Saturday, August 23, 2014

Ghost Phisher

It is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and phishing attacks.

Ghost Phisher is available on Kali Linux at /usr/share/ghost-phisher

Click me to see tutorial

Book Description
The Basics of Information Security, 2nd Edition

Understanding the Fundamentals of InfoSec in Theory and Practice

Author : J Andress
Release Date: 14 Jul 2014
Imprint: Syngress
Print Book ISBN : 9780128007440
Pages: 240
A simple and complete introduction to the fundamentals of information security

Download location 1
Download location 2

How to Hire PHP Programmers

What are your requirements? Do you have a technical background? Are you a going to work alongside your developers, or would you rather send off a specification and get weekly updates? Are you going to manage the project?

If you feel comfortable developing and reviewing code yourself, you may wish to work directly, either with a local or offshore developer.

If not, you may want to look at a larger firm. Ensure that they detail their management, testing and QA processes, and that you’re happy with the way you’ll be working to. Gaps in expectation in these aspects can often lead to dispute and unexpected costs later down the line.

If you choose to work directly with an offshore developer, you may find yourself acting as the project manager and first line tester.

If you have no PHP development experience and don’t feel comfortable in reviewing your own code, you may wish to hire a technical manager, working in your interest to ensure the quality of the work received. When you hire PHP programmers, it’s important to not only verify that the work product meets functional and graphical specification. If there are poor coding or security practices being used, this can pave the way to long term unexpected costs and code refactoring.

Will you need CMS development? i.e. WordPress, Joomla, osCommerce or Drupal? You may want to look at how a CMS product could save you time and cost. Depending on your requirements and how aligned they are with existing CMSs and CMS plugins, a CMS can often speed up development many times over.

Make sure you go out looking for the right firm or individual based on your current position, budget, requirements and expectations. Interview the right people. How do you want to work with a development team? Do you have a full specification? Do you need someone to help you complete your specification? Do you want to work on fixed price or hourly? Fixed price may seem appealing, but hourly often works out cheaper.

Look at testimonials and case studies. Are you able to confirm that the testimonials are legitimate?

Do you feel a good fit with the team? Are they responsive and able to work to your needs? Are there any communication barriers? You may consider a short trial period, allowing you to assess your team before committing to your larger project.

Set up accountability, deadlines, reporting mechanisms and regular reviews. It’s important to work with your developer or development team closely, especially at first. This allows you to catch any potential issues quickly, before extensive time and cost is incurred. If you find the project repeatedly veering off course or that communication barriers are insurmountable, it may that the project needs to be re-evaluated or cancelled before further time and cost is incurred.

PHP programming projects unfortunately have high failure rates and so the right hiring process and early interventions are critical in keeping things on track. If you want to hire PHP programmers or need consultancy on a web development project, get in touch now. We take the headache out of your hands, offering boutique service at affordable rates.

SQLMap for Cloudflare protected sites

When you suspect your target site is vulnerable to SQLi and you find out that it is protected by Cloudflare, you can still to launch SQLMap against the target.

First of all, you need to make sure the target site is protected by Cloudflare, you can add "--identify-waf" or "--check-waf" to confirm. However, do not set "--thread=" larger than 1 as the target will give you "403 Forbidden" error. Once you get the "403 error", your IP address is banned. Therefore, you are required to consider to use proxy servers or TOR to access the target.

Secondary, you need to add "--tamper='between,randomcase,space2comment'" and "-v 3", if the target is confirmed being protected by Cloudflare. You may also consider to add "--random-agent" and "--tor" when necessary.

Finally, do not use Kali Linux provided SQLMap scripts as it has no "WAF" scripts pre-installed. You are better to download the latest version of SQLMap from the official site.

git clone https://github.com/sqlmapproject/sqlmap.git

This hint can be applied to other WAFs, IDSs and IPSs, such as mod_security or other Cloudflare like service providers.

