How to Reset password in Ubuntu ??

There are many reasons you might want to reset a password:

• Someone gave you a computer with Ubuntu installed on it but not the password for the user account.
• You just installed Ubuntu and forgot what password you selected during the installation process.
• You have too many passwords in your life and can't keep track of them all.
• Or you might want to hack in your Friends System.

Well, this tutorial will help you reset your Ubuntu user account password, regardless of what reason you have for resetting it.

First, you have to reboot into recovery mode.

If you have a single-boot (Ubuntu is the only operating system on your computer), to get the boot menu to show, you have to hold down the Shift key during bootup.

If you have a dual-boot (Ubuntu is installed next to Windows, another Linux operating system, or Mac OS X; and you choose at boot time which operating system to boot into), the boot menu should appear without the need to hold down the Shift key. 

From the boot menu, select recovery mode, which is usually the second boot option.  

 

After you select recovery mode and wait for all the boot-up processes to finish, you'll be presented with a few options. In this case, you want the Drop to root shell prompt option so press the Down arrow to get to that option, and then press Enter to select it.

The root account is the ultimate administrator and can do anything to the Ubuntu installation (including erase it), so please be careful with what commands you enter in the root terminal.

In recent versions of Ubuntu, the filesystem is mounted as read-only, so you need to enter the follow command to get it to remount as read-write, which will allow you to make changes:

 #mount -o rw,remount /

If you have forgotten your username as well, type  

#ls /home

That's a lowercase L, by the way, not a capital i, in ls. You should then see a list of the users on your Ubuntu installation. In this case, I'm going to reset Susan Brownmiller's password.

To reset the password, type 

#passwd username

where username is the username you want to reset. In this case, I want to reset Susan's password, so I type  

#passwd susan

You'll then be prompted for a new password. When you type the password you will get no visual response acknowledging your typing. Your password is still being accepted. Just type the password and hit Enter when you're done. You'll be prompted to retype the password. Do so and hit Enter again.

Now the password should be reset. Type 

#exit

to return to the recovery menu.  

 After you get back to the recovery menu, select resume normal boot, and use Ubuntu as you normally would—only this time, you actually know the password! 

Note:
Some people get freaked out about having recovery mode logging you in as root. For more information, read Recovery mode makes me root user. Isn't that a security risk?

Best Website for Learning Wi-Fi Hacking

1.WildPackets   WildPackets Inc, founded in 1990, develops hardware and software solutions that drive network performance, enabling organisations of all sizes to analyse, troubleshoot, optimise, and secure their wired and wireless networks. 

 2.Wireshark  Wireshark is the world's foremost network protocol analyser. It lets you see what's happening on your network at a microscopic level. It is the de facto standard across many industries and educational institutions. 

3.Cracking WEP Using Backtrack: A Beginner’s Guide  This tutorial is intended for user’s with little or no experience with linux or wifi. The folks over at remote-exploit have released “Backtrack” a tool which makes it ridiculously easy to access any network secured by WEP encryption. This tutorial aims to guide you through the process of using it effectively.  

4.How To Crack WEP and WPA Wireless Networks  With the popularity of wireless networks and mobile computing, an overall understanding of common security issues has become not only relevant, but very necessary for both home/SOHO users and IT professionals alike. This article is aimed at illustrating current security flaws in WEP/WPA/WPA2. 

 5.Ethical Hacker Network   The Ethical Hacker Network is the brainchild of Donald C. Donzal of The Digital Construction Company. While looking for information on advancing one’s career in the security arena of IT, he found that there was no single place to find and cross reference information on the numerous credentials now available. Security is the hot topic of the day, and there is a plethora of information out there. Don saw this as an opportunity and launched CSP Mag.  

6.Backtrack-Linux.org   BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.  

7.Wi-foo   Provides a list of tools we commonly use in pentesting wireless networks or just wardriving for fun and no profit. All these tools are covered in the book in sufficient details.  

8.Wirelessdefence.org   Wirelessdefence.org is a collection of 'top tips' for the auditing of 802.11 networks and is an attempt to provide a 'one stop shop' for common tasks encountered by new and forgetful Wireless Security Auditors.  

9.Hacking Techniques in Wireless Networks  This article describes IEEE 802.11-specific hacking techniques that attackers have used, and suggests various defensive measures. It describes sniffing, spoofing and probing in the context of wireless networks.  

10.How To Crack WPA / WPA2  The world has changed since Brandon Teska's original WPA/WPA2 Cracking tutorial was written in 2008. While there are some wireless networks still using WEP, there has been a mass migration to WPA2-AES wireless security. A key reason for this move is 802.11n, which requires WPA2/AES security enabled in order to access link rates over 54 Mbps.

Videos That Will Make You A Master Hacker

Hacking is an art and it isn't easy to learn. Curiosity is the first step towards becoming a hacker, but the path to being a true hacker entails rigorous training and hard work. Here are 200 videos for you to complete your path to hacking!

1. OWASP AppSec USA 2011

These are 48 videos containing talks from various dignitaries at the OWASP AppSecUSA 2011. It would be very interesting for hackers.

2. Open Security Training

Description: Collection of 80 Open Security Training videos "In the spirit of OpenCourseWare and the Khan Academy, OpenSecurityTraining.info is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long. All material is licensed with an open license like CreativeCommons, allowing anyone to use the material however they see fit, so long as they share modified works back to the community. We highly encourage people who already know these topic areas to take the provided material and pursue paid and unpaid teaching opportunities. Those who can, teach."

