How to secure your system from Keyloggers | AMANAHAD Tech

Now a days keylogger is major problem for all.  So we should learn to secure our computer from keylogger.    This article will help for ethical hackers or who want to protect their pc.


What is Keylogger?


Keylogger is one of spyware which will what type you through the keyboard and send it to hacker who send the keylogger. Hackers mainly use keyloggers to steal your passwords, credit card numbers and other confidential data.  So whenever you type the username and password in gmail,online banking sites, it will send the username and password to hacker. 







How to Protect?



In order to provide security for your system,you must have


Good AntiVirus:
This is basic and best step to protect your system from keylogger.  So buy a licensed and best antivirus which is currently in market.  My suggestion is Kaspersky, Norton or Mcafee.  Don't forget to update regularly.
Note: Don't use trial or cracked pack ,it is worthless to use.

Good Spyware:
Since keyloggers are basically spywares, if you are a frequent user of Internet then you could be exposed to thousands of keyloggers and spywares. So you should use a good antispyware such as NoAdware.




Antilogger can be Handy

Antiloggers are programs that detect the presence of keyloggers on a given computer. Zemana Antilogger is the best antilogger.

Online Scanning

When ever you receive a suspicious file, you scan it with online scanners such as Multi engine antivirus scanner which scans your file with 24 antivirus engines and reports it back to you if the file is recognized as a virus or spyware. This ensures that none of the malicious programs can escape from being detected as there are 24 different antivirus engines are involved in the scanning process.

Keyscrambler

Keyscrambler is one of the best protection against keyloggers that you can have, Keyscrambler is a small program which encrypts your typed keystrokes so even if the victim has installed a keylogger on your system, he or she will get encrypted keys. Keyscrambler currently supports Firefox, Internet explorer and other applications, however its premium version supports more than 160 applications 

by Triple A A-@-A

Publisher: Unknown - 13:26

Hacking Tutorials For Beginners | AMANAHAD Tech

Hacking Tutorials For Beginners

Hi, are you searching for hacking tutorials?! You have come to right place.  I've listed the posts that helpful for beginners to understand the Ethical hacking.

Before reading these tutorials, make you sure that you have good knowledge in computer and internet related topics.

Hacking Tutorials For Beginners
Read the Discliamer
Introduction to Hacking
How to become Ethical Hacker?
Introduction to Social Engineering
What is Malicious Softwares?
Top 10 Command Promts commands
Different Types of Email Hacking
How to See saved Passwords in Mozilla?
How to Access blocked websites in college or school?
How To Compile C program?
What is Port Scanner?
What is Database?What is SQL injection?
Introduction To Batch Programming
Hacking gmail
Hacking facebook

Security Tips
What is FireWall?
How to secure from Keyloggers
Protect your Email
Avoid Adware
Important facts about Security
What are Symptomps for inected system?
How to use Windows Firewall
Secure Online Shopping
Spyware and Preventions
What you should if you suspect your system is infected
What is password?How it should be?
Simple trick provided by gmail to know whether your system is hacked or not

I didn't list all topics here. Please visit the main Page for latest posts.

by Triple A A-@-A

Publisher: Unknown - 13:23

A simple trick provided by gmail to know whether your gmail hacked or not | AMANAHAD Tech

Hi friends, today i am going to give small information about Gmail. I do not know whether you know this or not. But it's my service to provide you the hacking and security details. Have you ever see the bottom of the gmail page? Hey wait, after reading this article go and visit. Now go ahead.



You can see in the bottom of gmail like this:

Gmail Bottom screen shot(for security reason striked the ip address)

 It will show the last activity.  So you can come to know from which ip you login last time.  If you click the Details link.  It will show the detailed of session.  It will show List of Ip address you login.  Using this Detail you can come to know whether any other using your gmail ID or not.

If you suppose that find any other using your gmail or you are login any other system, Click the " Sign out all other Session".  This will sign out all other session from other computers.  Then change your password if you want.

by Triple A A-@-A

Publisher: Unknown - 13:22

What is Your Password ? How the Password should be? | AMANAHAD Tech

What is your password ? is your password like 123456, 98654, billgates,yourname,lovername,iloveyou,thankyou?  Then you will definitely  loose your account soon.  The hackers can easily hack your account with much effort.


