Learn Wi-Fi Hacking... Here Are 10 Good Websites For You

Well, if you fancy some ethical hacking, it's time you get trained in all its aspects. Here we bring to you 10 websites where you can learn a thing or two about Wi-Fi hacking.

 1.WildPackets

WildPackets Inc, founded in 1990, develops hardware and software solutions that drive network performance, enabling organisations of all sizes to analyse, troubleshoot, optimise, and secure their wired and wireless networks.

2.Wireshark

Wireshark is the world's foremost network protocol analyser. It lets you see what's happening on your network at a microscopic level. It is the de facto standard across many industries and educational institutions.

3.Cracking WEP Using Backtrack: A Beginner’s Guide

This tutorial is intended for user’s with little or no experience with linux or wifi. The folks over at remote-exploit have released “Backtrack” a tool which makes it ridiculously easy to access any network secured by WEP encryption. This tutorial aims to guide you through the process of using it effectively.

4.How To Crack WEP and WPA Wireless Networks

With the popularity of wireless networks and mobile computing, an overall understanding of common security issues has become not only relevant, but very necessary for both home/SOHO users and IT professionals alike. This article is aimed at illustrating current security flaws in WEP/WPA/WPA2.

5.Ethical Hacker Network

The Ethical Hacker Network is the brainchild of Donald C. Donzal of The Digital Construction Company. While looking for information on advancing one’s career in the security arena of IT, he found that there was no single place to find and cross reference information on the numerous credentials now available. Security is the hot topic of the day, and there is a plethora of information out there. Don saw this as an opportunity and launched CSP Mag.

6.Backtrack-Linux.org

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.

7.Wi-foo

Provides a list of tools we commonly use in pentesting wireless networks or just wardriving for fun and no profit. All these tools are covered in the book in sufficient details.

8.Wirelessdefence.org

Wirelessdefence.org is a collection of 'top tips' for the auditing of 802.11 networks and is an attempt to provide a 'one stop shop' for common tasks encountered by new and forgetful Wireless Security Auditors.

9.Hacking Techniques in Wireless Networks

This article describes IEEE 802.11-specific hacking techniques that attackers have used, and suggests various defensive measures. It describes sniffing, spoofing and probing in the context of wireless networks.

10.How To Crack WPA / WPA2

The world has changed since Brandon Teska's original WPA/WPA2 Cracking tutorial was written in 2008. While there are some wireless networks still using WEP, there has been a mass migration to WPA2-AES wireless security. A key reason for this move is 802.11n, which requires WPA2/AES security enabled in order to access link rates over 54 Mbps. 

Author : Shivam Kotwalia, CodeKill

Network Security Tools For Security Researchers And Penetration Testers To Use

Penetration testing and network security is a pretty vast topic. These tools cover almost every aspect of it.

Network security is one of the biggest buzzwords nowadays. There are a number of security tools available, each with its own unique ability. That said, there are some that you will find on almost every security expert's computer. These are the ones that are the best and should be on your computer too. Here are 30 of the top network security tools, stay tuned for more.

1. Wireshark

This one was known as Ethereal till the summer of 2006. It is an open source platform network protocol analyzer.

Latest release: 26 July 2013, version 1.10.1

2. Metasploit

This is an open source platform that was released in 2004. It can be launched for developing, testing and using exploit codes. While the framework is free and open source, since its acquisition by Rapid7 in 2009, but there are paid editions to it too.

Latest release: 7 December 2012, version 4.5

3. Nessus

This is another one of the most popular network security tools. It is a vulnerability scanner that costs $1,200. It used to be a free and open source application till 2005.

Latest release: 7 May 2013, version 5.2.1

4. Aircrack

This tool used the best cracking algorithms for 802.11 A/b/g WEP and WPA cracking. It is best used to recover wireless keys.

Latest release: 24 April 2010, version 1.1

5. Snort

This is one of the best available network intrusion applications that has its forte in traffic analysis and packet logging on IP networks. Snort itself is free and open source, but SourceFire (the parent company) offers other complimentary products at a price. In addition, it offers its own VRT-certified rules for $499 per sensor per year.

Latest release: 30 July 2013, version 2.9.5.3

6. Cain and Abel

How is this security tool different from others? Well, it’s a Windows only tool, which is very unlike other tools that support Linux and UNIX before Windows. Cain & Abel is a password recovery tool that can handle a number of tasks.

Latest release: 3 December 2011, version 4.9.43

7. BackTrack

If you’re even remotely involved with hacking you would have heard of BackTrack. This is a Live CD Linux distribution that comes from Whax and Auditor. It has a huge suite of security and forensics tools and is known to be the hacker’s distribution.

Latest release: 13 August 2012, version 5 R3

8. Netcat

Want to read data across UDP or TCP network connections? This is the go to tool for most security personnel for this purpose. First released in 1995 by Hobbit, it is one of the most popular security tools. Interestingly, it hasn’t been maintained despite its popularity. Recognising its usefulness, the Nmap Project made a modern version of the tool called Ncat.

Latest release: 20 March 1996, version 1.10

9. tcpdump

This is a network traffic sniffer that lost its popularity to Wireshark. It still have a respectably large user base though.

Latest release: 20 May 2013, version 4.4.0

10. John the Ripper

Compatible with the Linux, UNIX and Mac OS X platforms, this is a commonly used password cracker.

Latest release: 30 May 2013, version 1.8.0

11. Kismet

This tool is a wireless network detector, intrusion detection system and network sniffer that is used quite commonly for wardriving, warflying, warwalking and warskating.

Latest release: 11 April 2011, version Kismet 2011-03-R2

12. OpenSSH/PuTTY/SSH

This is the go to tool for logging into and executing commands on a remote machine.