3. Web application Pen testing

Here are another 82 video tutorials. These will teach you the art of penetration testing using Mutillidae.

4. Defcon

This is the youtube channel where you will find videos from Defcon. These can be very useful in increasing your knowledge in the field of hacking.

5. Hacking Tutorials

This playlist contains eight videos that budding hackers will find useful. It covers important topics like WiFi hacking, SQL Injection, password cracking and others.

6. Public Key Cryptography: Diffie-Hellman Key Exchange

Description: Diffie-Hellman key exchange was one of the earliest practical implementations of key exchange within the field of cryptography. It relies on the discrete logarithm problem. This test clip will be part of the final chapter of Gambling with Secrets!

7. Introduction to Hacking

This hour long tutorial covers the following topics,

- What is Hacking and Who are Hackers
- Legal Questions for "Ethical Hackers"
- Planning an Attack
- Ways to Attack
- Protecting Yourself from Discovery

Google Can Be Used For Hacking Too! Here's How!

  Global search engine giant Google is priceless. We use it on a more than daily basis for all our search needs. Whether you're looking for that fancy word or the location of a good restaurant, you'll get everything with Google search and more. Enough on the good part. Did you know Google has a dark side too? Did you know Google can be used to gain access to confidential information or download free music? Here's how...

1.Hacking Security Cameras!

You might have noticed many security cameras monitoring places like parking lots, college campus, road traffic etc (and yes, some of them work!). Did you know you can use Google to hack into these cameras to view images captured by these cameras in real time. How do you do it? Well simply open the Google search box and type in the following query:

inurl:”viewerframe?mode=motion”

You will get a search result that will give you access to live cameras with full controls (move the camera in all the four directions, perform zoom in and zoom out). The above mentioned query usually gives access to cameras with less refresh rate. In case you're looking for faster refresh rates:

intitle:”Live View / – AXIS”

2.Hacking Personal and Confidential Documents!

You can access an email repository containing personal and confidential documents (CVs for instance) using Google. Simply open the Google search box and type in the following query:

intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”

To access a list of excel documents which contains contact details including email addresses of people:

filetype:xls inurl:”email.xls”

To access documents potentially containing information on bank accounts, financial summaries and credit card numbers:

intitle:index.of finances.xls

3.Gaining Access to Free Stuffs!

If you're looking to download free music, simply enter the following query on Google search box and hit enter:

“?intitle:index.of?mp3 artist name“

If you're looking to download free ebooks:

“?intitle:index.of?pdf book name“

Websites That Hackers Will Love

The two buzzwords, hacking and security have received quite a lot of attention recently. There are many websitses that an independent hacker can go to for information, tools etc. Here are the top eight websites that you can refer to.



1. Hack a day

This website contains news, projects, videos, forums and some other information on hacking, which can all come in handy if you are or want to be a hacker.

2. Security Focus

This website has been running since 1999 and carries information from news to posts by experts and guest columnists, all of them related to security.

3. Astalavista

This website tells you how vulnerable your system is and gives you information on your websites and overall assets.

4. PacketStorm Security

Their tagline says, "What you don't know can hurt you," and they try to avoid just that by bringing news, information and tools that can help protect personal and enterprise ad data.

5. Black Hat

This company has been operating for over 15 years and has been at the forefront of security-related events all around the world. They conduct briefing, training and many other activities.

6. Metasploit Project

This is one of the most popular penetration testing tools, which is used by people all around the world. The software has been created by an open source community along with Rapid7.

7 Insecure.org

This is a website where you can find a list of 125 security tools and various other information ta

8. 2600 Store

This website gives you information on hacking. news and many other useful resources related to hacking.

Android Tools For Hacking!

Hacking requires significant in depth knowledge of everything that abounds the digital world. Tech savvy users like to play around with their smartphones. Android devices are everywhere these days. No wonder, there has been a rampant growth of various hacking tools to exploit/secure the platform. We have compiled a list of 10 awesome Android hacking tools!

1.Hackode

Hackode : The hacker's Toolbox is an application for penetration tester, Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc.

2.androrat

Remote Administration Tool for Android. Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.

3.APKInspector

APKinspector is a powerful GUI tool for analysts to analyse the Android applications. The goal of this project is to aide analysts and reverse engineers to visualise compiled Android packages and their corresponding DEX code.

4.DroidBox

DroidBox is developed to offer dynamic analysis of Android applications.

5.Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

6.zANTI

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety.

7.Droid Sheep

DroidSheep can be easily used by anybody who has an Android device and only the provider of the webservice can protect the users. So Anybody can test the security of his account by himself and can decide whether to keep on using the webservice.

8.dSploit

dSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.

9.AppUse – Android Pentest Platform Unified Standalone Environment

AppSec Labs recently developed the AppUse Virtual Machine. This system is a unique, free, platform for mobile application security testing in the android environment, and it includes unique custom-made tools created by AppSec Labs.

10.Shark for Root

Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump.

Security Tools In Kali Linux 1.0.6

When it comes to security and penetration testing, Kali Linux is the talk of the town. The new version recently arrived and here's what's happening.   
 

Kali Linux comes with over 300 security tools pre-installed. So, it is rather difficult to pick 10 odd as the best. But we gave it a shot and this is what we would come up with.



