Monday, June 20, 2022

BRATA Android Malware Gains Advanced Mobile Threat Capabilities

 

The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy.

"In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) activity pattern," Italian cybersecurity firm Cleafy said in a report last week. "This term is used to describe an attack campaign in which criminals establish a long-term presence on a targeted network to steal sensitive information."

An acronym for "Brazilian Remote Access Tool Android," BRATA was first detected in the wild in Brazil in late 2018, before making its first appearance in Europe last April, while masquerading as antivirus software and other common productivity tools to trick users into downloading them.

The change in the attack pattern, which scaled new highs in early April 2022, involves tailoring the malware to strike a specific financial institution at a time, switching to a different bank only after the victim begins implementing countermeasures against the threat.

Also incorporated in the rogue apps are new features that enable it to impersonate the login page of the financial institution to harvest credentials, access SMS messages, and sideload a second-stage payload ("unrar.jar") from a remote server to log events on the compromised device.

"The combination of the phishing page with the possibility to receive and read the victim's sms could be used to perform a complete Account Takeover (ATO) attack," the researchers said.

Additionally, Cleafy said it found a separate Android app package sample ("SMSAppSicura.apk") that used the same command-and-control (C2) infrastructure as BRATA to siphon SMS messages, indicating that the threat actors are testing out different methods to expand their reach.

The SMS stealer app is said to be specifically singling out users in the U.K., Italy, and Spain, its goal being able to intercept and exfiltrate all incoming messages related to one-time passwords sent by banks.

"The first campaigns of malware were distributed through fake antivirus or other common apps, while during the campaigns the malware is taking the turn of an APT attack against the customer of a specific Italian bank," the researchers said.

"They usually focus on delivering malicious applications targeted to a specific bank for a couple of months, and then moving to another target."

at No comments:
Labels:

Friday, June 17, 2022

Burp Suite Extension - To Monitor And Keep Track of Tested Endpoints



Burp Scope Monitor Extension

A Burp Suite Extension to monitor and keep track of tested endpoints.


Main Features


  • Simple, easy way to keep track of unique endpoints when testing an application
  • Mark individual endpoints as analyzed or not
  • Instantly understand when a new endpoint, not tested is requested
  • Accessible from Proxy tab (right click, mark request as analyzed/not)
  • Send to Repeater
  • Enforcement of Burp's in scope rules
  • Import/Export state file directly to a CSV file for
  • Autosave option


Installation


  1. Make sure you have Jython configured under Extender -> Options -> Python Environment. For further instructions, check PortSwigger official instructions at their support page.
  2. git clone git@github.com:Regala/burp-scope-monitor.git
  3. Import main.py in Extender - Extender -> Extensions -> Add -> Select Python -> Select main.py


Documentation

Most of the options available in General or Import tabs are auto-explanatory.



  • "Repeater request automatically marks as analyzed" - when issuing a request to an endpoint from repeater, it marks this request as analyzed automatically.
  • "Color request in Proxy tab" - this essentially applies the behavior of the extension in the Proxy tab, if you combine these options with "Show only highlighted items" in Proxy. However, it's not as pleasant to the eyes as the color pallete is limited.
  • "Autosave periodically" - backups the state file every 10 minutes. When activating this option, consider disabling "Autostart Scope Monitor". This is in order to maintain a different state file per Burp project. However, you can easily maintain only one, master state file.
  • "Import/Export" is dedicated to handle the saved state files. It's preferred to open your Burp project file associated with the Scope Monitor. It will still work if the Burp project is different, but when loading the saved entries, you won't be able to send them to Repeater or view the request itself in the Request/Response viewer (this is due to the fact that we are not storing the actually requests - just the endpoint, it's analyzed status and a couple of other more. This makes it a little bit more efficient).

