Friday, 23 October 2015

ANDROID APPS FOR PENETRATION TESTING


"BY INSTALLING THESE APP'S ON YOUR ANDROID SMART PHONE &  YOU CAN TURN IT INTO A SUPER HACKING DEVICE"


According to Wikipedia-

"A penetration test, or sometimes pentest, is a software attack on a computer system that looks for security weaknesses, potentially gaining access to the computer's features and data."

.
.
.
There are various app for the pen-testing..for android platform. 


1. dSploit (Free)

dSploit is Android network penetration testing suit. It comes with all-in-one network analysis capabilities. So, you can use this app on your Android device and perform network security testing. It has various pre-complied modules to use.
dSploit supports all Android devices and it needs rooted device. If you are newbie, we will never recommend you to use the app if you don’t know how to root your Android device. After rooting your device, you need to install BusyBox Installer. Download BusyBox from Google Play
 Then download the app from the link given below.
 App is available on github: https://github.com/evilsocket/dsploit/downloads
 These are the available modules in the app.
1.       RouterPWN
2.       Trace
3.       Port Scanner
4.       Inspector
5.       Vulnerability Finder
6.       Login Cracker
7.       Packet Forger
8.       MITM


2. Network Spoofer

Network Spoofer is another nice app that lets you change the website on other people’s computer from your Android phone. Open Network Spoofer app and then log onto the Wi-Fi network. Choose a spoof to use with the app then tap on start. This app is considered as a malicious hacking tool by network administrators. So, don’t try on unauthorized networks. This is not a penetration testing app. It’s just to demonstrate how vulnerable the home network is.
Download this app from sourceforge http://sourceforge.net/projects/netspoof/


3. Network Discovery

Network Discovery doesn’t need a rooted device. This app has a simple and easy to use interface. It views all the networks and devices connected to your Wi-Fi network. The application identifies the OS and manufacturer of the device. Thus the app helps in information gathering on the connected Wi-Fi network.


4. Shark for Root

Shark for Root is a traffic sniffer app. It works fine on 3G and Wi-Fi: both network connectivity options. You can see the dump on phone by using Shark Reader that comes with the app. You can also use Wireshark a similar tool to open the dump on the system. So, start sniffing data on your Android device and see what others are doing.

5. Penetrate Pro

Penetrate Pro is for Wi-Fi decoding. It can calculate the WEP/WAP keys for some wireless routers. If you have installed an Antivirus app, it may detect Penetrate Pro app as virus. But this app is a security tool and it will not affect or harm your device.
6. DroidSheep [Root]

DroidSheep is a session hijacking tool for Android devices. This is an app for security analysis in wireless networks. It can capture Facebook, Twitter, and LinkedIn, Gmail or other website accounts easily. You can hijack any active web account on your network with just a tap by using the DroidSheep app. It can hijack any web account.
This app demonstrates the harm of using any public Wi-Fi.
Download this app from here: http://droidsheep.de/?page_id=23


7. DroidSheep Guard

DroidSheep Guard does not require a rooted device. This app monitors Android devices’ ARP-table and tries to detect ARP-Spoofing attack on the network performed by DroidSheep, FaceNiff and other software.


8. WPScan

WpScan is the WordPress vulnerability scanner for Android devices. It is used to scan a WordPress based website and find all the security vulnerabilities it has. WPScan also has a desktop version of the app that is much powerful than the Android app. We know that WordPress is one of the most popular CMS and is being used by millions of websites.
The app was released on Google Play but Google removed the app. The full source code of the app is available from Github. One thing to note that WPScan Android app is not related to the desktop version of WPScan. So, never think it as an official WPScan app.
Download app and source code: https://github.com/clshack/WPScan


9. Nessus

Nessus is a popular penetration testing tool that is used to perform vulnerability scans with its client/server architecture. It also released its mobile app to bring its power on mobile devices. Nessus Android app can perform following tasks.
·         Connect to a Nessus server (4.2 or greater)
·         Launch existing scans on the server
·         Start, stop or pause running scans
·         Create and execute new scans and scan templates
·         View and filter reports
This app was released on Google Play store almost 2 years back by Tenable Network Security. Later Google removed the app from Play store. Now the official link has been removed. So you can try downloading links available on third party websites. But be careful and check the app first.

