Trashmail is a Feature-Rich Disposable Email Service @stevelong: That's interesting and worthy. In what context do you use your disposable email service? I only wonder if it would have limited appeal. That being said, an article highlighting how such a service could be used would be very much in be in the vein of LH. @stevelong: Agreed. @drongch: in what context? Generally, anytime I have to supply an email address for a company that has never emailed me before. It works like this: I have a keyword (let's call it "keyword") from spamgourmet. I am signing up to receive coupons from Arbys. The email address I give Arbys is "arbys.5.keyword@spamgourmet.com" Or I could use "roast.beef.keyword@spamgourmet.com" In the first case, the first 5 emails sent to that address are forwarded to me. If I like Arbys, I can go to spamgourmet.com and tell them to let through all emails to that address that originate from arbys.com (these don't count against the "counter"). @stevelong: +1 I've settled for spamgourmet.com and never went back.
Backtrack alternative Xiaopan OS is a small Tiny Core Linux based operating system specific for wireless penetration testing, it comes with the XFE desktop environment, a very lightweight graphical front end, the distribution can run as a live CD, from a USB thumbdrive with Unetbootin or used inside a virtual machine. Numerous wireless card controllers are supported, including Atheros and Broadcom, the most widely used chipsets. As a result of the distribution being based on Tiny Core Linux all of the .tcz precompiled packages available for Tiny Core can be installed in Xiopan using the TCL Appbrowser, non hacking utilities like games, media player, CD burner, VoIP software and Truecrypt can all be optionally added to Xiopan OS. Wifi hacking Linux distribution Xiaopan This Linux live CD is first class penetration testing tool to audit wireless access points security and replaces Beini, a very similar distribution no longer active. Xiaopan Linux WPA2 hacking Visit Xiaopan OS homepage
TOR Exemple d'un réseau TOR Tor est un réseau permettant de vous rendre "anonyme" sur internet, son fonctionnement se fait en transmettant les informations via une multitudes d'ordinateurs avant d'accéder a l'ordinateur demandé. Votre PC (le PC A) va demander une page web. Au lieu de se connecter au serveur directement, il va ici passer par un PC B qui lui demandera l'information à un PC C et ainsi de suite. L'ordinateur final, disons un ordinateur D va demander la page au serveur (par exemple Google.fr) et la retransmettre au PC C et ainsi de suite pour revenir au PC A qui recevra la page demandée, toutes les informations sont chiffrées. Nous aurons donc une communication du genre :A demande à B qui demande à C qui demande à D qui demande à Google Et ensuite :Google envoie à D qui envoie à C qui envoie à B qui vous envoie la page à vous (A) Autre exemple d'un réseau TOR Tor est un logiciel libre (sous licence BSD). Tor sous Windows Ne vous attendez pas à une vitesse de navigation supersonique.
Linux and Open source Understanding Nmap Commands: In depth Tutorial with examples Article by James Hawkins As we all know, Nmap (Network Mapper) is a stealth port scanner widely used by network security experts (including forensics & Pen-testing Experts). In this article we’ll see the different types of Nmap Scans, its techniques, understanding the purpose and goals of each scan , its advantages or disadvantages over other scanning tools, which could be better at evading firewalls & IDS (To a certain extent) and much more. In this first part, I have made my best to explain the basic scanning techniques, Host discovery options, port scanning options, techniques used in detecting Operating system & services running on the system. i also give Nmap as already installed on your system. Let’s start with one of the most basic and default scan, the one without using any parameters. This is a basic scan of the local IP address 192.168.1.34, we use sudo to gain administrator privileges, and then we give the target to Nmap. Discovery Port scanning options Performing Fast scan:
Stealthy – Une extension Chrome et Firefox pour accèder à des contenus bloqués Stealthy – Une extension Chrome et Firefox pour accèder à des contenus bloqués Si vous êtes encore à la recherche d'un moyen d’accéder à des contenus qui vous sont bloqués, je vous invite à tester Stealthy, une extension pour Chrome et Firefox développée par la société du même nom qui permet de se connecter au net en passant par des proxys. Le service Stealthy propose avec un forfait payant des points d'accès aux États-Unis (pour Hulu, Pandora, Netflix...etc.) et en Angleterre (pour le player BBC) mais si vous souhaitez simplement masquer votre IP, vous pouvez vous contenter de la formule gratuite qui vous fera passer par tout un tas de proxys du monde entier. L'extension propose une liste d'exceptions qui permet d'indiquer quels sont les sites auxquels vous voulez avoir accès en direct. Evidemment, on ne sait pas forcement qui gère tous ces proxys surtout dans des pays rigolos comme la Russie ou la Chine, donc évitez de faire transiter des données sensibles lorsque vous l'utilisez.
Sybil attack Description[edit] In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence. A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. Evidence shows large-scale Sybil attack can be carried out in a very cheap and efficient way in the realistic system like BitTorrent Mainline DHT. [4][5] An entity on a peer-to-peer network is a piece of software which has access to local resources. A faulty node or an adversary may present multiple identities to a peer-to-peer network in order to appear and function as multiple distinct nodes. Prevention[edit] See also[edit] Ballot stuffing References[edit]
Remove Yourself from All Background Check Web Sites: A Master List Indeed. Seems rather counter-intuitive to have to hand over your license, with your date-of-birth, address, hair color, eye color, height and organ donor status just to get a corporation to scrub your date-of-birth, address, hair color, eye color, height and God knows what else from their records. Very true. And even if you contacted all these sites by yourself, it seems like you are just confirming that its you and your information displayed are somewhat related. Just limit your information you post on the internet and once it's out there it's probably useless to contact them to remove it for you unless you are a friend with Lulzsec or Anonymous. Check out the above comment [lifehac.kr] - Seems they get a lot of data from sources one would think are private, so limiting things like your postings to Lifehacker isn't really going to help (Edit: Shortened URL) Yup, it is true.
trustedsec/social-engineer-toolkit Rendre vos photos Facebook impossible à télécharger Le partage de vos photos avec vos amis sur Facebook est pratique ! Seulement, il peut devenir aussi problématique que de la mauvaise herbe. Si vous êtes un brin paniqué par une diffusion intempestive, jetez un oeil à la solution de McAfee. Entre les paramètres de confidentialité confus de Facebook et ce que nous appellerons poliment des photos compromettantes, c’est à vous rebuter de poster autre chose qu’un cliché de Médor. L’application développée par l’expert en sécurité McAfee est un outil avec un excellent potentiel de protection. Saoul et dansant sur la table d’un bar ? L’application devient plus intéressante grâce à sa fonction empêchant de télécharger l’image. L’outil sera disponible à la fin du mois et surtout gratuitement !
Software >> sslstrip This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below. Requirements Python >= 2.5 (apt-get install python) The python "twisted-web" module (apt-get install python-twisted-web) Setup tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 (optional) sudo python . Running sslstrip That should do it. How does this work? First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. At this point, sslstrip receives the traffic and does its magic. Development The current development branch can be found on github.