Your password should be :

• Above 10 letters
• Both uppercase and lowercase letters
• Should use special characters like '&'.
• Should contain Numbers
• Should not Use any names of your lover ,mother,father,etc.
• Should not be usual words like iloveyou,ihateyou,ihateu.
• Should not be your birthday like oct2010.

Consider this tips when you create a password. Secure your password.

by Triple A A-@-A

Publisher: Unknown - 13:21

What should you do if you suspect your system is infected? | AMANAHAD Tech

• Stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information.
• Confirm that your security software is active and current. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall.
• Once your security software is up-to-date, run it to scan your computer for viruses and spyware, deleting anything the program identifies as a problem.
• If you suspect your computer is still infected, you may want to run a second anti-virus or anti-spyware program – or call in professional help
• .Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do to avoid it in the future.

Prevention

• Don't click on a link in an email or open an attachment unless you know who sent it and what it is.Links in email can send you to sites that automatically download malware to your machine. Opening attachments – even those that appear to come from a friend or co-worker – also can install malware on your computer.
• Download and install software only from websites you know and trust.Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
• Talk about safe computing.Tell your kids that some online activity can put a computer at risk: clicking on pop-ups, downloading "free" games or programs, or posting personal information.
• Finally, monitor your computer for unusual behavior. If you suspect your machine has been exposed to malware, take action immediately. Report problems with malware to your ISP so it can try to prevent similar problems and alert other subscribers, as well as to theFTC.

by Triple A A-@-A

Publisher: Unknown - 13:19

What is spyware ? How it comes to your pc? Prevent it | AMANAHAD Tech

Often you can heard a word spyware. Is it important to know about spyware ? Yes!
We are in advanced technology world. Day by day the technology is developing. At the same time crime is also increasing. One of the crime is spyware method.

Spyware:

Spywareis software that resides on a computer and sends information to its creator. That information may include surfing habits, system details or, in its most dangerous form, passwords and login information for critical applications such as online banking. Many spyware programs are more annoying than dangerous, serving up pop-up ads or gathering e-mail addresses for use inspamcampaigns. Even those programs, however, can cost you valuable time and computing resources.
According to a number of sources, the first use of the term spyware occurred in a 1994 posting that made light of Microsoft's business model. Later, the term was used to describe devices used for spying, such as small cameras and microphones. In 2000, a press release from security software provider Zone Labs used the current meaning of spyware for the first time and it's been used that way ever since.

How it comes to ur pc

Often, spyware comes along with a free software application, such as a game or a supposed productivity booster. Once it's downloaded to your computer, the functional element of the software works exactly as promised, while the information-gathering system sets up shop behind the scenes and begins feeding your personal data back to headquarters.



Internet security

The Best way to avoid and remove spywares is installing a best internet security software or spyware remover softwares. Get a original internet security and update it properly. Scan daily your pc using internet security while scanning you better to avoid doing other things in your pc. My advice is use KASPERSKY INTERNET SECURITYfor better security.

other than internet security, you prevent your system from getting infect. Becareful when you download files from websites and mail.

by Triple A A-@-A

Publisher: Unknown - 13:17

How to Make your online shopping secure? | AMANAHAD Tech

Shopping online does carry some risk, but so does shopping at brick-and-mortar stores. At least online shoppers don't need to worry about fender-benders in the parking lot, pick pockets at the mall, or getting the flu from all those fellow shoppers.But the nice thing about shopping online is that by following some basic guidelines you can be reasonably sure you'll have a safe experience.


Secure your PC:

The first thing you need to do is be sure your computer is secure. Trend Micro's education director David Perry, says that "bad guys these days are operating by planting a keylogger on your system that listens in, surreptitiously waiting for you to use your credit card or your bank password so that they can steal your money." So, even if you're dealing with a legitimate merchant, you're at risk if your computer is infected. Your best protection from these attacks is to keep your operating system and browsers updated and use a good and up-to-date security program. If you're getting or giving a Netbook or other PC for the holidays, make sure that security software is installed right away. Most security companies offer a free-trial version that will tide you over for a month or so, but be sure to subscribe so you get ongoing protection.


