BUEN FIN DE CUATRIMESTRE...!! A DISFRUTAR DE ESTAS MERECIDAS VACACIONES.. NOS VEMOS EL PRÓXIMO :)

sábado, 27 de mayo de 2023

TYPES OF HACKER

7 Types of hacker 

 1-Script Kiddies-They are  just download overused software & watch youtube video on how to use it. Script kiddies don't care about hacking.

 2-White Hat-They are the good guys of the hacker world. They also known as Ethical Hacker.

 3-Black Hat-They finds bank or other companies with weak security and steal money or credit card information. They also known as cracker. They are dangerous because they are illegal to gain unauthorized access.

 4-Gray Hat-They don't steal money or information sometimes they deface a website or they don't help people for good.

 5-Green Hat-These are the hacker "noobz" but unlike Script Kiddies.They care about Hacking  and strive to become full-blown hacker.

 6-Red Hat-These are the vigilantes of the hacker world. They are like White Hats in that they halt Black Hats but these folks are downright SCARY to those who have ever tried so much as penetrest.

 7-Blue Hat-If a Script Kiddy took revenge he/she might become a Blue Hat.Most Blue Hats are noobz.They have no desire to learn.

More info


  1. Hacking Tools Pc
  2. Pentest Tools Review
  3. Pentest Box Tools Download
  4. Hack App
  5. Pentest Tools Online
  6. Hacker Security Tools
  7. Hack Tools For Mac
  8. Pentest Tools Android
  9. Hacker Hardware Tools
  10. Hacking Tools Name
  11. Hacking Tools Hardware
  12. Hacking Tools For Mac
  13. Ethical Hacker Tools
  14. Hack Website Online Tool
  15. Github Hacking Tools
  16. New Hacker Tools
  17. Hacker Tools Linux
  18. Hacking Tools Usb
  19. Hacking Tools Kit
  20. Pentest Tools For Ubuntu
  21. World No 1 Hacker Software
  22. Hacker Tools Apk Download
  23. Termux Hacking Tools 2019
  24. Pentest Tools Download
  25. Pentest Tools For Windows
  26. Hacking Tools Usb
  27. Pentest Box Tools Download
  28. Hacking Tools 2019
  29. Hacking Tools Kit
  30. Hack Tool Apk No Root
  31. Hack Tools Download
  32. Tools 4 Hack
  33. Hacker Tools For Pc
  34. Android Hack Tools Github
  35. Computer Hacker
  36. Hack Tools 2019
  37. Bluetooth Hacking Tools Kali
  38. New Hacker Tools
  39. Hack Tools Online
  40. Hak5 Tools
  41. Hacking Tools
  42. Hacker Tools Free Download
  43. Hacking Tools
  44. Hacking Tools And Software
  45. Hacking Apps
  46. Nsa Hacker Tools
  47. Android Hack Tools Github
  48. Pentest Tools Free
  49. Hack Tools
  50. Hacking Tools And Software
  51. Hack Tools
  52. Pentest Tools Linux
  53. Hack Rom Tools
  54. Nsa Hacker Tools
  55. Pentest Reporting Tools
  56. Pentest Tools Windows
  57. Physical Pentest Tools
  58. Hacking Tools Name
  59. Hacking Tools Usb
  60. Pentest Tools Github
  61. Hack Rom Tools
  62. Hacker
  63. Hacker Tools For Ios
  64. Pentest Tools For Mac
  65. Best Hacking Tools 2019
  66. Hacker Tools 2019
  67. Best Hacking Tools 2019
  68. Termux Hacking Tools 2019
  69. Hacker Tools Github
  70. Pentest Automation Tools
  71. Pentest Tools Nmap
  72. Android Hack Tools Github
  73. Hacking Tools For Mac
  74. Hacking Tools Name
  75. Hack Rom Tools
  76. Tools 4 Hack
  77. Hacking Tools Software
  78. Pentest Tools Website
  79. Hack Rom Tools
  80. Hack Website Online Tool
  81. Hacker Tools 2020
  82. Hack Tools For Mac
  83. Pentest Tools Subdomain
  84. Hacking Tools And Software
  85. Hack Rom Tools
  86. Hacking Tools For Kali Linux
  87. Top Pentest Tools
  88. How To Install Pentest Tools In Ubuntu
  89. Hack App
  90. Hacking Tools 2019
  91. Underground Hacker Sites
  92. New Hacker Tools
  93. Top Pentest Tools
  94. Black Hat Hacker Tools
  95. Pentest Tools Tcp Port Scanner
  96. Wifi Hacker Tools For Windows
  97. Hacker Tools For Windows
  98. How To Make Hacking Tools
  99. Hacker Tools List
  100. Hacking Apps
  101. Hacking Tools Online
  102. Hack Tools For Mac
  103. Android Hack Tools Github
  104. Hacking Tools Windows 10
  105. Hacking Tools 2019
  106. Hacker Tools
  107. Hacker Tools Free Download
  108. Hacking Tools For Beginners
  109. Free Pentest Tools For Windows
  110. What Are Hacking Tools
  111. Termux Hacking Tools 2019
  112. Best Hacking Tools 2019
  113. Pentest Tools For Android
  114. New Hack Tools
  115. Hacks And Tools
  116. Hacker Tools Free Download
  117. Hacking Tools 2020
  118. Install Pentest Tools Ubuntu
  119. What Are Hacking Tools
  120. Hacker Tools 2019
  121. Hack Tools
  122. Hacks And Tools
  123. Hacker Tools For Mac
  124. Hacking Tools Name
  125. Ethical Hacker Tools
  126. Hacking Tools For Windows
  127. Beginner Hacker Tools
  128. Hacking Tools Mac
  129. Best Pentesting Tools 2018
  130. Tools 4 Hack
  131. Hack Website Online Tool
  132. Hacker Tools Hardware
  133. Hacking Tools Mac
  134. Hack Tools For Windows
  135. Hacking Tools
  136. Hacking Tools Kit
  137. Bluetooth Hacking Tools Kali
  138. Hacking Tools For Windows
  139. Hacker Tool Kit
  140. Nsa Hacker Tools
  141. Hack Apps
  142. Pentest Tools Framework
Publicado por ale_psyduck en 20:31 0 comentarios