1. AirCrack

You already know what Aircrack does don't you? Just in case, it cracks WPA or WEP router passwords. In Kali Linux 1.0.6, you have a GUI for Aircrack in the Fern WiFi Cracker, through which you can avoid the command line and still use all the features of Aircrack.

2. Burp Suite

This is an integrated platform that can be put to use for testing the security of web applications. Kali Linux 1.0.6 comes with the free version, which can be upgraded to the professional edition by paying $299 per year.

3. Hydra

This free brute force password cracking tool allows you to attack multiple accounts with a single or a list of passwords.

4. John the Ripper

This password cracker is known for its speed and revered by many as the best in its segment. Well, the new version of Kali comes with Johnny, which is a GUI for this tool. Let's you escape the command line again.

5. Maltego

Find out what or who is connected to what or who. This is what the Maltego tool is used for. It explores links between various sources.

6. Metasploit Framework

Again with the GUI, this time it is Nexpose, which gives you a front end for this well known framework.

7. Armitage

If Metasploit is too complex for you, then Kali 1.0.6 comes with an alternative in Armitage. Try this one.

8. Nmap

This free and open source utility for network discovery and security auditing is famous for its usefulness. But, it is not easy to use this, as you would know if you've watched that hacking seen from the Matrix movies (yes, they really used Nmap). So, you can make use of Zenmap, your trusty sidekick, we mean GUI, for Nmap.

9. Zed Attack Proxy

This is a free and open source penetration testing tool that can be used for finding vulnerabilities in web applications. Just in case you don't want to pay for Burp Suite maybe.

10. Sqlmap

Want to detect any SQL Injection flaws? This is the tool that you would want to use for it.

11. Wireshark

You know what this is. This network protocol analyser features on almost all of our or anyone else's top security tools lists. Kali Linux 1.0.6 comes with this pre-installed.

Hacker Geohot Releases New Hack Tool For Android Devices

Glen Rock native, George Hotz, alias Geohot, a world renowned hacker has now released a new hacking tool for smartphones running Android 4.4.2 KitKat and earlier versions thanks to which users will be able to run more apps, customise their phones to a greater extent, and also possibly speed up the device like never before. The new tool called Towelroot is based on a Linux kernel vulnerability and can root most Android smartphones running an unpatched version of the Linux kernel.

According to the Geek, "The Towelroot tool developed by Geohot (George Hotz) differs from all the standard root methods in that it uses an exploit to root phones. Simply install the APK from Geohot's site and run it." The tool basically bypasses the Android-powered device's system protection to gain root access. The new tool can unlock devices such as the unrooted Galaxy S5 on AT&T and Verizon, the Galaxy Note 3, Galaxy S4, and Galaxy S4 Active all running on the same carriers, claims Geohot.

Recently, Geohot had walked away with a $150,000 bounty prize after he successfully hacked into Google Chrome. According to the International Business Times, Hotz was rewarded by global search engine giant Google for exploiting Chrome at the recently concluded Pwnium 4 security competition. Geohot identified several bugs, including some in default Chrome apps and in the event of Chrome combining with Flash. “We're delighted at the success of Pwnium and the ability to study full exploits. We anticipate landing additional changes and hardening measures for these vulnerabilities in the near future.” Google posted on its Chrome blog. 

Penetration & Hacking Focused Distros

On first thought, it would seem that ethical hackers have everything figured out, their lives are too easy. Why, you ask? Well, they have so many tools out there to make their lives easy. Ok, we are kidding, they have a tough going and lead frustrating lives. It's not easy being a hacker. However, it's true that they do have so many resources at hand to help them out every now and then.

1.Bugtraq

Bugtraq system offers the most comprehensive distribution, optimal, and stable with automated services manager in real time. This distribution based on the 3.2 and 3.4 kernel Generic available in 32 Bits & 64 Bits has a huge range of penetration, forensic and laboratory tools. The systems are available in 11 different languages.

2.Blackbuntu

Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment.

3.DEFT

DEFT Linux is a GNU/Linux live for free software based on Ubuntu , designed for purposes related to computer forensics and computer security.

4.Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.

5.Back Box Linux

BackBox is an Ubuntu-based Linux distribution penetration test and security assessment oriented providing a network and informatic systems analysis toolkit. BackBox desktop environment includes a minimal yet complete set of tools required for ethical hacking and security testing.

6.Gnacktrack

GnackTrack is a Live (and installable) Linux distibution designed for Penetration Testing and is based on Ubuntu. It's based on GNOME. 

Author : Shivam Kotwalia, CodeKill

Learn Wi-Fi Hacking... Here Are 10 Good Websites For You

Well, if you fancy some ethical hacking, it's time you get trained in all its aspects. Here we bring to you 10 websites where you can learn a thing or two about Wi-Fi hacking.

 1.WildPackets

WildPackets Inc, founded in 1990, develops hardware and software solutions that drive network performance, enabling organisations of all sizes to analyse, troubleshoot, optimise, and secure their wired and wireless networks.

2.Wireshark

Wireshark is the world's foremost network protocol analyser. It lets you see what's happening on your network at a microscopic level. It is the de facto standard across many industries and educational institutions.

3.Cracking WEP Using Backtrack: A Beginner’s Guide

This tutorial is intended for user’s with little or no experience with linux or wifi. The folks over at remote-exploit have released “Backtrack” a tool which makes it ridiculously easy to access any network secured by WEP encryption. This tutorial aims to guide you through the process of using it effectively.