Click with care:
You're going to be getting a lot of offers via e-mail this holiday season. While they might be legitimate, there is the possibility of some offers coming from criminals trying to trick you into giving your password to a rogue site or visiting a site that can put malicious software on your computer. Your best protection is to not click on any links--even if the message looks legitimate--but to type in the merchant's URL manually.

Know the Merchant:

If you're not familiar with the merchant, do a little research like typing its name (and perhaps the word "scam") into a search engine to see if there are any reports of scams. Look for user reviews on sites likeEopinions.com. Look for seller ratings if you locate the merchant through a shopping search engine likeGoogle Shopping.

Pay by credit card:

Credit cards offer you an extra level of protection including the right to "charge back" if you feel you're a victim of fraud. The credit company will investigate your claim and permanently remove the charge if fraud can be proven.

Know the Real price:

Be sure you understand the actual cost of the item, including shipping, handling, and sales tax. That can have an enormous impact on the final price.
Read Policy
The policy, according to the American Bar Association'sSafeshopping.org, should disclose "what information the seller is gathering about you, how the seller will use this information; and whether and how you can "opt out" of these practices."

by Triple A A-@-A

Publisher: Unknown - 13:16

How to use Windows Firewall? | AMANAHAD Tech

Windows Firewall, previously known as Internet Connection Firewall or ICF, is a protective boundary that monitors and restricts information that travels between your computer and a network or the Internet. This provides a line of defense against someone who might try to access your computer from outside the Windows Firewall without your permission.
If you're running Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. However, some computer manufacturers and network administrators might turn it off.

To open Windows Firewall

1.Click Start and then click Control Panel.
2.In the control panel, click Windows Security Center.
3.Click Windows Firewall.


Note You do not have to use Windows Firewall—you can install and run any firewall that you choose. Evaluate the features of other firewalls and then decide which firewall best meets your needs. If you choose to install and run another firewall, turn off Windows Firewall.

How Windows Firewall Works

When someone on the Internet or on a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. You should see a window like the one below.



What Windows Firewall Does and Does Not Do

It does	It doesn't
Help block computer viruses and worms from reaching your computer.	Detect or disable computer viruses and worms if they are already on your computer. For that reason, you should also install antivirus software and keep it updated to help prevent viruses, worms, and other security threats from damaging your computer or using your computer to spread viruses to others.
Ask for your permission to block or unblock certain connection requests.	Stop you from opening e-mail with dangerous attachments. Don't open e-mail attachments from senders that you don't know. Even if you know and trust the source of the e-mail you should still be cautious. If someone you know sends you an e-mail attachment, look at the subject line carefully before opening it. If the subject line is gibberish or does not make any sense to you, check with the sender before opening it.
Create a record (a security log), if you want one, that records successful and unsuccessful attempts to connect to your computer. This can be useful as a troubleshooting tool.	Block spam or unsolicited e-mail from appearing in your inbox. However, some e-mail programs can help you do this.

To know about Firewall more read this

by Triple A A-@-A

Publisher: Unknown - 13:15

What is Firewall -Introduction to Firewalls | AMANAHAD Tech

Introduction to firewalls
   When you use internet in your college/school/offfice , You may not be access some websites, right? Do you know how they block those websites? They use firewalls for block websites. Firewall prevent the system from hackers attack. Lets us what is firewall.

What is Firewall?
     Firewall is working like a security guard standing outside the office. Usually, What the security guard do? He will allow those who has identity card and block those who has not the identity card. Right? Likewise, The firewall will block unauthorized access to the system.
Firewall may be a software or hardware. It will work based on the set of rules defined by the administrator. Using Firewall administrator can block certain website from being accessed.

• All traffic from inside and outside of the network must pass through the firewall.
• Only authorized trafic will be allowed to pass (based on the set of rules)

Types of Fire Walls

•  Packet Filtering
•  Appliction level gate way
•  Circuit level gate way.

Packet Filtering (Network Layer)
A packet filtering router applies a set of rules to each incoming IP packet and then forwards or discards the packets. Router is configured such that it can filter incoming and outgoing packets. The packets will filtered based on the source and destination IP address.
IP spoofing attack is possible in this packet filtering. IP spoofing can be achieved by changing the source IP address of packets.
Stateful Inspection Firewalls
A stateful inspection packet filters tightens the rules of TCP traffic by creating a state table of out bound TCP connection. If the packet matches with existing connection based on the state table, it will be allowed. If it does not match, It will be evaluted according to the rule set for new connections.


