

How to Hack Using JavaScript (XSS, Brute Force, BeEF)
Similar to Metasploit, BeEF is a framework for launching attacks. Unlike Metasploit, it is specific to launching attacks against web browsers. In some cases, we will be able to use BeEF in conjunction with Metasploit to launch particular attacks, so I think its time for us to become familiar with it. BeEF was developed by a group of developers led by Wade Alcorn. Built on the familiar Ruby on Rails platform, BeEF was developed to explore the vulnerabilities in browsers and te


Hack windows 7 by using Armitage and Ettercap DNS_Spoofing
#armitage #spoofing #hacking #exploit

Uber Hack Challenge
Last year we launched a private, beta bug bounty program for over 200 security researchers. They found nearly 100 bugs — all of which have been fixed, helping to improve security at Uber. So today we’re excited to announce our official bug bounty program. Payouts will go up to $10,000 for critical issues. We’ve also created a first of its kind loyalty reward program that is designed to encourage members of the security community to dig deep, helping Uber to deal with even the


10 Best Android Hacking Apps
In this post we write about download best android hacking apps for your android smart phones. Now days you see pc and mobile distance is almost nill. You can do everything with your android mobile smart phones that can your pc do. Android Mobiles can also run penetration testing and security test from hacking android apps. If you really want to see what is hacking and if you are a security analyst download these amazing hacking android apps in your phone. 1. WiFi Kill WiFi Ki


STUXNET: The Virus that Almost Started WW3
Stuxnet is a malicious computer worm believed to be a jointly built American-Israeli cyber weapon. Although neither state has confirmed this openly,[2] anonymous US officials speaking to the Washington Post claimed the worm was developed during the Obama administration to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents. Stuxnet specifically targets PLCs, which allow the automation of electromechanical processes such as those us

Creating a Backdoor Using Meterpreter
So, Let’s Start; You can either start the Metasploit framework from the Applications menu or from the command line. To launch Metasploit from the Applications menu go to Applications -> BackTrack -> ExploitationTools -> Network ExploitationTools -> msfconsole Type in: msf > use exploit/windows/smb/ms08_067_netapi First, we exploit the remote system. And now we will give the “ps” command to see the Process List. As soon as we type this command, the Process List is displayed on

Finding a Zero-Day Exploit
Zero-days are found in exactly the same ways as any other kind of hole. What makes a security hole a "zero day" relies exclusively on who is aware of the existence of the hole, not on any other technical characteristic. Holes are found, usually, by inquisitive people who notice a funky behaviour, or imagine a possible bug and then try out to see if the programmer fell for it. For instance, I can imagine that any code which handles string contents and strives to be impervious

Client Side Exploits in Metasploit
As we have already discussed, Metasploit has many uses and another one we will discuss here is client side exploits. To show the power of how MSF can be used in client side exploits we will use a story. In the security world, social engineering has become an increasingly used attack vector. Even though technologies are changing, one thing that seems to stay the same is the lack of security with people. Due to that, social engineering has become a very “hot” topic in the secur

Custom Reverse Shell Backdoor for WIN/LIN/MAC
Python in penetration testing and you may use or tune the code for a real world case. Plus you will be aware of the effectiveness of client-side attack and the importance of programming your own weapon where other tools will fail in such a tough scenario. Example of how this works: Attacker Machine
>IP address : 10.0.2.15/24
>OS: BackTrack 5 R3
>Python Version: 2.6 Victim Machine
>IP address : 192.168.1.15/24
>OS: Windows 7 SP1 32 bit
>Zone Alarm Firewall and anti-virus


Java Malware Exploits & Vulnerability
A security researcher walked through some of the methods used by Flashback malware to highlight the different types of Java vulnerabilities developers are exploiting. What exactly is Flashback?
Flashback is a form of malware designed to grab passwords and other information from users through their Web browser and other applications such as Skype. A user typically mistakes it for a legitimate browser plug-in while visiting a malicious Web site. At that point, the software inst