4.How To Crack WEP and WPA Wireless Networks

With the popularity of wireless networks and mobile computing, an overall understanding of common security issues has become not only relevant, but very necessary for both home/SOHO users and IT professionals alike. This article is aimed at illustrating current security flaws in WEP/WPA/WPA2.

5.Ethical Hacker Network

The Ethical Hacker Network is the brainchild of Donald C. Donzal of The Digital Construction Company. While looking for information on advancing one’s career in the security arena of IT, he found that there was no single place to find and cross reference information on the numerous credentials now available. Security is the hot topic of the day, and there is a plethora of information out there. Don saw this as an opportunity and launched CSP Mag.

6.Backtrack-Linux.org

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.

7.Wi-foo

Provides a list of tools we commonly use in pentesting wireless networks or just wardriving for fun and no profit. All these tools are covered in the book in sufficient details.

8.Wirelessdefence.org

Wirelessdefence.org is a collection of 'top tips' for the auditing of 802.11 networks and is an attempt to provide a 'one stop shop' for common tasks encountered by new and forgetful Wireless Security Auditors.

9.Hacking Techniques in Wireless Networks

This article describes IEEE 802.11-specific hacking techniques that attackers have used, and suggests various defensive measures. It describes sniffing, spoofing and probing in the context of wireless networks.

10.How To Crack WPA / WPA2

The world has changed since Brandon Teska's original WPA/WPA2 Cracking tutorial was written in 2008. While there are some wireless networks still using WEP, there has been a mass migration to WPA2-AES wireless security. A key reason for this move is 802.11n, which requires WPA2/AES security enabled in order to access link rates over 54 Mbps. 

Author : Shivam Kotwalia, CodeKill

Videos With Tips And Tricks For Kali Linux!

Kali Linux is a relatively new Linux-based distro. But, the sixth edition of the famed hacking distro, Backtrack has already received much praise for its hacking and penetration testing abilities. These videos teach you some neat things that you can do using this powerful operating system!

1. How to Update Kali Linux After System Bootup or Restart

This is the first of a series of videos on Kali Linux Tips and Tricks. As the name suggests, this shows you how to update the new penetration testing Linux-based distro after system bootup or restart.

2.
Install VMware Tools in a Kali Linux

VMware tools can be really useful on Kali Linux. If you don’t know how to get them, then this video will help.

3. Kali Linux ( Install Desktop Cinnamon 2D )

Although Kali Linux uses the GNOME desktop environment by default, you can still install others on it. Watch this video and learn how to get the Cinnamon 2D desktop on Kali Linux.

4. Add Arabic language to Kali Linux

Tips and tricks are sometimes meant for fun only. Getting the Arabic language on your Kali Linux distro may not be very useful, but you can do it for fun!

5. Kali Linux - How to Hack WiFi Tutorial - Sniffing WiFi Networks & Capturing Packets (BackTrack 6)

This video teaches you how you can use Kali Linux to sniff out WiFi networks and capture packets without connecting to them.

6. Hack FB using set ettercap (kali linux)

Want to use Kali Linux to hack into Facebook? Watch this video to learn how to do it.

7. Kali How to Hack WPA WPA2 the Right Way

This is a video demonstration for how you can hack into WPA/WPA2 connections using the Kali Linux distribution.

8. Control remote computer with SET / Pirater un ordinateur (Kali Linux)

This tutorial video shows you how you can control a remote computer. The video is not in English so watch closely!

9. Kali Linux - Security by Penetration Testing Tutorial: Network Discovery with Scapy

This is a tutorial video that teaches you how to use Scapy on Kali Linux for packet formatting, sending and receiving packets etc. 

Author : Shivam Kotwalia , CodeKill

Resources a Hacker MUST work on !!!

Hacking is basically knowing about how things function and knowing why things function the way they do.

Forums For Hackers And Security Professionals

Nobody knows it all, you always learn, you learn from others: never shy away from asking, when in doubt. Forums are ideal learning pads where hackers, both beginners as well as pros go and learn from people better than themselves. There are a countless number of ethical and non ethical hackers readily available to help you out courtesy these forums, encouraging a healthy learning process.

1. Stackoverflow for security professionals

2. http://darksat.x47.net/

3. http://forums.securityinfowatch.com/

4. http://forums.cnet.com/spyware-viruses-security-forum/

5. http://www.hackforums.net/forumdisplay.php?fid=47

Vulnerability Databases And Resources

These databases provide information on recently detected vulnerabilities. These public platforms offer plethora of information for hackers to gain competitive edge with respect to newer vulnerabilities. They can then exploit, avoid or fix the vulnerability according to their needs and ambitions.

6. http://www.exploit-db.com/

7. http://1337day.com/

8. http://securityvulns.com/

9. http://www.securityfocus.com/

10. http://www.osvdb.org/

11. http://www.securiteam.com/

12. http://secunia.com/advisories/

13. http://insecure.org/sploits_all.html

14. http://zerodayinitiative.com/advisories/published/

15. http://nmrc.org/pub/index.html

16. http://web.nvd.nist.gov

17. http://www.vupen.com/english/security-advisories/

18. http://www.vupen.com/blog/

19. http://cvedetails.com/

20. http://www.rapid7.com/vulndb/index.jsp

21. http://oval.mitre.org/

Product Specific Vulnerability Information

These official websites of high-profile vendors provide heaps of information on current and upcoming security flaws and fixes.

22. Red Hat Security and other updates Site: This page lists advisories for all products served by the Red Hat Network. Advisories for Red Hat JBoss Middleware are available on the Software Downloads pages for each product.

23. Microsoft Products Security Bulletin: You can search security bulletins by product or component, and filter results by configuring the release date range with a start and end day.

24. Apache Foundation Products Security Repository: The Apache Software Foundation takes a very active stance in eliminating security problems and denial of service attacks against the Apache HTTP server.

25. Ubunut Software Security Center: Canonical's official website providing Ubuntu specific vulnerabilty information.

26. Linux Security Repository: LWN.net offers several security-related resources, including the security alert database, the vulnerability database, and the weekly edition security page.

Author : Shivam Kotwalia, CodeKill

Network Security Tools For Security Researchers And Penetration Testers To Use

Penetration testing and network security is a pretty vast topic. These tools cover almost every aspect of it.

Network security is one of the biggest buzzwords nowadays. There are a number of security tools available, each with its own unique ability. That said, there are some that you will find on almost every security expert's computer. These are the ones that are the best and should be on your computer too. Here are 30 of the top network security tools, stay tuned for more.

1. Wireshark

This one was known as Ethereal till the summer of 2006. It is an open source platform network protocol analyzer.

Latest release: 26 July 2013, version 1.10.1

2. Metasploit

This is an open source platform that was released in 2004. It can be launched for developing, testing and using exploit codes. While the framework is free and open source, since its acquisition by Rapid7 in 2009, but there are paid editions to it too.

Latest release: 7 December 2012, version 4.5

3. Nessus

This is another one of the most popular network security tools. It is a vulnerability scanner that costs $1,200. It used to be a free and open source application till 2005.

Latest release: 7 May 2013, version 5.2.1

4. Aircrack

This tool used the best cracking algorithms for 802.11 A/b/g WEP and WPA cracking. It is best used to recover wireless keys.

Latest release: 24 April 2010, version 1.1

5. Snort

This is one of the best available network intrusion applications that has its forte in traffic analysis and packet logging on IP networks. Snort itself is free and open source, but SourceFire (the parent company) offers other complimentary products at a price. In addition, it offers its own VRT-certified rules for $499 per sensor per year.

Latest release: 30 July 2013, version 2.9.5.3

6. Cain and Abel

How is this security tool different from others? Well, it’s a Windows only tool, which is very unlike other tools that support Linux and UNIX before Windows. Cain & Abel is a password recovery tool that can handle a number of tasks.

Latest release: 3 December 2011, version 4.9.43

7. BackTrack

If you’re even remotely involved with hacking you would have heard of BackTrack. This is a Live CD Linux distribution that comes from Whax and Auditor. It has a huge suite of security and forensics tools and is known to be the hacker’s distribution.

Latest release: 13 August 2012, version 5 R3

8. Netcat

Want to read data across UDP or TCP network connections? This is the go to tool for most security personnel for this purpose. First released in 1995 by Hobbit, it is one of the most popular security tools. Interestingly, it hasn’t been maintained despite its popularity. Recognising its usefulness, the Nmap Project made a modern version of the tool called Ncat.

Latest release: 20 March 1996, version 1.10

9. tcpdump

This is a network traffic sniffer that lost its popularity to Wireshark. It still have a respectably large user base though.

Latest release: 20 May 2013, version 4.4.0

10. John the Ripper

Compatible with the Linux, UNIX and Mac OS X platforms, this is a commonly used password cracker.

Latest release: 30 May 2013, version 1.8.0

11. Kismet

This tool is a wireless network detector, intrusion detection system and network sniffer that is used quite commonly for wardriving, warflying, warwalking and warskating.

Latest release: 11 April 2011, version Kismet 2011-03-R2

12. OpenSSH/PuTTY/SSH

This is the go to tool for logging into and executing commands on a remote machine.

13. Burp Suite

This is a tool that is used for attacking web applications. The limited version is available for free, while the pro version costs $299.

Latest release: 3 June 2011, version 1.4.01

14. Nikto

This is an open source web server that performs tests against other web servers for multiple items. This includes more than 6,400 potentially dangerous files/CGIs and other checks.

Latest release: 20 February 2011, version 2.1.4

15. Hping

You can use this one to send custom TCP, ICMP and UDP packets and then display replies. The tool was inspired by the ping command but can be used to perform far more controlled probes.

Latest release: 5 November 2005, version hping3-20051105

16. Ettercap

If a man in the middle attack on LAN networks is what you’re looking at then Ettercap is the tool that you need.

Latest release: 22 March 2013, version 0.7.6-Locard

17. Sysinternals

This tool can be used to gain access to a number of small windows utilities that can be used for low-level windows hacking.

Latest release: 4 February 2011

18. w3af

This is a powerful framework that is used for searching and exploiting web application vulnerabilities.

Latest release: 11 October 2011, version 1.1

19. OpenVAS

This is a vulnerability scanner that was forked from Nessus. The last free version of Nessus, before it became a proprietary tool in 2005, was used for this.

Latest release: 17 April 2013, version 6.0

20. Scapy

Interactive packer manipulation, network scanning, packet generating, packet sniffing, are the activities that Scapy excels in. It is a low level tool and you need Python to interact with it.