13. Burp Suite

This is a tool that is used for attacking web applications. The limited version is available for free, while the pro version costs $299.

Latest release: 3 June 2011, version 1.4.01

14. Nikto

This is an open source web server that performs tests against other web servers for multiple items. This includes more than 6,400 potentially dangerous files/CGIs and other checks.

Latest release: 20 February 2011, version 2.1.4

15. Hping

You can use this one to send custom TCP, ICMP and UDP packets and then display replies. The tool was inspired by the ping command but can be used to perform far more controlled probes.

Latest release: 5 November 2005, version hping3-20051105

16. Ettercap

If a man in the middle attack on LAN networks is what you’re looking at then Ettercap is the tool that you need.

Latest release: 22 March 2013, version 0.7.6-Locard

17. Sysinternals

This tool can be used to gain access to a number of small windows utilities that can be used for low-level windows hacking.

Latest release: 4 February 2011

18. w3af

This is a powerful framework that is used for searching and exploiting web application vulnerabilities.

Latest release: 11 October 2011, version 1.1

19. OpenVAS

This is a vulnerability scanner that was forked from Nessus. The last free version of Nessus, before it became a proprietary tool in 2005, was used for this.

Latest release: 17 April 2013, version 6.0

20. Scapy

Interactive packer manipulation, network scanning, packet generating, packet sniffing, are the activities that Scapy excels in. It is a low level tool and you need Python to interact with it.

Latest release: 28 February 2011, version 2.2.0

20. Ping/telnet/dig/traceroute/whois/netstat

This is a basic security auditing tool that is still very useful. You may be ignoring these for other high tech tools, but knowing these is important too.

21. THC Hydra

This is one tool that has been revered for brute force cracking on temote authentication services. The application can manage rapid dictionary attacks against over 30 protocols like https, ftp, http, telnet, smb, a number of databases and others.

Latest release: 23 May 2012, version 7.3

22. Perl/Python/Ruby

Secripting languages allow you to write your own canned security tools. You can also use them to modify existing tools.
no rating Paros proxy (#24, 8)

23. Paros proxy

This is a Java-based web proxy server that can be used for finding out the web vulnerabilities.

Latest release: 8 August 2006, version 3.2.13

24. NetStumbler

This is a Windows tool that can be used for finding open wireless access points. It is free but not open source and is a Windows-only application.

Latest release: 1 April 2004, version 0.4.0

25. Google

You may think that this is a weird choice for a list like this. But you’re wrong. Google’s database can be is recognised as an important security tool by experts and penetration testers everywhere.

26. OSSEC HIDS

This performs log analysis, rootkit detection, integrity checking, time-based alerting and active response. It is also used as a SEM/SIM solution/

Latest release: 16 November 2012, version 2.7

27. WebScarab

This tool records requests and responses that it observes and lets the operator review them in different ways. It is a tool that can expose the functioning of HTTP(S)-based applications.

Latest release: 20 August 2010, version 20100820-1632

28. Core Impact

This tool is considered by many to be the most powerful exploitation tool that is available right now. It is also much more expensive than others though.

Latest release: 8 August 2011, version 12

29. sqlmap

This is an open source penetration testing tool, which can be used in order to automate the detection and exploitation of SQL injection flaws.

Latest release: 11 April 2011, version 0.9

30. TrueCrypt

This is a very useful open source disk encryption system for Mac, Windows and Linux-based systems.

Latest release: 7 February 2012, version 7.1a 

Author :Shivam Kotwalia, CodeKill

Videos For Hacking Using Python

Python is a favorable programming language for hacking. We bring ten video that will help you in your hacking endeavours... 

Although some question it, many hackers prefer using Python for their work. They feel that this high level programming language has its pros when it comes to hacking. For example, it offers one of the quickest ways to make a socket, interact with a program and make a pad shell code.

Python for Hackers - Networkers Primer (Sockets, Webserver Scapy!)



Python for Hackers - Networkers Primer (Multithreaded Server and the Force of Scapy)



Learn Python Through Public Data Hacking



Programming a Custom Backdoor in Python



Hack of the Day: Wireless SSID Sniffer in 10 Lines of Python



Hacking With Python #1 - What is Brute-Forcing?



Simple Python Virus Tutorial



Hacking DOS binaries using Python – intro



Python : Making A Simple Email Bot



Hack login and admin panels using python script



Author : Shivam kotwalia, CodeKill

Here Are The Top 6 Free Legal Hacking Sites

Well, do we really need an intro for this? Go on and get your daily dose of 'legal' hacking!

Not that all hacking is necesserily evil! Hacking is knowing about how things function and knowing why things function the way they do. In their quest to either understand potential attack vectors or simply for the sheer fun of it, there are some basics that they need to know and follow. Before you blindly dive into the world of hacking, make sure you have your basics right!

Here's a list of six best hacking sites to get you started:

1. HellBound Hackers

-Covers an expansive range of topics including ethics, social engineering and phreaking.

-Has a community of almost 50,000 members.

2. Hack This Site

-Provides realistic challenges which allow you to practice your cracking skills in a safe, legal environment.

-Interactive hacking tutorials, with the associated articles and guidance is a treat for potential hackers.

3. Ethical Hacker Network

-Features articles and interviews with key figures in cyber security.

-Provides information on certifications.

4. 2600

-First published in 1984, the 2600 magazine has been the inspiration for several generations of ethical hackers.

5. Hacker Games

-Offers a range of challenges for budding hackers.

-Provides a great, safe avenue for investigating complex security setups.

6. SlaveHack

-This free hacking simulator pits you against thousands of competitors all looking to get one over on you.

