Skip to main content

Posts

Showing posts from January, 2018

What is a Phreaking ?

A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines. The term is now sometimes used to include anyone who breaks or tries to break the security of any network. Recently, the phone companies have introduced new security safeguards, making phreaking more difficult. Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. The term phreak is a sensational spelling of the word freak with the ph- from phone, and may also refer to the use of various audio frequencies to manipulate a phone system. Phreak, phreaker, or phone phreak are names used for and by individuals who participate in phreaking. The term first referred to groups who had reverse engineered the system of tones used to route long-distance calls. By re-creating thes

What is a Botnet ?

The word Botnet is formed from the words ‘robot’ and ‘network’. Cybercriminals use special Trojan viruses to breach the security of several users’ computers, take control of each computer and organise all of the infected machines into a network of ‘bots’ that the criminal can remotely manage. Bots are one of the most sophisticated and popular types of cybercrime today. They allow hackers to take control of many computers at a time, and turn them into 'zombie' computers, which operate as part of a powerful 'botnet' to spread viruses, generate spam, and commit other types of online crime and fraud. A 'bot' is a type of malware that allows an attacker to take control over an affected computer. Also known as “Web robots”, bots are usually part of a network of infected machines, known as a “botnet”, which is typically made up of victim machines that stretch across the globe Since a bot infected computer does the bidding of its master, many people

What is WebInspect ?

WebInspect is a web application security scanning tool offered by HP. It helps the security professionals to assess the potential security flaws in the web application. WebInspect is basically a dynamic black box testing tool which detects the vulnerabilities by actually performing the attack. After initiating the scan on a web application, there are assessment agents that work on different areas of the application. They report their results to security engine which evaluates the results. It uses Audit engines to attack the application and determine the vulnerabilities. At the end of the scan you can generate a report called ‘Vulnerability Assessment Report’ which would list the security issues in desired format. Using this report, client can fix the issues and then go for validation scanning to confirm the same. HP WebInspect is a commercial tool and you need license to scan a web site. With the trail version you will be permitted to scan only zero.webappsecu

What is ETHERPEEK NX ?

EtherPeek NX allows multiple, simultaneous capture sessions to be active at the same time and from different segments of the network. Multiple capture buffers can be used for a single adapter to separate different types of traffic (ie: TCP/IP into one buffer, NetWare into another). Also, in order to analyze traffic from different network segments, multiple LAN and/or WAN adapters can be used simultaneously. If RMONGrabber is employed, packet data from remote segments can also be accessed. The EtherPeek NX Peer Map is drawn as a vertically-oriented ellipse, able to grow to the size necessary to show all communicating nodes within your network. Reading the peer map is easy: the thicker the line between nodes, the greater the traffic; the bigger the dot, the more traffic through that node. The number of nodes displayed can also be limited to the busiest and/or active nodes, or to any EtherPeek NX filters that may be in use. It also provides over 100 real-time conditions

What is Ettercap ?

Ettercap is a tool made by Alberto Ornaghi (ALoR) and Marco Valleri (NaGA) and is basically a suite for man in the middle attacks on a LAN. It supports active and passive dissection of many protocols and includes many features for network and host analysis. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols.   Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN. It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems including Linux, Mac OS X, BSD and Solaris, and on Microsoft Windows. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols.   Ettercap uses four models:   IP: The packets are filtered based on source and destination. MAC: Packet filtering based

What is Nmap?

Nmap (Network Mapper) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging

What is Telnet ?

Telnet is a user command and an underlying TCP/IP protocol for accessing remote computers. Through Telnet, an administrator or another user can access someone else's computer remotely. On the Web, HTTP and FTP protocols allow you to request specific files from remote computers, but not to actually be logged on as a user of that computer With Telnet, you log on as a regular user with whatever privileges you may have been granted to the specific application and data on that computer. Telnet is most likely to be used by program developers and anyone who has a need to use specific applications or data located at a particular host computer. _________________________

What is SSH File Transfer Protocol ?

SSH File Transfer Protocol (SFTP) is a part of the SSH protocol suite. Sometimes also called the Secure File Transfer Protocol, it provides implements secure file transfers over SSH. It supports the full security and authentication functionality of the SSH protocol, including SSH keys. SFTP can furthermore be used for file sharing, similar to Windows file sharing and Linux NFS. The main difference is that SFTP is secure, and can be used reliably over Network Address Translation (NAT) and the public Internet. SFTP has pretty much replaced legacy FTP as a file transfer protocol, and is quickly replacing FTP/S. It provides all the functionality offered by these protocols, but more securely and more reliably, with easier configuration. There is basically no reason to use the legacy protocols any more. SFTP also protects against password sniffing attacks and man-in-the-middle attacks. _________________________

What is File Transfer Protocol(FTP) ?

