background preloader

InterN0T - Underground Security Training

InterN0T - Underground Security Training

http://forum.intern0t.org/forum.php

Malicious Linux Commands - From (This article was originally published in Ubuntu Forums but was removed there. Ubuntuguide feels that knowledge about these risks is more important than any misguided attempts to "protect the public" by hiding their potential dangers or protect the (K)Ubuntu/Linux image. The original article has therefore been re-created (and subsequently edited) here.) ATTENTION: It is worthwhile to have some basic awareness about malicious commands in Linux. Top 10 Web hacking techniques of 2010 revealed Network World - A Web hack that can endanger online banking transactions is ranked the No. 1 new Web hacking technique for 2010 in a top 10 list selected by a panel of experts and open voting. Called the Padding Oracle Crypto Attack, the hack takes advantage of how Microsoft's Web framework ASP.NET protects AES encryption cookies. FROM THE SECURITY WORLD: Quirky moments at Black Hat DC 2011 If encryption data in the cookie has been changed, the way ASP.NET handles it results in the application leaking some information about how to decrypt the traffic.

Go Hacking - StumbleUpon Need to hack someone’s Facebook password? Well, you’re at the right place! In this post I’ll show you some of the possible ways to hack Facebook password. Also, at the end of this post, I will be discussing Read More Google Dorks cache: If you include other words in the query, Google will highlight those words within the cached document. For instance, [cache:www.google.com web] will show the cached content with the word “web” highlighted. This functionality is also accessible by clicking on the “Cached” link on Google’s main results page.

How to Crack the Account Password on Any Operating System - Joe Tech - StumbleUpon This guest post was written by Blair Mathis from LaptopLogic.com – your premier source for the latest laptop software news and best laptop accessories. Computer passwords are like locks on doors – they keep honest people honest. If someone wishes to gain access to your laptop or computer, a simple login password will not stop them. Most computer users do not realize how simple it is to access the login password for a computer, and end up leaving vulnerable data on their computer, unencrypted and easy to access. Are you curious how easy it is for someone to gain access to your computer?

Google hacking Basics[edit] The following search query will locate all websites that have the words "admbook" and "version" in the title of the website. It also checks to ensure that the web page being accessed is a PHP file. filter - The Wireshark Network Analyzer 1.8.0 wireshark-filter - Wireshark filter syntax and reference wireshark [other options] [ -R "filter expression" ] tshark [other options] [ -R "filter expression" ] Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols.

How to use Google for Hacking. Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post I will show how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google. Password crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form .

Short Film of the Day: Stuxnet: Anatomy of a Computer Virus Why Watch? Because we should challenge how we define a film. Most of the shorts featured in this column are either easy to spot as stories or completely experimental. Even when a documentary short is in the spotlight, it tells a clear tale of people doing things. Firesheep - Wikipedia, the free encyclopedia - StumbleUpon The extension was created as a demonstration of the security risk of session hijacking vulnerabilities to users of web sites that only encrypt the login process and not the cookie(s) created during the login process.[3] It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries. Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems).[4] Note that even if they did, it wouldn't actually prevent anyone from using Firesheep, as Firefox contains a hidden setting to disable this blacklist.[5] Countermeasures[edit] HTTPS[edit]

Related: