Thursday 17 December 2015
Wednesday 16 December 2015
Wi-Fi Hacking - Cracking WEP, WPA, WPA2-PSK
Wifi hacking is something which everyone wants to learn, so that we can just crack passwords of Wifi signal from our neighbors and access internet for free.
Here are some videos which you should watch to learn wifi hacking.
Here are some videos which you should watch to learn wifi hacking.
WEP CRACKING STEP BY STEP
WPA/WPA2 CRACKING USING REAVER
CRACKING WPA/WPA2 PSK - Vivek Ramachandran
Subdomain Takeover by claiming expired domains
On many websites it was seen that the DNS entries contains bucket to aws S3 which is not taken or has expired which allows an attacker to claim the bucket and this host malicious page on sub domain legitimate site.
For example:
Here media.vine.co is legitimate site with sub domain media which is pointing to vines bucket in aws S3. So now if this vines.s3.amazonaws.com is not claimed by the site owner and still present in DNS record of vine.co then this can lead to sub domain takeover.
Some POC's
How to fix:
Just remove all those DNS entries which are active and unused or pointing to external services which you do not support anymore.
Read more at Detectify
For example:
media.vine.co is an alias for vines.s3.amazonaws.com.
Here media.vine.co is legitimate site with sub domain media which is pointing to vines bucket in aws S3. So now if this vines.s3.amazonaws.com is not claimed by the site owner and still present in DNS record of vine.co then this can lead to sub domain takeover.
Some POC's
VIMEO - status.vimeo.com CNAME hosted.statuspage.io.
Twitter - media.vine.co CNAME vines.s3.amazonaws.com.
How to fix:
Just remove all those DNS entries which are active and unused or pointing to external services which you do not support anymore.
Read more at Detectify
Tuesday 15 December 2015
PS4 Jailbreaking Confirmed by Hackers on Twitter
Hackers has posted on social media that they have found the way to jailbreak the SONY PlayStation 4 (PS4). The hacker named "CTrut" confirmed on twitter.
This kernel exploit works PS4 till version 1.76
Directory Listing: Hackers can steal data stored on your server
How to download movies, songs, games and software for free by using google. There are some google dorks which can expose your paid content directly to hackers or anybody for free.
Google dorks:
intitle:index.of./"Interstellar" (mp4|avi|mkv|wmv)
intitle:index.of./software
intitle:index.of./games
intitle:index.of./songs (mp3|wav|aac)
or suppose you are looking for Call of Duty
intitle:index.of./ "Call of Duty"
As seen above, you can directly mention the keyword in double quotes, it can be song title, movie name, software name, etc.
Google dorks:
intitle:index.of./"Interstellar" (mp4|avi|mkv|wmv)
intitle:index.of./software
intitle:index.of./games
intitle:index.of./songs (mp3|wav|aac)
or suppose you are looking for Call of Duty
intitle:index.of./ "Call of Duty"
As seen above, you can directly mention the keyword in double quotes, it can be song title, movie name, software name, etc.
Friday 11 December 2015
List of Hacking Movies and TV Series
Here is the list of hacking movies and TV series.
Click Here for complete list of movies on hacking and computers.
Movies:
1. The Matrix (1999) (8.7/10 IMDB)
2. The Italian Job (7/10 IMDB)
3. Swordfish (2001) (6.5/10 IMDB)
4. Who Am I – No System Is Safe (7.6/10 IMDB)
5. Live Free or Die Hard (7.2/10 IMDB)
TV Series:
1. Arrow (TV Series 2012) (8.1/10 IMDB)
When presumed-dead billionaire playboy Oliver Queen returns home
to Starling City after five years stranded on a remote island in the
Pacific, he hides the ways the experience has changed him. Arrow has received generally positive reviews from critics, and was the CW's highest-rated new series in five years. The series averaged about 3.68 million viewers over the course of the first season, and has received three awards and multiple nominations.
2. Person of Interest (TV Series 2011)
Person of Interest is an American science fiction crime drama television series created by Jonathan Nolan that premiered on September 22, 2011, on CBS. It stars Jim Caviezel as John Reese, a former CIA agent who is presumed dead. He is approached by a mysterious billionaire named Harold Finch (Michael Emerson) who is trying to prevent violent crimes before they happen by using an advanced surveillance system dubbed "The Machine", which turns out to have evolved into a sentient AI.