Networking | Routing And Switching | Tutorial 4 | 2018


Welcome to my 4th new tutorial of the series of networking. In this blog you'll the content about network switches. You'll learn about how to make a communication successful and secure in the same network (LAN) by using STP. As Spanning tree protocol (STP) we used in multi-switched networks. Why we use this protocol in multi-switched network etc.

What is Switch? 

A switch is an intelligent device used to connect multiple devices within the same network. The intelligence of is that it requires Media Access Control (MAC) address for communication and doesn't allow broadcast.  Let's understand the whole thing by a little example, consider there is a network having 3 end devices name Device-A, Device-B,Device-C connected with each other respectively with the help of switch. When a Device-A sends data to Device-C so that data will only forwarded by switch to Device-C not to Device-B.

What is Media Access Control (MAC) address?

A Media Access Control (MAC) address is 48-bit unique physical address given to network interface controller (NIC) or network adapter, for communication within the same network which is given by its manufacturer. It is made up of hexadecimal numbers like a1:b1:cc:ac:2e:f1.

What is STP?


STP stands for Spanning tree protocol which is basically used in bridge and switches to prevent loops when you have a redundant links in the Ethernet networks. If the loop is present in the Ethernet network so the whole network will suffer because there will MAC instability in the MAC table,  duplicate frames generation and so on. Let's move to the video for further detail.