Aplictaion Level Gateway
Application level gateway is also known as proxy server. The user communicate with the gateway using application layer of TCP/IP stack. The gateway asks the user for the name of the remote host to be connected. When the user enters valid user ID, gateway will give access to the remote application. This will block the malicious activity and correct the application behavior. This will ensure the safety of company.
More secure than packet filtering. Easy to log and audit all incoming traffic at the application level. Application-level filtering may include protection against spam and viruses as well, and be able to block undesirable Web sites based on content rather than just their IP address

Circuit Level Gateway
The circuit level gateway works at session layer of OSI model. Monitor TCP handshaking between packets to make sure a session is legitimate. Traffic is filtered based on the session rules. Circuit-level firewalls hide the network itself from the outside, which is useful for denying access to intruders. But they don't filter individual packets. This firewall is used when the administrator trusts internal users.

Why Firewall?

•  Firewall block unauthorized users, prohibits vulnerable services from entering or leaving the network.
• Protection from IP spoofing and routing attacks.
•  Protection against Remote login, Trojan backdoors, Session hijacking, cookie stealing,etc.

Limitation of Firewalls

• The fiewall cannot protect against attacks that by pass the firewall.
• The firewall does not protect against internal threats
• The firewall cannot protect against the transfer of virus infected progams (or) files. It would be impossible for the firewall to scan all incoming files, emails for viruses.

by Triple A A-@-A

Publisher: Unknown - 13:13

Most Important things about security Who think they are 100 percentage secure | AMANAHAD Tech

"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards." - Gene Spafford

100 % secure

If you are thinking that you are 100 % percentage, then You may not know the real truth.  Let me explain you how you are not 100 percentage secured.

First of all know 1 thing , a man can not create a 100% secured system.  Whenever there is security,there is also pitfall for that system. 


Some Security DrawBacks :

• In internet Client-side security doesn’t work.
• You can’t exchange encryption keys without a shared piece of information.
• Viruses and trojans cannot be 100 percent protected against.
• Firewalls cannot protect you 100 percent from attack.
• Secret cryptographic algorithms are not secure.
• If a key isn’t required, you don’t have encryption; you have encoding.
• Passwords cannot be securely stored on the client unless there is another password to protect them.
• In order for a system to begin to be considered secure, it must undergo an independent security audit.
• Security through obscurity doesn’t work.
• People believe that something is more secure simply because it’s new.
• What can go wrong, will go wrong.
• There is no assurance your Antivirus will find new virus as soon as it is released.  It will attack before they find.
• Hackers always try to find the pitfalls of Security System. At any time your security can broken.
• May be some system(in this place i meant not only pc) look like 100 %secure until hackers know what is pitfall of the system

Do you think you are having 100% secure System?

  I am anticipating for your comments.

by Triple A A-@-A

Publisher: Unknown - 13:11

What are the symptomps to find whether your system is infected or not? | AMANAHAD Tech

5

• pc runs slower than usual.
• Stops responding
• computer crashes, and restarts every few minutes.
• Applications on the computer do not work correctly.
• Disks or disk drives are inaccessible.
• Can't print items correctly.
• Unusual error messages
• Distorted menus and dialog boxes.
• There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension.
• An antivirus program is disabled for no reason. Additionally, the antivirus program can't be restarted.
• An antivirus program can't be installed on the computer, or the antivirus program won't run.
• Strange Icons
• Strange sounds or music plays from the speakers unexpectedly.
• Windows does not start even though you have not made any system changes or even though you have not installed or removed any programs.
• There is frequent modem activity. If you have an external modem, you may notice the lights blinking frequently when the modem is not being used. You may be unknowingly supplying pirated software
• Windows does not start because certain important system files are missing. Additionally, you receive an error message that lists the missing files
• The computer sometimes starts as expected. However, at other times, the computer stops responding before the desktop icons and the taskbar appear.

by Triple A A-@-A

Publisher: Unknown - 13:10

How to avoid getting Adware | AMANAHAD Tech

Adware, malware, spyware and viruses can bring your system to its knees. They are detrimental, lowering the performance of your computer. You might need to replace data. You might lose unique files. Keep the nasties away from your computer using these ten simple tips.