Latest release: 28 February 2011, version 2.2.0

20. Ping/telnet/dig/traceroute/whois/netstat

This is a basic security auditing tool that is still very useful. You may be ignoring these for other high tech tools, but knowing these is important too.

21. THC Hydra

This is one tool that has been revered for brute force cracking on temote authentication services. The application can manage rapid dictionary attacks against over 30 protocols like https, ftp, http, telnet, smb, a number of databases and others.

Latest release: 23 May 2012, version 7.3

22. Perl/Python/Ruby

Secripting languages allow you to write your own canned security tools. You can also use them to modify existing tools.
no rating Paros proxy (#24, 8)

23. Paros proxy

This is a Java-based web proxy server that can be used for finding out the web vulnerabilities.

Latest release: 8 August 2006, version 3.2.13

24. NetStumbler

This is a Windows tool that can be used for finding open wireless access points. It is free but not open source and is a Windows-only application.

Latest release: 1 April 2004, version 0.4.0

25. Google

You may think that this is a weird choice for a list like this. But you’re wrong. Google’s database can be is recognised as an important security tool by experts and penetration testers everywhere.

26. OSSEC HIDS

This performs log analysis, rootkit detection, integrity checking, time-based alerting and active response. It is also used as a SEM/SIM solution/

Latest release: 16 November 2012, version 2.7

27. WebScarab

This tool records requests and responses that it observes and lets the operator review them in different ways. It is a tool that can expose the functioning of HTTP(S)-based applications.

Latest release: 20 August 2010, version 20100820-1632

28. Core Impact

This tool is considered by many to be the most powerful exploitation tool that is available right now. It is also much more expensive than others though.

Latest release: 8 August 2011, version 12

29. sqlmap

This is an open source penetration testing tool, which can be used in order to automate the detection and exploitation of SQL injection flaws.

Latest release: 11 April 2011, version 0.9

30. TrueCrypt

This is a very useful open source disk encryption system for Mac, Windows and Linux-based systems.

Latest release: 7 February 2012, version 7.1a 

Author :Shivam Kotwalia, CodeKill

Android iBanking Trojan Source Code Leaked Online

Smartphone is the need of everyone today and so the first target of most of the Cyber Criminals. Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat.

The Head of knowledge delivery and business development for RSA's FraudAction Group, Daniel Cohen warned users about the new threat via a company blog on Thursday, that explains everything about the malware app, called iBanking.

iBanking, a new mobile banking Trojan app which impersonates itself as an Android 'Security App', in order to deceive its victims, may intimidate a large number of users as now that its source code has been leaked online through an underground forum.

It will give an opportunity to a larger number of cybercriminals to launch attacks using this kind of ready-made mobile malware in the future.

Since many banking sites use two-factor authentication and transaction authorization systems in order to deal with the various threats, by sending unique one-time-use codes to their customers' registered phone numbers via SMS, but in order to defraud them, cyber criminals have started to create various mobile malware like iBanking to solve their purpose.

According to Security Researcher Daniel Cohen, the iBanking mobile bot is a relative all new to the mobile malware arena, and has been available for sale in the Underground Hacking Marketplace [Forum Link] since late last year for $5,000.

"We first saw the iBanking malware was distributed through HTML injection attacks on banking sites, social engineering victims into downloading a so called 'security app' for their Android devices," said the RSA researchers in a blog post.

In addition, with the iBanking malware, Computer malware is used to defeat the mobile-based security mechanisms used by the banking sites.

"Apart from the server-side source-code, the leaked files also include a builder that can un-pack the existing iBanking APK file and re-pack it with different configurations, essentially providing fraudsters with the means to create their own unique application," added Daniel Cohen.

In addition to SMS Sniffing, the iBanking app allows an attacker to redirect calls to any pre-defined phone number, capture audio using the device's microphone and steal other confidential data like call history log and the phone book contacts. 

During the installation process, the malicious app attempts to Social Engineer the user into providing it with administrative rights, making its removal much more difficult.

"The malware is an example of the ongoing developments in the mobile malware space and we are now seeing the next generation of malicious apps being developed and commercialized in the underground, boasting web-based control panels and packing more data-stealing features," said Daniel and added that 

"The malware’s ability to capture SMS messages and audio recordings, as well as divert voice calls makes step-up authentication all the more challenging as fraudsters gain more control over the OOB device. This highlights the need for stronger authentication solutions capable of validating users’ identities using multiple factors including biometric solutions."

These Days, the malware apps are particularly dangerous as they are often designed to look as authentic as possible and one in five mobile threats are now bots, which is a sign that the complexity of Mobile Malware is increasing.

Author : Shivam Kotwalia, CodeKill

20 Things You Didn't Know About Computer Hacking

20 Things You Didn't Know About Computer Hacking :

1.  Hacker originally meant “one who makes furniture with an ax.” Perhaps because of the blunt nature of that approach, the word came to mean someone who takes pleasure in an unconventional solution to a technical obstacle.

2.  Computer hacking was born in the late 1950s, when members of MIT’s Tech Model Railroad Club, obsessed with electric switching, began preparing punch cards to control an IBM 704 mainframe.

3.  One of the club’s early programs: code that illuminated lights on the mainframe’s console, making it look like a ball was zipping from left to right, then right to left with the flip of a switch. Voilà: computer Ping-Pong!

