Archive for April 2012

Subterfuge - Man-in-the-Middle Attack Framework Tutorial

Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attack and make it as simple as point and shoot. A beautiful, easy to use interface which produces a more transparent and effective attack is what sets Subterfuge apart from other attack tools. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network, and even exploiting machines through race conditions.

How to Create a FUD Backdoor – Bypass An Antivirus

How to bypass an Anti-virus or how to create a FUD (fully undetectable) backdoor is not a new topic of discussion, the need to bypass an antivirus is very high because it is very helpful in the process of penetration testing and ethical hacking. You can bypass an antivirus by using the metasploit encoders and there are many other ways, in this tutorial I will show you how to make your ncat FUD and how to use the netcat as a backdoor.

AnonBin The Anonymous Alternate of Pastebin

Anonymous the famous hacktivist group has announced the alternate of pastebin, a pastebin is web application that allows you to paste and share the text file. The official release of Anonymous and the Peoples Liberation Front states that:

PayPal & Wire Transfer Scam - Email Scam

Scammer are active and they usually active to make an innocent fool and to steal the confidential information and money, every day thousands of email are sending by the spammer an email filter can easily filter these email and spam them like the powerful spam filter of gmail and yahoo but sometimes the spammers uses some new techniques to bypass these filters.  Now a day the private email exchange server (private company email servers) are the target of these spammers.

Vulnerability Assessment & Scanning Nessus Tutorial

This is the second part of IT auditing and fundamentals, the first part of this article has been discussed on the previous issue.
What is nessus? What nessus can do ? And other similar question has been discussed above but from this point I will demonstrate you the best feature of nessus with some examples. Keep in mind that nessus are available into two feeds one is a home feed while other is for professional (you need to purchase it), figure 6 show you to simple interface of nessus.

web-sorrow Web Server Scanner & Enumeration

Automatic scanning has worth, automatic scanner save time and can do work efficiently. There are various automatic tools are available on public some for web application vulnerability scanning and for network or system level scanning. Nikto is a wonderful open source tool to analyze a web server for misconfiguration and for the common vulnerability but Nikto is not a single player in information security and penetration testing, there is another a tool called Web-Sorrow.  

IT Auditing Fundamentals – Theoretical to Practical

Information security is a vast field and has a broad interest there are so many penetration tester and ethical hacker out there that provides there services for network and web application testing. IT auditing is an essential part of today networks, network can be a small (LAN) and a big both are requires auditing.