Backtrack is one of the most famous and widely used Linux distribution for penetration testing and ethical hacking purposes, backtrack 5 is the newer version that also has backtrack 5 R1, we have discussed so many tutorials and tricks for backtrack 5 from basic guide to advance usage. There are a lot of peoples from every corner of the world are the visitors of our blog and some of them ask to write some tutorials on Spanish language although it is not possible to full fill all the requirements but I want to share backtrack 5 tutorials in Spanish language.
Archive for October 2011
Facebook, I think there is no need to introduce Facebook as you know that Facebook is the most famous and best social networking website that provides an extra ordinary features to enjoy the social networking life. Security and privacy is always a big threat for these social networking website, there are numerous security guide for Facebook, twitter and Google plus available but the hackers can easily trick and make fool victim to hack their identity and account. There are many vulnerabilities has found on Facebook and many spammers uses it.
SSL or secure socket layer seems to be more secure but what keep in mind there is no security in this world there is only an opportunity, as discussed how to crack SSL on backtrack machine. Now the question how to measure the performance of SSL certificate the problem has been solved because THC just release a tool called THC-SSL-DOS the hacker choice. The hacker choice is a group of German hackers and THC-hydra is good password cracker that has also released by this team.
By Ethical HackingPosted in: BackTrack, EH Tips, Fast-Track, Hacking, Linux, Metasploit, Open Source, Tutorial, Vulnerability
Fast-Track is one of the best and fastest tool that will give an advance feature to make the penetration testing fast and easy, now look what fast-track tag line say “Where its OK to finish in under 3 minutes” So if it is OK to finish under 3 minute than why we waste time. On a previous fast-track tutorial on backtrack 5 we have discussed the command window of fast-track with client side attack, however fast-track has web interface too and it is very to easy to use for both autopwn and client-side attack.
Lulzsec has came did big jobs and out, so this is a quick history of Lulzsec or Lulz security, what they did before is not a hidden truth and most of you also have an idea about the activities of lulzsec in the filed of hacking and cracking. Ethical hacking blog has also discussed the Wiki of lulzsec in which we have discussed the domain of lulzsec.
Well what is the history and mystery behind lulzsec ? The answer will be find in an inforgraphic below.
If you are using WiFi in your home or in your office than you are facing the problems like someone are using your network for surfing the Internet, in simple if someone hack into your network or if you are allow someone to use your network while they are consuming all of the bandwidth now if you want to kick them you can do this. Lets consider an another example if you are using WiFi Internet on your Android phone while you are in public place like in the coffee shop, transportation system and other place and you want to use Internet but the connection is very slow because a lot different people are using the same network (bandwidth).
By Ethical HackingPosted in: BackTrack, EH Tips, Exploit, Linux, Metasploit, Open Source, Pen-Testing, Tutorial, Vulnerability
There are many new user of metasploit (beginner of metasploit) ask use to write a basic introductory article about the basic metasploit command and basic usage of metasploit, however we have shared different advance and mid level metasploit tutorial on backtrack 5 you can learn different commands from these tutorials but here is the list of the best and most common commands that are used in metasploit for different purposes. Later on we will share meterpreter commands as well.
By Ethical HackingPosted in: EH Security, Framework, Hacking, Metasploit, Nmap, Open Source, OpenVAS, Random, Tutorial
Metasploit the database of all the exploits or a master of exploits, there are different tutorials of metasploit are available on Internet some of them are very useful. You can find different tutorials of metasploit with other tools like Nmap, Nessus, Nexpose and OpenVAS and we have also shared different tutorials for metasploit both videos and text based tutorial. This article will not discuss the new tutorial of metasploit but this article is a sort of index page for metasploit tutorial.