4.  By the early 1970s, hacker “Cap’n Crunch” (a.k.a. John Draper) had used a toy whistle to match the 2,600-hertz tone used by AT&T’s long-distance switching system. This gave him access to call routing (and brief access to jail).

5.  Before they struck it rich, Apple founders Steve Wozniak and Steve Jobs made and sold “blue boxes,” electronic versions of Draper’s whistle.

6.  Using a blue box, Wozniak crank-called the Pope’s residence in Vatican City and pretended to be Henry Kissinger.

7.  Hacking went Hollywood in the 1983 movie WarGames, about a whiz kid who breaks into a Defense Department computer and, at one point, hi­jacks a pay phone by hot-wiring it with a soda can pull-ring.

8.  That same year, six Milwaukee teens hacked into Los Alamos National Lab, which develops nuclear weapons.

9.  In 1988 Robert T. Morris created a worm, or self-replicating program, purportedly to evaluate Internet security.

10.  The worm reproduced too well, however. The multi­million-dollar havoc that ensued led to Morris’s felony conviction, one of the first under the Computer Fraud and Abuse Act (PDF).

11.  They all come home eventually. Morris now researches computer science at...MIT.

12.  British hacker Gary McKinnon broke into 97 U.S. Navy, Army, Pentagon, and NASA computers in 2001 and 2002.

13.  McKinnon’s defense: He wasn’t hunting military secrets; he was only seeking suppressed government files about space aliens.

14.  According to rumor, agents of China’s People’s Liberation Army attempted to hack the U.S. power grid, triggering the great North American blackout of 2003.

15.  It took IBM researcher Scott Lunsford just one day to penetrate the network of a nuclear power station: “I thought, ‘Gosh, this is a big problem.’”

16.  Unclear on the concept: When West Point holds its annual cyberwar games, the troops wear full fatigues while fighting an enemy online.

17.   Think your Mac is hackproof? At this year’s CanSecWest conference, security researcher Charlie Miller used a flaw in Safari to break into a MacBook in under 10 seconds.

18.  Cyborgs beware: Tadayoshi Kohno at the University of Washington recently hacked into a wireless defibrillator, causing it to deliver fatal-strength jolts of electricity.

19.  This does not bode well for patients receiving wireless deep-brain stimulators.

20.  The greatest kludge of all? Roger Angel of the University of Arizona has proposed building a giant sunscreen in space to hack the planet’s climate.

Author : Shivam Kotwalia, CodeKill

12 Penetration Testing Add-Ons For Firefox

Now you can use your Firefox browser as a penetration testing tool with the help of these amazing add ons! Have a look 

Firefox is not popular only for its open source nature but it can also be turned into a very effective penetration testing tool. Mozilla has its own section for add-ons and all of the following are available. Here they are...

1. FoxyProxy Standard: This advance proxy management add-on for the Firefox internet browser supplements the built-in proxy capabilities of Firefox. The add-on switches the user’s internet connection over one or more proxy servers based on the URL patterns and has many other features as well.

2. Firebug: This tool allows the user to debug and edit JavaScript, HTML and CSS live on a webpage and see the changes take effect. The add-on is useful for analysing JavaScript files for XSS vulnerabilities.

3. Web Developer: This add-on helps in penetration testing by adding various web development tools to Firefox.

4. User Agent Switcher: This add-on is useful if you want to spoof your browser while attacking a network. It places a tool bar on the browser that lets you switch between user agent and browser seamlessly.

5. Live HTTP Headers: The add-on displays live headers for each of the HTTP requests and responses on Firefox. It also allows the user to save header information by a click of a button. It is a really helpful tool for penetration testers.

6. Tamper Data: This add-on is quite similar to the one above, but it brings the added header editing capacity to Firefox. The user can view and then modify HTTP and HTTPS headers and post parameters. You can use it for penetration testing for web applications by modifying the POST parameters. It can also be used to make XSS and SQL Injection attacks.

7. Hackbar: This penetration testing tool for Firefox helps the user in testing simple SQL injection and XSS loopholes through Firefox. In addition, the add-on also has encoding and encryption tools, which can help in testing XSS vulnerability using encoded XSS payloads.

8. Websecurify: This add-on can detect most of the common vulnerabilities in any web applications. It is a complete penetration testing tool that can be added to the Firefox brower.

9. Add N Edit Cookies: As the name suggests, this Firefox browser lets the user add or edit the cookies data for the browser. It is quite useful for penetration testing, especially when trying to perform session hijacks.

10. XSS Me: This add-on helps in detecting XSS vulnerabilities in web applications. It scans all the different forms of a web page and then attacks the pages that qualify with a predefined XSS payload.

11. SQL Inject Me: This one helps in finding SQL injection vulnerabilities in web applications. It displays the vulnerabilities in a web application without exploiting them.

12. FlagFox: This browser adds a country’s flag on Firefox and determines where a web server is located. The add-on also has a web server. 

Author : Shivam Kotwalia, CodeKill

Videos For Hacking Using Python

Python is a favorable programming language for hacking. We bring ten video that will help you in your hacking endeavours... 

Although some question it, many hackers prefer using Python for their work. They feel that this high level programming language has its pros when it comes to hacking. For example, it offers one of the quickest ways to make a socket, interact with a program and make a pad shell code.

Python for Hackers - Networkers Primer (Sockets, Webserver Scapy!)



