DNS Cache Poisoning attack on Google ,Gmail , Yahoo ,Youtube

HaHacker with nickname AlpHaNiX deface Google, Gmail, Youtube, Yahoo, Apple etc domains of Democratic Republic of Congo. Hacker use strategy so-called DNS cache poisoning.What is Cache Poisoning Cache poisoning, also called domain name system (DNS) poisoning or DNS cache poisoning, is the corruption of an Internet server's domain name system table by replacing an Internet address with that of another, rogue address. When a Web user seeks the...

Read More

Mantra - Open Source Security Framework

Mantra - Mantra is a collection of hacker tools, add ons and scripts based on firefox .Firefox is an hacker friendly tool from starting , its rich assets are its addons they only work has an independent tools for hacking.A group of security professionals integrated all this add ons, scripts and made a framework called mantra.As of now Mantra is just a security toolkit rather than a full-fledged frameworkSome of the features of Mantra1. Its built...

Read More

Maharastra Highway Police Website Got Hacked

                                   Not only International Law Enforcement and Police Under Hacker's attack, Even our Local Police websites and Database also become of Victim of breaches mostly once a day.A hacker With name "powerin10" take responsibility to hack Maharashtra...

Read More

WPScan - Wordpress Security Scanner

 Wordpress Security ScannerWPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.WPScan is written in RubyThe features of WPScan are :  It will enumerate the Usernames  Weak Password Cracking  Plugin Vulnerability Enumeration  Version Enumeration  Vulnerability Enumeration  etc ........It can be free downloaded from http://code.google.com/p/wpscan/ORIt...

Read More

Plecost - Wordpress fingerprint tool

PlecostA Wordpress finger print tool available in open source with Backtrack 5Plecost retrieves the information contained on the Web site to be analyzed, and also allows a search on the results indexed by Google.It bases your analysis from information contained in the files of development included by WordPress and them plugins. The plugins list is generated based on the list of "Most populars" from wordpress.org, and linked with related entries...

Read More

WafW00f - A Web Application Audit Tool

WAFW00F - Web Application Firewall Detection ToolWafW00f is written in  phython and is available freely on the net,the tool is developed By Sandro Gauci && Wendel G. Henrique.they mentions that Web Application Firewalls (WAFs) : can be detected, because they leave several signscan be bypassed by changing the attack in order to avoid rulesTo help detect and bypass WAFs, they released wafw00f WAFW00F allows one to identify and fingerprint...

Read More

Google offers encrypted Web search by default

Google announced today that it will encrypt by default Web searches and results for users who are signed in.People who don't have a Google account or are signed out can go directly to https://www.google.com, the company said in a blog post.Encrypting the communications between an end user and the Google search engine servers will protect against snooping by anyone who might be sniffing on an unsecured Wi-Fi network, for instance. Secure Sockets Layer...

Read More

Mobile Malware Is on the Rise, but Is It a Real Threat?

Smartphones and tablets may be the hottest tickets in electronics today, but with that marquee status comes a dark side. Mobile viruses on the rise, and 2010 saw a huge increase in malware on mobile devices, up 46 percent from 2009, says a new threat report from security software maker McAfee.The increase in mobile malware isn't unexpected, as smartphones have become more popular in the last year, with smartphones recently passing PCs in sales for...

Read More

What Is Doxing? – Doxing And It’s Uses

Doxing is the process of gaining information about someone or something by using sources on the Internet and using basic deduction skills. Its name is derived from “Documents” and in short it is the retrieval of “Documents” on a person or company.You’re probably thinking, “Okay, so basically it’s getting information from searching someone’s email on Google right?” in a sense yes, but there are actually easier ways to get someone’s information online....

Read More

How to Change MAC Address

In computer networking, the Media Access Control (MAC) address is every bit as important as an IP address. Learn in this article how MAC addresses work and how to find the MAC addresses being used by a computer...What Is a MAC Address?The MAC address is a unique value associated with a network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN.MAC addresses are 12-digit hexadecimal...

Read More

White hat hacker exposes NASA servers' vulnerabilities

White hat hacker exposes NASA servers' vulnerabilitiesA Romanian "white hat" hacker has claimed to have broken into a site of the National Aeronautics and Space Administration (NASA), and published a screenshot of the compromised server on his site.White hat hackers are programmers who break into computer systems for the sake of exposing security flaws, instead of exploiting them for malevolent purposes.In this case, "TinKode" hacked a file transfer protocol (FTP) server related to NASA's Earth Observation System at Goddard Space Flight Center."I...

Read More

Private and Public IP Addresses

What are Private and Public IP AddressesInternet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place. In this post I will try to explain the difference between a public and a private IP addres in layman’s terms so that it becomes simple and easy to understand.What are Public IP Addresses?A public IP...