Author : Shivam Kotwalia, CodeKill

9 Online Ethical Hacking Tools That You Can Use

A hacker may be a person with deep understanding of computers, but they still use various tools to make their lives easier. Want to be a hacker? An ethical hacker nowadays has tons of job opportunities available for him. This is a result of rising security concerns over almost all your online activities. Here are 9 good tools that you can use for your endeavours. 1. Image Metadata Parser With GPS Location: This tool can track your physical locations using the GPS on your 2. Retrieve Public Information Facebook Users: Use this to get public user information from Facebook users. 3. How to Know My Public IP Address in 4 Steps: Knowing your public IP address is an important step for a hacker. 4. Free Alexa Page Rank Checker: Use this to check the Alexa page rank of websites, yours and other websites as well. 5. Google PageRank Checker and Incoming Links Checker: This is to use the Google Page Rank check for your website. 6. Check Server Header Tool : HTTP Status Code Checker Details: This is to check the server header tool. The value returned shou. 7. Online Whois Lookup Tool: If you want to find out who owns a particular domain or IP address, this would help. 8. Reverse IP Address Domain Check Online Tools: In a reverse IP address or domain check, a particular IP or domain is picked up and other websites associated to the websrver that the IP is pointing to. 9. Website Information Lookup Beta v0.1: This service tries to find out as much information about a website as possible. Author : Shivam Kotwalia, CodeKill

Top Hacking Forums, Tools And Countries That CISOs Must Know!

The chief information security officer (CISO) is one of the most important member of any organisation nowadays.

With security issues online being at an all time high, CISOs have their work cut out for them. In such a situation these websites and resources would come in handy. Forums 1. Hack Forums: This is a good site for both beginner and experienced hackers. Plenty of resources and useful discussions are available here. 2. Hack This Site!: As per the website, "Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project." 3. Hack Hound: Programming, malware analysis, Windows security and server security, you will find all of those topics and more on this one. 4. Binary Revolution Forums: From the website, "HackHound is a community of Security and Programming Enthusiasts who coexist to form a friendly and productive Forum dedicated to providing a fair, safe and enjoyable environment for it's members." Tools 1. Armitage: This is an open source initiative that allows you to identify weak and vulnerable machines in a network with a few clicks only. 2. Hashcat: As a CISO, you should know how important a strong password is. In case you had doubts, this tool will show you how easy hacking a password can be. 3. WiFiTe: This is a cross platform tool written in Python. It helps you determine how weak or strong your wireless network is. 4. Wireshark: Want to sniff over networks and collect data? Wireshark has been reccomended by many a professional. 5. Social Engineer Toolkit: This is another Python-driven tool. This one helps in penetration testing around social engineering. Top Hacking Countries 1. Hungary 2. Italy 3. India 4. Romania 5. China Author : Shivam Kotwalia, CodeKill

25 Resources On Penetration Testing

Penetration testing is the most used methodology by the ethical hackers. Here we bring 25 resources to help you understand the art better! 

Penetration testing, popularly known as 'pentesting', 'pen testing', or 'security testing', is the art of attacking your own or your client's system and networks exactly how a hacker would do. This helps an ethical hacker identify the security glitches, vulnerabilities and exploits. So here's bringing 25 resources to learn more about this method.

General Information

1. SANS Institute Penetration Testing Reading Room

A set of resources on penetration testing trends, written by students as part of their certification requirements.

2. Penetration Testing Directory Project

An independent online directory, which offers direct links for information on penetration testing and related content.

3. Vulnerability Testing Glossary

A comprehensive index of vulnerability and penetration testing terminology published by the University of Oulu, Finland.

Network

4. National Institute of Standards and Technology (NIST)
“Special Document 800-42: Guideline on Network Security Testing”

A US government-issued paper.

5. Information Systems Audit and Control Association (ISACA)
“Network Penetration Testing”

A slide presentation authored by Jack Jones, director of information security at Nationwide.

Web Application

6. SearchSecurity.com

A read on “Web application penetration testing: Best practices”. Provides an overview of the web application penetration testing process.

7. SecurityFocus
Research article on “Five common Web application vulnerabilities”

8. Ethical Hacker Network
Informational article on “How to Break Software”:

Blogs And Opinions

9. PaulDotCom Community Blog

A security community blog with a focus on penetration testing and an array of expert industry contributors.

10. Penetration Testing Directory Project Blog

An ongoing study of the security assessment process, industry and related issues, written by professional pen testers.

11. Spylogic.net

A blog about security and penetration testing, written by a professional pen tester.

12. Security Second Thoughts

A blog about penetration testing and security research written by an independent security consultant.

White Papers, Podcasts and Other Resources

13. Penetration Testing Mailing List

A mailing list for the discussion of issues and questions about penetration testing and network auditing, hosted by SecurityFocus.

14. CISSP White Papers

An index of security and penetration testing white papers maintained by training experts Logical Security.

15. Seven Deadly Penetration Testing Sins

A list of security testing no-no’s published by code analysis providers Matasano Security.

16. PaulDotCom Security Weekly

Videocast of the PaulDotCom audio podcast, which covers a broad array of security and penetration testing issues.

17. Security Training WebCasts

A series of expert videocasts hosted by leading security and testing trainers from SANS Institute.

Methodologies

18. InfoSec Institute

A security training organisation’s blog on practical penetration testing techniques.

19. The Institute for Security and Open Methodologies (ISECOM)

Open Source Security Testing Methodology Manual.

20. Common Criteria Web Application Security Scoring (CCWAPSS)

A comprehensive security scoring method for Web applications.

21. Information Systems Security Assessment Framework (ISSAF)

A security testing methodology published by the Open Information Systems Security Group (OISSG).

22. Penetration Testing Framework

An outline for planning assessments and gathering information relevant to the penetration testing process.

Wireless Penetration Testing

23. SANS Institute

Wireless security training and penetration testing tutorial.