10. FaceNiff

FaceNiff  requires a rooted Android device. It can sniff and intercept the web sessions over the Wi-Fi. This app is similar to DroidSheep, added earlier in the post. You can also say Firesheep for Android devices. Use of this app may be illegal in your area. So, use it wisely.


11. Network Mapper

Network Mapper is a fast scanner for network admins. It can easily scan your network and export the report as CVS to your Gmail. It lists all devices in your LAN along with details. Generally, the app is used to find Open ports of various servers like FTP servers, SSH servers, SMB servers etc. on your network. The tool works really fast and gives effective results.


12. Router Bruteforce ADS 2

If you are connected to a wi-Fi network and you want to access the router of the network, you can use Router Bruteforce ADS 2 app. This app performs Bruteforce attack to get the valid password of the router. It has a list of default passwords that it tries on the router. Most of the time, the app cracks the password. But you cannot be 100% sure in Bruteforce attack.
It comes with a sample txt file which contains 398 default passwords used in different routers. You can add more passwords in the list. But there is one limitation. This app only works with dictionary file of less than 5 MB. And try it only when you have good Wi-Fi signal. This is an experiment app and the developer also warns users to try at own risk.
Download Router Bruteforce ADS 2 from Google Play:https://play.google.com/store/apps/details?id=evz.android.rbf_ads&hl=en


13. Andosid

AnDOSid is another nice application that can be used to perform DOS attacks from Android mobile phones. It is like LOIC tool for desktop. In the app, you can set target URL, payload size and time difference between two requests. After that click on big GO button to launch DOS attack on a website. It will start flooding target URL with fake request. Use this app if you have a powerful device. Avoid if you have low cost entry level device.

HOW TO RUN LINUX USING PEN DRIVE (STEP WISE)

Hey, In day to day life..many time you feel need of linux system..
so don't worry friends ...i have solution for you...to run linux when every you feel need...without any tension just u have to follows ..some instruction for one time only.
.
.
.
STEPS


  1. INSERT AN USB STICK OR A PEN DRIVE IN RUNNING COMPUTER.
  2. MAKE SURE YOUR PEN DRIVE HAVE MINIMUM 4 GB.
  3. MAKE THE PEN DRIVE BOOT ABLE. (HOW TO MAKE PEN DRIVE BOOTABLE)
  4. NOW INSTALL A SOFTWARE CALLED UNIVERSAL USB INSTALLER 123.(click on the link to download)
  5. CLICK ON THE S/W ICON
  6. CLICK ON "I AGREE"
  7. THEN AN ANOTHER WINDOW IS OPEN
  8. NOW, IN NEW WINDOW
  9. STEP 1- SELECT LINUX DISTRIBUTION 
  10. STEP 2- BROWSE FOR .ISO FILE IN YOUR SYSTEM
  11. STEP 3- SELECT PEN DRIVE
  12. STEP 4- CLICK ON CREATE.
  13. & YOU HAVE DONE 

Friday, 16 October 2015

HOW TO MAKE PEN DRIVE BOOTABLE (step wise)




1.Insert a USB flash drive into a running computer.

2.Open a Command Prompt window as an administrator.

3.type diskpart

4.type list disk

5.type select disk 1

6.type clean

7.type create partition primary

8.type select partition 1

9.type active

10.type format fs=ntfs or format fs=ntfs label="windows" quick

11.type assign

12.type exit

Monday, 21 September 2015

KNOW MORE ABOUT HACKER


Computer security also known as information security or cyber security is mainly associated with computer,internet  & computing devices like computer systems,smart phones,computer network etc.