Related news
  1. Hacking Tools Github
  2. Pentest Tools For Ubuntu
  3. Pentest Box Tools Download
  4. Hacking Tools Windows 10
  5. Hacking Tools For Windows 7
  6. Hacker
  7. Pentest Tools Port Scanner
  8. Hacking App
  9. Pentest Tools Linux
  10. Pentest Tools For Android
  11. Pentest Tools For Ubuntu
  12. Best Hacking Tools 2019
  13. Hacking Tools For Games
  14. Top Pentest Tools
  15. Pentest Recon Tools
  16. Termux Hacking Tools 2019
  17. Hack Website Online Tool
  18. Pentest Tools Url Fuzzer
  19. Hack Tools Download
  20. Hacker Tools Windows
  21. Hacking Tools Name
  22. Hack Website Online Tool
  23. Install Pentest Tools Ubuntu
  24. How To Hack
  25. Pentest Tools List
  26. Hacker Tools Online
  27. Hackrf Tools
  28. Hacking Tools Hardware
  29. Hak5 Tools
  30. Github Hacking Tools
  31. Hacking Tools And Software
  32. Hacker
  33. Hack Rom Tools
  34. Pentest Tools Github
  35. Nsa Hack Tools Download
  36. Hacker Tools List
  37. Hacker Tools Hardware
  38. Usb Pentest Tools
  39. Hackers Toolbox
  40. Hacking Tools 2019
  41. Hack Rom Tools
  42. World No 1 Hacker Software
  43. Tools For Hacker
  44. Tools For Hacker
  45. Hack Tools Mac
  46. Blackhat Hacker Tools
  47. How To Install Pentest Tools In Ubuntu
  48. Hak5 Tools
  49. Hacker Tools Hardware
  50. Hacking Tools Pc
  51. Hack Tools Pc
  52. Pentest Tools Open Source
  53. Pentest Tools Github
  54. Pentest Tools For Windows
  55. Hacker Tools Hardware
  56. Pentest Reporting Tools
Publicado por ale_psyduck en 11:41 0 comentarios

Fhex - A Full-Featured HexEditor

This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations (e.g. too many dependencies, missing hex coloring features, etc.).


This project is based on qhexedit2, capstone and keystone engines. New features could be added in the future, PRs are welcomed.

Features
  • Chunks loader - Used to load only a portion of large files without exhaust the memory (use alt + left/right arrows to move among chunks). Please note that in chunk mode, all the operations (e.g. search) applies only to the current chunk except for file save (the entire file is saved). However, each time you edit a chunk, save it before to move to another chunk, otherwise you will lose your changes.
  • Search and replace (UTF-8, HEX, regex, reverse search supported) [CTRL + F]
  • Colored output (white spaces, ASCII characters, 0xFF, UTF-8 and NULL bytes have different colors)
  • Interpret selected bytes as integer, long, unsigned long [CTRL + B]
  • Copy & Paste [CTRL + C and CTRL + V]
  • Copy selected unicode characters [CTRL + Space]
  • Zeroing all the selected bytes [Delete or CTRL + D]
  • Undo & Redo [CTRL + Z and CTRL + Y]
  • Drag & Drop (Hint: Drag&Drop two files to diff them)
  • Overwrite the same file or create a new one [CTRL + S]
  • Goto offset [CTRL + G]
  • Insert mode supported in order to insert new bytes instead to overwrite the existing one [INS]
  • Create new instances [CTRL + N]
  • Basic text viewer for the selected text [CTRL + T]
  • Reload the current file [F5]
  • Compare two different files at byte level
  • Browsable Binary Chart (see later for details) [F1]
  • Hex - Dec number converter [F2]
  • Hex String escaper (e.g from 010203 to \x01\x02\x03) [F3]
  • Pattern Matching Engine (see later for details)
  • Disassebler based on Capstone Engine [F4]
  • Assembler based on Keystone Engine [F4]
  • Zoom-Out/Zoom-In bytes view (CTRL + Up/Down or CTRL + -/+)
  • Shortcuts for all these features
Pattern Matching Engine

Fhex can load at startup a configuration file (from ~/fhex/config.json) in JSON format with a list of strings or bytes to highlight and a comment/label to add close to the matches.

Examples:

{
    "PatternMatching":
    [
        {
            "string" : "://www.",
            "color" : "rgba(250,200,200,50)",
            "message" : "Found url"
        },
        {
            "bytes" : "414243",
            "color" : "rgba(250,200,200,50)",
            "message" : "Found ABC"
        }
    ]
}

To activate pattern matching press CTRL + P At the end, Fhex will show also an offset list with all the result references. Note: Labels with comments are added only if the window is maximized, if labels are not displayed correctly please try to run pattern matching again.

