Archive for August 2011

Secure Shell- SSH An Introduction

Network protocol or communication protocol are the set of defined rules and regulation which must be followed by the both parties (Sender and receiver) for effective communication. Network protocols like HTTP, FTP, TCP/IP, SMTP and more, you can get the list of network protocol. So network protocol is very important and now a days security of your information is more important. Use some secure protocol to make your data secure.

Facebook Pays Security Researcher $40,000

Facebook is one of best and most famous social networking website that provides effective platform for home user and for commercial purposes, there are a lot of companies can be find on facebook and they are doing social media marketing on Facebook. Facebook has faced and now facing different challenges with reference to the security and privacy issues.

Slowhttptest - Slow HTTP DoS Vulnerability Test Tool

System has been crashed or server has crashed, have you ever seen or hear this sentence if not than you would seen this very soon. Crash a system or server is not a big deal if an attacker does not find any way to compromise the server than there is a chance to crash the server and make the services unavailable for users. This attack might be a DOS attack or DDOS attack.

DNS Spoofing- Ettercap Backtrack5 Tutorial

Spoofing attack is unlike sniffing attack, there is a little difference between spoofing and sniffing. Sniffing is an act to capture or view the incoming and outgoing packets from the network while spoofing is an act to forging one's source address. In spoofing attack an attacker make himself a source or desire address. This is basically done by using some tricks.

OpenSSL- An Open Source SSL

SSL or Secure socket layer is now a need for transmission from user to server and vice versa, the importance of SSL is not a hidden truth so in this article I will not discuss the basis secure socket layer because it has been discussed on secure socket layer an introduction.

Top 6 Web Vulnerability Scanner Tool

Web site security is very important because the website contain relevant information about a company and now a days website defacement is very common even a script kiddies and a new born hackers can do this. The most common vulnerability like SQL-Injection and cross site scripting lead towards the defacement. 

Agnitio- Security Code Review Swiss Army Knife

What is code review and what actually does it mean? As wikipedia describe that code review is an act to measure and a examination of computer source code to find and fix the mistakes. There are different ways to perform the job static analysis is an act to review a source code without executing the program.

Preyproject- Find Stolen Laptop & Phone

Have you ever faced this situation means have you ever lost your personal digital assistants it could you your Iphone, Laptop and so on. It can be happen with any one and every where is the world, so the question is how to protect and how to get back your stolen Laptop and phone. There are different tools, software's and services available that provides a feature to find your stolen laptop or phone.

Mobile VPN- iOS & Android

Wireless networking has changed the way of networks, mobile devices that has wireless functionality can be found every where in the world,instead of voice communication now people are using their mobile devices for data communication they are using notebooks, PDA (personal digital assistants) for connecting with the Internet while they are moving. 

Grendel Scan Web Application Security Scanner

Web application security scanners are very important in the process of penetration testing, if you want to test your web application from the known and most dangerous vulnerabilities like SQL injection and cross site scripting than you must use some automatic tools that crawls the website and check for the vulnerabilities that can be exploit. 

Anonymous Target San Francisco's Rapid Transit System

Anonymous a hactivist group are creating so much problem for US, as they have claimed to hack facebook on November 5th . Beside it this group has involved on the top level of information security attack like they have released 7.4 GB of data from US law enforcement websites. These activities shows that they are not a kid and they have some values and morals.

IKAT v 5 Released on Defcon 2011

Defcon is one of the best platform for hacker and information security experts, they organize and manage different information security conferences. Defcon basically was started in 1993 and till day defcon is the great platform. At the defcon 2011 conference which ended on Sunday, different security researcher has published their papers and released different tools.

Social Engineering toolkit Tutorial-Backtrack 5

Social engineering also known as human hack, social engineering is an act to manipulate human mind to get the desire goals. Social engineering is a general term and on daily life everyone implement it but usage of social engineering in hacking and penetration testing is little different. The main use of social engineering in hacking is to get the information, maintaining access and so on.

US Officials Hit By Gmail Phishing Attack

According to Google official blog phishing attack targeted "senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists." This is an old story time has changed but the aim of that attackers remain same.Phishing or fake page is a famous in which an attacker use some trick to get the credential information.

Remote Code Execution Vulnerability in BlackBerry Server

Vulnerabilities can be find in on any server and application, even the big companies are not secure you can find vulnerabilities on their servers. BlackBerry, I think there is no need to introduce BlackBerry a high risk vulnerability has been found on BlackBerry Enterprise server components that process images could allow remote code execution.

