability to speak,converse,read minds of people to extract information from them. Kevin mitnick is one hacker who is known to be master in this technique.

Look forward to further articles for details about these techniques. 

Read More

How to Join Anonymous Army?

What to join army? So are you like expecting from me that i will tell you that enrollment forms are out to join The Anonymous ? No, No such news ! And you cannot join anonymous ! In fact no one can !

Anonymous is not an organization,not a club too,nor a party.Anonymous has no ideology,no gurus and no leaders too.

Anonymous are like people who are with each other for a small time to bring do a task,be it good thing or bad.But as soon as that task is complete those people may or may not be together.You can compare them to a group of people traveling small distance together just like the passengers of a bus.

How do people from Anonymous communicate ?

Anonymous are regarded both as Heroes or Villains of cyber world by person to person.And just like every other person members of anonymous also communicate via the social network-,skype,yahoo etc.

How to recognize members of Anonymous ?

Members of Anonymous have no different characteristics.A person you meet or see everyday may be a member of anonymous and you have no idea about it.There is no age,sex,caste,country barrier to be a member of anonymous,anyone and everyone can be a member.All you require to be a member are – Skills !

During public appearances members of anonymous are often seen wearing Masks.

Is it Good or Bad to be a member of Anonymous ?

It is totally up to you ! If you are good you remain good being a member of anonymous too and vice verse !

Being associated with anonymous does not bring you any ”Bad” image as it is often misunderstood by people.

Anonymous group never asks it’s members for their personal information or identity proof.

How many Anonymous are there ?

There are many of them,more than we can think ! And as i had said,they are with each other for short time and they keep on adding every time they are together.

Read More

Top 5 Movies of All Time a Hacker Must Watch

1. Pirates of Silicon Valley : A really good movie I must say which gives your an insight about Bill Gates and Steve Jobs. It tells you about their hard work, curiosity, leadership quality which lead to formation of Microsoft and Apple. The movie also provides us with some facts about the life’s of these two great men and truly and inspiration to a hacker or techie .

2. Firewall : Firewall is a movie which is quite interesting movie which revolves around a family being hijacked and the head of the family being forced to do some work for hijackers. There is a good use of gadgets in the movie.

3. Hackers : A young boy is arrested by the US Secret Service for writing a computer virus and is banned from using a computer until his 18th birthday. Years later, he and his new-found friends discover a plot to unleash a dangerous computer virus, but they must use their computer skills to find the evidence while being pursued by the Secret Service and the evil computer genius behind the virus(source:imdb.com). This movie if a very old one and reveals some old hacking techniques and displays the two sides of hacking culture and perception of government and people too towards hacking.

4. Enemy of The State : A lawyer becomes a target by a corrupt politician and his NSA goons when he accidentally receives key evidence to a serious politically motivated crime. A nice movie which a techie should surely enjoy.

5. The Social Network :  A great movie which tells about the founder of facebook Mr.Mark Zuckerberg and this is a very motivating movie which tells us about the success story of a student who went on to become the youngest Billionaire. Mark initially used hacking to get the pics of girls to make facemash.

Read More

Top 10 Facebook profile hacking Methods!

There are many ways someone can hack Facebook Profile's, and here are the 10 most usual:

1. Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

2. Keylogging

Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3. Stealer's

Almost 80% percent people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealer's are software's specially designed to capture the saved passwords stored in the victims Internet browser.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http (non secure) connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections.

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards WiFi users.

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying software's used to monitor a Cellphone. The most popular Mobile Phone Spying software's are: Mobile Spy, and Spy Phone Gold.

7. DNS Spoofing

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.

8. USB Hacking

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.

9. Man In the Middle Attacks

If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.

10. Botnets

Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of compromised computer. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.

Read More

SKEYE Nano Drone

SKEYE Nano Drone

Meet the SKEYE Nano Drone, measuring just 4.0 x 4.0 centimeter (or 1.57 x 1.57 inch)! An incredible quadcopter, so small it can easily sit on your thumb and fly on precision controlled exercises into the narrowest of nooks! The stylish design looks and performs amazing in flight. Turning cycles, figure of eights, banking turns are simple to achieve. Super stable indoors or even outside on a calm day.

The drone offers three flight modes: Beginners, for those aiming to become proficient at flight basics, Advanced, for those experienced in piloting a craft and an Expert modus. Bright, built-in LEDs make it easy to see the SKEYE Nano Drone in low-light conditions.

Exciting Aerobatics
High thrust, low weight, and incredibly responsive controls allow you to perform amazing maneuvers with just a flick of the sticks. The SKEYE Nano Drone aggressively snaps into forward and backward flips and barrel rolls with lightning speed. It can even make banked turns!

Six-Axis Stabilization
Sophisticated circuitry, piezoelectric gyros, and accelerometers give the SKEYE Nano Drone outstanding stability. Each time you power-on the drone, its smart software calibrates the model for stable flight. Take your hands off the sticks, and it returns to a solid and steady hover. You can even throw it in the air while throttling up and it will automatically stabilize!