Future Development


  • Keep track of parameters observed in all requests
  • Highlight when a new parameter was used in an already observed/analyzed endpoint
  • Export to spreadsheet / Google Sheets
  • Adding notes to the endpoint

Implementation

The code is not yet performant, optimized or anything similar. KISS and it works. Performance will be increased depending on demand and how the extension performs when handling large Burp projects.

To circumvent some of Burp's Extender API limitations, some small hacks were implemented. One of those is automatically setting a comment on the requests that flow in the Proxy tab.

You can still add comments on the items, as you'd normally would, but just make sure to keep the placeholder string (scope-monitor-placeholder) there.

Hopefully in the future each requestResponse from Burp will have a unique identifier, which would make the import state / load from file much cleaner and fast. With large state files, this might hang a bit when loading.

Download Burp Scope Monitor 
at No comments:

Tuesday, February 7, 2017

Deep Web links...

To browse .onion Deep Web links, install Tor Browser from http://torproject.org/

 Image result for deep web

Hidden Service lists and search engines

http://3g2upl4pq6kufc4m.onion/ – DuckDuckGo Search Engine
http://xmh57jrzrnw6insl.onion/ – TORCH – Tor Search Engine
http://32rfckwuorlf4dlv.onion/ – Onion URL Repository
http://2vlqpcqpjlhmd5r2.onion/ – Gateway to Freenet
http://kpvz7ki2v5agwt35.onion – The Hidden Wiki
http://idnxcnkne4qt76tg.onion/ – Tor Project: Anonymity Online
http://jh32yv5zgayyyts3.onion/ – Hidden Wiki .Onion Urls
http://wikitjerrta4qgz4.onion/ – Hidden Wiki – Tor Wiki
http://xdagknwjc7aaytzh.onion/ – Anonet Webproxy
http://3fyb44wdhnd2ghhl.onion/wiki/index.php?title=Main_Page – All You’re Wiki – clone of the clean hidden wiki that went down with freedom hosting
http://3fyb44wdhnd2ghhl.onion/ – All You’re Base
http://j6im4v42ur6dpic3.onion/ – TorProject Archive
http://p3igkncehackjtib.onion/ – TorProject Media
http://cipollatnumrrahd.onion/ – Cipolla 2.0 (Italian)
http://dppmfxaacucguzpc.onion/ – TorDir – One of the oldest link lists on Tor

Marketplace Financial

http://torbrokerge7zxgq.onion/ – TorBroker – Trade securities anonymously with bitcoin, currently supports nearly 1000 stocks and ETFs
http://fogcore5n3ov3tui.onion/ – Bitcoin Fog – Bitcoin Laundry
http://2vx63nyktk4kxbxb.onion/ – AUTOMATED PAYPAL AND CREDIT CARD STORE
http://samsgdtwz6hvjyu4.onion – Safe, Anonymous, Fast, Easy escrow service.
http://easycoinsayj7p5l.onion/ – EasyCoin – Bitcoin Wallet with free Bitcoin Mixer
http://jzn5w5pac26sqef4.onion/ – WeBuyBitcoins – Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more
http://ow24et3tetp6tvmk.onion/ – OnionWallet – Anonymous Bitcoin Wallet and Bitcoin Laundry
http://qc7ilonwpv77qibm.onion/ – Western Union Exploit
http://y3fpieiezy2sin4a.onion/ – HQER – High Quality Euro Replicas
http://qkj4drtgvpm7eecl.onion/ – Counterfeit USD
http://lw4ipk5choakk5ze.onion/raw/4588/ – High Quality Tutorials