1. Use Firefox:
          Internet Explorer is the most popular browser on the market, controlling over 50% of the market share. The virus and adware creators specifically look for exploitable vulnerabilities within IE because they know that they will receive the best return on investment. Your switch to Firefox prevents some adware from infecting your machine.


2. Scan your PC once a week:
            Sometimes adware programmers take a sneaky approach. They will set up their programs to run quietly in the background to spy upon your activities. This once a week scan is necessary to remove any of those sneaky bugs.

3. Download from known sites:
            New sites for installing adware are popping up all the time. If you find something that you want to download, make sure that it is from a known site. A company like Amazon will not steer you wrong, but Bob’s House of Wares might be a little less trustable. If you are not sure whether you can trust a site, perform a quick search.

4. Install Adaware:
              Ad-Aware is the most popular free adware removal program on the market. It detects, quarantines and removes adware. It searches for other programs which may have been installed, highlighting them in an easy to use interface. This program does not have an anti-virus attached.

5. Do not click on unsolicited email:
            You are constantly receiving offers to increase this or improve that through unsolicited email. Your curiosity may be killing you, but don’t click on these emails. They accept your click as permission to install adware, spyware and malware on your PC.

6. Install Antivirus software:
             Installing two programs for virus and adware protection is a smart idea. It caters to the strengths of each program, increasing the overall strength of your antiadware and antiviral campaign. Some of the best antivirus software is free, providing real time protection.

7. Don’t install toolbars:
             Even some reputable sites install custom toolbars. They slow your system down and collect information about your surfing habits. While a toolbar might offer some perks, it may also diminish your experience by dragging your system to a halt. Toolbars from less reputable places install adware and sometimes infect your system outright.

8. Look at your task manager:
                If anything seems out of place with your computer, take a look at your task manager. This tells you about all of the programs and processes which are running on your computer. Examine the processes tab for anything which you don’t immediately recognize. Perform a web search for unfamiliar processes.

9. Do not click on popups:
                Clicking on a popup usually spells certain doom for your computer. It opens the door for the viruses and adware that want to infect your machine, telling these malicious applications to make themselves at home. Stay away from those constantly advertised screensavers and icons.

10. Trust your gut:
              If you don’t feel right about a site, don’t go there. If you are receiving warnings from the antivirus and antiadware programs which you’ve installed, don’t go there. If you don’t like the layout of a site, don’t go there. Trust your instincts about sites.



With proper vigilance, you can keep aggravating adware, spyware and malware from your machine. Trust your instincts. Install Ad-Aware and an antivirus program. Play it safe. The care you spend in preventing adware from infecting your machine can save money and time 

by Triple A A-@-A

Publisher: Unknown - 13:07

How to protect your email account from being hacked | AMANAHAD Tech

Protect Yourself

Now a days almost hackers are increasing in the level .  At any time your email account can be hacked, if you didn't aware about the security.  So you should know how to protect your mail account.

Most of them lost their email account because of not knowing the basic security things.   

Here i will explain you about  some of most online scams which fool people and make them lose their passwords and how to protect from therm.




1.Website Spoofing:

Website spoofing is the act of creating a website, with the intention of misleading the readers. The website will be created by a different person or organisation (Other than the original) especially for the purposes of cheating. Normally, the website will adopt the design of the target website and sometimes has a similar URL.

This sites are known as Phishing web page or fake page. The purpose of this web page is to steal your information,username,password. This page will look similar to original page . The url of page also will look similar to original site. But it is not right site. for eg: for gmail.com may be hacker create gmailwelcome.com which look like the gmail.com.

Solution:
✓ Never try to login/access your email account from the sites other than the original site.
✓  Always type the URL of the site in the address bar to get into the site. Never click on the hyperlink to enter the site.
 ✓ Check the url whether it is correct or not.

2.Protecting from Keyloggers:
To know about keylogger and how to prevent the keylogger read this tutorial. 