A 3.7V 100mAh LiPo battery, USB charging cable, rotor protection guard and 4 replacement rotor blades are also included in the ready-to-fly package. All you need to add are two “AAA” batteries!



Features:
– Throw To Fly
– RTF (Ready to Fly) Technology
– 6-Axis Flight Control System w/ Adjustable Gyro Sensitivity
– Stable & Easy to Fly
– Aerobatic “Flip” Capability
– LED Lights for Night Flights
– 3-Level Adjustable Controller Sensitivity: Beginner, Mid-Level, Expert

Specifications:
– Gyro: 6-Axis Gyro
– Frequency: 2.4GHz
– Channels: 4
– Battery: 3.7V 100mAh
– Flight time: ~7-8 minutes
– Charging time: 30 minutes
– Controller Battery:2 x AAA (Not Included)
– Remote-controlled Distance: Up To 50m
– Weight: 11.9 gram (0.42 ounce)
– Dimensions: 4.0 x 4.0 x 2.2 cm (1.57 x 1.57 x 0.87 inch)

Read More

Found Clickjacking Vulnerability at Login Page

 I found Clickjacking Vulnerability at Login Page                                                                                                                     

Vulnerability Type : Clickjacking                                                                                                                                               

Two links are vulnerable to clickjacking .....Login page                                                                                                                                                                

https://auth.api.sonyentertainmentnetwork.com/login.jsp                            

https://www.oriss.ap.sony.com/Admin/Login.aspx

Vulnerability Description :

Typically there is one type of attack - cross site request forgeries (CSRF)

that can interact with functions on other websites.

Clickjacking (User Interface redress attack, UI redress attack, UI redressing)

is a malicious technique of tricking a Web user into clicking on something different 

from what the user perceives they are clicking on, thus potentially revealing confidential

information or taking control of their computer while clicking on seemingly innocuous web pages.

The server didn't return an X-Frame-Options header which means that this website could be at

risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate

whether or not a browser should be allowed to render a page in a  or                                

2.save it as .html eg sony.html

3.and just simply open that..             

          

As far as i know this data is enough to prove that your site is vulberable to Clickjacking..                                                  

according to OWASP its more than enough..

https://www.owasp.org/index.php/Testing_for_Clickjacking_(OWASP-CS-004)

Solution -->>                                                                                                                                                                                                                                                                                                                                                                                                               

https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet                                       

check this out..here is the solution for that...                                                                                                                                                

Read More

Mark Zuckerberg Meets Modi

On his maiden trip to India, Facebook co-founder and one of the world’s youngest billionaires Mark Zuckerberg on Friday called on Prime Minister Narendra Modi to discuss digital expansion in the country.

Zuckerberg, who arrived here on Thursday, met Modi this evening but neither the Prime Minister’s Office nor Facebook disclosed details of the meeting.

Facebook will extend help in developing the Clean India Mobile App that would be launched soon.

PM Modi discussed with him the use of social media in checking terror activities and a host of other issues.

Zuckerberg, who called on the Prime Minister, expressed his interest in working with the government in the areas of healthcare and education.

PM  pointed out that lots of terrorist elements are using social media platforms to recruit members, according to an official statement.

“This is unfortunate and we need to think of the role the social media can play to stop terror,” Modi said.

Facebook will extend help in developing the Clean India Mobile App that would be launched soon.

“This would give a strong impetus to the Swachh Bharat Mission,” the statement said.

They discussed a wide range of issues revolving around the innovative use of Facebook as a platform to engage with a large audience in the service of humanity, the statement said.

They also talked about the Digital India initiative and the Prime Minister asked Zuckerberg to identify some domains of Digital India where Facebook can get involved and help.

Facebook chief said that he is extremely excited about the Digital India initiative of the Government of India.

Modi recalled how he used social media during campaigns such as tracking the missing children, during his tenure as Chief Minister of Gujarat and how it gave wonderful results.

The Prime Minister appealed to Zuckerberg to promote India’s rich tourism potential through Facebook.

He asked Facebook to look at how to enhance Internet literacy along with Internet connectivity.

Earlier in the day, he had also met Telecom and IT Minister Ravi Shankar Prasad.

Zuckerberg is the third high profile CEO of a US-based firm, after Amazon’s Jeff Bezos and Microsoft’s Satya Nadella, to visit India in last few days.

On Thursday, while addressing media persons, Zuckerberg had said he wanted to discuss the role Facebook can play in connecting villages and understand Modi’s Digital India vision.

“One of the things I am really excited about is that the PM has this whole Digital India initiative. We can’t create connectivity around the world just by ourselves, we are trying to work with operators, governments. I am mostly interested in hearing and learning about how we can help. I believe there are certain things that Facebook can uniquely bring,” he had said.

Stressing on the importance of connectivity, Zuckerberg had said while India has about 243 million Internet users and have 100 million plus Facebook users, there are over a billion people in the country who do not have access to the net.

Read More