The Complete Hacking Course Go from Beginner to Advanced!



How will the information in the course affect me?


  • You will learn All Black Hat hacking techniques and also you will learn to apply them in real world situation
  • You will start to think like hackers
  • Secure your computer from trojans,worms, Adwares etc
  • Amaze your friends with your newly learned tricks
  • You will be able to protect your self from future hack attacks
 
The Complete Hacking Course: Go from Beginner to Advanced!
Learn how to do ethical hacking, penetration testing, web testing, and wifi hacking using kali linux!

Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks



The group has been stealing confidential information from large companies worldwide for the past three years

The hackers that targeted Twitter, Facebook, Apple and Microsoft developers two years ago have escalated their economic espionage efforts as they seek confidential business information and intellectual property they can use for financial gain.

The group, which security researchers from Kaspersky Lab and Symantec call Wild Neutron or Morpho, has broken into the networks of more than 45 large companies since 2012

 After the 2013 attacks against Twitter, Facebook, Apple and Microsoft were highly publicized, the group went underground and temporarily halted its activity. However, its attacks resumed in 2014 and have since intensified, according to separate reports released Wednesday by Kaspersky Lab and Symantec.

Symantec identified 49 organizations in more than 20 countries that have fallen victim to the Morpho group since 2012. The majority of them were from the technology, pharmaceutical, commodities and legal sectors and were based in the U.S., Canada or Europe.

Kaspersky identified additional companies compromised by the group that are involved in Bitcoin cryptocurrency, investments, healthcare, real estate, merger and acquisition deals, as well as individual users.

The absence of government or diplomatic corps victims and other details led researchers from the two security vendors to the conclusion that the Morpho group is most likely not sponsored by a nation state. Instead, it's probably a highly sophisticated cybercrime gang that knows how to exploit the business information it obtains for financial gain, for example by selling it to the highest bidder or by profiting from it on the financial markets.

The group has used at least two zero-day exploits so far, one for Flash Player and one for Java, and also had access to a digital certificate stolen from Taiwanese electronics manufacturer Acer that it used to sign its malware programs. This suggests that the attackers have access to high-value intrusion tools and techniques.

When it targeted developers from technology and Internet companies in 2013 the group launched its attack from a compromised iOS development forum using a Java zero-day exploit. This technique of compromising a website that's visited by multiple intended targets is called a watering hole attack.

That same year the Morpho group used the same method with multiple discussion forums, including expatforum.com, forum.samdroid.net, emiratesmac.com, mygsmindia.com, and a Jihadist discussion board that's now closed, researchers from Kaspersky said in a blog post. The attack vector for the 2014 and 2015 attacks is not yet known, but there are clear indications that a Web-based exploit kit with a zero-day Flash Player exploit was used, they said.

If successful, these Web-based exploits install a custom computer backdoor developed by the group that has versions for Windows and Mac OS X. The attackers then use additional custom hacking tools to move laterally through the network and compromise additional computers, servers and other devices.

 According to Symantec's researchers, the Morpho attackers often target regional offices of their intended victims and then move through their internal networks to access their additional locations and headquarters.

The attackers appear to be well informed about the companies they attack and the information they're searching for.

"In many attacks, the group has succeeded in compromising Microsoft Exchange or Lotus Domino email servers in order to intercept company emails and, possibly use them to send counterfeit emails," the Symantec researchers said in a blog post. "The group has also attacked enterprise content management systems, which would often be home to legal and policy documents, financial records, product descriptions and training documents."

In one case, the attackers compromised a Physical Security Information Management (PSIM) system, gaining access to door locks and CCTV camera feeds.

It's not clear where the group is based. According to Symantec, some, if not all of the group's members are fluent in English, which is evident from the malware's code. However, Kaspersky also found one string in Romanian and one in Russian in the command-and-control procedures.

Peaks of activity were observed on the malware's command-and-control servers that correspond with U.S. typical working hours. This could mean that some attackers are based in the U.S., but could also be because the majority of victims are from the U.S. and Canada, forcing attackers to work during that time interval.