HACKING-


Hacker is a term used for "a clever programmer", "who tries to break into computer systems."
Hacking is the part of computer science which helps to finding loopholes and exploits in a system or web system.
Technical definition of Hacking is-
Getting an unauthorized access or  entry in someone's digital life or finding loopholes and flaws in a computer system or computer network.


Difference b/w Hacker and Cracker
A hacker is someone who seeks and exploits loopholes and flaws in a computer system or computer network to secure the network.Whereas a cracker is someone who hacks a system for his own benefits and fun.They cause a lot of troubles.


Classification of Hackers

TYPES OF HACKER ON THE BASIS OF KNOWLEDGE

1 ) Script Kiddies
They are the beginners in the field of hacking.These  people are those  who don't even know about  the 'H' of Hacking.They simply use third party tools and follow step by step tutorials to break the security but they don't know what is actually going on.There knowledge about hacking is less or nothing.

2 ) Admins
Most of the hackers fall in this category.They have a good knowledge of hacking.
They also use third party tools available on internet as well as they used their brain & knowledge to access others computers systems.

3 ) Coders
They are the Hacking Gods or legends of cyber world.they are the most dangers hackers. They develop or code their own tool which in turn are used by script kiddies and admins.It takes a lot of hard work,deep knowledge,zeal and enthusiasm to become a coder.


TYPES OF HACKERS ON THE BASIS OF PROFESSION


1 ) White Hat Hackers
They are the good guys in the cyber world.They exploit a computer system or a web server to find loopholes and then they patch those loopholes for good.
They help in stopping the cyber crimes.There is a scarcity of white hat hackers in the IT world.Companies are ready to pay huge amount of money to protect their sites,servers etc.So be one of them.Become a white hat hacker.

2 ) Black Hat Hackers
Here come the bad boys in the cyber world.They are responsible for breaking the system,distributing viruses and malwares. They use their skills for bad purposes like stealing credit card numbers,email id & its password.
I would suggest you not to become a black hat hacker because use your knowledge for a  good purpose.

3 )Grey Hat Hackers
As their name suggests,they stand between white hat hackers and black hat hackers.They are basically white hat hackers but they do bad things just to prove themselves.Most of the hackers fall in this category.




Scopes of HACKERS

Hackers play vital and crucial role in the technical field..As a HACKER you can do the following works as discribed below :-

  • you can work in top level MNC's as security administrator and one of the best thing that you will have control our the whole server system which will be manipulated according to your desire. Which i think in the dream of every HACKER to have full access over something.
  • Now lets see in terms of salary what you will got....???     you will have an addition of 25 to 30% more salary over each and every colleague whit which you are working.
  •  beside going for a privte job you can also apply for government jobs as well. And there you salary will be based on your experience. 

10 AMAZING FACTS ABOUT GOOGLE SEARCH

  • Searching for "zerg rush" creates a search page being eaten by 'O's. Click each O three times to kill it. GO AHEAD...WE'LL WAIT.
  • Felling bored don’t worry google search take care of you ,Just go to Google Images search & search for " Atari Breakout. " …& play the interesting game.
  • Google search helps us to Convert currency. Want to find out how much you REALLY spent in dollars in that pub in US? Well, maybe when you feel better.
  • Google search helps us to find "Graph for (math function)" shows the function plot on your computer screen...(ENJOY YOUR MATHS HOMEWORK)
  • "solve circle/triangle/rectangle/..." similarly solves Geometry problems…IN GOOLE SEARCH.
  • Need to calculate a tip? Just search "calculate tip!"
  • Google present tilt page for your Searching..just type in google search box "tilt" or "askew".
  • A search for "do a barrel roll" or "Z or R twice" will spin the page..
  • Want to see how Google looks in 1998 just Searching for "google in 1998" gives you an old version or look.
  • Google search help you to find distance between cities, . "Books by...", "Songs by....", Set a timer etc.