For example :

python sqlmap.py -u "https://www.cloudflare.com/" --identity-waf --tamper="between,randomcase,space2comment" -v 3 --random-agent --tor

An A-Z Index of the Windows CMD command line

   ADDUSERS Add or list users to/from a CSV file
   ADmodcmd Active Directory Bulk Modify
   ARP      Address Resolution Protocol
   ASSOC    Change file extension associations•
   ASSOCIAT One step file association
   AT       Schedule a command to run at a specific time
   ATTRIB   Change file attributes
b
   BCDBOOT  Create or repair a system partition
   BCDEDIT  Manage Boot Configuration Data
   BITSADMIN Background Intelligent Transfer Service
   BOOTCFG  Edit Windows boot settings
   BROWSTAT Get domain, browser and PDC info
c
   CACLS    Change file permissions
   CALL     Call one batch program from another•
   CERTREQ  Request certificate from a certification authority
   CERTUTIL Utility for certification authority (CA) files and services
   CD       Change Directory - move to a specific Folder•
   CHANGE   Change Terminal Server Session properties
   CHKDSK   Check Disk - check and repair disk problems
   CHKNTFS  Check the NTFS file system
   CHOICE   Accept keyboard input to a batch file
   CIPHER   Encrypt or Decrypt files/folders
   CleanMgr Automated cleanup of Temp files, recycle bin
   CLIP     Copy STDIN to the Windows clipboard
   CLS      Clear the screen•
   CMD      Start a new CMD shell
   CMDKEY   Manage stored usernames/passwords
   COLOR    Change colors of the CMD window•
   COMP     Compare the contents of two files or sets of files
   COMPACT  Compress files or folders on an NTFS partition
   COMPRESS Compress one or more files
   CONVERT  Convert a FAT drive to NTFS
   COPY     Copy one or more files to another location•
   CSCcmd   Client-side caching (Offline Files)
   CSVDE    Import or Export Active Directory data 
d
   DATE     Display or set the date•
   DEFRAG   Defragment hard drive
   DEL      Delete one or more files•
   DELPROF  Delete user profiles
   DELTREE  Delete a folder and all subfolders
   DevCon   Device Manager Command Line Utility 
   DIR      Display a list of files and folders•
   DIRQUOTA File Server Resource Manager Disk quotas
   DIRUSE   Display disk usage
   DISKPART Disk Administration
   DISKSHADOW Volume Shadow Copy Service
   DISKUSE  Show the space used in folders
   DOSKEY   Edit command line, recall commands, and create macros
   DriverQuery Display installed device drivers
   DSACLs   Active Directory ACLs
   DSAdd    Add items to active directory (user group computer) 
   DSGet    View items in active directory (user group computer)
   DSQuery  Search for items in active directory (user group computer)
   DSMod    Modify items in active directory (user group computer)
   DSMove   Move an Active directory Object
   DSRM     Remove items from Active Directory
e
   ECHO     Display message on screen•
   ENDLOCAL End localisation of environment changes in a batch file•
   ERASE    Delete one or more files•
   EVENTCREATE Add a message to the Windows event log
   EXIT     Quit the current script/routine and set an errorlevel•
   EXPAND   Uncompress CAB files
   EXTRACT  Uncompress CAB files
f
   FC       Compare two files
   FIND     Search for a text string in a file
   FINDSTR  Search for strings in files
   FOR /F   Loop command: against a set of files•
   FOR /F   Loop command: against the results of another command•
   FOR      Loop command: all options Files, Directory, List•
   FORFILES Batch process multiple files
   FORMAT   Format a disk
   FREEDISK Check free disk space
   FSUTIL   File and Volume utilities
   FTP      File Transfer Protocol
   FTYPE    File extension file type associations•
g
   GETMAC   Display the Media Access Control (MAC) address
   GOTO     Direct a batch program to jump to a labelled line•
   GPRESULT Display Resultant Set of Policy information
   GPUPDATE Update Group Policy settings
h
   HELP     Online Help
   HOSTNAME Display the host name of the computer
i
   iCACLS   Change file and folder permissions
   IF       Conditionally perform a command•
   IFMEMBER Is the current user a member of a group
   IPCONFIG Configure IP
   INUSE    Replace files that are in use by the OS
l
   LABEL    Edit a disk label
   LOGMAN   Manage Performance Monitor logs
   LOGOFF   Log a user off
   LOGTIME  Log the date and time in a file
m
   MAKECAB  Create .CAB files
   MAPISEND Send email from the command line
   MBSAcli  Baseline Security Analyzer
   MEM      Display memory usage
   MD       Create new folders•
   MKLINK   Create a symbolic link (linkd) •
   MODE     Configure a system device COM/LPT/CON
   MORE     Display output, one screen at a time
   MOUNTVOL Manage a volume mount point
   MOVE     Move files from one folder to another•
   MOVEUSER Move a user from one domain to another
   MSG      Send a message
   MSIEXEC  Microsoft Windows Installer
   MSINFO32 System Information
   MSTSC    Terminal Server Connection (Remote Desktop Protocol)
n
   NET      Manage network resources
   NETDOM   Domain Manager
   NETSH    Configure Network Interfaces, Windows Firewall & Remote access
   NBTSTAT  Display networking statistics (NetBIOS over TCP/IP)
   NETSTAT  Display networking statistics (TCP/IP)
   NOW      Display the current Date and Time 
   NSLOOKUP Name server lookup
   NTBACKUP Backup folders to tape
   NTDSUtil Active Directory Domain Services management
   NTRIGHTS Edit user account rights
o
   OPENFILES Query or display open files
p
   PATH     Display or set a search path for executable files•
   PATHPING Trace route plus network latency and packet loss
   PAUSE    Suspend processing of a batch file and display a message•
   PERMS    Show permissions for a user
   PERFMON  Performance Monitor
   PING     Test a network connection
   POPD     Return to a previous directory saved by PUSHD•
   PORTQRY  Display the status of ports and services
   POWERCFG Configure power settings
   PRINT    Print a text file
   PRINTBRM Print queue Backup/Recovery
   PRNCNFG  Configure or rename a printer
   PRNMNGR  Add, delete, list printers and printer connections
   PROMPT   Change the command prompt•
   PsExec     Execute process remotely
   PsFile     Show files opened remotely
   PsGetSid   Display the SID of a computer or a user
   PsInfo     List information about a system
   PsKill     Kill processes by name or process ID
   PsList     List detailed information about processes
   PsLoggedOn Who's logged on (locally or via resource sharing)
   PsLogList  Event log records
   PsPasswd   Change account password
   PsPing     Measure network performance
   PsService  View and control services
   PsShutdown Shutdown or reboot a computer
   PsSuspend  Suspend processes
   PUSHD    Save and then change the current directory•
q
   QGREP    Search file(s) for lines that match a given pattern
   Query Process / QPROCESS  Display processes
   Query Session / QWinsta   Display all sessions (TS/Remote Desktop)
   Query TermServer /QAppSrv List all servers (TS/Remote Desktop)
   Query User    / QUSER     Display user sessions (TS/Remote Desktop)
r
   RASDIAL  Manage RAS connections
   RASPHONE Manage RAS connections
   RECOVER  Recover a damaged file from a defective disk
   REG      Registry: Read, Set, Export, Delete keys and values
   REGEDIT  Import or export registry settings
   REGSVR32 Register or unregister a DLL
   REGINI   Change Registry Permissions
   REM      Record comments (remarks) in a batch file•
   REN      Rename a file or files•
   REPLACE  Replace or update one file with another
   Reset Session  Delete a Remote Desktop Session
   RD       Delete folder(s)•
   RMTSHARE Share a folder or a printer
   ROBOCOPY Robust File and Folder Copy
   ROUTE    Manipulate network routing tables
   RUN      Start | RUN commands
   RUNAS    Execute a program under a different user account
   RUNDLL32 Run a DLL command (add/remove print connections)

