Network Security

Hi, I would like to share a book that might help you on a hacking/pentesting engagement. It simulates a real hacking scenario from start to finish. From planting a small hardware in a store to spying on board meetings using custom scripts. No metasploit, or pesky executables that trigger antivirus alerts or startup registry keys that any newbie admin can find... Only neat opsec & up to date tricks (wmi, golden ticket, reflective dll injection, domain bouncing etc. ) You can get a copy here : http://amzn.to/2oSPvQT You will mostly find Windows stuff but there is a dedicated section about Mainframe hacking (I find it fascinating that every…

A full account of the Vulnerabilities as well as detailed technical explanations were posted on 15 March 2017 on the site linked below : http://blog.checkpoint.com/2017/03/15/check-point-discloses-vulnerability-whatsapp-telegram/ Pasted some of the material from the site, in case the content goes offline in the future, as a lot of technical details were discussed and would be useful to others for future reference. Anyway I have linked to the originalsite above

lots of information on several techniques and tools ! https://wikileaks.org/ciav7p1/cms/index.html

Hi guys, I would like to share a book that goes through a real life hacking scenario : From building evading AV to hacking a Mainframe (while of course p0wning some Windows Domains :-) ) It showcases up to date content with custom scripts and unique hacking techniques It is different and refreshing from your regular old metasploit how-to tutorials Enjoy ! Sparc F.

The first collision for full SHA-1 https://shattered.it/

So I noticed a few things. I was attempting to sniff traffic from an android/ios application and it wasn't showing up in Fiddler2/Burp. It possibly showed up in Wireshark but it's encrypted and I can't read it. Long story short, I disabled SSL Pinning and have both Fiddler/Burp setup properly. It shows HTTPS/SSL traffic BUT it doesn't show all of the websockets. I believe it's a similar issue to WhatsApp/Facebook Messenger. When I try to sniff traffic from those chat applications it does not show any incoming/outgoing traffic. Any ideas what next steps I should take? I KNOW there is traffic going and leaving, but it's not being intercepted.

https://www.google.com/search?q=WindTalker+&ie=utf-8&oe=utf-8&client=firefox-b#q=wifi+WindTalker+ What is WindTalker & how does it work WindTalker is the name given to the method that allows parallel scanning of WiFi signals arising out of the victim’s device to retrieve the data being typed on the device. The first part of the method is to identify the signals coming from the victim’s device. Note that the hackers do not need any software to be installed on the victims’ phones or other devices that they intend to hack. The second requirement is to be able to use the WiFi network. This could be easy at public places where they have free Wi…

Phrozen RunPE Detector is a security program, especially designed to detect and defeat some suspicious processes using a generic method. https://www.phrozensoft.com/2015/06/runpe-detector-1

hi everyone I am reverse engineer but I am interested in learning penetration testing too. Can anyone introduce me a source for learning from beginner to advanced. It should be noted that I have very little knowledge in this area and also little time to learn. thanks

Is there any way to bypass speed limit of Cyberoam firewall?? Thanks in advance!

I'm trying to sniff all traffic coming from my android phone (rooted), especially https, but I haven't found a way yet. I assume the apk I'm primarily interested in, uses certificate pinning. Can anyone recommend me a solution or provide some tipps? thanks in advanced

Just out of curiosity from my understanding, on high traffic servers, are there really no ways around 503 errors? I know this question sounds silly and probably illogical but for some servers I try to access they hit high amounts of traffic and begin to crash returning 503 errors. (Ex. some clothing sites, maybe gaming sites, etc.) There are instances where I'm running over 100 proxies and some proxies were able to get through while the others are getting 503 errors. To increase my odds of getting actual access to the server I would assume I would have to increase my numbers in proxies. Is this an irrational way of thinking? I feel there are some people who f…

Could anyone help me? I wore a client chat program, and this program was to start login to the site, and now the site went offline. Will you help me identify the call to the site and how to skip that call? file : http://www27.zippyshare.com/v/kBNhEDS7/file.html Hugs byvs

I'm trying to access a site and I've been stuck on it's queue forever. Are there any tips to bypass the queue? I was told for Cloudflare I would just have to get the direct ip. I'm having a hell of a time finding the IP address though. An example site would be footpatrol.co.uk,

WiFi Map Is a Crowdsourced List of Routers and Passwords. http://www.wifimap.io/ Public Wi-Fi networks—like those in coffee shops or hotels—are not nearly as safe as you think.… http://lifehacker.com/wifi-map-is-a-crowdsourced-list-of-routers-and-password-1681442571

I want to access a site (third party, I do not have any server side access) via Httpwebrequest in c#. All works well but I want to access the site most at a certain time of the day, for 4-5 minutes. But this time the server flooded by user requests and server responds very slowly. The time is almost fixed, that is when I want to get contents from it.And it gets inaccessible for that time due to loads of user hits. Is there any technique, that can maximize my chance to get response from that site when it even gets busy? I search a lot but found nothing. If you could help me, I would be grateful. Thanks guys. I'am Adding request and response header for your f…

Destroy Windows 10 Spying is a portable app that can block anonymous data being sent, remove apps that can��t be removed the standard way and more. I liked that it can remove some of the Windows default programs that can be removed under Apps & Features, an annoyance I immediately discovered since I prefer to ��slim�� down windows. Some of the domains we know send anonymous information back to Microsoft include: vortex.data.microsoft.com vortex-win.data.microsoft.com telecommand.telemetry.microsoft.com telecommand.telemetry.microsoft.com.nsatc.net oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net sqm.telemetry.microsoft.com sqm.telemetry.mic…

Vote To what you think it is the best Security Suite ? And then comment on your votes? Whey it is the best ?

Wi-Fi hack for Dummies Link: https://gpuhash.me/?menu=en-articles-view-2 … or a true fairy story on how to break efficiently the password to neighbor’s Wi-Fi AP, and to get clean with it at the same time.

Google Releases Stagefright 2.0 Patches http://www.hackernewsleak.com/index.php/2015/10/06/google-releases-stagefright-2-0-patches/ Ted.

How I could hack internet bank accounts of Danish largest bank in a few minutes http://sijmen.ruwhof.net/weblog/584-how-i-could-hack-internet-bank-accounts-of-danish-largest-bank-in-a-few-minutes Ted.

WEP password hacking (Wi-Fi) Tools used: TamoSoft CommView for WiFi 7.1.795 - collecting the packets Wireshark version 1.12.7 - joining multiple (captured) .cab files aircrack-ng 1.2 rc2 win - password crackingMy target wireless network has these information: Encryption: WEP SSID: bluew Vendor: Netgear Mac: Netgear 08:54:30 but sometimes also shows 20:4E:7F:08:54:301. Collecting the packets with TamoSoft CommView Start TamoSoft CommView for WiFi. Click Start Capture. (Click on File->Start Capture). Wireless networks should be showed in Nodes tab. For showing Detailed Information about a wireless network right click on target MAC Address (Netgear 08:54:30) to see optio…

Pakistan to Ban Virtual Private Networks [color=#000000]http://tech2.in.com/news/general/vpn-banned-in-pakistan-to-aid-security/238212 [color=#000000]http://www.zdnetasia.com/pakistan-encryption-ban-to-aid-cybercriminals-62301861.htm [color=#000000]http://www.guardian.co.uk/world/2011/aug/30/pakistan-bans-encryption-software Ted.

https://www.youtube.com/watch?v=FuYtQGfORwY

In case you missed it and... you are were a member... https://blog.malwarebytes.org/hacking-2/2015/08/for-sign-off-times-up-ashley-madison-data-released/ Ted.