"Morpho is a disciplined, technically capable group with a high level of operational security," the Symantec researchers said. "Having managed to increase its level of activity over the past three years whilst maintaining a low profile, the group poses a threat that ought to be taken seriously by corporations." 

LEAKED: Hacked Sony Docs Reveal Top 17 Execs' Multi-Million Dollar Salaries



Sony suffered a major hack this week, leading to four of the studio's upcoming movies being leaked online and a cyber attack that knocked out the studio's computer network.

The latest attack is a spreadsheet listing the alleged salaries of 17 top paid executives of Sony Pictures Entertainment.

Fusion's Kevin Roose published the spreadsheet, explaining, "I received a link to a public Pastebin file containing the documents from an anonymous e-mailer... one interesting tidbit caught my eye: a spreadsheet containing the salaries of more than 6,000 Sony Pictures employees, including the company's top executives."

The below spreadsheet of the 17 highest-paid execs reveals the $3 million salaries of both CEO Michael Lynton and co-chairman Amy Pascal (pictured above).


Roose also noted that the list of top salaried executives was 88% white and 94% male.

Of the seventeen listed above, only one - Amy Pascal, the co-chair of Sony Pictures Entertainment and chairman of SPE's Motion Picture Group - is a woman.


The inital attack on Sony ironically occurred a month before the studio is set to release the Seth Rogen and James Franco comedy "The Interview," about two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un. The Pyongyang government denounced the film as "undisguised sponsoring of terrorism, as well as an act of war" in a letter to U.N. Secretary-General Ban Ki-moon in June.

Sony and security consultants were investigating the possibility that someone acting on behalf of North Korea, possibly from China, was responsible, according to Reuters. A link to North Korea had not been confirmed but it had not been ruled out.
In the inital hack last week, an image of a skeleton appeared on company computers with a message that stated, "Hacked by #GOP," with the group behind it calling itself "Guardians of Peace." The message threatened to release "secrets and top secrets" of the company, according to Variety.

The latest attack listing salaries also includes Sony employees' names, job titles, home addresses, bonus plans, and current salaries.

TheWrap previously reported the hackers threatened to release private information from the studio if their demands were not met, but those demands were never made clear. They also did not specify a deadline and had not released information before now.

While Sony has no comment on the latest attack, the FBI has launched an investigation with the studio's support.

Anonymous Declares Vengeance For Mike Brown: We Are The Law Now


The hacker collective Anonymous has been involved in protests, information quests, and more since Michael Brown was shot on August 9, but in a Twitter post today, Anonymous declares vengeance — or, in their own terms, justice. After responding to a direct threat from the KKK, they went on to promise that justice would be done, saying, “We are the law now.”

Anonymous’ involvement in the Michael Brown case has involved leaking (incorrectly) the name of the officer who shot Brown, and later, doxing Officer Darren Wilson, the actual shooter. They’ve doxed a list of purported KKK members, releasing names, social media accounts, and other contact information. They’ve further claimed to have evidence that Darren Wilson is a KKK member, though they did not release this information, saying it would endanger others. They’ve hacked a Twitter account belonging to the KKK.

All of this has led to a particular tension between the two groups, and it seems that on Friday night, that tension escalated. Though the Twitter account @MStag56 is now deleted or suspended, one of Anonymous’ many accounts has shared an image purported to be a tweet from that account. The tweet appears to be a direct threat, and Anonymous responded in kind.


This account is one of many that Anonymous listed as belonging to KKK members. The Klan did not show up as invited, though, and it is after this missed event that Anonymous declares vengeance.

@mstag56 + TAK KKK: you're a no show, despite threats. Didn't you declare war on us or something? #opKKK #hoodsoff pic.twitter.com/0pK2YCNmJX

— West Florissant Ave. (@ThatsRacistAF) November 30, 2014

After Friday’s failed meet-up, Anonymous opened Saturday with a warning, seeming to hint that they will bestow justice, or vengeance, themselves. They tweeted their promise early Saturday afternoon.