By Ethical HackingPosted in: Data security, EH Security, Infography, News, Pen-Testing, Random, Review
Data is a raw form and a raw facts and figure that converts into information (a meaningful data), importance of data is not a hidden truth for a large company to a small company and even for a home user. Data and information is very important regardless that the data is from marketing department, IT department and other. Large organization spend a lot of money to protect their data and information from hackers and crackers, why they spent a money because they know how much important their data is, but how much money required to protect the confidential data and information?
VNC or virtual network computing is a desktop sharing system that uses remote framebuffer protocol for remote access. However there are SSH (secure shell) and telnet to connect remote computer but VNC is desktop sharing system that will allow you to take complete command on a remote operating system. Virtual network computing (VNC) basically has two component one is VNC client (viewer) and the other is VNC server, a VNC software can be act as a client and as a server too. So many VNC client can be connect with a single VNC server at a same time.
Social privacy and social security is one the most common issue that a user is facing and has been faced, however social networking websites has a smart privacy setting and you can control your own privacy. Social networking website like Facebook has just changed their layout and they are going to launch timeline soon, but before anything as a security analyst we must focus on the new layout. What would be the privacy issue? Has Facebook solved the privacy issue? New layout has a strong privacy setting or not?
By Ethical HackingPosted in: BackTrack, Backtrack5, EH Security, EH Tips, Exploit, Hacking, Linux, Metasploit, Nessus, Nmap, Open Source, Pen-Testing, Tutorial, Vulnerability
Nessus the best vulnerability scanner, management and assessment tool and the metasploit the best database, software, program and tool for exploits. They both are the best in their domain but when we connect them to each other there is a extra smartness and purity occur in short we will make a best penetration testing tool for exploit an operating system by using Nessus with Metasploit. However there is a different way to do so and we have shared different methods and tutorials to integrate Metasploit with nessus or vice versa.
Social networking website has changed the way of social life now a days everybody using Facebook, Twitter, Google plus and other social networking website, there are different pros and cons of social networking website but as a penetration tester and ethical hacker aspect we have to discuss about privacy and security issue of a person in social networking website. As discussed about the security of different social networking website this time I will let you know the importance of social networking website in a penetration testing.
By Ethical HackingPosted in: Backtrack5, EH Tips, Hacking, Open Source, SET, SMS spoofing, Social engineer, Spoofing, Tutorial
Mobile communication is now everywhere, mobile hacking is seems to be difficult and a normal user, student and ethical hacker usually don't go towards the mobile hacking field. Mobile hacking is so general word and it contains hacking attack from physical layer to application layer of OSI model. Spoofing attack is not a new attack and you must have heard about IP spoofing, DNS spoofing and SMS spoofing.
Forensic science and specially computer forensic is an important division of information security, incidence response is required against any hacking attack. Computer forensic is another field of interest that is linked with penetration testing because after penetration testing and a lot of security systems (server) might be compromise so forensic is very important to track and to find the way by using a hacker got into the server. So many certifications and tools are available for forensic purposes even backtrack contain a separate section for forensic tools.
By Ethical HackingPosted in: BackTrack, Hacking, Linux, Metasploit, Nessus, Nexpose, Open Source, OpenVAS, Pen-Testing, Tutorial, Vulnerability
Nessus is one of the best vulnerability scanner and vulnerability management but if you are open source lover than you can choose OpenVAS (a vulnerability scanner), Nessus and openVAS are not only a player in vulnerability scanning and management there is another tool for vulnerability scanning called Nexpose. Although Nessus and OpenVAS are available on backtrack 5 and can be integrate with metasploit for the best result, but in some cases we need more results so it is possible to use maximum vulnerability scanning tool in the process of penetration testing and ethical hacking.
If you are not in any social networking website than I really don't whats your life in the Internet, social networking websites has changed the way of communication and social life, facebook is one of the best and common social networking website, but Facebook is not only a single player beside Facebook we have twitter, Google Plus, Hi5, Orkut, Myspace and many more. Security and privacy of a social networking website is very important because an attacker can gather enough information from a social networking websites to launch an attack against you.
