background preloader

Technics

Facebook Twitter

PlaceRaider, un malware pour smartphone vraiment effrayant. Avec l'explosion du marché des smartphones, les malwares et autres virus se sont, eux aussi, développés.

PlaceRaider, un malware pour smartphone vraiment effrayant

How to Use Google as a Proxy Server. You can use various Google services as proxies to access web pages, documents and other files that are other blocked at your workplace.

How to Use Google as a Proxy Server

If you have trouble accessing a web page either because the website is blocked at your workplace, or because that page happens to be behind a paywall, there are a couple of undocumented Google proxy servers that may help you read that page. When you access any page via one of these Google proxies, the content of that page gets downloaded on Google servers and then served to you. The lesser-known gmodules.com proxy, discussed later, will even allow you to download documents, videos and other web files that are otherwise blocked. 1.

DEF CON® Hacking Conference - The Hacker Community's Foremost Social Network. No Starch Press. Find broken links on your site with Xenu's Link Sleuth (TM) Find broken links on web sites Wikipedia article about Xenu's Link Sleuth Description Xenu's Link Sleuth (TM) checks Web sites for broken links.

Find broken links on your site with Xenu's Link Sleuth (TM)

Link verification is done on "normal" links, images, frames, plug-ins, backgrounds, local image maps, style sheets, scripts and java applets. It displays a continously updated list of URLs which you can sort by different criteria. iOS apps can be hijacked to show fraudulent content and intercept data. A large number of apps for iPhones and iPads are susceptible to hacks that cause them to surreptitiously send and receive data to and from malicious servers instead of the legitimate ones they were designed to connect to, security researchers said on Tuesday.

iOS apps can be hijacked to show fraudulent content and intercept data

Researchers from Israel-based Skycure stumbled on the problem when they observed their own app redirecting to a wrong address. The team soon discovered that they could make many other apps exhibit the same behavior. As a result, apps that display news, stock quotes, social media content, or even some online banking details can be manipulated to display fraudulent information and intercept data sent by the end user. After an app has been tampered with once, it will continue to connect to the hacker-controlled server for an extended period of time, with no outward indication it is doing so.

Blackhat Arsenal 2012 Releases: Tenacious Diggity – New Google Hacking Diggity Suite Tools. The Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks.

Blackhat Arsenal 2012 Releases: Tenacious Diggity – New Google Hacking Diggity Suite Tools

This project page contains downloads and links to our latest Google Hacking research and free security tools. Defensive strategies are also introduced, including innovative solutions that use Google Alerts to monitor your network and systems. The awesome Google Diggity Project Duo during the Interview Session New tools released at Arsenal: AlertDiggityDB – For several years, we’ve collected vulnerability details and sensitive information disclosures from thousands of real-time RSS feeds setup to monitor Google, Bing, SHODAN, and various other search engines. DEF CON 20 (2012) - Tenacious Diggity (Full Video) - 29July2012. Drive-by download. Drive-by download means two things, each concerning the unintended download of computer software from the Internet:

Drive-by download

Sybil attack. Description[edit] In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence.

Sybil attack

Steghide. Brico-wifi.

Tools

NoScript. JonDoFox – Surfez l’esprit tranquille ! JonDoFox – Surfez l’esprit tranquille !

JonDoFox – Surfez l’esprit tranquille !

Si vous êtes du genre parano, sachez qu'il existe une application qui s'appelle JonDoFox qui ajoute à Firefox (y compris la nouvelle version, Firefox 6), un nouveau profil et des extensions, qui protègent la vie privé de la personne qui s'en sert. Vous ne donnerez plus d'informations permettant de vous identifier à votre insu.

Évidemment, pour être 100% "John Doe", il faut utiliser en plus un petit TOR ou un truc comme ça histoire de masquer aussi votre IP. Bugmenot.com - login with these free web passwords to bypass compulsory registration. Top 10 Linux Security Tools. 1. nmap – Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Nmap runs on most types of computers and both console and graphical versions are available. 2. Top 100 Network Security Tools. Is Classy - jtimberman's Code Blog. Fact: GitHub is classy.