Thursday, 17 September 2015

HOW TO CHANGE USER ACCOUNT PASSWORD USING CMD

A CMD (command prompt) is an entry point for typing computer commands in the Command Prompt window. By typing commands at the command prompt, you can perform tasks on your computer without using the Windows graphical interface.


step 1- type  " net user " hit enter

step 2- type  "net user (account name) " hit enter

step 3- type "net user (account name) * " hit enter

step 4- type password(it is hidden)


step 5- re type your password 


FOR EXAMPLE- 



Wednesday, 16 September 2015

AMAZING AND COOL TRICKS TO SPEED UP THE INTERNET CONNECTION

THREE AMAZING WAYS TO SPEED UP YOUR SLOW INTERNET CONNECTION

Hey friends , Everyone hates slow internet connection. Everyone wishes to have high speed internet connection but can't afford for every one.
  1. Optimize your Browser
  2.  DNS Servers
  3. Using Command Prompt




1]  Optimize your Browser 

First of all change your browser to boost up your internet speed with updated version of your browser.
And I suggested to use GOOGLE CHROME because it takes  less memory and bandwidth than other browsers.




2] Speed up Internet with Top Public DNS Servers

DNS server is also playing an important role in the increasing your speed of your internet connection.
Just change the DNS server address.

Google:
Preferred DNS server - 8.8.8.8 
Alternate DNS server - 8.8.4.4 

Comodo DNS: 
Preferred DNS server - 8.26.56.26 
Alternate DNS server - 8.20.247.20 

OpenDNS: 
Preferred DNS server - 208.67.222.222 
Alternate DNS server - 208.67.220.220


Steps to perform to speed up internet connection using Public DNS server

Go to Control Panel
Open Network and Sharing Center
Then Open Local Area Connection and select IPV4 and properties



Now Click on Use the following DNS Server addresses and change it with any of above given top public DNS Address and click on OK.
      


You've now boost up your internet connection using Public high speed DNS Server.






3]  Using Command Prompt ( CMD ) to speed up slow internet connection

You can also increase your net speed by entering some commands in your command prompt

Steps to perform to boost internet connection using command prompt
-Open cmd with administrator mode 
-Type following lines in command prompt and hit enter

netsh int tcp show global
netsh int tcp set global chimney=enabled
netsh int tcp set global autotuninglevel=normal
netsch int tcp set global congestionprovider=ctcp 



BEST HACKING TOOLS

Hacking tools can be dangerous, So be careful, handle tools with lots of  care...they can be just as useful tools for a good ethical hacker.




 Hacking tools make hacking quite easy. But , Hackers don’t  depend on hacking tools .These tools make it very simple, but they are nothing unless you have the knowledge about other aspects of hacking as well.





Wireless Hacking:
1. Aircrack-ng
2. Kismet 



Intrusion Detection Systems:
1. Snort
2. NetCop


Port Scanners:
1. Nmap



Encryption Tools:
1. KeePass 
2. OpenSSH
3. Putty
4. OpenSSL
5. Tor
6. OpenVPN



Password Crackers
1. Ophcrack
2. Medusa
3. RainbowCrack
4. Wfuzz
5. Brutus
6. L0phtCrack
7. THC Hydra



Packet Crafting: 
1. Hping
2. Scapy
3. Netcat
4. Socat



Traffic Monitoring: 
1. Splunk
2. Nagios
3. P0f
4. Ngrep



Packet Sniffers:
1. Wireshark
2. Tcpdump
3. Ettercap



Vulnerability Exploitation: 
1. Metasploit
2. sqlmap
3. Social Engineer Toolkit
4. BeEF



NOTE- These tools are pre-installed in kali linux (almost all tools).

Thursday, 10 September 2015

HACKER'S CHOICE : KALI


What is Kali Linux ?


Kali Linux is an operating system used for advanced Penetration Testing and Security Auditing Linux distribution.
Kali Linux is a Debian-derived Linux distribution . It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphael Hertzog are the core developers.

Kali Linux Features

-Kali is a complete re-build of BackTrack Linux,
-More than 600 penetration testing tools included
-Open source Git tree
-Vast wireless device support
-Custom kernel patched for injection
-Secure development environment
-Multi-language
-GPG signed packages and repos
-Completely customizable

Why Kali Linux?