Military computers and network seems to be most secure computer infrastructure, government spent millions of dollars to make these network secure because these computers contain the highly sensitive information about any country. Air planes (Air force jet) are now also controlled by a computer and specially Drone (without a pilot) control from the base station by using a computer (obviously) but what if someone hack into these computer, in result an attacker take complete control on these drones.
By Ethical HackingPosted in: EH Security, EH Tips, Linux, News, Pen-Testing, Random, Review, Virtual Machine, Web Security
Penetration testing and ethical hacking is a fast and growing field, there are so many student and learner around the world wants to learn penetration testing and some of them enrolled in different courses like CISSP, CEH and Cisco security. Practice makes a man perfect a famous proverb that is also applicable in the field of information security. So many people are using virtual machines to practice penetration testing but there are different tools and software are also available that give you the feature and learn and practice hacking.
By Ethical HackingPosted in: Backtrack5, EH Tips, Exploit, Hacking, Linux, Metasploit, Open Source, Pen-Testing, Tutorial, Vulnerability, Windows
Metasploit the father of all the exploits is nothing but a database and a great tool that contain exploits for different services for different operating system that can be listen on different ports. Metasploit for remote hacking and metasploit for remote exploits, these are the most important question that most of the people are asking about. We have got different request to write about Metasploit and SET remote exploits or remote hacking so in this tutorial we will look around metasploit remote desktop hacking.
By Ethical HackingPosted in: Android, BlackBerry, Infography, IOS (Apple), Malware, News, Random, Review, Smartphone
Smart phones are now every where and everyone are using it, mobile technology has changed the way of communication. Now a days the most famous smart phones operating systems are Android, iOS, Symbian and Microsoft mobile operating system, mobile devices are now the popular target of the attacks like malware and data theft. There are many tools out there that has been designed to hack a mobile device like there are many applications to hack into Android.
By Ethical HackingPosted in: Aircrack-ng, BackTrack, EH Tips, EH Tools, Hacking, Inverse Wardriving, Linux, Open Source, Pen-Testing, Tutorial, Ubuntu, wardriving, Wireless
WiFi is now become the way for short distance Internet, for long distance we have WiMAX standard but WiFi is very important because you can find WiFi hot-spot everywhere like at the airport, coffee shop and at the educational places. There are so many people out there who are using WiFi at there home and at offices. Cracking a WiFi connection is a essential part of wardriving but for a penetration tester and a ethical hacker WiFi or wireless network security is an important part.
By Ethical HackingPosted in: Cisco, Cisco Career Certifications, EH Security, Guest Post, Network security, News, Random, Review
Cisco the leader among the network solution providers offer different certificate from beginning level to advance level, Cisco offers certificates for IT security person like the Cisco 640-553 IINS (Implementing Cisco IOS Network Security) exam is associated with the CCNA Security certification. This exam covers all the security related issues. The exam tests the candidate's skills and knowledge of implementing, configuring, and securing the Cisco routers, switches, and their associated networks.
Why there is a need for ethical hacking and penetration testing because there is a hacking for anti hacking is a basic need, but from where and how the term hacking started ? We can say that the history of hacking is along with the history of computer (information). Now a days people think that hacking means computer hacking but in my views no there is and there was a analog hacking beside these digital hacking like mind science or human hacking.
By Ethical HackingPosted in: BackTrack, Backtrack5, EH Security, EH Tools, Exploit, Hacking, Open Source, SQL, Tutorial, Vulnerability, Web Security
SQL injection is one the most common bug or vulnerability in a web application that can easily be exploit, there are mainly two ways to exploit SQL injection one is manually and other is by using automatic tools. Manual process takes time and it is a slow process but remember manual process is reliable because there are so many cases out there in which automatic tools can be fail. Automatic tools to exploit SQL injection are fast, user friendly and usually don't need any technical knowledge and skills.