WE are the law now. Mike Brown will get justice one way or another. Mark my words. #Anonymous #OpFerguson pic.twitter.com/7D2KIRy7J9

— Anon Cop Watch (@AnonCopWatch) November 30, 2014

Though they don’t name a victim, there are certainly some obvious possible pursuits, including attacks on Darren Wilson or on the police force, or the KKK. The group, known for its hacking skills, may have in mind to use a digital, rather than physical, attack. It may be hoped that they could plan to pursue legal avenues, but “we are the law now” would seem to defy that as a possibility.

Anonymous declares vengeance — but where, and how, will they seek it?

What Is The Difference Between A Worm, A Trojan & A Virus

There are a lot of heavily technical terms that get used around computer security. Many of them can be a bit hard to explain in a simple manner, so they often get used incorrectly. One of the most frequently (and painfully) misused groups is the terms that differentiate malware from other types of vulnerabilities and threats. I thought I'd clear up the confusion by explaining what malware, trojans, viruses, and worms are and how they're different from one another.

Here’s the basic definition for all the terms we’ll discuss here:

1. Malware:


This is a big catchall phrase that covers all sorts of software with nasty intent. Not buggy software, not programs you don’t like, but software which is specifically written with the intent to harm.

2. Virus: 


This is a specific type of malware that spreads itself once it’s initially run. It's different from other types of malware because it can either be like a parasite that attaches to good files on your machine, or it can be self-contained and search out other machines to infect.

3. Worm: 


Think of inchworms rather than tapeworms. These are not parasitic worms, but the kind that move around on their own. In the malware sense, they're viruses that are self-contained (they don’t attach themselves like a parasite) and go around searching out other machines to infect.

4. Trojan: 


Do you remember that story you had to read in high school about the big wooden horse that turned out to be full of guys with spears? This is the computer equivalent. You run a file that is supposed to be something fun or important, but it turns out that it’s neither fun nor important, and it’s now doing nasty things to your machine.

5. Vulnerability


Funny thing about software: it’s written by humans. Humans are fallible and sometimes forget to cross t's and dot i's. Sometimes those mistakes create strange behavior in programs. And sometimes that strange behavior can be used to create a hole that malware or hackers could use to get into your machine more easily. That hole is otherwise known as a vulnerability.

6. Exploit


The strange behavior that can be used to create a hole for hackers or malware to get through generally requires someone to use a particular sequence of actions or text to cause the right (or is that wrong?) conditions. To be usable by malware (or on a larger scale by hackers), it needs to be put into code form, which is also called exploit code.

4 ways on How to hack facebook password



In my previous post How to hack facebook password i told you about hacking facebook with phishing,Today i thought to uncover all the methods used to hack facebook password, I will cover 4 methods over here:

  1. Facebook Phishing 
  2.  Keylogging 
  3. Social engineering 
  4. Primary email address hack 


1. Facebook phishing:


I have taken this method first because i think this is the most popular method/way of hacking facebook. I studied various facebook surveys taken on web about hacking facebook. The results of these surveys show "Phishing" as the most used method to hack facebook and to note…"Phishing is favorite method of facebook hackers". So, friends.. beware of facebook Phishing. Facebook staff is working hard to avoid these Facebook phishers. Phishing not only allows you to hack Facebook but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. I will not extend this topic over here as i have added more on Phishing in my article How to hack facebook password

2. Keylogging:

This is my second favorite, as only thing you have to do is remotely install a keylogger application (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded keystrokes to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use these logs to get required Facebook password and thus can hack facebook password. I have posted detailed information of top keyloggers in the trade for more information see my password hacking softwares section

3. Social engineering:

This sounds to be pretty not working at beginning. Even I was neglecting this way. But, once, I thought of using it against my friend on Facebook and i got his Facebook password very easily by this method. I think many of you might be knowing how what this social engineering, For newbies, social engineering is method of retrieving password or answer of security question simply be quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.

4.Primary email address hack 

If Facebook hacker, by some means, hacks your gmail or yahoo account which you are using as primary email address, then this Facebook hacker can easily hack your Facebook password using "Forgot password" trick. He will simply ask Facebook to send password reset email to your primary email address- which is already hacked. Thus, your Facebook account password will be reset and it will be hacked !!!