3. ACCESSING YOUR EMAIL ACCOUNT FROM CYBER CAFES

Do you access your email from cyber cafes? Then definitely you are under the risk of loosing your password.In fact many people lose their email account in cyber cafes. For the owner of the cyber cafe it’s just a cakewalk to steal your password. For this he just need’s to install a keylogger on his computers. So when you login to your email account from this PC, you give away your password to the cafe owner. Also there are many Remote Administration Tools (RATs) which can be used to monitor your browsing activities in real time.

This doesn’t mean that you should never use cyber cafes for browsing the internet. I know, not all the cyber cafe owners will be so wicked but it is recommended not to use cafes for accessing confidential information. If it comes to the matter of security never trust anyone, not even your friend. I always use my own PC to login to my accounts to ensure safety.

by Triple A A-@-A

Publisher: Unknown - 13:06

Think like a Hacker..! Defend Like a Ninja..! | AMANAHAD Tech

Unless you know how to hack, you can not defend yourself from hackers. Break The Security(BTS) provides Penetration Testing and Ethical Hacking tutorials.We guide users to get into the PenTesting and Ethical Hacking World.

What is Penetration Testing  ? 

Penetration Testing, also called as PenTesting, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access).

Why Penetration Testing?

• Pentetration testing can identify the vulnerabilities that is not identified by an automated vulnerability scanners.
• Determining the feasibility of a particular set of attack vectors
• Determining the Critical Vulerabilities .
• Assessing the magnitude of potential business and operational impacts of successful attacks
• Testing the ability of network defenders to successfully detect and respond to the attacks
• Testing stability of the system against the DDOS attack.

Refer this post for more details:

Introduction to PenTesting

BTS guides ethical hackers and Penetration testers to build their own PenTesting/Ethical Hacking Lab , to develop their skills in a safe environment and to learn exiting exploitation technique.

Discliamer:
The hacking related stuff on BreakTheSecurity is only for education purposes. The tutorial and Demo provided in BreakTheSecurity is for those who curious to learn PenTesting.

Any time the word  “Hacking” that is used on this site shall be regarded as Ethical Hacking.

BreakTheSecurity never promotes BlackHat Hacking. If you misuse the content, BTS is not responsible for your actions or anything as a result of your actions.

 Read the Cyber Laws in India .

BTS holds no reponsiblity for the contents found in the user comments since we do not monitor them. However we may remove any sensitive information present in the user comments upon request.

If you planned to use the content for illegal purpose, please leave this site immediately

by Triple A A-@-A

Publisher: Unknown - 12:49

What is Penetration Testing and Pen Testing Distribution? | AMANAHAD Tech

Penetration Testing(Pen Testing) is the act of evaluating the Security of system or network by exploiting vulnerabilities. This will determine whether unauthorized or malicious activity is possible in a system. Vulnerability uncovered through the Pen Testing will be presented to the system's owner.

Why Penetration Testing?

• Pentetration testing can identify the vulnerabilities that is not identified by an automated vulnerability scanners.
• Determining the feasibility of a particular set of attack vectors
• Determining the Critical Vulerabilities .
• Assessing the magnitude of potential business and operational impacts of successful attacks
• Testing the ability of network defenders to successfully detect and respond to the attacks
• Testing stability of the system against the DDOS attack.

White Box vs Black Box vs Grey Box Testing:
Penetration testing can be performed in different ways. The methods can be classified into three types based on the knowledge about the System being tested.

White Box:
In white box testing, Pen Tester know everything about the system such as source code,network diagrams, ip addressing info.

White box testing simulates what might happen during an "inside job" or after a "leak" of sensitive information, where the attacker(malicious insider) has access to source code, network layouts, and possibly even some passwords.

Black Box:
Pen Tester test the system without prior knowledge about the system. This method is also known as Blind Testing . Black box testing simulates an attack from someone who is unfamiliar(malicious outsiders) with the system.

Grey Box:
In this method, Pen Tester partially know about the system.

Web application penetration testing:
This testing will be used to find the following web application vulnerabilities:

• SQL Injection
• XSS(Cross site Scripting)
• Buffer overflow
• Clickjacking
• DDOS

Penetration Testing Tool:
Penetration Testing tools are used as part of a penetration test to automate certain tasks, improve testing efficiency, and discover issues that might be difficult to find using manual analysis techniques alone.