Marketplace Commercial Services

http://6w6vcynl6dumn67c.onion/ – Tor Market Board – Anonymous Marketplace Forums
http://5mvm7cg6bgklfjtp.onion/ – Discounted electronics goods
http://lw4ipk5choakk5ze.onion/raw/evbLewgkDSVkifzv8zAo/ – Unfriendlysolution – Legit hitman service
http://tuu66yxvrnn3of7l.onion/ – UK Guns and Ammo
http://ucx7bkbi2dtia36r.onion/ – Amazon Business
http://hbetshipq5yhhrsd.onion/ – Hidden BetCoin
http://cstoreav7i44h2lr.onion/ – CStore Carded Store
http://tfwdi3izigxllure.onion/ – Apples 4 Bitcoin
http://b4vqxw2j36wf2bqa.onion/ – Advantage Products
http://ybp4oezfhk24hxmb.onion/ – Hitman Network
http://mts7hqqqeogujc5e.onion/ – Marianic Technology Services
http://yth5q7zdmqlycbcz.onion/ – Old Man Fixer’s Fixing Services
http://sheep5u64fi457aw.onion/ – Sheep Marketplace
http://qizriixqwmeq4p5b.onion/ – Tor Web Developer
http://en35tuzqmn4lofbk.onion/ – US Fake ID Store
http://xfnwyig7olypdq5r.onion/ – USA Citizenship
http://uybu3melulmoljnd.onion/ – iLike Help Guy
http://dbmv53j45pcv534x.onion/ – Network Consulting and Software Development
http://lw4ipk5choakk5ze.onion/raw/4585/ – Quick Solution (Hitman)

Marketplace Drugs

http://rso4hutlefirefqp.onion/ – EuCanna – Medical Grade Cannabis Buds, Rick Simpson Oil, Ointments and Creams
http://newpdsuslmzqazvr.onion/ – Peoples Drug Store – The Darkweb’s Best Online Drug Supplier!
http://smoker32pk4qt3mx.onion/ – Smokeables – Finest Organic Cannabis shipped from the USA
http://fzqnrlcvhkgbdwx5.onion/ – CannabisUK – UK Wholesale Cannabis Supplier
http://kbvbh4kdddiha2ht.onion/ – DeDope – German Weed and Hash shop. (Bitcoin)
http://s5q54hfww56ov2xc.onion/ – BitPharma – EU vendor for cocaine, speed, mdma, psychedelics and subscriptions
http://ll6lardicrvrljvq.onion/ – Brainmagic – Best psychedelics on the darknet
http://25ffhnaechrbzwf3.onion/ – NLGrowers – Coffee Shop grade Cannabis from the netherlands
http://fec33nz6mhzd54zj.onion/index.php – Black Market Reloaded Forums
http://atlmlxbk2mbupwgr.onion/ – Atlantis Marketplace Forums
http://atlantisrky4es5q.onion/ – Atlantis Marketplace
http://dkn255hz262ypmii.onion/ – Silk Road Forums
http://k4btcoezc5tlxyaf.onion/ – Kamagra for BitCoins
http://5onwnspjvuk7cwvk.onion/ – Black Market Reloaded

Hosting

http://matrixtxri745dfw.onion/ – Image Uploader
http://lw4ipk5choakk5ze.onion/ – PasteThis – Tor based Pastebin
http://tklxxs3rdzdjppnl.onion/ – Liberty’s Hackers Hosting Service
http://matrixtxri745dfw.onion/ – Matrix Trilogy

Blogs

http://74ypjqjwf6oejmax.onion/ – Beneath VT – Exploring Virginia Tech’s Steam Tunnels and Beyond
http://76qugh5bey5gum7l.onion/ – Deep Web Radio
http://edramalpl7oq5npk.onion/Main_Page – Encyclopedia Dramatica
http://ad52wtwp2goynr3a.onion/# – Dark Like My Soul
http://gdkez5whqhpthb4d.onion/ – Scientology Archive
http://newsiiwanaduqpre.onion/ – All the latest news for tor
http://5vppavyzjkfs45r4.onion/ – Michael Blizek
http://7hk64iz2vn2ewi7h.onion/ – Blog about Stories
http://7w2rtz7rgfwj5zuv.onion/ – An Open Letter to Revolutionaries
http://4fvfamdpoulu2nms.onion/ – Lucky Eddie’s Home
http://nwycvryrozllb42g.onion/searchlores/index.htm – Fravia’s Web Searching Lore
http://newsiiwanaduqpre.onion/ – OnionNews – Blog about the onionland