Click Here for complete list of movies on hacking and computers.
Movies:
1. The Matrix (1999) (8.7/10 IMDB)
2. The Italian Job (7/10 IMDB)
3. Swordfish (2001) (6.5/10 IMDB)
4. Who Am I – No System Is Safe (7.6/10 IMDB)
5. Live Free or Die Hard (7.2/10 IMDB)
TV Series:
1. Arrow (TV Series 2012) (8.1/10 IMDB)
When presumed-dead billionaire playboy Oliver Queen returns home
to Starling City after five years stranded on a remote island in the
Pacific, he hides the ways the experience has changed him. Arrow has received generally positive reviews from critics, and was the CW's highest-rated new series in five years. The series averaged about 3.68 million viewers over the course of the first season, and has received three awards and multiple nominations.2. Person of Interest (TV Series 2011)
Young, anti-social computer programmer Elliot works as a cybersecurity engineer during the day, but at night he is a vigilante hacker. He is recruited by the mysterious leader of an underground group of hackers to join their organization. Elliot's thought process seems heavily influenced by paranoia and delusion. He connects to people by hacking them, which often leads him to act as a cyber-vigilante.
Friday 20 November 2015
History of websites - Internet Way Back Machine
How to view and access any website on past date.
The Internet Way Back Machine(http://archive.org) allows you to visit any website on past date for which it has captured snapshot. This allows you to access old data which may not be present website on date.
Go to back date and see how was your favourite website looks like.
Find IP address or Network owned by any company
How to find IP addresses or IP Network of any company.
APNIC- https://www.apnic.net/
ARIN- https://whois.arin.net
APNIC- https://www.apnic.net/
ARIN- https://whois.arin.net
Email Tracking - Get Notified when receiver reads your email
How to get notification when the receiver opens or reads email you sent using your email address registered on READNOTIFY(www.readnotify.com).
How to Send Self Destructive emails
How to send self destructive emails from your email address registered on READNOTIFY(www.readnotify.com).
Just add (dot)selfdestructive.readnotify.com after receiver's email address.
This email expires after 60 seconds.
Wednesday 11 November 2015
How I hacked your Facebook Account - Password Stealing
How many times we let somebody to work on our computer. When your best friend asks for it, you can't refuse.
So here is how he can steal your Facebook password, gmail or google account password, passwords of banking sites.
So here is how he can steal your Facebook password, gmail or google account password, passwords of banking sites.
DO NOT Save password in your browser, Nothing is secure, even the master password can be cracked.
Saturday 7 November 2015
virustotal: Scan file and URL with multiple antivirus in one go
Scan downloaded file on "virustotal[dot]com" with multiple antivirus engine in one go without installing it on your system.
Check if the download link or any webpage is malicious by URL Scan.
https://www.youtube.com/watch?v=5hKocX5lmmc
Email Spoofing - Stop trying to crack his password
Email spoofing is sending email by changing the FROM email to any email address that doesn't belong to you. The victim thinks the mail has arrived from spoofed id, but actually you sent it. No need to hack or crack his email account. Send email from your friends email id to any email address without hacking his account.
website: emkei[dot]cz
It is being detected as Spam by Google, but it may work on your school/college/company email address.
https://www.youtube.com/watch?v=LEVe0zHW0fE
website: emkei[dot]cz
It is being detected as Spam by Google, but it may work on your school/college/company email address.
https://www.youtube.com/watch?v=LEVe0zHW0fE
Monday 2 November 2015
Google Hacking - Online Camera Hacking
Using Google Hacking database(GHDB) to find online camera which may include security camera, traffic monitoring camera, etc. This uses specially crafted google search keyword also known as google dorks to find unsecured online camera or IP cams.
This is not actually camera hacking, but here we are accessing various camera available on internet which doesn't restrict anonymous users.
This is not actually camera hacking, but here we are accessing various camera available on internet which doesn't restrict anonymous users.
Check out other videos: https://www.youtube.com/user/learnsecurityvideos/videos
Tuesday 20 October 2015
Exploiting DNS Zone Transfer
Exploit DNS Zone Transfer Vulnerability to find out internal domains and Network Information like webserver, dns servers, mail servers, etc.
My Channel :https://www.youtube.com/user/learnsecurityvideos
My Channel :https://www.youtube.com/user/learnsecurityvideos
Subscribe to:
Posts (Atom)