As a Penetration Tester, you will need lot of Penetration testing tools to test the Security of system. Searching ,downloading and installing the required software may take time. You can use a Penetration Testing Distribution instead.

What is Pen Testing Distribution?
Penetration Testing Distribution is an open source Operating System(Derived from Linux/BSD) that combines all required application for testing the security of system. It is specially developed for Security Professionals(Pen Testers/EthicalHackers/Forensic Officers...)
Eg: Backtrack 5 Linux .

What is the advantage of Penetration Testing Distribution?
All Required application for security test are gathered in a single Operating system. You don't need to search for application, Save your time. Penetration Testing Distribution are open source and free to use. You can install in pen drive and bring it anywhere.

by Triple A A-@-A

Publisher: Unknown - 12:48

What is computer hacking? Introduction to Hacking | AMANAHAD Tech

What is computer hacking?
In a cyber security world, the person who is able to discover weakness in a system and managed to exploit it to accomplish his goal referred as a Hacker , and the process is referred as Hacking.

Now a days,  People started think that hacking is only hijacking Facebook accounts or defacing websites.  Yes, it is also part of hacking field but it doesn't mean that it is the main part of hacking.

So what is exactly hacking, what should i do to become a hacker?!  Don't worry, you will learn it from Break The Security. The main thing you need to become a hacker is self-interest.  You should always ready to learn something and learn to create something new.


Now , let me explain about different kind of hackers exist in the cyber security world.

Script Kiddie

Script Kiddies are the persons who use tools , scripts, methods and programs created by real hackers.  In a simple word, the one who doesn't know how a system works but still able to exploit it with previously available tools.

White Hat Hacker:
White Hat hackers are good guys who does the hacking for defensing.  The main aim of a Whitehat hacker is to improve the security of a system by finding security flaws and fixing it.  They work for an organization or individually to make the cyber space more secure.

Break The Security only concentrates on white-hat hacking and help you to learn the Ethical Hacking world.

Black Hat Hacker:
BlackHat hackers are really bad guys , cyber criminals , who have malicious intent.  The hackers who steal money, infect systems with malware,  etc are referred as BlackHat hackers.  They use their hacking skills for illegal purposes.

GreyHat hackers:

The hackers who may work offensively or defensively, depending on the situation. Hackers who don't have malicious intentions but still like to break into third-party system for fun or just for showing the existence of vulnerability.

Hacktivists
The hackers who use their hacking skills for protesting against injustice and attack a target system and websites to bring the justice.  One of the popular hacktivists is Anonymous and RedHac

by Triple A A-@-A

Publisher: Unknown - 12:46

C program and how to compile it. | AMANAHAD Tech

Hackers should atleast 5 programming languages.  Before all ,learn c program .  Because it is basic programming language for all programming language.   It is easy to learn also. 

There are many books available to read like Complete reference c, C for dummies. 

In online also you can learn.  One of best website to learn c program is www.cprogramming.com/

How to compile c program?
Download "Turbo c " compiler and install. it.  :download

Now open the tc.exe in the folder "c:\tc\bin"

Select New in File Menu of the turbo c editor.

and type your coding .

save it with ".c" extension Like hello.c

compile:
press alt+f9

Create exe file:
press f9

Run :
ctrl+f9

if my post is not clear for you ask me doubts as comment

by Triple A A-@-A

Publisher: Unknown - 12:43

Access blocked website in college or school or net center-Proxy Server | AMANAHAD Tech

In your college or school they restrict to see some sites ? You can access without any restrictions using the proxy server. 

What is Proxy?

Proxy server is some kind of a buffer between your computer and the designated internet destination. When you use a proxy server , your computer will send a request to the proxy server , then the proxy server will send it to the destination (for example a website), the destination will answer the request the proxy has sent and finally the proxy will return the data to you computer.



Reasons for using proxy servers:

• Proxy server is able to increase or decrease the speed of your connection to the Internet depending on the location of the proxy
• Proxy server ( but only anonymous) can hide your IP address (the resource you visit will retrieve the IP of the proxy, and not your
• Proxy servers can help in case some owner of an Internet resource impose restrictions for users from certain countries ( for example hulu.com is only reserved for those from United States, if you are not from United States, you can’t watch videos on hulu.com)

How to Use:
open the proxy server site .
when you open the browser it will ask you to get the certificate.
so click "Get certificate "
and click "ok"
Now site will be opened
The website will ask you to enter the url of site.
enter url of site you want to visit .