The File Transfer Protocol (FTP) is a standard network protocol used for the transfer of computer files between a client and server on a computer network. FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS). SSH File Transfer Protocol (SFTP) is sometimes also used instead; it is technologically different. The first FTP client applications were command-line programs developed before operating systems had graphical user interfaces, and are still shipped with most Windows, Unix, and Linux operating systems. _________________________

What is a localhost ?

In computer networking, localhost is a hostname that means this computer. It is used to access the network services that are running on the host via its loopback network interface. Using the loopback interface bypasses any local network interface hardware. The local loopback mechanism is useful for testing software during development, independently of any networking configurations. For example, if a computer has been configured to provide a website, directing a locally running web browser to http://localhost may display its home page. On most computer systems, localhost resolves to the IP address 127.0.0.1, which is the most commonly used IPv4 loopback address, and to the IPv6 loopback address. _________________________

What is Port (computer networking)

In the internet protocol suite, a port is an endpoint of communication in an operating system. While the term is also used for female connectors on hardware devices (see computer port), in software it is a logical construct that identifies a specific process or a type of network service. A port is always associated with an IP address of a host and the protocol type of the communication, and thus completes the destination or origination network address of a communication session. A port is identified for each address and protocol by a 16-bit number, commonly known as the port number. For example, an address may be 'protocol: TCP, IP address: 1.2.3.4, port number: 80', which may be written 1.2.3.4:80 when the protocol is known from context. Specific port numbers are often used to identify specific services. _________________________

What is an SMTP server ?

The acronym SMTP stands for Simple Mail Transfer Protocol, the procedure behind the email flow on the internet. What happens when you send out an email? The process of email delivery is actually quite similar to classical mail: an organized system takes care of your envelope and through a series of steps it drops it off to your recipient. In this process, the SMTP server is simply a computer running SMTP, and which acts more or less like the postman. Once the messages have been picked up they are sent to this server, which takes care of concretely delivering emails to their recipients. _________________________

Sniffing passwords from same network(Lan) using Cain and Abel tool

First install the tool Cain And Able form here. Download Cain & Abel from tools section Step 1:Please turn off the windows firewall or any other third party firewall so that all the packets are captured efficiently. Step 2:Open Cain and Abel tool Step 3:Goto -> Sniffer Tab and click Configure in the main menu to configure your packet listening adapter. Step 4:Select the appropriate network adapter for your network that you want to sniff the packets for plain-text passwords. And Click Ok. Step 5:Click the Green Adapter icon as shown below. This means that you just configured the adapter and now you are turning it ON. Step 6:Now select the APR tab below as shown and now first click on the right side upper pane area. When you click that area the blue plus (“+”) icon will get enabled. Press that blue plus (“+”) icon. Step 7:This is very interesting step. Now we need to select the router`s IP address and click ok. This means that we want to listen to every packet

What is Cain and Abel ?

Cain and Abel (often abbreviated to Cain) is a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel is maintained by Massimiliano Montoro and Sean Babcock. Download Cain & Abel from tools section. _________________________

What is Domain ?

When referring to an Internet address or name a domain or domain name is the location of a website. For example, the domain name  points to the IP address 45.79.151.23, but it is generally easier to remember a name rather than a long string of numbers. A domain name can be a maximum of sixty-three characters with one character minimum, and is entered after the protocol in the URL The first Internet domain name 'symbolics.com'' was registered by Symbolics, a Massachusetts computer company on March 15, 1985. _________________________

How to Connect Two Computers Via Crossover Ethernet Cable?

In this tutorial we are going to show you how to transfer data from one computer to another. We need to PC/Laptop and a crossover cable to transfer data. PC 1 Step1: Go to “Open Networking and Sharing Center“. Step2: Click on “Local Area Connection“. Step3: Now click on “Properties“. Step4: Double click on “Internet Protocol Version 4(TCP/IPv6)“. Step5: Click on “Use the following IP address:” and enter the IP address: as 192.168.1.1 and just give a click onSubnet mask. Once done click “Ok” and close it.   PC 2 Step1: Go to “Open Networking and Sharing Center“. Step2: Click on “Local Area Connection“. Step3: Now click on “Properties“. Step4: Double click on “Internet Protocol Version 4(TCP/IPv6)“. Step5: Click on “Use the following IP address:” and enter the IP address: as 192.168.1.2 and just give a click onSubnet mask. Once done click “Ok” and close it. Now  two computers are connected. To share files we need to give access to our drives, so follow the c

What is Doxing ?