s
   SC       Service Control
   SCHTASKS Schedule a command to run at a specific time
   SET      Display, set, or remove session environment variables•
   SETLOCAL Control the visibility of environment variables•
   SETX     Set environment variables
   SFC      System File Checker 
   SHARE    List or edit a file share or print share
   ShellRunAs Run a command under a different user account
   SHIFT    Shift the position of batch file parameters•
   SHORTCUT Create a windows shortcut (.LNK file)
   SHUTDOWN Shutdown the computer
   SLEEP    Wait for x seconds
   SLMGR    Software Licensing Management (Vista/2008)
   SORT     Sort input
   START    Start a program, command or batch file•
   SUBINACL Edit file and folder Permissions, Ownership and Domain
   SUBST    Associate a path with a drive letter
   SYSMON   Monitor and log system activity to the Windows event log
   SYSTEMINFO List system configuration
t
   TAKEOWN  Take ownership of a file
   TASKLIST List running applications and services
   TASKKILL End a running process
   TELNET   Communicate with another host using the TELNET protocol
   TIME     Display or set the system time•
   TIMEOUT  Delay processing of a batch file
   TITLE    Set the window title for a CMD.EXE session•
   TLIST    Task list with full path
   TOUCH    Change file timestamps    
   TRACERT  Trace route to a remote host
   TREE     Graphical display of folder structure
   TSDISCON Disconnect a Remote Desktop Session
   TSKILL   End a running process
   TSSHUTDN Remotely shut down or reboot a terminal server
   TYPE     Display the contents of a text file•
   TypePerf Write performance data to a log file
v
   VER      Display version information•
   VERIFY   Verify that files have been saved•
   VOL      Display a disk label•
w
   WAITFOR  Wait for or send a signal
   WEVTUTIL Clear event logs, enable/disable/query logs
   WHERE    Locate and display files in a directory tree
   WHOAMI   Output the current UserName and domain
   WINDIFF  Compare the contents of two files or sets of files
   WINRM    Windows Remote Management
   WINRS    Windows Remote Shell
   WMIC     WMI Commands
   WUAUCLT  Windows Update
x
   XCACLS   Change file and folder permissions
   XCOPY    Copy files and folders
   ::       Comment / Remark•