Is Classy - jtimberman's Code Blog

This isn’t just because Scott Chacon works there, either. Their handling of a security issue today was very professional. That said, I have some words to say about the issue itself and the aftermath, and things you as an application developer can do to help, and to avoid this kind of problem. Cheat Sheets. Authentication Ensure all entities go through an appropriate and adequate form of authentication.

Cheat Sheets

All the application non-public resource must be protected and shouldn't be bypassed. For more information, check Authentication Cheat Sheet Session Management Use secure session management practices that ensure that users authenticated users have a robust and cryptographically secure association with their session. A Tumblr of Rogues. So where are they lurking nowadays? They are still using the SEO-poisoning method, of course. They do need to gain some visibility after all. InSync – Une copie de sauvegarde. InSync – Une copie de sauvegarde InSync est un petit soft dispo sous Mac, Windows et Linux qui permet de synchroniser avec un répertoire sur votre disque dur, tous vos Google Documents.

Defense

Cryptography. BotNet & Virus. Captcha. CellPhones. Psswd. Serials. Anonimity & Privacy. External. Network. Site. Ophcrack. Hacking Basics. This tutorial is for information purposes only, and I do not endorse any of the activities discussed within this guide.

I nor anyone hosting this guide can be held responsible for anything you do after reading this. What you do with your day lies on your shoulders. Here with I am creating an Index.. 1. Learn How to Hack Learning how to hack is simple. 2.Cracking commercial quantum cryptography secure communicating boxes with their internals exposed, Alice and Bob .

Fiabee. If you use cracked version, it simply won't work, so please do not rely on those testing results. Cracked version will silently quit without any messages. VMLite VNC Server allows you to remotely view and control your android phone or tablet from a desktop computer or from another mobile device using the popular VNC protocol. This app works on rooted and non-rooted android devices. However, for non-rooted devices, every time after turning the device completely off and on, you will have to connect your device to a Windows PC or Mac using a USB cable, then run a free desktop program, VMLite Android App Controller, to start the server on your device. Once the server is started, you can disconnect your device. DroidSheep – Le vol de sessions non chiffrée est désormais possible sur Android.

DroidSheep – Le vol de sessions non chiffrée est désormais possible sur Android Vous vous souvenez de Firesheep (et son remède Blacksheep) ? How to Unlock a Computer Without a Password Reset Disk. How to use Google for Hacking. Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post I will show how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google. 1.

HakTip - DEFCON 19: Android Botnets. Prime – Un outil pour modéliser votre réseau local. Prime – Un outil pour modéliser votre réseau local Si vous vous êtes donné pour mission de revoir tout votre réseau à la maison, c'est peut être le moment d'utiliser les bons outils. Par exemple, Prime, un soft java qui permet de modéliser son réseau local et ainsi ne pas oublier les petits détails qui vont vous faire revoir toute la config ou générer des conflits d'adresse IP.

L'outil est gratuit, encore imparfait pour certaines choses mais multi OS et très simple à utiliser. Artillery – Un nouvel outil pour protéger vos serveurs. NoScript Anywhere pour Firefox Mobile. NoScript Anywhere pour Firefox Mobile L'extension Firefox NoScript, qui permet de bloquer de manière sélective le java, javascript et le flash afin qu'il ne s'exécute pas sans votre permission, est maintenant disponible en version alpha pour Firefox Mobile . Baptisée NoScript Anywhere, cette version protège aussi des failles XSS et des techniques de Clickjacking. Le truc sympa avec cette version pour Firefox Mobile (Maemo et Android), c'est que vous pouvez très bien créer vos règles complexes, listes blanches et listes noires sur la version "non mobile" de NoScript. Hacking de télévision… On n’a pas fini de se marrer. Hacking de télévision… On n’a pas fini de se marrer. Les téléviseurs connectés, c'est de la balle ! On peut mater Youtube, accéder au net et bien sûr se faire pirater bien profond !