24. PaulDotCom Network Security Projects

Notes from a training course on hacking wireless routers and using them in penetration tests.

25. WirelessDefence.org

A wireless penetration testing framework.
Shivam Kotwalia, CodeKill

12 Steps To Become A Hacker!

CodeKill Group bring to you 12 steps to become a hacker, together with all the books, tutorials and resources that you need to learn in the process. So pack your bags and get set for the journey! 

Hacking is a fascinating field but it definitely isn't easy. Here we have listed 12 of the most important steps essential to become a hacker, together with all the resources that you need for learning.

Here we focus on the skills and attitude needed to become a hacker. Breaking the security system and entering into the system is not the only thing a hacker does. One requires knowledge of a wide variety of subjects and in depth knowledge of programming languages and operating systems. And needless to say, learning is essential in the journey...
Here are the 12 steps:

It is not an easy task to become a hacker. As a hacker, you need to have an attitude and curiosity. Reading the hacking manifesto can teach you the attitude of a hacker. Nurturing the hacker attitude is more about developing competence in the languages rather than having a stereotypical attitude.

Though a lot of people consider that a hacker is a criminal, in real life, they are hired by big companies for protecting information and minimizing potential damage. The act of hacking actually is that of being over-curious and outwitting authority. As a hacker, you should be hell bent on breaching authoritarian rules, secrecy and censorship. Deception is another arsenal which will allow you to dodge the vigilant eyes of authority.

The act of stealing something or doing harm to someone is not hacking. Such people are commonly called crackers in the community. Crackers are involved in illegal activities and we do not recommend you to get involved into such activities.

Step 1: Learn To Program In C

C programming is one of the most powerful languages in computer programming. It is necessary to really master this language. This programming language was invented by Denise Ritchie in between the years 1969 and 1973 at AT&T Bell Labs. C programming will essentially help you divide the task in smaller pieces and these pieces can be expressed by a sequence of commands. Try writing some program on your own by assessing the logic.

Here are 35 ebooks on C programming

Step 2: Learn More Than One Programming Language

When you are trying to become a hacker, it is very important to learn other modern computer programming languages such as JAVA, Perl, PHP and Python. One of the best ways to learn these is by reading books from experts.

Here are 32 free ebooks on JAVA

Here are 24 free ebooks on Perl

Here are 21 free ebooks on PHP

Here are 50 free ebooks on Python

Step 3: Learn UNIX

UNIX is a multi-tasking and multi-user computer operating system that is designed to provide good security to the systems. This operating system was developed by some employees of AT&T in Bell Labs. The best way to learn it is to get into an open-source version (e.g. centos) and install/run the same on your own. You can operate internet without learning UNIX, but it is not possible for you to be an internet hacker without understanding UNIX.

Here are 33 free ebooks on UNIX

Step 4: Learn More Than One Operating Systems

There are many other operating systems apart from UNIX. Windows operating system is one of the most commonly compromised systems, hence, it is good to learn hacking Microsoft systems, which are closed-source systems.

According to the National Vulnerability Database, Microsoft operating systems have a large number of vulnerabilities.

Windows OS installers are distributed in binary, therefore, it is not easy for you to read the code. Binary code is basically the digital representation of text and data that computer understands. However, knowing how programs are written for Windows and how different applications behave on this operating system will help.

One of the recent vulnerabilities of a popular OS was that Java Web Start applications get launched automatically even if the Java plug-ins are disabled. How to be a hacker is about knowing the weaknesses of these operating systems and targeting them systematically.

Step 5: Learn Networking Concepts

The networking concept needs to be sharp when you want to be a hacker.

Understanding how the networks are created is important, however, you need to know the differences between different types are networks. Having a clear understanding of TCP/IP and UDP protocol is a must to be able to exploit the vulnerabilities on world wide web.

Understand what is subnet, LAN, WAN and VPN.

The networking commands to do a HTTP request needs to be on your fingertips. The HTTP protocol, is the gateway through which one enters the internet world. Hence, it is necessary to learn this protocol in order to break the barriers. The hackers often use the HTTP gateway to breach the security of the system and take control over it.

Apache Httpd is one of the most commonly used web servers and knowing in and out of it is going to empower you on any HTTP or other application layer protocol related endeavors.

Also Nmap is a powerful network scanning tool that is used by hackers and security professional across the world to identify vulnerable hosts. However, to effectively start using it you must understand the networking basics.

Step 6: Start Simple: Go Through Tutorials About Hacking

This is the simple and best way to start. Read as many tutorials as possible that are meant for hacking. These articles will give you insight and help you develop the attitude to be a hacker. Some tutorials will initiate you with Nmap, Nessus and SuperScan, some of the hacking programs or tools that hackers generally use. These tutorials are readily available over the internet; Both text and video tutorials are available for you to answer your question how to be a hacker.

Here are some of the video tutorials

Here are some of the text tutorials

Step 7: Learn Cryptography

As an expert hacker, you need to understand and master the art of cryptography. The technology of cryptography and encryption is very important for internet and networking. It is the practice and study of techniques that are used for secure communication in the presence of third parties. The encryption is done for various aspects of information security such as confidentiality of the data, integrity of the data and authentication. Moreover, the technology of cryptography is extensively used in ATM cards, computer passwords and e-commerce. While hacking, these encrypted codes needs to be broken, which is called decryption.

Understand various techniques used for password cracking. There are dozens of tools available to do password cracking, and using it is not hacking. To be expert at hacking its important for you to understand how to create a program that can crack a password from cypher text.

Here are 20 free ebooks on Cryptography

Step 8: Experiment A Lot

This is an important step for setting yourself up as an expert hacker. Setup a laboratory on your own to experiment the learning on the practical applications. A simplest lab will have your computer, however once you advance you may want to add more and more computers and required hardware for your experiments.