Commands marked • are Internal commands only available within the CMD shell.
All other commands (not marked with •) are external commands.
External commands may be used under the CMD shell, PowerShell, or directly from START-RUN.

Editorial Reviews

AMAZON BESTSELLER
Completely revised and updated for the new Cisco exams:
200-120 CCNA
100-101 ICND1
200-101 ICND2
FREE SUPPORT
The book is supported for free at in60days.com so just come over and register your copy to get free access to over $400 worth of videos, exams, cram guides and a friendly forum.

ABOUT THE BOOK

Do any of the following problems sound familiar to you?
“I just don’t know where to start studying. I feel overwhelmed by the information.”
“I’ve bought all the CBT-style videos and books, and have even been on a course, but I don’t feel ready to take the exam and I don’t know if I ever will.”
For every ten students who start out towards the CCNA qualification, nine quit. They don’t quit because of laziness but because they became overwhelmed with information and didn’t even know where to start. They sat down to study from one of the ‘big name’ manuals and half an hour later found themselves staring blankly at the same page. Can you imagine how frustrating that feels?

You see, most authors throw you in at the deep end and expect you to get on with it. They forget that you have a full time job, a long journey back home, family commitments and any number of challenges going on in your life. The last thing you have time for is to write out a detailed study plan with plenty of review sessions.
If only somebody could tell you what to study each day, every day. If only you could open your study guide and see which bit of theory to read, which lab to do and which exam to take. You could then get on with the task of studying and getting that exam nailed.
This is where Cisco CCNA in 60 Days comes in. Written in response to feedback from thousands of students using my online CCNA in 60 days program, my classroom courses and my other online Cisco training websites this book is the final piece in the studying puzzle.
HOW IT WORKS
Every day you read your theory module, you review yesterdays lesson, do a lab and then answer some review questions.

The next day you do the same until you reach the review sessions where you cement all your knowledge with more labs and review as well as some practise exams. If that wasn’t enough, you have a cram guide to read daily and an online Subnetting review site to really hone your subnetting skills.
At the 30 day mark you can take your CCENT exam and move into your ICND2 study sessions or just take your CCNA exam at the end of 60 days. If you fall behind no problem, just pick up where you left off.
Having a problem with motivation and distractions? No problem, just read the detailed goal setting guide to turbo boost your productivity and motivation.
WHAT’S COVERED?
Every subject Cisco want you to know for your exams is covered with labs, theory, exams, reviews and crams. From RIP to OSPF, from VLSM to CIDR, IPv4 to IPv6, STP to CDP. Every exam topic is covered in detail many times over.
Just when you think you are ready you are hit with challenge labs and more exams to ensure you are more than ready for the tricky Cisco exams. There are over 60 labs in total. Some with careful explanations and some you have to work out for yourself.