Forums and Chans

http://jv7aqstbyhd5hqki.onion – HackBB – Hacking & cracking forum
http://xdagknwjc7aaytzh.onion/20/http/1.4.7.9/forummain.htm – Read only access to the Freenet FMS forums via the Anonet Webproxy
http://hbjw7wjeoltskhol.onion – The BEST tor social network! File sharing, messaging and much more. Use a fake email to register.
http://t4is3dhdc2jd4yhw.onion/ – OnionForum 3.0 – New Onionforum for general talk, now with marketplace
http://zw3crggtadila2sg.onion/imageboard/ – TorChan – One of the oldest chans on Tor

Email and Messaging

http://365u4txyqfy72nul.onion/ – Anonymous E-mail sevice. You can only communicate with other users currently using this service. So tell all your friends about it!
http://sms4tor3vcr2geip.onion/ – SMS4TOR – Self destructing messages
http://notestjxctkwbk6z.onion/ – NoteBin – Create encrypted self-destructing notes
http://torbox3uiot6wchz.onion/ – [TorBox] The Tor Mail Box
http://u6lyst27lmelm6oy.onion/index.php – Blue matrix chat NOT UP ALL THE TIME so chek often to see when it is
http://wi7qkxyrdpu5cmvr.onion/ – Autistici/Inventati

Political

http://faerieuaahqvzgby.onion/ – Fairie Underground
http://tnysbtbxsf356hiy.onion/ – The New Yorker Strongbox
http://duskgytldkxiuqc6.onion/ – Example rendezvous points page
http://rrcc5uuudhh4oz3c.onion/ – The Intel Exchange Forum :: Information and discussion on various topics, ranging from Illegal Activities and Alternative Energy, to Conspiracy Theories and Hacking. Same people from SnapBBS on a fully secure, moderated and categorized forum.
http://opnju4nyz7wbypme.onion/weblog/index.html – A7B blog :: a blog dedicated to the restoration of a limited constitutional republic in the USA
http://assmkedzgorodn7o.onion/ – Anonymous, safe, secure, crowdfunded assassinations.
http://duskgytldkxiuqc6.onion/comsense.html – Commo Sense by Thomas Paine
http://nwycvryrozllb42g.onion/ – Destination Unknown

Warez

http://2gxxzwnj52jutais.onion/ – The Nowhere Server (restored from backup after FH)
http://jntlesnev5o7zysa.onion/ – The Pirate Bay – Torrents
http://am4wuhz3zifexz5u.onion/ – Tor Library – library of books and other media files
http://uj3wazyk5u4hnvtk.onion/ – The Pirate Bay – Torrents (official .onion)
http://wuvdsbmbwyjzsgei.onion/ – Music Downloads
http://lolicore75rq3tm5.onion/ – Lolicore and Speedcore Music
http://vt27twhtksyvjrky.onion/ – lol 20th Century Western Music Recordings and Scores
http://2ygbaoezjdmacnro.onion/ – Pony at Noisebridge
http://xfmro77i3lixucja.onion/ – Imperial Library of Trantor
http://c3jemx2ube5v5zpg.onion/ – Jotunbane’s Reading Club

Drugs Non-commercial

No links found.