Doxing simply refers to the process of gathering or deducing other people’s information such as name, age, email, address, telephone number, photographs etc. using publicly available sources such as the Internet. In other words, doxing is the act of using the Internet to search for personal details about a person. Doxing is done by initially taking a piece of information (such as “name” or “email address”) and keeping it as a base to find out other possible details about the person.   The term “doxing” is derived from the word “document tracing” which means to retrieve documents about a particular person or company in order to learn more about them. _________________________

What is WireShark ?

Wireshark is a free and open source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. It is used for networking troubleshooting, Malware analysis and education. Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets; it runs on Linux, macOS, BSD, Solaris, some other Unix-like operating systems, and Microsoft Windows. _________________________

List of best ethical hacking / penetration testing tools

Here is list of useful and Best Software tools that helpful in Ethical Hacking and Penetration Testing, Forensics : MetaSploit WireShark NMAP Acunetix Web Security Scanner Maltego IronWASP HconSTF Ettercap _________________________

SHODAN: A Search engine for hackers

Shodan is a search engine that lets the user find specific types of computers (web cams, routers, servers, etc.) connected to the internet using a variety of filters. Shodan provides the simple and powerful searching and it provides it with ease. If you have a basic account then it provides you only the limited number of results. So, if you want to access it more then you have to upgrade it. The premium features of Shodan includes plotting the host locations on maps, accessing the full search listings etc. It also gives you a feature to search using filters. It makes your search even more easier. _________________________

Free Unlimited Calling WorldWide | How to make Prank Calls Trick: Flipcall

Follow the Instructions to use Flipcall:- 1). First of all download Flipcall app from playstore or Click Here   2). Now Signup using your mobile number and you will get $1(Rs 61) for trial purposes..   Note: It will not ask for verification :D. So you can prank your friends also :D ..read at the end of this tutorial how to Prank your friends..   3). Now, What you have to do is, Just make a call to any number.   4). Now you will receive a call in which you will get connected to the number you made the call.   5). Now just Enjoy the 120 minutes of free calling (for India). To get unlimited minutes follow the below steps. _________________________

Step by Step: Building a VPN (Incoming)

Step 1 Click the Start button, and, in the search bar, type Network and Sharing. Step 2 Click Change Adapter Settings in the left-hand menu.   Step 3 Click File, and then New Incoming Connection.   Step 4 Select the users you’d like to give access to and click Next.   Step 5 Click Through the Internet and select Next.   Step 6 Select the Internet Protocol you’d like to use. (The default TCP/IPv4–the line highlighted in the screenshot below–will work fine.)   Step 7 Finally, click Allow access; you’ve now set up an incoming VPN connection. _________________________

Step by Step: Connecting to a VPN (Outgoing)

Step 1 Click the Start button. In the search bar, type VPN and then select Set up a virtual private network (VPN) connection. Step 2 Enter the IP address or domain name of the server to which you want to connect. If you’re connecting to a work network, your IT administrator can provide the best address.   Step 3 If you want to set up the connection, but not connnect, select Don’t connect now; otherwise, leave it blank and click Next.   Step 4 On this next screen, you can either put in your username and password, or leave it blank. You’ll be prompted for it again on the actual connection. Click Connect.   Step 5 To connect, click on the Windows network logo on the lower-right part of your screen; then select Connect under VPN Connection.   Step 6 In the Connect VPN Connection box, enter the appropriate domain and your log-in credentials; then click Connect.   Step 7 If you can’t connect, the problem could be due to the server configuration. (There are different types of

How to Make a Email in seconds?

use these coolest website,if u need a fake email,for any purpose !!! you can go on that and u will get your fake email there .!!! here is a link :-   http://10minutemail.com/   https://emkei.cz/   www.fakemailgenerator.com/   http://www.throwawaymail.com/   en.email-fake.com/   www.fakeinbox.com/   https://mailinator.com/   deadfake.com/   maildrop.cc/   http://www.anonymailer.net/   https://www.guerrillamail.com/   just use these link ;)…and u will get your email…but some of them is only for 10mins…so don’t use this email fo admistrative purpose like in schools,collage,office etc. _________________________