ABOUT THE AUTHORS

Paul Browning used to work at Cisco TAC but left in 2002 to start his own Cisco training company. He has authored several Cisco manuals as well as created one of the biggest online Cisco training websites used by many thousands of students.
Farai Tafa is a dual CCIE who consults for large blue chip companies in the USA. He is an expert in network design and installation as well as an acknowledged expert in voice and security.
Daniel Gheorghe is a CCIE in Routing and Switching. He is currently preparing for his second CCIE certification (in Security) and he is developing his skills in system penetration testing.
Dario Barinic is a network expert (dual CCIE #25071 – Routing and Switching, and Service Provider) with a Master of Engineering degree and eight years of experience in the networking field
Table of Contents
Day 1 – Networks, Cables, OSI, and TCP Models
Day 2 – CSMA/CD, Switching, and VLANs
Day 3 – Trunking, DTP, and Inter-VLAN Routing
Day 4 – Router and Switch Security
Day 5 – IP Addressing
Day 6 – Network Address Translation
Day 7 – IPv6
Day 8 – Integrating IPv4 and IPv6 Network Environments
Day 9 – Access Control Lists
Day 10 – Routing Concepts
Day 11 – Static Routing
Day 12 – OSPF Basics
Day 13 – OSPFv3
Day 14 – DHCP and DNS
Day 15 – Layer 1 and Layer 2 Troubleshooting
Day 16 – Review 1
Day 17 – Review 2
Day 18 – Review 3
Day 19 – Review 4
Day 20 – Review 5
Day 21 – Review 6
Day 22 – Review 7
Day 23 – Review 8
Day 24 – Review 9
Day 25 – Review 10
Day 26 – Review 11
Day 27 – Review 12
Day 28 – Review 13
Day 29 – Review 14
Day 30 – Exam Day
Day 31 – Spanning Tree Protocol
Day 32 – Rapid Spanning Tree Protocol
Day 33 – EtherChannels and Link Aggregation Protocols
Day 34 – First Hop Redundancy Protocols
Day 36 – EIGRP
Day 37 – Troubleshooting EIGRP
Day 38 – EIGRP For IPv6
Day 39 – OSPF
Day 40 – Syslog, SNMP, and Netflow
Day 41 – Wide Area Networking
Day 42 – Frame Relay and PPP
Day 43 – Review 1
Day 44 – Review 2
Day 45 – Review 3
Day 46 – Review 4
Day 47 – Review 5
Day 48 – Review 6
Day 49 – Review 7
Day 50 – Review 8
Day 51 – Review 9
Day 52 – Review 10
Day 53 – Review 11
Day 54 – Review 12
Day 55 – Review 13
Day 56 – Review 14
Day 57 – Review 15
Day 58 – Review 16
Day 59 – Review 17
Day 60 – Review 18

Book Details

Title: Cisco CCNA in 60 Days, 2nd Edition
Author: Paul William Browning
Length: 700 pages
Edition: 2
Language: English
Publisher: Reality Press Ltd.
Publication Date: 2014-03-14
ISBN-10: 0956989292
ISBN-13: 9780956989291

Download location 1
Download location 2

Kun Peng, “Anonymous Communication Networks: Protecting Privacy on the Web”
English | ISBN: 143988157X | 2014 | 203 pages | PDF | 2 MB

In today’s interactive network environment, where various types of organizations are eager to monitor and track Internet use, anonymity is one of the most powerful resources available to counterbalance the threat of unknown spectators and to ensure Internet privacy.
Addressing the demand for authoritative information on anonymous Internet usage, Anonymous Communication Networks: Protecting Privacy on the Web examines anonymous communication networks as a solution to Internet privacy concerns. It explains how anonymous communication networks make it possible for participants to communicate with each other without revealing their identities.

The book explores various anonymous communication networks as possible solutions to Internet privacy concerns—making it ideal for network researchers and anyone interested in protecting their privacy or the privacy of their users. Identifying specific scenarios where it is best to be anonymous, it details the two main approaches to anonymous communication networks: onion routing and mixed networks.
Details helpful tips for optimizing onion routing
Defines and classifies mixed networks
Illustrates the application of a mixed network to e-voting with a case study
Considers the application of symmetric cipher and Diffie-Hellman key exchange in Tor
Supplies detailed guidance on how to download and install Tor, I2P, JAP/JonDo, and QuickSilver
Using examples and case studies, the book illustrates the usefulness of anonymous communication networks for web browsing, email, e-banking, and e-voting. It explains how to obtain anonymous usage permits for cloud software and analyzes the spectrum of existing techniques for anonymous cyber surfing. The text concludes by examining future directions to supply you with the understanding required to ensure anonymous Internet browsing.

Download location 1
Download location 2

How to Add Multiple Routes in Linux Using IP Command Examples

Apart from the default route, you can also configure additional routes.

For example, your server you might have 2 interfaces (eth0 and eth1). By default, all the traffic is routed through interface eth0 irrespective of what IP address you have configured on eth1.

