Wednesday 20 January 2016

What is the Best Way to Learn Hacking for Beginners?

Step-1: Begin with the Basics
For beginners who have little or no previous knowledge of hacking, it is always better to start off from the basics. Instead of directly learning how to hack, you can begin exploring more about topics such as computer networks, network ports, firewalls, common network protocols like IP address, HTTP, FTP, DNS, SMTP etc. along with how each of those stuffs work.
You can also begin to learn more about alternate operating systems Linux whose knowledge becomes very much essential in the field of hacking. The more you learn about the basics, the more easy it is to find vulnerabilities and device exploits. Once you develop a basic understanding of the fundamental concepts, you will be in a position to easily understand various hacking techniques that are in practice.
Step-2: Find a Good Source to Start Learning
Hacking Secrets ExposedIf one has a fair amount of experience in the field of hacking, there exists so many books and websites that give out technical information on latest vulnerabilities along with possible ways to exploit them. However, for beginners it is hard to find sources that teach hacking right from the basics in a simple and easy to follow manner.
So, I decided to put together all my 10+ years of experience in the field and come up with a book for beginners called Hacking Secrets Exposed which demands no prior knowledge of the topic and is easy for the readers to follow and understand at every step. This book also comes packed with all the necessary fundamental concepts (as mentioned in the step-1) so that readers can find them all at one place. Therefore, I recommend this book for all those beginners who have a dream to start off their journey to becoming a hacker. This is an excellent source of knowledge for all those who have a little or no prior background of hacking.

Step-3: Learn Programming (Optional)
If you want to take your hacking skills one step ahead, programming is something that you can’t skip down. Although you can easily find a lot of ready made tools and programs that let you hack with ease, it is always better to have some basic knowledge of programming languages like HTML, PHP and JavsScript so that you will be in a position to develop your own tools and exploit codes. However, if you do not wish to learn programming you can skip this step and still be a good hacker.

How Long does it Take to Master the Skills of Hacking?

Since hacking is not something that can be mastered overnight, you should never be in a hurry to get going. It requires knowledge, skills, creativity, dedication and of course the time. Depending upon the amount of effort and dedication you put, it can take up anywhere between a few months to few years to develop all the the necessary skills. Everyone can become a hacker provided they learn it from the basics and build a solid foundation. So, if you want to be a hacker all you need is passion to learn, a good source of knowledge that will guide you through the basics and some perseverance.

Top Ten Hacker Tools List!

This Hacking Tools list is partly based on the Kali Linux Distro Tools 'Top Ten' 

Nmap - Port Scanner 

Acunetix - Web Vulnerability Scanner

Metasploit -Vulnerability Exploitation Tool

Maltego - Forensics

OWASP Zed - Web Vulnerability Scanner

Wireshark - Packet Crafting Tool

Burp Suite - Web Vulnerability Scanners

THC Hydra - Password Crackers

Aircrack-ng - Password Cracker

John The Ripper - Password Crackers

Monday 3 August 2015

Top 10 Hacker the world has ever known

In the world of web where we get the global connectivity, it is far easier to break into someone’s personal zone. By personal, we do not just mean the social media. The world wide web which has become the hub of storing and restoring information, considered to be the safest vault, is a mere toy in the hands of a few computer geniuses. Hackers, Black Hat Hackers, villains, crackers, cyber-criminals, cyber pirates as they are well-known, throw a malicious software or virus at a system to gain the access to the desired information. Piqued by curiosity, they may perhaps break into your system too. Here are top 10 hackers or the whiz kids who put the world in awe with their dexterity.

1. Gary McKinnon

Gary McKinnon must’ve been a curious, restless child, for to gain information on UFOs, he thought it better to get a direct access into the channels of NASA. He infiltrated 97 US military and NASA computers, by installing virus and deleting a few files. All the efforts to satisfy his curiosity, but, alas, curiosity killed the cat. It was soon found that McKinnon was guilty of having hacked the military and NASA websites from his girlfriend’s aunt’s house in London. While entering and deleting the files from these websites wasn’t enough, McKinnon thought of shaming the security forces by putting out a notice on the website that said, “Your security is crap.” Well, looks like McKinnon was something, if he could shut down the US Military’s Washington Network of about 2000 computers for 24 hours, making the hack, the biggest military computer hack of all time!

2. LulzSec

LulzSec or Lulz Security, a high profile, Black Hat hacker group, gained credentials for hacking into Sony, News International, CIA, FBI, Scotland Yard, and several noteworthy accounts. So notorious was the group that when it hacked into News Corporations account, they put across a false report of Rupert Murdoch having passed away. While the group claims to have retired from their vile duties, the motto of the group, “Laughing at your security since 2011!” stays alive. There are assertions of the group having hacked into the websites of the newspapers like The Times andThe Sun to post its retirement news. Many, however, claim that this group had taken it upon itself to create awareness about the absence of efficient security against hackers.