It is good to try experimenting on your own computers, where you can rectify if you have done any mistake. Many hackers initially start off by downloading virtual lab applications such as Oracle VirtualBox. You require at least 3 GBs of RAM and a comparatively powerful processor to carry out your hacking experiments. Setting up the virtual machine is crucial, as it will allow you to test virus, applications and different servers without affecting your own PC.

Some of the things you may need to keep in mind when doing experiments

- Keep a backup before any experiment.
- Start small and have check points.
- Know when to stop.
- Document your progress
- Keep improvising
- Automate repetitive tasks

Step 9: Read Some Good Books From Experts

Reading will always enhance your knowledge. Try to read as many books and articles as possible written by the experts in the field field of ethical hacking and enterprise security

Reading a lot about anything related is so important in the world of hacking that you must also consider enhancing your reading speed. If your reading speed is slow, then you may not be able to progress fast in this field. Practice speed reading techniques like skimming, chunk reading etc.

When it comes to reading a lot, it's also important to know that a majority of content on web is not worth your time. Many people use search engine tricks to attract traffic but have little value in it. If you skim through an article within seconds and decide not to read that is going to save you a lot of time for some really well researched content.

Step 10: Go Next Level: Write Vulnerability

Vulnerability of a program is the weakness of the program. It is a good approach to look for the vulnerability of an existing program and share the same with others. In this way you will have the option to collect varied opinions from different sources, enabling you to hone your current skill set.

The examples of computer vulnerabilities include memory safety violation, input validation error, privilege confusion bugs and user interface failure. For instance, Microsoft’s Internet Explorer 11 had the vulnerability bug in its preview version which several hackers exploited.

Identifying a new weakness in any software is the real work any expert hackers would perform.

Step 11: Contribute To Open Source Security Projects

Contributing to an open-source computer security project is a great platform to test your skills. This is not everyone’s cup of tea. Many organizations like Mozilla and Apache offer these types of open source projects. Try to be a part of these projects and add a valuable contribution to the benefit of the community.

Participating in the open source security projects such as anti-spam, anti-virus, firewall and data removals help you augment your dexterity as a hacker. Contribute your vulnerability findings to the global vulnerability databases and give back to the community.

Remember that it does not matter if your contribution is small, as long as you participate and add value it helps.

Step 12: Continue Learning And Keep Listening To Security Talks

The key to success in the hacking career is continuous learning. Reading blogs for hacking available at sites such as hackerfactor blog and IKEA hacker blog; participating in the forums such as hackforums.net and elite hack are great ways to refresh your knowledge as a hacker. The online video forums like TED or TechTalk are good sources to know more about the emergent hacking techniques and technologies that are being deployed. You should also try following the posts of famous hackers such as Adrian Lamo, Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris.

Happy Hacking
Lead Onn.. !!! This World is Yours... !!!

Like Us On Facebook
Shivam Kotwalia, CodeKill

Top 9 Free Hacking Tutorials

CodeKill Group brings to you top 9 hacking tutorials that will help with both basic and advanced level tips! 

Does hacking excite you? If yes, then we bring to you some interesting hacking tutorials. These may not be for those wanting to understand only the concept but for those who want to learn hacking techniques and have gathered some knowledge so far.

1. Hacking Tutorials for Beginners - By BreakTheSecurity.com
The tutorial contains useful posts to help beginners understand the ethics of hacking. It also provides security tips on avoiding adware, windows firewall, online shopping, spyware prevention and so on.

2. How to learn Ethical hacking - By Astalavista.com
The site provides useful information on your devices, websites and assets. The site shows whether or not you’re hack proof.

3. Backtrack Penetration Testing Tutorial
Backtrack Penetration Testing Tutorial is probably the best penetration testing distribution that provides some penetration testing programs that are used in this Backtrack Penetration Testing Tutorial.

4. Introduction to Penetration Testing
The current tutorial teaches you penetration testing, different types of vulnerabilities, security research, payloads, and so on. A useful resource for beginners!

5. Information Gathering with Nmap
The first tutorial to give you a basic walkthrough of a penetration testing! It focuses on information gathering, finding live hosts on the network, port scanning and versions of software that is running on those ports.

6. Simple How To Articles By Open Web Application Security
The tutorial contains numerous how to articles such as how to encrypt a properties file, how to meet verification reporting requirements, how to modify proxied conversations, how to perform a security architecture review at Level 1, how to perform a security architecture review at Level 2 and how to specify verification requirements in contracts, and so on.

7. The Six Dumbest Ideas in Computer Security
The tutorial describes what it considers six dumbest ideas in computer security starting from default permit, Enumerating Badness, Penetrate and Patch, Hacking is Cool, Educating Users, Action is Better Than Inaction , and so on.

8. Secure Design Principles
Understanding the basic principles puts you in a better position to execute particular practices where needed in your own projects. The principle of least privilege specifies that a user or computer program must be granted the least amount of privileges required to achieve a task. The tutorial describes all these principles for the users.

9. 10 steps to secure software The tutorial features some principles for developing secure software recommended by author and security analyst. 

Like Us on facebook
Shivam Kotwalia, CodeKill 

8 Video Tutorials On Hacking

Watch these niche hackers train you in these fun hacking tutorials! 

Hacking is definitely one subject loved by all, the adventure and the mystery hidden in hacking makes every geek feel curious about it. After bringing some interesting tutorials, we now bring to you some interesting hacking videos. We have shortlisted the long duration videos from YouTube...

1. Open Security Training: In the spirit of OpenCourseWare and the Khan Academy, this YouTube channel is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long.