Send Self Destructive Messages

Step 1. First of all open privnote.com in your browser and type your secret message in the box below the line Write your note below. There is no word limit and you can type whatever you want. Click on Show option which is located on the right-hand side down corner. Step 2. Now check the option Notify me when this note gets read there and then enter your valid email address and also a note preference there and then click on the create note button there. You can also set the self-destruct mode, you can set it to auto-self-destruct within 1 to 30 days. Step 3. A link will get generated for your corresponding note copy the link and send it to your friends. You can directly email this created link through Gmail, but manually sending it would be more fun. Step 4. Now when your friends read the message, you will get notified in your respective email and the message will get deleted from the receiver’s device. Isn’t it’s interesting ? _________________________

What does Vulnerability mean ?

Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat. Vulnerabilities are what information security and information assurance professionals seek to reduce. Cutting down vulnerabilities provides fewer options for malicious users to gain access to secure information. Computer users and network personnel can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them. _________________________

What is Spidering ?

Spiders are programs (or automated scripts) that 'crawl' through the Web looking for data. Spiders travel through website URLs and can pull data from web pages like email addresses. Spiders also are used to feed information found on websites to search engines. Spiders, which are also referred to as 'web crawlers' search the Web and not all are friendly in their intent. Spiders and other automated tools are used by spammers to find email addresses (on the internet this practice is often referred to as 'harvesting') on websites and then use them to create spam lists. Spiders are also a tool used by search engines to find out more information about your website, but left unchecked, a website without instructions (or, 'permissions') on how to crawl your site can present major information security risks. Spiders travel by following links and they are very adept at finding links to databases, program files, and other information that you may not

What is Web crawler?

A web crawler (also known as a web spider or web robot) is a program or automated script which browses the World Wide Web in a methodical, automated manner. This process is called Web crawling or spidering.   Many legitimate sites, in particular search engines, use spidering as a means of providing up-to-date data.   Web crawlers are mainly used to create a copy of all the visited pages for later processing by a search engine, that will index the downloaded pages to provide fast searches.   Crawlers can also be used for automating maintenance tasks on a Web site, such as checking links or validating HTML code.   Also, crawlers can be used to gather specific types of information from Web pages, such as harvesting e-mail addresses (usually for spam). _________________________

What is VPN?

A Virtual Private Network (VPN) is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider. Large corporations, educational institutions, and government agencies use VPN technology to enable remote users to securely connect to a private network. A VPN can connect multiple sites over a large distance just like a Wide Area Network (WAN). VPNs are often used to extend intranets worldwide to disseminate information and news to a wide user base. Educational institutions use VPNs to connect campuses that can be distributed across the country or around the world. In order to gain access to the private network, a user must be authenticated using a unique identification and a password. An authentication token is often used to gain access to a private network through a personal identification number (PIN) that a user must enter. The PIN is a unique authentication code that changes accord

What is a Proxy Server ?

A proxy server, also known as a proxy or application-level gateway, is a computer that acts as a gateway between a local network (e.g., all the computers at one company or in one building) and a larger-scale network such as the Internet. Proxy servers provide increased performance and security. In some cases, they monitor employees' use of outside resources. A proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network via another port. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network. Some proxy servers are a group of applications or servers that block common Internet services. For example, an HTTP proxy intercepts web access, and an SMTP proxy intercepts email. A proxy server uses a network addressing scheme to present one organization-wide IP address

What is Ping ?

Ping is a program installed on Windows that is used to test the latency of your connection. The program is text based, which means you have to use text based commands to operate it, much like the early computers from the 70s. Ping is very useful because it is native to your machine so you don't have to download or install any new software to use it. _________________________

Using nbtstat to Find a Computer Name

Have you ever wanted to know what computer belongs to what IP address? This information can come in very handy when trying to troubleshoot network issues or see if there are devices on your network that don't belong there. Just knowing the IP address of a device on your network may not be enough information to figure out what you need to know. Sure you can ping an IP address but that only tells you if there is connectivity. Sometimes you can use the -a switch with the ping command and see if you get lucky and it resolves the IP address to a name. Another command line utility you can use to help you in your quest for finding the computer name associated with an IP address is the DOS command nbtstat to find NetBIOS computer names if you use NetBIOS on your network. Just open a command prompt by going to Start, Run then type in cmd and click OK. Here are the available switches you can use with the nbtstat command. The one you want to use to find the host name associated