Python for Hackers - Networkers Primer (Multithreaded Server and the Force of Scapy)



Learn Python Through Public Data Hacking



Programming a Custom Backdoor in Python



Hack of the Day: Wireless SSID Sniffer in 10 Lines of Python



Hacking With Python #1 - What is Brute-Forcing?



Simple Python Virus Tutorial



Hacking DOS binaries using Python – intro



Python : Making A Simple Email Bot



Hack login and admin panels using python script



Author : Shivam kotwalia, CodeKill

The Mask, a malware campaign that remained undetected for 7 Years

A Sophisticated cyber spying operation, ‘The Mask’, that has been under the mask for about 7 years targeting approximately 31 countries, has now been ‘unmasked’ by researchers at Kaspersky Labs.

The Researchers believe that the program has been operational since 2007 and is seems to be sophisticated nation-state spying tool that targeted government agencies and diplomatic offices and embassies before it was disclosed last month.

In the unveiling document published by Kaspersky, they found more than 380 unique victims, including Government institutions, diplomatic offices/embassies, private companies, research institutions, activists etc.

The name "Mask" comes from the Spanish slang word "Careto" ("Ugly Face" or “Mask”) which the authors included in some of the malware modules.

Developers of the ‘Mask’ aka ‘Careto’ used complex tool-set which includes highly developed malware, bootkit, rootkit etc. that has the ability to sniff encryption keys, VPN configuration, SSH keys and RDP file via intercept network traffic, keystrokes, Skype conversation, PGP keys, WI-Fi traffic, screen capturing, monitoring all file operations, that makes it unique and dangerous and more sophisticated than DUQU malware.

The malware targets files having an extension:

*.AKF, *.ASC, *.AXX, *.CFD, *.CFE, *.CRT, *.DOC, *.DOCX, *.EML, *.ENC, *.GMG, *.GPG, *.HSE, *.KEY, *.M15, *.M2F, *.M2O, *.M2R, *.MLS, *.OCFS, *.OCU, *.ODS, *.ODT, *.OVPN, *.P7C, *.P7M, *.P7Z, *.PAB, *.PDF, *.PGP, *.PKR, *.PPK, *.PSW, *.PXL, *.RDP, *.RTF, *.SDC, *.SDW, *.SKR, *.SSH, *.SXC, *.SXW, *.VSD, *.WAB, *.WPD, *.WPS, *.WRD, *.XLS, *.XLSX.

Victims of this malware found in: Algeria, Argentina, Belgium, Bolivia, Brazil, China, Colombia, Costa Rica, Cuba, Egypt, France, Germany, Gibraltar, Guatemala, Iran, Iraq, Libya, Malaysia, Mexico, Morocco, Norway, Pakistan, Poland, South Africa, Spain, Switzerland, Tunisia, Turkey, United Kingdom, United States and Venezuela.

The malware remains untraceable for about 7 years and was able to infect Mac OS X version, Linux, Windows, iPad/iPhone and android running devices.

According to the researchers, the Mask Malware was designed to infect the 32- and 64-bit Windows versions, Mac OS X and Linux versions, but researchers believe that possibly there may be more versions for Android and iPhones (Apple iOS) platforms.

In its main binary a CAB file having shlink32 and shlink64 dll files are found during the research from which the malware extract one of them, depending upon the architecture of the victim’s machine and install it as objframe.dll.

It includes the most sophisticated backdoor SGH, which is designed to perform a large surveillance function and except this it has DINNER module which gets executed via APC remote calls and reload ‘chef’ module responsible for network connectivity and ‘waiter’ modules responsible for all logical operations.

Another backdoor called SBD (Shadowinteger's Backdoor) which uses open source tools like netcat is included in the malware. To infect Linux versions, Mozilla Firefox plugin “af_l_addon.xpi” was used and was hosted on “linkconf[dot]net”

Spear phishing, a favorite attack used by most cyber attackers like SEA, was used to distribute this malware. Users were lured to click some malicious websites that contain a number of exploits to compromise their systems.

Kaspersky research found linkconf.net, redirserver.net and swupdt.com as hosting exploits. These websites don’t infect the visitor, instead attacker hosts the exploit in a folder which cannot be navigated using the web, but they direct the link to that exploit in the phishing email.

To mask the attack into real, attackers use a fake SSL certificate of some unknown company TecSystem Ltd valid since 2010 and sometimes they also use subdomains to mask the attack appear more real; in which they simulate newspaper subsections that may include SPAIN’s main Newspaper, The Washington Post and The Register etc.

Kaspersky had performed this research with more interest due to the reason that the malware has tried to exploit the vulnerability in its product i.e. Workstation products prior version 6.0.4.*, and KAV/KIS 8.0 versions.

“In case of the Careto implant, the C&C communication channel is protected by two layers of encryption. The data received from the C&C server is encrypted using a temporary AES key, which is also passed with the data and is encrypted with an RSA key. The same RSA key is used to encrypt the data that is sent back to the C&C server. This double encryption is uncommon and shows the high level of protection implemented by the authors of the campaign.” they said.

During the research and investigation of this malware, CC servers were found down, which shows that attacker group was monitoring all aspects related to the malware activity. Since there are no identified patterns in these attacks and who is behind these activities is yet a matter of investigation for the researchers out there.

Author : Shivam Kotwalia, CodeKill