Erotic 18+

http://tklxxs3rdzdjppnl.onion/sharepass/ – SharePass – Password sharing community
http://k4jmdeccpnsfe43c.onion/ – Girls Released – Some nice model pics
http://54dgeda4ik6iypui.onion/ – Gallery – Met-Art, FTVX etc sets
http://pinkmethuylnenlz.onion/ – The Pink Meth (mirror)
http://orsxvca7glswueo7.onion/ – EroDir – Lots and lots of Hentai

Erotic Hard Candy

http://lovezspamopfiqul.onion/ – TLZ discussion board
http://iqlnc7cbykhhurfo.onion/ – LLL – Image and Video down- & upload
http://oglbv4c4kpoobkid.onion/oglb/ – Onion Girl Love Board – Private Board
http://girlbmayme6evpwv.onion/ – Girls and Boys
http://7haz75ietrhjds3j.onion/ – All Natural Spanking
http://spofoh4ucwlc7zr6.onion/ – Safe Port Forum
http://ftwwebt6e3nb3lmw.onion/ – FTW Image Boards
http://tlz3gig7k46s4r66.onion/ – TLZ private forums
http://vkq6wz4ozmldscii.onion/ – Topic Links – A CP sites link list

Erotic Jailbait

http://66m4z7ygkqghb4tc.onion/ – Some paradisebirds casey videos

Non-English

http://germanyhusicaysx.onion – Deutschland im Deep Web – German forum
http://ffi5v46ttwgx3fby.onion/ – Das ist Deutschland hier 2.0 – German Board
http://runionv62ul3roit.onion/ – Russian Onion Union
http://5xki35vc4g5ts6gc.onion – GTF Greek Tor Forum . For greek speaking users
http://cipollatnumrrahd.onion/index.php – Cipolla 2.0 – Italian Community
http://runionv62ul3roit.onion – Russian community: market and anonymous talks about security, guns etc.
http://ptrackcp2noqu5fh.onion/ – PoliceTrack – Ne vous faites plus suivre par la police.
http://amberoadychffmyw.onion – Amberoad – russian anonymous market
http://r2d2akbw3jpt4zbf.onion – R2D2 – russian anonymous market
http://ramp2bombkadwvgz.onion – RAMP – biggest russian market (drugs only)
http://szmyt4v4vjbnxpg3.onion/ – Славянский
http://o2tu5zjxjlibrary.onion/ – Bibliotheca Alexandrina
http://ocbh4hoqs37unvv6.onion – French Deep Web

Deep Web Links

at No comments:
Labels:

cyber safety day 7th february 2017

Image result for cybersafety day 2017
at No comments:

Friday, February 3, 2017

Installing Metasploit Framework on Ubuntu 16.04 LTS and Debian 7

This Guide covers the installation of Metasploit Framework OSS Project on Ubuntun Linux LTS. If you do not wish to run the Open Source version or set up a development environment and do not mind giving your email address to Rapid 7 for marketing I would recommend downloading their comercial installer from http://www.metasploit.com/ for Metasploit Express and Pro. 
If you prefer an all in one installer only for framework the Metasploit team offers nightly built installers at https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers making a quick setup a breeze if you do not plan to pull separate branches to test experimental code or do development. 

Install Oracle Java 8

We start by adding the Oracle Java Package source
sudo add-apt-repository -y ppa:webupd8team/java
Once added we can install the latest version
sudo apt-get update
sudo apt-get -y install oracle-java8-installer

 

Installing Dependencies

We start by making sure that we have the latest packages by updating the system using apt-get:
sudo apt-get update
sudo apt-get upgrade
Now that we know that we are running an updated system we can install all the dependent packages that are needed by Metasploit Framework:
sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev

Installing a Proper Version of Ruby

The distribution sadly does not comes by default with a proper version of Linux for us to use with Metasploit Framework and we will have to download and compile a proper one. There 2 mains ways recommended for this are using RVM or rbenv (Do not install both choose one or the other)If installing using RVM be warned that symlinks will not work do to the way it places the binary stubs of the metasploit-framework gem
Installing Ruby using RVM:
curl -sSL https://rvm.io/mpapis.asc | gpg2 --import -
curl -L https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
source ~/.bashrc
RUBYVERSION=$(wget https://raw.githubusercontent.com/rapid7/metasploit-framework/master/.ruby-version -q -O - )
rvm install $RUBYVERSION
rvm use $RUBYVERSION --default
ruby -v