To route the incoming and outgoing traffic through eth1, other than the default route (eth0), you also need to add additional routes for eth1

In this tutorial, let us use the following example:

eth0 has been configured with IP address 19.86.101.54 with netmask 255.255.255.0 and default gateway of 19.86.101.1
eth1 has been configured with IP address 19.86.100.176 with netmask 255.255.255.0 and it’s gateway IP address is 19.86.100.1

You can view your current ip-address of your interface cards using ifconfig command as shown below.

# ifconfig -aeth0      Link encap:Ethernet  HWaddr 00:50:56:8E:0B:EC          inet addr:19.86.101.54  Bcast:19.86.101.255  Mask:255.255.255.0          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:3735 errors:0 dropped:0 overruns:0 frame:0          TX packets:336 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:295679 (288.7 Kb)  TX bytes:50312 (49.1 Kb)eth1      Link encap:Ethernet  HWaddr 00:50:56:8E:27:0D          inet addr:19.86.100.176  Bcast:19.86.100.255  Mask:255.255.255.0          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:14 errors:0 dropped:0 overruns:0 frame:0          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:840 (840.0 b)  TX bytes:0 (0.0 b)

Also, the netstat command output indicates that the default gateway is pointing to eth0,

# netstat -rnKernel IP routing tableDestination     Gateway         Genmask         Flags   MSS Window  irtt Iface0.0.0.0         19.86.101.1     0.0.0.0         UG        0 0          0 eth019.86.100.0     0.0.0.0         255.255.255.0   U         0 0          0 eth119.86.101.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0

With the above settings, you may be able to ping both the gateways and communicate with other devices without any issues. But, remember that all the traffic is routed through eth0 by default.

When you ping the IP address 19.86.100.176 from outside your network you may notice that it will not be pingable.

In order to implement this, you need a create a new policy in the routing table. The routing table is located at /etc/iproute2/rt_tables. The initial rule file before configuration may look like the one shown below.

# cat /etc/iproute2/rt_tables## reserved values#255     local254     main253     default0       unspec## local##1      inr.ruhep#

To view all the current rules, use the ip command as shown below:

# ip rule show0:      from all lookup local32766:  from all lookup main32767:  from all lookup default

First, take a backup of the rt_Tables before making any changes.

cd /etc/iproute2cp rt_tables rt_tables.orig

Next, create a new policy routing table entry in /etc/iproute2/rt_tables file:

echo "1 admin" >> /etc/iproute2/rt_tables

Now add the routing entries in the admin table.

ip route add 19.86.100.0/24 dev eth1 src 19.86.100.176 table adminip route add default via 19.86.100.1 dev eth1 table admin

In the above example:

In the first ip command, we are adding subnet 19.86.100.0 with a netmask 255.255.255.0 with the source IP address 19.86.100.176 & device eth1 to the admin table.
In the second ip command, we are adding the route 19.86.100.1 to the admin table. This way all the rules defined in admin table routes traffic through device eth1.

Once the above commands are executed successfully, you need to instruct the OS how to use this table.

In the “ip rule show” you may noticed the line “32766: from all lookup main”. This is the line that instructs the OS to route all the traffic defined in “main” table which is the default gateway.

All the rules are executed in the ascending order. So, we will add rule entries above the “main” table.

ip rule add from 19.86.100.176/24 table adminip rule add to 19.86.100.176/24 table adminip route flush cache

In the above example:

The first command adds the rule that all the traffic going to eth1′s IP needs to use the “admin” routing table instead of “main” one.
The second command adds the rule that all the outgoing traffic from eth1′s IP needs to use the “admin” routing table instead of “main” one.
The third command is used to commit all these changes in the previous commands

Finally, verify that your changes are made appropriately using the following command:

# ip rule show0:      from all lookup local32764:  from all to 19.86.100.176/24 lookup admin32765:  from 19.86.100.176/24 lookup admin32766:  from all lookup main32767:  from all lookup default

At this point, you should be able to ping the IP address 19.86.100.176 from the outside network and view all the traffic that is supposed to be using eth1 is working as expected.

To make these changes persistent across reboot, you can add these commands to /etc/init.d/boot.local (for SUSE Linux), or /etc/rc.d/rc.local (for Redhat, CentOS).

If you want to configure one more IP address on a different subnet, repeat all of the above steps, but use a different table name. Instead of “admin” table, use “admin-new” table.