With Kali Linux, hacking becomes much more  easier since you have all the tools (appx 600 pre-installed tools) and other useful tools can be downloaded easily. 
Hacking with kali linux is very simple & without hard work.

  

How to install kali linux in VMplayers





Some Useful Commands

Some frequently used  linux  command line interface(terminal) commands , here are a few that will keep it in your mind.
The default username and password is 'root' and 'toor'.
press 'ctrl'+'alt'+ 't' for open terminal 
Type 'poweroff' in the terminal to shutdown. 
apt-get command can be used to install tools and updates. 
apt-get update and apt-get upgrade will update all the programs installed on your machine. 




Monday, 7 September 2015

NEW WAY OF PROGRAMMING WITHOUT SEMICOLON



// PROGRAMING WITHOUT SEMICOLON

THERE ARE MANY WAYS TO WRITE A SIMPLE PROGRAM...BUT NOW I AM GOING TO TECH YOU A NEW WAY OF PROGRAMMING ...THAT IS WITHOUT USING SEMICOLON



1- FOR DEV C++ COMPILER


#include<stdio.h>
#include<conio.h>
int main()
{
if(printf("Hello world \n  i m somesh sah... \n ENJOY PROGRAMMING"))                    
{
}
}



2-FOR OTHER COMPILER


#include<stdio.h>
#include<conio.h>
void main()
{
if(printf("Hello world \n  i m somesh sah... \n ENJOY PROGRAMMING"))                    
{
}
}







FOR MORE UPDATES LIKE MY FACEBOOK PAGE -CLICK HERE

Wednesday, 2 September 2015

COMMON WAYS TO CRACK SOMEONES PASSWORD



1. BruteForce Attack

Any type of password can be cracked by using Brute-force attack. Brute-force attacks try every possible combinations of numbers, letters and special characters until the right combination is matched. It is an long time process (time tacking process) depending upon difficulty of combination.


2. Social Engineering

Social engineering is process of manipulating someone to trust you and get information from them. It is similar to phishing


3. Rats And Keyloggers

In keylogging or RATing the hacker sends keylogger or rat to the victim. This allows hacker to monitor every thing victim do on his computer. Every keystroke is logged including passwords. More ever hacker can even control the victim’s computer.


4. Phishing

Phishing is the most easiest and popular way of hacking used by hackers to get someone account details. In Phishing attack hacker send fake page of real website like yahoo mail, gmail to victim. When someone login through that fake page his details is send to the hacker. This fake pages can be easily created and hosted on free web-hosting sites.


5. Guessing

This seems simple but very effective and easily help you to get someones password within seconds. If hacker knows you, he can use information he knows about you to guess your password.
For safety …don’t use simple passwords like your name, sir name,date of birth ,phone number etc.  

Sunday, 30 August 2015

FASTEST WAY TO LEARN HACKING


INTRODUCTION FOR HACKER

Hacker is a term used for "a clever programmer", "who tries to break into computer systems."
A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it &  who attempts to crack someone else's system or otherwise uses programming or expert knowledge to act maliciously. He refers the term cracker 
·  A person who enjoys learning programming language or system
·  A person who enjoys actually doing the programming rather than just theorizing about it
·  A person capable of appreciating someone else's hacking
·  A person who picks up programming quickly
·  A person who is an expert at a particular programming language or system, as in UNIX hacker.

 NOTE-Hacking is a fascinating field but it definitely isn't easy.