Installing Ruby using rbenv:
cd ~
git clone git://github.com/sstephenson/rbenv.git .rbenv
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec $SHELL

git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc

# sudo plugin so we can run Metasploit as root with "rbenv sudo msfconsole" 
git clone git://github.com/dcarley/rbenv-sudo.git ~/.rbenv/plugins/rbenv-sudo

exec $SHELL

RUBYVERSION=$(wget https://raw.githubusercontent.com/rapid7/metasploit-framework/master/.ruby-version -q -O - )
rbenv install $RUBYVERSION
rbenv global $RUBYVERSION
ruby -v

Installing Nmap

One of the external tools that Metasploit uses for scanning that is not included with the sources is Nmap. Here we will cover downloading the latest source code for Nmap, compiling and installing:
mkdir ~/Development
cd ~/Development
git clone https://github.com/nmap/nmap.git
cd nmap 
./configure
make
sudo make install
make clean

Configuring Postgre SQL Server

We start by switching to the postgres user so we can create the user and database that we will use for Metasploit
sudo -s
su postgres
Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit and Armitage use to connect to the database.
createuser msf -P -S -R -D
createdb -O msf msf
exit
exit
If you experience problems with the database setup this fedora guide offers a good guide for troubleshooting and setup https://fedoraproject.org/wiki/Metasploit_Postgres_Setup 

Installing Metasploit Framework

We will download the latest version of Metasploit Framework via Git so we can use msfupdate to keep it updated:
cd /opt
sudo git clone https://github.com/rapid7/metasploit-framework.git
sudo chown -R `whoami` /opt/metasploit-framework
cd metasploit-framework
Install using bundler the required gems and versions:
cd metasploit-framework

# If using RVM set the default gem set that is create when you navigate in to the folder
rvm --default use ruby-${RUByVERSION}@metasploit-framework

gem install bundler
bundle install
Lets create the links to the commands so we can use them under any user and not being under the framework folder, for this we need to be in the metasploit-framework folder if not already in it:
cd metasploit-framework
sudo bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'

Metasploit for Development and Contribution

If you wish to develop and contribute to the product you can follow the additional steps here Metasploit Dev Environment . For this you will need a GitHub account and you will fork the project in to your own account. I personally keep my dev copy of Metasploit in ~/Development folder and after an initial run of msfconsole I keep my database.yml file in ~/.msf4/cofig folder and adjust the MSF_DATABASE_CONFIG variable for it or run msfconsole with the -y option and point it to a YAML file with the correct configuration.
Installing armitage:
curl -# -o /tmp/armitage.tgz http://www.fastandeasyhacking.com/download/armitage150813.tgz
sudo tar -xvzf /tmp/armitage.tgz -C /opt
sudo ln -s /opt/armitage/armitage /usr/local/bin/armitage
sudo ln -s /opt/armitage/teamserver /usr/local/bin/teamserver
sudo sh -c "echo java -jar /opt/armitage/armitage.jar \$\* > /opt/armitage/armitage"
sudo perl -pi -e 's/armitage.jar/\/opt\/armitage\/armitage.jar/g' /opt/armitage/teamserver
Lets create the database.yml file that will contain the configuration parameters that will be use by framework:
sudo nano /opt/metasploit-framework/config/database.yml
Copy the YAML entries and make sure you provide the password you entered in the user creating step in the password field for the database:
production:
 adapter: postgresql
 database: msf
 username: msf
 password: 
 host: 127.0.0.1
 port: 5432
 pool: 75
 timeout: 5
Create and environment variable so it is loaded by Armitage and by msfconsole when running and load the variable in to your current shell:
sudo sh -c "echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/config/database.yml >> /etc/profile"

source /etc/profile

First Run

Now we are ready to run Metasploit for the first time. My recommendation is to run it first under a regular user so the folders create under your home directory have the proper permissions. First time it runs it will create the entries needed by Metasploit in the database so it will take a while to load.
msfconsole
at No comments:

Tuesday, February 2, 2016

How to hack the network Server

Want to be a hacker

How to hack the network Server

In our first hacking preparing session we had learn how to prepare for a Hack such as what are the language skills are required, how to select the tools and targets. In this session we are going to look how to things you should take care while and after hacking a target. Here we are going to look How to hack the network Server, how to hack a network computer, How to get into the target, how to gain access, how crate backdoor and how to clear the tracks are the topics in this session.
1) Secure yourself.
Before you start the hack you should make sure you are not going to race back.  Meantime you must make sure that you have understood all techniques to make safe yourself.
If you are going to attack the target or network with permission as a White Hat Hacker, you should get the permission in writing. This will help you that you are a authorize person to attack and check the security level.  When it’s a white hat hack make sure you are not using any illegal or crack software,  in a commercial environment this type of software are put you in trouble.
But if you are a Black Hat hacker no matter what are you going to use and what will be the impact of the attack. Before start the attack. If you use the VPNs you can make sure you are in safe.
2) Analysis the objective.
When you are ready to attack the system you or network you can use the ping command to check the availability of the network.  When you get the positive reply mean the target is active and live. But the result cannot be trusted all times. Because some the Administrator can shut or disable the ICMP reply facility.
3) Use terminal for commands.
 There are several command line terminals are available and most of them are open source. You can download and use those without any problem. NmapCygwin,WinPCap are some. Cygwin will support for windows users also. But Nmap useWinPCap to runs on Windows.You can use Linux or BSD which are more flexible and most of them are with may preinstalled useful tools
4) Identify the OS.
Before start the attack you must identify the target and Os. You can scan the ports using nmap and select the open ports.  When you got in to the open port you can open the machine and get the details of the OS using the nmap tool with –O, after that you can easily get the details of switch and it will give all the details of the Firewall and routers they are using and you can plan an action.
5) Locate an open port.
Usually the ports which are using frequently such as HTTP (80), FTP (21) well protected by the System Admin and keep those ports are locked.  But hackers use take advantage on the other ports to get into the system. Try other TCP, UDP ports those are forgotten by most. Telnet or UPD ports which are using for LAN gaming and sometimes left open
6) Crack the authentication process.
We can crack the passwords in several ways such as bruteforce or Dictionary attack.  When you select the bruteforce attack on a site or system the password is an effort to try every possible password contained in the dictionary.
But when you use the bruteforce attack you must consider that the systems encourage the users to use a hard password. So it will take time to crack the passwords. Most of the hashing algorithm is weak you can improve the cracking speed to cut thas in segments. If the MD5 has you can cut pieces you increase the speed.
Some tools are using GPU (Graphic Processor) which is thousand time faster than the normal system processor.
 7) Get the super-user privileges.
Once you got into the system always try to get root privilege (Super Admin) when if it’s a Linux machine target *nix or Windows get the access of Administrator. Most of the information that will be of critical curiosity is sheltered and you need a certain level of authentication to get that. if you want to see all the important files on a system attacker must need super-user privileges.
8) Use diverse tricks to get The Super user account.
Hacker use several tactics to gain the super user access like creating Buffer Overflow, which cause the  memory to dumb and that allow the attacker to inject the code or perform a task at a higher level than you’re normally authorized.
9) Create a backdoor.
When attacker succeeded to hack and get the access of full control over the system, must make sure that come back again without any delay or problem. It can be done through a backdoor. Sometimes it may be removed when the system admin upgrade the services. But a well experienced hacker can make the backdoor compile itself
10) Cover your tracks.
After finishing all the JOBs you must make sure that the administrator won’t get alarm on that the system is compromised. For that don’t change any single thing in the target to don’t produce any unnecessary additional file or users in the target act as quick as possible. Once you pack the server with SSHD or other way you must make sure the secret password is encrypted and hardcoded and when any one tries to login using the password system should let them in but not contain any sensitive information.
at No comments:

SEO - Content is the King



Content basically includes what you see on the site: the text, graphics, and even links to other websites. You should not use excessive graphics because they are not Search Engine Friendly plus heavy graphics normally put the users out when they get downloaded, especially over a slow network.
Thousands of articles, books, and forum entries are available on how to make your website search engine friendly, but ultimately, one rule stands above the rest: Unique, high-quality, unduplicated content is the king.
Superior the quality of your content, the higher the ranking you achieve, larger the traffic you gain and greater the popularity of your website. Search engines prefer good quality sites in their index and search results.
Relevant, fresh, and timely content is crucial in attracting visitors to your website. It helps you both draw traffic from search engines and create audience loyalty.

Unique, High-Quality Content

When people visit a website for information, they want your unique spin on a topic. How is your material or content unique? Is that uniqueness obvious, and easy to find and to understand? Visitors want unique, high-quality site content. It is not only your home page content, but also all the linked pages should have useful and easy-to-understand content.
Now-a-days, search engines have become very smart and they are able to understand complete grammar and complete phrase. Hence while ranking a page against other, the content available on a page matters.
Sites with duplicated, syndicated, or free content are get given red flags by the search engines.

SEO Content Writing (Copy Writing)

SEO Content Writing (also referred as SEO Copy writing), involves the process of integrating keywords and informative phrases which make up the actual content of your website.
While writing your webpage content, the following tips may help you in keeping it better than others.
  • The content should be directed for the specified target audience.
  • Keyword density is strictly adhered as per search engine guidelines.
  • Titles should always be eye-catching, compelling your visitors to read on and want to know what you offer in your website.
  • Do not use confusing, ambiguous, and complex language. Use small statements to make your content more understandable.
  • Keep your web pages short.
  • Organize and distribute the content on the webpages.
  • Divide your web page content also into short paragraphs.

Other Advantages of Having Great Content

It is not only SEO you need to think about. Many factors contribute to make your site popular.
  • If your site is having something really unique, then people like to suggest it to their friends.
  • Other webmasters like to create a link of your site on their sites.
  • Your site visitors start trusting on your site and they look forward for the next content update and keep coming again and again.
  • Although you are listed out by search engine, a but net surfer will click only that page whose content snippet looks more unique and interesting.

Conclusion

Creating, editing, and promoting unique high-quality content is difficult and time consuming. But in the end, the golden rule of SEO is that Content is the King. It is not because of a search engine, but it is for your site visitors. A page that is read by people is better than a page that is read by bots.
So, write your content after a serious thought. Keep your title, keywords, link text, metatags up-to-date, unique, and interesting.

at No comments:

SEO - Optimized Anchor




Use descriptive anchor text for all your text links. Most search engines consider anchor text of incoming links when ranking pages. Here is an example of anchor:
 href="otherpage.htm" title="Anchor Title">Anchor Text
Listed below are some of the important points to note about anchors:
  • The Anchor Title plays a very important role and is seen by most of the search engines. The anchor title should have appropriate keywords. Anchor title helps the site visitors using a balloon, and displaying written text.
  • The Anchor Text is another important part, which should be selected very carefully because this text is used not only for search engines but also for navigation purpose. You should try to use the best keywords in your anchor text.
  • The otherpage.htm is the link to another webpage. This link could be to an external site. Here, you need to ensure that the linked page does exist; otherwise it is called a broken link, which gives a bad impression to search engines as well as to site visitors.
Another example of an anchor could be as follows:
 href="otherpage.htm" title="Anchor Title">
    src="image.gif" alt="keywords" />
In this case, Anchor Text has been replaced by an image. So, while using an image in place of an anchor text, it should be checked that you have put alt tag properly. An image alt tag should have appropriate keywords.
at No comments:
Subscribe to: Posts (Atom)

Evil Twin attack

Evil Twin Attack is attack is frequently carried upon wireless access points with malicious intentions. This attack happens when...