How to list computer names on the network through CMD

Open a new instance of the command prompt by hitting the start button, typing CMD and hitting enter. The output of this command is handled by the Net View command, however we are going to be passing in our own parameters to find a computer name.   The syntax is as follows: Net view /i your parameters   By using a pipe ( | ) we can pass our parameters to the find command.   The /i is the ignore case and will ignore case sensitivity when finding your results. _________________________

Find your Host Name and Physical Address using the Windows Command Prompt:

Open the Command Prompt window by clicking on Start > (All) Programs > Accessories > Command Prompt Note: If you do not have access to the Command Prompt, please contact your IT department or someone with administrative rights to your machine to help you locate the information. Type ipconfig /all and press the Enter key. Your Host Name will appear at the top, under the section Windows IP Configuration. Your Physical Address will appear under the section Ethernet adapter Local Area Connection. _________________________

HTTP and HTTPS: What do they do, and how are they different?

In the beginning, network administrators had to figure out how to share the information they put out on the Internet. They agreed on a procedure for exchanging information and called it HyperText Transfer Protocol (HTTP). Once everyone knew how to exchange information, intercepting on the Internet was not difficult. So knowledgeable administrators agreed upon a procedure to protect the information they exchanged. The protection relies on SSL Certificate to encrypt the online data. Encryption means that the sender and recipient agree upon a code and translate their documents into random-looking character strings. The procedure for encrypting information and then exchanging it is called HyperText Transfer Protocol Secure (HTTPS). With HTTPS if anyone in between the sender and the recipient could open the message, they still could not understand it. Only the sender and the recipient, who know the code, can decipher the message. Humans could encode their own documents, but

What is IPv4 and IPv6 -- Internet Protocol Version 4 and 6 ?

IPv4 (Internet Protocol Version 4) is the fourth revision of the Internet Protocol (IP) used to to identify devices on a network through an addressing system. The Internet Protocol is designed for use in interconnected systems of packet-switched computer communication networks,IPv4 is the most widely deployed Internet protocol used to connect devices to the Internet. IPv4 uses a 32-bit address scheme allowing for a total of 2^32 addresses (just over 4 billion addresses). IPv6 (Internet Protocol Version 6) is also called IPng (Internet Protocol next generation) and it is the newest version of the Internet Protocol (IP) reviewed in the IETF standards committees to replace the current version of IPv4 (Internet Protocol Version 4). _________________________

What does IP address stand for?

let’s look at what does IP address stand for; IP address stands for Inter­net Pro­to­col address. An IP address is an address used to iden­tify any device con­nected to the net­work and the inter­net using TCP/IP, these devices can be com­put­ers, smart­phones, tablets, routers, etc. For instance, the num­ber “69.72.169.241″ is an exam­ple of an IP address. These addresses allow data to reach to the pre­ferred des­ti­na­tion on a net­work and the Internet. _________________________

What do WEP and WPA mean?

WEP and WPA (along with WPA2) are names for different encryption tools used to secure your wireless connection. Encryption scrambles the network connection so that no one can listen in to it and look at which web pages you are viewing, for example. WEP stands for Wired Equivalent Privacy, and WPA stands for Wireless Protected Access. WPA2 is the second version of the WPA standard. Using some encryption is always better than using none, but WEP is the least secure of these standards, and you should not use it if you can avoid it. WPA2 is the most secure of the three. If your wireless card and router support WPA2, that is what you should use when setting up your wireless network. _________________________

HOW TO BYPASS OR UNBLOCK BLOCKED SITES:-

Today everyone of us is a part of any college,office or any organization. Everywhere we find free open wifi’s , but the major problem with these are there are many websites which are blocked by the servers of college,ofiice or any organization. There are different type of securities that are implemented in these server to block some sites like Facebook ,Twitter etc. So In this post i’ll tell you easy and permanent method to access or bypass blocked sites Steps To Bypass Blocked Sites-   1. Connect your pc or laptop with wifi or your broadband connection in which you want to access blocked websites.   2. Open command prompt by clicking start and the typing “cmd” and then pressing enter.   4. 3. Now a command prompt window will appear.   5. Type ping Websitename (for exp: ping http://facebook.com) and press enter.   6. Now open your browser and enter the site which you had recently ping.   7.You will see the site will get opens   this is very simple method to easily access