All material is licensed with an open license like CreativeCommons, allowing anyone to use the material however they see fit, so long as they share modified works back to the community. This Youtube Playlist longs almost than 90 hours and is definitely the biggest video based tutorial ever.

2. OWASP AppSec USA 2011: YouTube Playlist containing compilation of OWASP conference highlight in 2011.

3. Defcon: How I Met your Girlfriend: Defcon is one of the most popular hackers conference. The presenters in this conference are well known in the hacking industry. This particular presentation will demonstrate the use of various open source tools for reversing Android Apps, as well as the use of the Android SDK features for pen testing, again including techniques and fast demos. Solutions to app and marketplace security will be covered as well.

4. Defcon: What happens when you steal a hackers computer: Having your place broken into and your computer stolen can be a nightmare. And getting your revenge from the thief who has your machine can be a dream come true. The presenter here experienced both of these when his machine was stolen in Boston and then showed up in Las Vegas 2 years later. He shares some laughs at a lamer's expense, participate in the pwnage, and shows some resulting insights into the implications of certain security decisions.

5. Defcon: Nmap: Scanning the Internet: The Nmap Security Scanner was built to efficiently scan large networks, but Nmap's author Fyodor has taken this to a new level by scanning millions of Internet hosts as part of the Worldscan project. He will present the most interesting findings and empirical statistics from these scans, along with practical advice for improving your own scan performance. Additional topics include detecting and subverting firewall and intrusion detection systems, dealing with quirky network configurations, and advanced host discovery and port scanning techniques. A quick overview of new Nmap features will also be provided.

6. Public Key Cryptography: Diffie-Hellman Key Exchange: Diffie-Hellman key exchange was one of the earliest practical implementations of key exchange within the field of cryptography. It relies on the discrete logarithm problem. This test clip will be part of the final chapter of Gambling with Secrets!

7. Web application Pen testing With Mutillidae: The Mutillidae project was introduced with the intention of using it as a teaching tool and making easy to understand video demos. They have been doing a lot of YouTube video tutorials are compiled on this page.

8. Intro to Scanning Nmap, Hping, Amap, TCPDump, Metasploit: This is the 2nd in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers scanning Nmap, Hping, Amap, TCPDump, Metasploit, etc. 

Like Us on facebook
Shivam Kotwalia, CodeKill

Top 10 Linux Distros For Hackers!

If you're security researcher, you have to use the proper OS for it. Here we bring the best Linux hacking distros... 

Hackers and security researchers need their tools at hand always. Many of them are based on the popular Ubuntu and Debian operating system and come with a number of hacking tools installed.

1. BackTrack 5r3: This is one of the most loved and best known Linux-based hacking distributions. Based on Canonical’s Ubuntu operating system, Backtrack’s logo says, “The quieter you become, the more you are able to hear.” With version 5, the GNOME desktop environment was added along with the usual KDE desktop environment.

2. Nodezero: This is another Ubuntu-based hacking, which is used for penetration testing. Every time you get a patch for bugs in the Ubuntu OS, Nodezero also gets updated.

3. BackBox Linux: This is yet another Ubuntu-based distro being used for hacking. According to the developers, the OS has been designed to create a penetration testing distro that is fast and easy to use. It also gets update with new ethical hacking tools regularly using repositories.

4. Blackbuntu: Ubuntu itself may not be a hacking distro, but there are plenty that are based on it. This distribution comes with categories such as Network Mapping, Information Gathering, Penetration, Vulnerability Identification, Privilege Escalation, Radio Network Analysis, VoIP analysis and more.

5. Samurai Web Testing Framework: This distro lays focus on attacking websites using the best free and open source tools for hacking and attacking. The developers have incorporated four steps into the distribution, including, reconnaissance, mapping, discovery and exploitation.

6. Knoppix STD: From Ubuntu to Debian, Knoppix STD is a Debian based hacking distribution that runs the GNOME, KDE, LXDE and Openbox desktop environments. It has been around for quite a long time now and was amongst the first live distros.

7. Pentoo: This is a live CD that is meant for security testing and is based on Gentoo. It comes with a number of customised tools and kernel from the company. These include a Backported WiFi stack, XFCE4 etc.

8. Weakerthan: This distribution uses the Flufbox desktop environment and is best suited for WiFi hacking because of its many Wireless tools. It is a Debian Squeeze-based distribution that comes with tools for WiFi attacks, Cisco exploitation, SQL Hacking, Web Hacking, Bluetooth and others.

9. Matriux Krypton: After Weakerth4n, this is perhaps the first distribution that is directly based on the Debian OS. It contains an arsenal of 300 security tools and makes for a good choice for ethical hacking, penetration testing, security testing, system and network administration, cyber forensics investigations etc.

10. DEFT: This OS is based on the Linux Kernel 3 along with the Digital Advanced Response Toolkit. It uses WINE in order to run Windows tools Linux and predominantly run with the LXDE desktop environment.

Like Us on facebook
Shivam Kotwalia, CodeKill

24 Great E-Books On Ethical Hacking

We at CodeKill Group bring you a list of 25 great e-books on hacking with links for their free downloads. 

Are you an aspiring hacker who wants to get as much info on hacking from online free ebooks as possible but doesn’t know where to get them? We bring you a list of 24 great e-books on hacking with links for their free downloads. Happy reading!

1. Black Book of Viruses and Hacking : In print for over five years, the book opens a door to answering questions on whether or not it is better to make technical information about computer viruses known or not.

2. The Beginner’s Guide To Hacking Computers Systems : This is a great book for guiding beginners through the basic and advanced steps of hacking. It helps develop user knowledge on various types of hacking including windows, Linux installation & use, Linux hacking, virus programming, malware programming and Trojan programming among other things.