Theharvester Backtrack 5- Information Gathering Tutorial

Information is a weapon, a successful penetration testing and a hacking process need a lots of relevant information that is why, information gathering so called foot printing is the first step of hacking. An intelligent penetration tester use some intelligent tools and techniques to get the right information on a right time, for social engineering (human hacking) you need relevant information about a person. So the point of this little discussion is to realize the importance of information gathering.

Best Chrome Extensions for Online Security

Google chrome is one of the best and safe web browser that has multiple features and provides security for online browsing, however you must not depends on browser side security you must have some extra extensions and add ons that will enhance your online security and protect your information from hackers

PolarSSL - An Open Source SSL

The importance of secure socket layer is not a hidden truth on the Internet, SSL or secure socket layer provides an extra level of security for the confidential information. Now a days every important websites like E-commerce websites including online transactions are using SSL for user information security. If you dont have any idea about SSL than you can learn secure socket layer from our previous discussion.

Operation Facebook- Anonymous Aims to Destroy Facebook on Nov. 5

The Hackivist group Anonymous that has released the information of US law Enforcement websites and many other activities has been reported by this group. The group anonymous aim to destroy facebook on November 5th 2011. Remember this is not a small group they have previously did different difficult hacking attack on the most secure server. 

SEO Poisoning Attack - What and How

Search engine optimization contains different techniques and tools to improve the visibility of a URL on the web search engine, SEO among social media marketing techniques make sure the visitors to get the right URL and get the right the information. The bad guys may use some black hat SEO techniques to increase the page rank of fake page. Below is the complete discussion on SEO Poisoning attack.

Anonymous Released dump 7.4 GB of US law Enforcement Web Sites

Antisec and Anonymous are the hacker groups that involve in hacktivism activities and they are playing with law enforcement agencies from a long time. Previously they have released different dumps that are related with the high profile companies and organization including government agencies and military information. Anonymous claim Syrian MOD web site defacement before.

Advance SQL Injection Tool - Havij

SQL injection is the biggest threat for web applications, there are so many hackers group on the Internet involve on website defacement. The main bugs on application is SQL error based so that an intruder use some sort of tools and even manual techniques to get the administrator information from database.

Open Invitation for All Hacking Geeks

Ethical hacking (ehacking) is one the best place to learn and practice IT security with different tips and tricks for various operating system and tools. This invitation for all the blogging and IT security geeks who wants to learn, who wants to share and who wants to spread their knowledge and skills with a broad audience.

7 Top Wordpress Security Plugins

Wordpress is one of the best CMS (content management system) that provides effective platform for blogging, millions of bloggers are using wordpress for their blogs because wordpress is open source and provides a lot of different features that makes blogging fun and informative.The best feature that wordpress has is a plugins, you can find different plugins for different purposes like there are some plugins for advertisement, some for comment, guest blogging plug-ins and more. 

Karmetasploit- Backtrack 5 Tutorial

Wireless communication is now become a need of networking, radio signals are unseen but they carry your information on the form of bits by using different modulation techniques. However security is very important for wireless network because it is more vulnerable. As discussed before about wireless security and rogue access point, in this article i will try to cover Karmetasploit.

Tips to Improve Linux Backtrack 5 Performance

If you are using backtrack 5 and having some problems like sound problem, social media software problem, software manager problem and so many more. Some of the blog readers has send a request about these things, if you have used Ubuntu than you must have an idea about tweaks and software manager in Ubuntu. How easy and user friendly Ubuntu is, for backtrack5 you can also do all these stuffs because it is based on Ubuntu.

Volatility-Advanced Memory Forensics Framework

Computer forensic is now an important field of information security, forensic has a broad field of interest. There are different courses and trainings are available to become a certified forensic expert. Tools are the essential part for forensic, there are different tools are available like PTK beside tools you can get a complete Linux distribution for digital forensic use.

Free ISO 27001 Implementation e-Learning Course

Information is very important by any means and for the large and even small organizations information is the key point of success, for this purpose the need of information security is rising and there are a lots of jobs available for information security professionals, beside penetration testing an analyst must have to implement better security policy on the organization to protect the business information.

Backtrack 5 Tutorials

Backtrack is a wonderful Linux distribution that provides advance features and option for the penetration tester to do the job done, Backtrack 5 is the latest version of Backtrack distribution and we have dedicated a section for backtrack5 tutorials.
Backtrack 5 contain a list of tools that would really help in the process of penetration testing, i will update this section on regular basis so keep visiting to learn more backtrack 5 tutorials.