OWASP RainbowMaker v1.2 Released

OWASP Rainbow Maker is free to use. It is licensed under the GNU GPL v3 License. Compatible with Win 32-bit.

Supported Two modes:

Crack the hash
Create a Rainbow Table

Download location 1
Download location 2
Download location 3

More info: Rainbow_Maker_Project

OWASP WebSpa Project v0.7 – Java Web Knocking Tool Released

The OWASP WebSpa Project is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated Operating System (O/S) command. It provides a cryptographically protected “open sesame” mechanism on the web application layer, comparable to well-known port-knocking techniques. It is licensed under the Creative Commons Attribution-ShareAlike 3.0.

This project implements the concept of web knocking by offering a jar file that ‘tails’ the access log of an existing web server. A user submits a specially crafted URL, therefore executing a predefined O/S command. No new ports or services are created.

Similarly to traditional network port-knocking schemes, the OWASP WebSpa Project aims to create a covert channel of communication for O/S commands over the web application layer. This channel is by no means bi-directional: It is only the client that can issue commands to the server. The inverse, i.e. the server issuing commands to the client, is not an option within the current version.

Download location 1
Download location 2

More info: https://www.owasp.org/index.php/OWASP_WebSpa_Project

Lynis v1.5.9 Released

Lynis is an auditing tool which tests and gathers (security) information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.

Some of the (future) features and usage options:

System and security audit checks
File Integrity Assessment
System and file forensics
Usage of templates/baselines (reporting and monitoring)
Extended debugging features
This tool is tested or confirmed to work with at least: AIX, Linux, FreeBSD, OpenBSD, Mac OS X, Solaris. See website for the full list of tested operating systems.

More info and download:
CISofy Products

Learning hacking is very difficult. Unlike programming or any other thing you have to work really hard to get to know something. Because there are closed communities, not especially friendly to people from "outside". A lot of people complained about it before they started the training. Almost everyone experienced rejection and almost everyone did not know how to make the first step. People just want to learn fast and good because of that we offer solid good information for beginners.

In this video series you will learn various way of hacking. Our aim is teaching basics about Penetration Testing and ethical hacking in this lessons. Because basics are very important. You can't continue to learn advanced techniques and things without knowing basics of ethical hacking. After this good basic knowledge you can easily improve yourself and continue to learn without a lot of effort.

We will teach how to do hacking in real life not just theory. We will do a lot of DEMO in this video series to understand topic much better. The topics that we are going to learn;

Kali Linux:

You will learn Kali Linux which is specially designed Linux distrubution for Penetration Tester.

Installation of Kali Linux OS
Basic usage of Linux

Metasploit:

You will learn exploiting security vulnerabilities with Metasploit Framework. It is a very popular program amongst Penetration Testers which have a very big exploit collection.

Metasploit framework
Exploiting a vulnerability with Metasploit framework
Client Side Attacks

Trojan:

You will learn how can make trojan, how to detect trojan in your systems and how can you hide trojan file from antivirus programs.

Making Trojan file
Creating and managing a bot-net
Hiding Trojan file from anti virus programs
Detecting Trojans in your systems

Sniffers:

In this section you will learn how can you capture network traffic packages, how can you analyze and find useful information in this packages. You will learn arp poisoning, dns spoof attacks.

Capturing network traffics
Data mining from captured network traffics
Arp poisoning attack
Dns spoof attack

Download location 1
Download location 2

Description:
Practical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business

Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues
Covers 'What to Do When You Get Hacked?' including Business Continuity and Disaster Recovery planning, Public Relations, Legal and Regulatory issues, and Notifications and Disclosures
Provides steps for integrating cybersecurity into Strategy; Policy and Guidelines; Change Management and Personnel Management
Identifies cybersecurity best practices that executives can and should use both in the office and at home to protect their vital information

Download location 1
Download location 2

You can make your own sms bomber in few steps. You just have to follow the instructions listed in the Pdf file. Method is in privacy, alternately you can download the pdf file by clicking below:

Download location 1

Download location 2

Artifici Pirate

ADD CAPTION HERE

ADD CAPTION HERE

Helper Blogger

Saturday, August 23, 2014

Ghost Phisher

Basics of Information Security, The, Second Edition - Andress, Jason

How to Hire PHP Programmers

SQLMap for Cloudflare protected sites