3. Penentration Testing With Backtrack : The book has been written in Packt's Beginner's Guide format and helps the reader gain knowledge of concepts and understand the techniques to perform wireless attacks in your lab.

4. Hacker’s High School : This book is used by over a quarter of a million students every year and is a straightforward, inexpensive quick reference, with content flexible enough to suit the needs of writers in the humanities, social sciences, sciences, health professions, business, fine arts, education, and beyond.

5. Black Belt Hackers And Complete Hacking : The book addresses the fundamental question of what is ethical hacking in its most elementary form and is a great reference book for beginners.

6. Secrets Of Super And Professional Hackers : The book covers hacking scenarios ranging from the merely mischievous to the criminal, the super hacker known as the Knightmare gives step-by-step instructions in meaningful hacking from a personal computer.

7. Dangerous Google Hacking Database and Attacks: The book takes a look into several case studies on dangerous attacks that have been carried out in the past and how these could have been prevented.

8. Internet Advanced Denial of Service (DDOS) Attack : This book sheds light on the complex form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide.

9. Computer Hacking & Malware Attacks for Dummies: This is a book on preventive techniques and examines some great security measures which are present across the world. The great thing is that it has been updated to cover the latest hacks for Windows 7 and the newest version of Linux.

10. G-mail Advance Hacking Guides and Tutorials : Another great book on preventive techniques, the book is a lesson on how to secure Gmail, the world’s most used emailing service.

11. Vulnerability Exploit & website Hacking for Dummies : The book has some brilliant insights into Metasploit, and its commercial equivalent CORE IMPACT. It provides the ultimate ethical hacker's pot of gold — a screenshot of a critical server's command prompt.

12. Web App Hacking (Hackers Handbook): This is a highly successful book and now comes with great insights into web applications, which are now the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users.

13. Security Crypting Networks and Hacking: Now in its second edition, the book offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking.

14. Botnets: The Killer Web Application Hacking: The book is based on real world cases of botnet attacks to underscore the need for action and used public domain tools like OurMon.

15. Hacking Attacks and Examples Test: The book is a step by step on how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites.

16. Gray Hat Hacking and Complete Guide to Hacking: This is an insight into thwarting malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws.

17. Advance Hacking Exposed Tutorials: This book works brilliantly for those looking to finding out about how a fail-safe system was cracked and how one can better protect oneself.

18. 501 Website Hacking Secrets: "This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook. One needn’t say more.

19. Internet Security Technology and Hacking: The book addresses questions on whether hacking attacks are morally justified? Hacking, Counterhacking, and Society is a valuable addition to the library of anyone concerned with the growing number of Internet security issues and intrusions facing society today.

20. CEH Certified Ethical Hacker Study Guide: The books lets you prepare for the challenging CEH Certified Ethical Hackers exam and provides a full coverage of exam topics, real-world examples, and includes a CD with chapter review questions, two full-length practice exams, electronic flashcards and a glossary of key terms.

21. Advanced SQL Injection Hacking and Guide: The book ensures that IT professionals apply security principles in the context of their daily job scope

22. Web Hacking & Penetration Testing: The books serves as an introduction to the steps required to complete a penetration test or perform an ethical hack.

23. OWASP Hacking Tutorials and Web App Protection: The book gives detailing on the different tools for exploitation, about metasploit and armitage.

24. CEH - Hacking Database Secrets and Exploit: This book gets into the latest edition gets into current threats and details the new menace of APT (advanced persistent threats), embedded hacking, database hacking, and significant coverage of mobile devices. 

Like us on Facebook :

Shivam Kotwalia, CodeKill

Five Essential Books For Hackers

Are you ready to jump into the mysterious, adventurous and wondrous world of hacking? Pack your bag with these 5 must read books on hacking!

Hacking has always been one field of mystery and wonders. The idea of penetrating into someone's computer or network either ethically or unethically always sounds interesting and adventurous. While ethical hacking makes use of these programming skills to penetrate into a computer system and determine its vulnerabilities and suggest system changes to make it less penetrable, the non-ethical hackers penetrate into a computer system for mischief.

And with the increasing instances on hacking attacks on organizations, most of the organizations are seeking ethical hackers as their full-time employees or consultants to ensure security of their systems and information, which is making ethical hacking a highly moneymaking profession.

So if you are also an aspiring ethical hacker we bring to you 5 hack books that you must read:

1. Hacking: The Art of Exploitation, 2nd Edition

One of the must read hack books which will guide you through the technicalities of areas like programming, shell code and exploitation. The book works equally well for both beginners and for those with very little knowledge and will make them understand the complexities of the digital security tasks. Written excellently this book will help you in learning all the clever stuff of gaining access to a system. This book is indeed the best buy.

2. The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)

The book covers the complete basics of penetration testing and hacking. The book does not assume that you have any prior hacking knowledge and hence is apt for the beginners. The book provide step-by-step guide on of penetration testing, moving from Information Gathering to Scanning, Exploitation and finally, Report Writing. The book does not deal with individual concepts in-depth but rather provides wholesome picture of hacking.

3. Metasploit: The Penetration Tester's Guide

Th book is based on concepts of Penetration Testing by making use of the open source Metasploit Framework testing. Even if you don't posses any prior knowledge of Metasploit, this book helps you through out. The tutorial-like appeal of the book makes you learn through practicals. Towards the end, the book provides you with an actual penetration test’s simulated version which will help you have a realistic experience.

4. BackTrack 5 Wireless Penetration Testing Beginner's Guide

Instead of just explaining the theoretical concepts, the book puts together fine tuned and easily understandable tutorials. The book has a good mix of basics and high level information and works takes both level of readers together.