STEPS TO BECAME A HACKER 

Step 1: Learn To Program In C
Step 2: Learn More Than One Programming Language
            (java,Perl,Php,python)
Step 3: Learn UNIX or LINUX
Step 4: Learn Networking Concepts
Step 5: Start Simple: Go Through Tutorials About Hacking
Step 6: Learn Cryptography
Step 7: Experiment A Lot
Some of the things you may need to keep in mind when doing experiments
- Keep a backup before any experiment.
- Start small and have check points.
- Know when to stop.
- Document your progress
- Keep improvising
- Automate repetitive tasks
Step 8:Go Next Level: Write Vulnerability
Step 9: Contribute To Open Source Security Projects
Step 10: Continue Learning And Keep Listening To Security Talks

BASIC CONFIGRATION & TOOLS REQUIRED

  • Know the "LIMIT" of your system
  • install an ANTI-VIRUS
  • VIRTUAL MACHINE
  • SANDBOXIE
  • COMODO firewall
  • VPN (virtual private network)

MORE TOPICS TO CHECK OUT

  • HOW TO STAY ANONYMOUS
  • TROJANS
  • RATS
  • KEYLOGGER
  • PROTECT YOURSELF
  • CHEAT ENGINES 



Tuesday, 25 August 2015

INTRODUCTION TO LINUX


ABOUT LINUX

LINUX IS JUST AN ANOTHER O/S (OPERATING SYSTEM).

IT IS FREE & OPEN SOURCE (OPEN SOURCE MEANS THE SOURCE CODE OF LINUX IS AVAILABLE…YOU CAN MODIFY YOUR LINUX O/S ACCORDING TO YOUR NEED).

IT IS DEVELOPED BY “LINUX TORVALDS” IN 1991…AS A COLLEGE PROJECT.

LINUX IS LEADING O/S ON SERVERS  & OTHER BIG IRONS SYSTEMS SUCH AS MAINFRAME COMPUTERS, (9 OUT OF 10) SUPER COMPUTERS BUT IT IS ONLY 2%-5% USED ON DESKTOP COMPUTERS.

IT IS ALSO RUNS ON EMBEDDED SYSTEMS.

IT IS ALSO RUN ON DEVICE WHOSE O/S IS TYPICALLY BUILT INTO THE FIRMWARE (FIRMWARE IS AN KIND OF SOFTWARE THAT IS INBUILT IN HARDWARE ) 

YOU USE LINUX EVERY DAY, WHETHER YOU KNOW IT OR NOT. OVER 850,000 ANDROID PHONES RUNNING LINUX ARE ACTIVATED EVERY SINGLE DAY 
COMPARE THAT TO JUST 30,000 WINDOWS PHONES ACCORDING TO THE LATEST REPORTS.

 NEARLY 700,000 TELEVISIONS ARE SOLD EVERYDAY MOST OF WHICH ARE RUNNING LINUX. 

EIGHT OUT OF TEN FINANCIAL TRADES ARE POWERED BY LINUX. .

GOOGLE, TWITTER, FACEBOOK, AND AMAZON ARE ALL POWERED BY LINUX (THE SERVER OF ALL THIS IS BASED ON LINUX...). 

 HOW WAS LINUX DEVELOPED TO ACHIEVE ALL OF THIS? UNLIKE OTHER OPERATING SYSTEMS LIKE WINDOWS OR IOS, LINUX IS BUILT COLLABORATIVELY ACROSS COMPANIES, GEOGRAPHIES, AND MARKETS RESULTING IN THE LARGEST COLLABORATIVE DEVELOPMENT PROJECT IN THE HISTORY OF COMPUTING.

TODAY LINUX IS DOMINATING ON


  1. MOBILE DEVICES 
  2. IN THE ENTERPRISE
  3. WEB INFRASTRUCTURE
  4. DATA CENTERS
  5. SUPER COMPUTERS
  6. + MORE

FEATURES OF LINUX

  1. SECURITY
  2. SILENT FEATURE 
  3. FASTER USING BY CL(COMMAND LINE) 
  4. CLI (COMMAND LINE INTERFACE) + GUI (GRAFICAL USER INTER FACE) BASED
  5. POWERFUL COMMANDS LINE (TERMINAL)
  6. RUN ON LOW MEMORY 



WINDOWS SUBSYSTEM FOR LINUX

Microsoft partnered with Canonical (creator of Ubuntu) to bring Linux environment experience in Windows 10. Through Windows Subsystem F...