3. Adrian Lamo

Adrian Lamo decided to switch careers when he realized the potentials of his skills. He became a news when he hacked into Yahoo!, Microsoft, Google, and The New York Times. This, although culminated into his arrest, it later helped him gain the batch of an American Threat Analyst. A guy who would hack into top-notch accounts sitting in the spacious and comforting cafeterias, libraries, internet cafes, soon turned Wikileaks suspect Bradley Manning over to FBI. While Manning was arrested for leaking several hundred sensitive US government documents, Lamo went hiding or should we presume, undercover?

4. Mathew Bevan and Richard Pryce

Targeting the over-sensitive nerves, what Mathew Bevan along with his alleged partner Richard Pryce did, could have triggered great many issues between USA and North Korea. The duo hacked the US military computers and used it as a means to infiltrate the foreign systems. The crucial contents of Korean Atomic Research Institute were dumped into USAF system. However, the contents were majorly relevant to South Korea and hence, less volatile. But this, nonetheless, could have led to a huge international issue.

5. Jonathan James

The first juvenile to be imprisoned for a cyber-crime at the age of 16, Jonathan James or better known as c0mrade, hacked into Defense Threat Reduction Agency of US department. Further, he installed a sniffer that scrutinized the messages passed on between the DTRA employees. Not only did he keep a check on the messages being passed around, in the process, he collected the passwords and usernames and other such vital details of the employees, and further even stole essential software. All this cost NASA to shut down its system and to pay from its pocket $41,000. c0mrade, however, had a bitter ending as James committed suicide in 2008.

6. Kevin Poulsen

How far would you go to win your dream car or a dream house? How far will you go to win an online contest or a radio show contest? Perhaps, you shall keep trying your luck, unless you are Kevin Poulsen! Poulsen infiltrated a radio shows call-in contest just so he could win a Porsche. Dark Dante, as he was better known, went underground after FBI started pursuing him. He, later, was found guilty of seven counts of mail, wire and computer fraud, money laundering and the likes. What turned out to be rewarding in Dark Dante’s case is – his past crafted his future. Poulsen now serves as a Senior Editor at Wired.

7. Kevin Mitnick

Clad in an Armani suit, when a bespectacled face in his mid-40s smiles at you from the computer screen, you can hardly consider the man a cyber-criminal. Such is the case with Kevin David Mitnick. Once upon a time, the most wanted cyber-criminal of US, now is an affluent entrepreneur. Kevin, who is now a security consultant, was convicted of hacking Nokia, Motorola and Pentagon. He pleaded guilty to seven counts of fraud that included wire fraud, computer fraud and of illegally interception a wire communication. After five years of incarceration that included eight months of solitary confinement, Mitnick now has started afresh. However, his knack with the computers is still reminisced and was even depicted on celluloid in the filmsTakedown and Freedom Downtown.

8. Anonymous

The concept of being a “digital Robin Hood” was far from being conceived, but in the computer age, it is very likely that someone somewhere has bagged this title. A “hacktivist group” called Anonymous are known with the penname of being the “digital Robin Hood” amongst its supporters. Identified in public by wearing a Guy Fawkes Masks, Anons, as they are widely known, have publicized themselves by attacking the government, religious and corporate websites. The Vatican, the FBI, the CIA, PayPal, Sony, Mastercard, Visa, Chinese, Israeli, Tunisian, and Ugandan governments have been amongst their targets. Although, Anons have been arguing whether to engage in a serious activism or a mere entertainment, many of the group members have clarified their intent which is to attack internet censorship and control.

9. Astra

Astra, a Sanskrit word for weapon was the penname of a hacker who dealt in the weapon stealing and selling. A 58-year-old Greek Mathematician hacked into the systems of France’s Dassault Group, stole vulnerable weapons technology data and sold it to different countries for five long years. While the real identity of the ASTRA remains untraced, officials have said that he had been wanted since 2002. Astra sold the data to approximately 250 people from around the globe, which cost Dassault $360 millions of damage.