5. CEH Certified Ethical Hacker All-in-One Exam Guide

This indeed is one of the best well written books of hacking by now. It gives you crisp and clear explanations with relevant examples along with a humorous touch to give the the dry and brainy subject some light notes. The contents of the book is well organized. Although you might require some basic networking background to extract full benefits from the book.

Shivam Kotwalia, CodeKill

50 More Free Hacking Tools!

Hacking tools are used by security professionals, ethical hacker and crackers alike, on a regular basis.

A couple of days ago CodeKill Group brought you an exhaustive list of 50 hacking tools that are available for free. Now, here are 50 more to take the tally to 100.

Vulnerability Scanners: These are programs that have been designed to asses a computer or network’s vulnerability to attacks. The functionality of these tools varies from one to the other, but they all present a detailed analysis of how vulnerable your system is.

1. Nessus

2. OpenVAS

3. Nipper

4. Secunia PSI

5. Retina

6. QualysGuard

7. Nexpose


Web Vulnerability Scanners: While vulnerability scanners are meant for your system, web vulnerability scanners assess the vulnerability of web applications. The identify the security vulnerabilities that your app may have through various tests.

1. Burp Suite

2. WebScarab

3. Websecurify

4. Nikto

5. w3af


Web Proxies: Proxies were originally created in order to add encapsulation to distributed systems. The client contacts a proxy server in order to request an item that exists on your server.

1. Paros

2. Fiddler

3. Ratproxy

4. sslstrip


Rootkit Detectors: This tool is a file and directory integrity checker. It verifies if a file is trustworthy and informs the user if found otherwise.

1. AIDE (Advanced Intrusion Detection Environment)


Firewalls: You obviously know what a Firewall is. These monitor and control the traffic in your network, whether incoming or outgoing. They are essential security tools that are used by the most novice to the most advanced users.

1. Netfilter

2. PF: OpenBSD Packet Filter


Fuzzers: The concept of fuzzing is usually put to use in order to test the security vulnerabilities of computer systems or in the software that runs on them.

1. skipfish

2. Wfuzz

3. Wapiti

4. W3af


Forensics: This refers to tools that are used for computer forensic. They are used in order to find evidence that is existing in computer systems.

1. Sleuth Kit

2. Helix

3. Malteg0

4. Encase


Debuggers: These are tools that are used in order to write exploits, reverse engineer binary files and to analyse malware.

1. GDB

2. Immunity Debugger


Hacking Operating Systems: These are operating systems that have been designed specifically for hackers. These distros are preloaded with tools that a hacker needs etc.

1. Backtrack 5r3

2. Kali Linux

3. SELinux

4. Knoppix

5. BackBox Linux

6. Pentoo

7. Matriux Krypton

8. NodeZero

9. Blackbuntu

10. Samurai Web Testing Framework

11. WEAKERTH4N

12. CAINE (Computer Aided Investigative Environment)

13. Bugtraq

14. DEFT

15. Helix


Other Hacking Tools: There are also other miscellaneous hacking tools that are often used by hackers. They can’t be put into a particular category, but they are still quite useful.

1. Netcat

2. Traceroute

3. Ping.eu

4. Dig

5. cURL 

Thank You Guys for showing such a great interest.
Happy Hacking 
CodeKill

Best Online Forums On Ethical Hacking

Ethical hacking involves a lot of talent and in depth knowledge of programming. Here are some well-known forums you can turn to for tips.

A great deal of time is invested in designing and developing a software and it only takes a few seconds to destroy it via hacking. It takes only a hacker to pinpoint the loopholes in a well-structured program, so here are some ethical hacking forums that you can turn to for safeguarding your software.

1. Cyber Forums:This is a vibrant and amicable online community focused in hacking, cracking, social engineering along with unique leaks, programs, and tutorials. For details you can visit here

2. Penetration Testing And Cyber Security:This is a good forum for learning Ethical Hacking, Penetration Testing and Cyber Security for Linux, Windows, Network and Mobile Hacking. For details you can visit here

3. HackShark – Secure your fence:This is a congregation and community of hackers. It is sponsored by HackShark and involves bringing down cyber criminals, offering information security solutions, locating security loopholes in networks for them to be repaired. For details you can visit here

4. Pro2Leet: This is another great hacking forum. For details you can visit here

5. Trigamers 3X The Gaming. Game Hacking and Cheating:This forum is good for game hacking, game cheat codes, computer hacking, file editing, programming, sources, tutorials. For details you can visit here

6. Code Flare:This is a community based on hacking, programming, modeling, gaming, and a lot more. For details you can visit < href='http://codeflare.net/">here

7. Saint Andrew’s Paradise:It is for white hat hackers and has the latest and best hacking tools created by its owner and other hackers. For details you can visit here

8. The Windows 7, Programming and Hacking Blog:You can get the latest tools here for hacking, Tutorials, Dumps and much more. For details you can visit here

9. Anonymous Hacking Forum:This is meant for helping people in learning the art of hacking along with its basics for becoming a hacker. For details you can visit here

10. Anonymous Citizens:This site is generally an invitation-only site, but now it permits other users to contribute too. It contains sections on hacking, carding, coding. For further details you can visit here

11. The Unknown:This has a wide range of knowledge for its users. It was earlier called CyberXtreme (CX) and been an online community for some time. It has gaming console hacking, networking, programming/scripting, cellular and more hacking topics. For details you can visit here

12. Security Tricks:This is a website that contains blogs on topics on information security, penetration Testing and computer security. For details you can visit here

13. Prince Asifi – Hacks, Tech, Tricks and Tips:This is a very useful blog focusing majorly on Ethical Hacking, Technology, Blogging, Tricks and Tips and SEO. For details you can visit here

14. Hackcomgam – Hack/Help Forum! [NEW]: The forum helps you in locating new exploits, hacks! It also assists in solving your queries. For details you can visit here 

CodeKill