So, always remember to protect your Facebook primary email address and try to keep unknown or useless mail id as your primary email address
So far, i found these Facebook hacking methods as best and working ways to hack facebook account passwords. I never encourage hacking Facebook or any email account,,I just wanna make you aware about Facebook dangers online. I will appreciate your effort if you mention any other Facebook hacking method.

5. Facebook Cookie Stealing 

I am updating this post with a new method which is being used to hack facebook accounts, which I think is very effective, Facebook cookie stealing is becoming popular day by day.The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like Read MoreCookie:-> ( datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc )

3 Basic Tips To Prevent A DDoS Attack


Distributed denial-of-service (DDoS) attacks are always in top headlines worldwide, as they are plaguing websites in banks, and virtually of almost every organization having a prominent online presence. The main cause behind the proliferation of DDoS attacks is that there is a very low-cost that the attacker has to incur to put such attack in motion. Fortunately, today various prevention methods have been developed to tackle such attacks. Before delving further into understanding about the ways to prevent DDoS attack, let’s first understand what exactly a DDoS attack is!

Understanding DDOS Attack


A DDoS (distributed denial-of-service) attack is an attempt made by attackers to make computers’ resources inaccessible to its anticipated user. In order to carry out a DDOS attack the attackers never uses their own system; rather they create a network of zombie computers often called as a “Botnet” – that is a hive of computers, to incapacitate a website or a web server.

Let’s understand the basic idea! Now, the attacker notifies all the computers present on the botnet to keep in touch with a particular site or a web server, time and again. This increases traffic on the network that causes in slowing down the speed of a site for the intended users. Unfortunately, at times the traffic can be really high that could even lead to shutting a site completely.

3 Basic Tips to Prevent a DDoS Attack

There are several ways to prevent the DDOS attack; however, here in this guest post I’ll be covering three basic tips that will help you to protect your website from the DDoS attack.

1. Buy More Bandwidth.


One of the easiest methods is to ensure that you have sufficient bandwidth on your web. You’ll be able to tackle lots of low-scale DDOS attacks simply by buying more bandwidth so as to service the requests. How does it help? Well, distributed denial of service is a nothing more than a game of capacity. Let’s suppose you have 10,000 computer systems each distributing 1 Mbps directed towards your way. This means you’re getting 10 GB of data that is hitting your web server every second. Now, that’s causes a lot of traffic!

So to avoid such issue, you need to apply the same rule intended for normal redundancy. According to this technique, if you wish to have more web servers just multiply around diverse datacenters and next make use of load balancing. By spreading your traffic to various servers will help you balance the load and will most likely create large space adequate to handle the incessant increase in traffic.
However, there’s a problem with this method that is buying more bandwidth can be a costly affair. And as you’ll know that the current DDoS attacks are getting large, and can be a lot bigger exceeding your budget limit.

2. Opt for DDoS Mitigation Services.

A lot of network or Internet-service providers render DDoS mitigation capabilities. Look for an internet service provider having the largest DDoS protection and mitigation network, automated tools, and a pool of talented anti-DDoS technicians with the wherewithal to take action in real-time as per the varying DDoS attack characteristics. A viable alternative is to utilize a DDoS prevention appliance, which is specifically intended to discover and prevent distributed denial-of-service attacks.

3. Restricted Connectivity.


In case you have computer systems that are connected to the web directly, a better idea is to properly install/configure your routers and firewall so as to limit the connectivity. For an instance, while receiving some data from a client machine you can only allow traffic to pass from the machine only on a few chosen ports (like HTTP, POP, SMTP etc.) via the firewall.

Wrapping Up!

Websites are largely getting attacked by hackers every second. Denial-of-service attack is insanely getting huge and is creating a lot of problems for business organizations having strong online vicinity. In this guest post you’ll not only understand what a DDoS attack actually means, but will also come to know about a few type of methods to prevent DDoS attacks. Aforementioned are three tips that I’ll recommend you to run through to at least understand where to get started towards building a resilient web network with chances of surviving a DDoS attack.