10. Albert Gonzalez

How safe is internet banking? When we browse through the profile of this mastermind, we are certain that one ought to use the World Wide Web with immense care. For two long years, Albert Gonzalez, stole from credit cards of the netizens. This was recorded to be the biggest credit card theft in the history of mankind. He resold approximately 170 million credit cards and ATM numbers. He did so by installing a sniffer and sniffing out the computer data from internal corporate networks. When arrested, Gonzalez was sentenced to 20 years in Federal prison

Friday 17 July 2015

Types of Hacker Motivations

Types of Hacker Motivations

There are good and bad hackers. Here is a window into what they do and why


1) White Hat Hackers: 
These are the good guys, computer security experts who specialize in penetration testing and other methodologies to ensure that a company’s information systems are secure. These IT security professionals rely on a constantly evolving arsenal of technology to battle hackers.

2) Black Hat Hackers: 
These are the bad guys, who are typically referred to as just plain hackers. The term is often used specifically for hackers who break into networks or computers, or create computer viruses. Black hat hackers continue to technologically outpace white hats. They often manage to find the path of least resistance, whether due to human error or laziness, or with a new type of attack. Hacking purists often use the term “crackers” to refer to black hat hackers. Black hats’ motivation is generally to get paid.

3) Script Kiddies: 
This is a derogatory term for black hat hackers who use borrowed programs to attack networks and deface websites in an attempt to make names for themselves.

4) Hacktivists: 
Some hacker activists are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment.

5) State Sponsored Hackers: 
Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments.

6) Spy Hackers: 
Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid.

7) Cyber Terrorists: 
These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder.

Top 10 Hackers Operating Systems

Operating Systems

So today I come up with the operating systems that hackers used for hacking. The top on this list is the Kali Linux which has almost all type of hacking tools that are totally free for everyone. All operating systems are based on Linux kernel, we know the reason behind this fact, that Linux is free and open source.


1. KALI LINUX

Kali Linux comes from the creators of BackTrack Yes you guessed it they are Offensive Security team. Kali Linux is the most versatile and advanced penetration testing distro. Kali Linux updates its tools, and it is available for many different platforms like VMware, ARM, and many more

2. BACKBOX

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. BackBox is lightweight OS and requires less hardware specification. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools

3. DEFT

DEFT Association is an non-profit association. They provide a reliable and powerful Penetration testing distribution of Linux. You can download DEFT ISO or VMware virtual machine image from their official website.

4. LIVE HACKING OS

Live Hacking OS is also based on Linux, you know why. It is also a big pack of hacking tools used for Penetration testing. It includes the graphical user interface GNOME inbuilt. There is a second variation available which is command line only. And requires very less hardware requirement.

5. SAMURAI WEB SECURITY FRAMEWORK

The Samurai Web Testing Framework is a live linux distro which is pre-configured with Web penetration testing tools. Yes this is the best for Web Penetration Testing and this is a live linux which is beneficial to clear all hacking tracks. You can download VMware image as well as ISO image from Sourceforge.

6. NETWORK SECURITY TOOLKIT

Network security toolkit is based on Fedora and runs on 32 as well as 64 bit platforms. Network security toolkit provides tools to test, monitor and fix the network issues. The main purpose of developing this Toolkit is to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools.

7. PARROT SECURITY FORENSIC OS

Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Parrot security os is based on Debian and developed by Frozenbox network. Parrot-sec is available in 32 bit for Intel processors and 64 bit for AMD


8. BUGTRAQ

Bugtraq Team is experienced freaks and developers. Bugtraq is available in Debian, Ubuntu, OpenSuSe in 32 and 64 bit architectures.Bugtraq system offers the most comprehensive distribution, optimal, and stable with automated services manager in real time. This distribution based on the 3.2 and 3.4 kernel.

9. NODEZERO

Nodezero is very handy Penetration testing tools collection distro. They believe that Livecd is not for those who does Penetration testing on regular basis, but they provide livecd of their distro. Nodezero is reliable and stable. It is based on the Ubuntu distribution of Linux. Download your free and open copy of NodeZero Linux today, because real hackers count from zero.


10. PENTOO

Pentoo is a security-focused Linux distro based on Gentoo. It is basically a Gentoo install with lots of customized tools, customized kernel, and more. Here is a list of the features currently included :
a) Hardened Kernel with aufs patches
b) Backported Wifi stack from latest stable kernel release
c) Module loading support ala slax
d) Changes saving on usb stick
e) XFCE4 wm
f) Cuda/OPENCL cracking support with development tools
g) System updates if you got it finally installed

H.A.C.K

H.A.C.K

Hacking And Computer Krashing

  • Hack (computer security), to break into computers and computer networks
  • Hack (programming language), a programming language developed by Facebook
  • Hack (computer science), an inelegant but effective solution to a computing problem
  • Hack (programmer subculture), participation in a computer programmer subculture

H.A.C.K.E.R

Hide IP - Aim Victim - Crack Encrypt - Kill Firewall - Enter into Database - Return Anonymous