List of Proxy Sites:

Pricacywanted.info

Netrover.info

Hidemyass.com
Launchwebs.org
Clear5.info
Bingbot.info
Calculatepie.com
Unicornpipe.com
truckflood.com
fly proxy
Fire-proxy

by Triple A A-@-A

Publisher: Unknown - 12:42

How to see saved password in Mozilla firefox | AMANAHAD Tech

This is not hacking article(not at all).  However, i would say it is kind of trick that most of us not aware of.  Using this trick, you can just view the "saved passwords" in the mozilla firefox.

You remember the "Remember password" which will be asked by Firefox whenever you successfully logged into a website?! If someone accept it, then the password will be stored locally in the firefox.  What we are going to do is get that password.

Let's say you are visiting a public Internet cafe or your friend's system , you can just the follow the following steps and view the saved passwords.

Steps:

• click the "Tools" option in menu bar.
• Select "Options"
• It will open the small window, now you just have to Select the "security" tab
• There, you can see the "saved Passwords" button

• Once you clicked the button, it will popup another small window.
• It will provide the list of sites with usernames
• Select any particular site and click the "show Password"
• Yes, now you can view the password :)

Hope you enjoyed this article.

by Triple A A-@-A

Publisher: Unknown - 12:40

Different types of Email Account Hacking | AMANAHAD Tech

The Basic level Hacking is Email Account Hacking.  Everyone like to do first email account hacking only.  So here is the tutorial for budding hackers about email Hacking.

There are different types of Email Account Hacking .  Here is some of them :

1. Social Engineering
   
   • Phishing
2. Brute Force Attack
3.  Keylogger
4.  Guessing the Answer for the Security Question

Social Engineering:

Social engineering takes advantage of the weakest link in any organization’s
information security defenses: people. Social engineering is
“people hacking” and involves maliciously exploiting the trusting nature of
human beings to obtain information that can be used for personal gain.

Social engineering is one of the toughest hacks to perpetrate because it takes
great skill to come across as trustworthy to a stranger. It’s also by far the
toughest hack to protect against because people are involved.

Social Engineering is different from Physical Security exploits . In social engineering hackers will analyze about
victim.  Hackers will send mail to victim.  The contents will be related to the victim.

Eg:

✓ False support personnel claim that they need to install a patch or new
version of software on a user’s computer, talk the user into downloading
the software, and obtain remote control of the system.
✓ False vendors claim to need to update the organization’s accounting
package or phone system, ask for the administrator password, and
obtain full access.
✓ Phishing e-mails sent by external attackers gather user IDs and passwords
of unsuspecting recipients. Hackers then use those passwords to
gain access to bank accounts and more. A related attack exploits crosssite
scripting on Web forms.
✓ False employees notify the security desk that they have lost their keys
to the computer room, receive a set of keys from security, and obtain
unauthorized access to physical and electronic information.

 Phishing WebPage:

     It is a fake webpage which looks similar to the original page of the website.  Using this WebPage we can easily get the Password of victims.  The process involved in creating Phishing webpage are,
✓ First Visit the Website which is associated with the email id. Copy the Source code.
✓ Edit the the Source code such that it will store the password for you.
✓ Upload the Webpage to any free webhosting sites.  (don't select a famous hosting site,they will find that
    your page is fake). Try uploading through the proxy server.

Guessing the Answer for Security Question:
    Do you remember that the mail sites will ask for the security questions to retrieve the mail account?  You can hack the mail account simply guessing the answer.  If the victim is your friend ,then it may very easy to hack. 

Brute Force Attack:



A famous and traditional attacking method .  In this method ,the password will be found by trying all possible passwords with any program or software.




Keyloggers:


  It is one of the spyware which will capture what you type in the keyboard.  so whenever you type the username and password ,it will simply capture.

   It is software program which will be attached with any softwares and send to victim.  While victim install the software ,the keylogger also start to work.  Keyloggers are exe files.

Note:
This Email Account Hacking Tutorial is truly for educational purpose only. 

by Triple A A-@-A

Publisher: Unknown - 12:39