Read More

Surf Web Anonymously with TOR

What is TOR ?Tor-proxy is a free proxy-server service that Internet users can use to hide their IP address while surfing the Web. An IP address is a number used to identify computers on the Internet, and for reasons of safety and security, it may sometimes be desirable to hide the address.What is Vidalia ?Vidalia is a GUI (graphical user interface) implementation for Tor, It allows the user to start, stop, and view the status of Tor; monitor bandwidth...

Read More

How Firewall Works

If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used. For example, you often hear people in companies say things like, "I can't use that site because they won't let it through the firewall."How Firewall Works ?Firewalls are basically a barrier between your computer and the internet. A firewall can be simply...

Read More

How to Surf web Anonymously with Proxies

Are you looking to surf the Internet without anyone knowing your location or details? Do you want to regain access to a banned website or forum? Well you’ve come to the right place as in this article I will answer the frequently asked question, How to Surf the Web Anonymously? , How to access restricted websites?There are many ways to surf the web anonymously. But the best way to surf the web Anonymously without spending a single penny is by using...

Read More

RFI(Remote File Inclusion)

Remote File Inclusion Remote File Inclusion ( RFI ) allows the attacker to upload his file on a website server using a script. Remote File Inclusion is a common vulnerability found in many websites. Using RFI you can literally deface the websites, get access to the server. Here i am going to describe this. Searching the Vulnerability:Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to this: www.anywebsite.com/index.php?page=something If you want to find more website like this try...

Read More

Google Hacking

Google hacking doesn't mean to hack Google. Google hacking term used when a hacker tries to find vulnerable targets or sensitive data by using the Google search engine.In Google hacking hackers use search engine commands to locate sensitive data and vulnerable devices on the Internet. Google supports a multitude of operators and modifiers that add a ton of power to google searchingI am going to explain some operators used in Google hackingintitle:Syntax: intitle:operator This will return all the pages that have word entered after the intitle (as...

Read More

Block any Website on your computer without any software

There are many people who want some website inaccessible from their computer. Most of the parents want to block some websites on their computer system. Here i am going to write a well known an easy way to do this.Steps:1. go to C:\WINDOWS\system32\drivers\etc2. Find a file named "HOSTS"3. Open this file in notepad4. Under "127.0.0.1 localhost" Add 127.0.0.2 www.xyz.com , Now www.xyz.com site will no longer be accessible. You can add as many url of websites under this by increasing last no. of ip as 127.0.0.3 www.abcxyz.com127.0.0.4 www.xyzas.com...

Read More

NMAP Tutorial

I think everyone in the security field known this popular tool, recently evolved into the 5.x series. Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are...

Read More

Websecurify - Free Web Application Vulnerability Scanner

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Websecurify is an integrated web security testing environment, which can be used to identify vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated...

Read More

Cross Site Scripting

Previously I wrote about the OWASP top 10 vulnerabilities. However my GURUJI asked me to post each topic individually.Cross Site Scripting Robert ‘rsnake’ Hensen is considered as Guru of XSS .Lets learn about what the XSS is Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Cross-site scripting holes in general can be seen as vulnerabilities which allow attackers to bypass security mechanisms....

Read More

OWASP Top Ten 2010 Web App Risks

"OWASP was started in September 2000 with its mission to create an open source community where people could advance their knowledge about web application and web services security issues by either contributing their knowledge to the education of others or by learning about the topic from documentation and software produced by the project. At the time the web application security market was just emerging and certain vendors were pedaling some significant marketing claims around products that really only tested a small portion of the problems...

Read More

Stratiform Makes Tweaking Firefox’s Looks Simple

Usually, changing your Firefox browser's looks requires a CSS tweak, an about:config switch, or specialized downloads. Stratiform is an all-in-one add-on that offers a variety of button, toolbar, and other visual element switches. Try out new themes and switch back without any hassle. As Stratiform's developer notes, these...

Read More

How to Trace Mobile Phone Numbers

Today in India (Not only in india ) everyone from child to older man is having mobile phones. with the rapid growth if mobile phone usage in recent years, we have often observed that the mobile has become a part of many illegal and criminal activities. So in most cases tracing a mobile number is became a vital part in the investigating process. Also sometimes we just want to trace a mobile number for reasons like prank calls and blackmails and missed...

Read More

Motivational Lines

Koshish Karne Walon Ki Har Nahin HotiLahron Se Dar Kar Nauka Par Nahin HotiKoshish Karne Walon Ki Har Nahin HotiNanhi Chiti Jab Dana Lekar Chalti HaiChadhti Deewaron Par Sau Bar Phislati HainMan Ka Viswas Ragon Mein Sahas Bharta HainChadhkar Girna Girkar Chadhna Na Akharta HainAkhir Uski Mehnat Bekar Nahin HotiKoshis Karne Walon Ki Har Nahin HotiDubkiyan Sindhu Mein Gotakhor Lagata HainJa Jakar Khali Haath Laut Aata HainMilte Nahin Sahaj Hi Moti Gahre Pani MeinBadhta Dugna Utsah Isi Hairani MeinMuthi Uski Khali Har Bar Nahi HotiKoshis Karne Walon...

Read More