Binary Chart

Fhex has the feature to chart the loaded binary file (Note: In order to compile the project, now you need also qt5-charts installed on the system). The y-axis range is between 0 and 255 (in hex 0x0 and 0xff, i.e. the byte values). The x-axis range is between 0 and the filesize.

The chart plots the byte values of the binary file and let you focus only on the relevant sections. For example, if in a binary file there is an area full of null bytes, you can easily detect it from the chart.

License

GPL-3



Related posts


Publicado por ale_psyduck en 3:03 0 comentarios

viernes, 26 de mayo de 2023

Networking | Switching And Routing | Tutorial 1 | 2018


Welcome to my new series of tutorials about networking. Moreover in this series I'll discuss briefly each and every thing related to routing and switching. After that you will able to pass an exam of HCNA, CCNA etc. First of all you have to know which software is used by which company such as Huawei used its own software named eNSP while Cisco used its own software named Cisco Packet Tracer. After that you have to know that how to download and install both of the software in your computer systems. So the purpose of this blog is to give you people an overview about how to download and install both of them.

What is a Network? 

First of all we must have to know about what is a network. So the network is the interconnection of two or more than two devices in such a way that they can communicate each other. In computer networks we can say that the interconnection of two or more than two end devices (computer, laptops, printers etc) for the sake of sending and receiving some amount of data is known as computer network.

What is Internet?  

The very simple and easily understandable definition of a internet is "The network of networks". Now what is meant by that? When different networks from the different areas or at the same areas wanna communicate with each other then internet formed. So we can say that "Internet is the interconnection of different networks in such a way that networks can communicate with each other".


More articles
Publicado por ale_psyduck en 18:35 0 comentarios

Blockchain Decentralized Application Hacking Course - A Journey Into Smart Contract Hacking And DApp Penetration Testing (Web 3.0)


Smart Contract Exploitation and Hacking Course Announcement


What Is this: 

For those who have been hitting me up on twitter and YouTube for more blockchain smart contract exploitation content this blog is for you. I have posted a video below explaining what this is and included a course outline of the content we are providing free for everyone. I was actually told recently that I am crazy for giving out this level of detailed content and training for free.. However, I believe in the original hacker ethic code from long ago, that information should be freely available for everyone!! In this frame of mind, the only pay for content will be if you wish to go the extra mile. For the person who wants to prove to themselves or others that they learned something via a certification package with detailed exam prep targets and guides, followed by a final exam CTF and reporting write-up. 

So I hope you enjoy this content. The content and walk through labs will be all free. This content will be posted regularly over the next few months 90% of it is already written and ready to go.

We will start off with the differences between Solidity and other languages and do a quick coding overview before we start hacking. This way everyone is on the same page when we start looking at coding examples of vulnerable targets or reviewing case study code. Then we will cover a wide range of typical issues that effect decentralized applications(DApps) and smart contracts on the Ethereum blockchain. How to spot them and exploit them with full walk-through style learning. Subjects we have already released (Re-Entrancy, Integer Attacks, Authorization) have been updated with new code, new examples, and case studies etc. Some of the learning content will be the same but with a lot of newly added content.  And in the case of Authorization completely re-written and expanded on. 

Basically this course was created to get the information out there in a clear concise way. Because when I started researching blockchain hacking all I found was a paragraph here and there on something that was overly technical or completely theoretical. I couldn't find any clear concise learning or examples. This drove me nuts trying to figure everything out, until I gave up and just coded my own vulnerabilities and hacked them. So hopefully this fills the knowledge gap to offer a clear and concise, Zero Fluff resource to those on the same path. 


CTF Exam: 

If you do enjoy this series over the next few months and want to challenge your skills and certify that you learned something we will be also offering pay for certification bundle that includes Decentralized Application (DApp) targets and detailed lab guides as preparation for a final exam against a more comprehensive CTF certification challenge target. More info on this as the months progress. 


Bug Bounty of Sorts: 

These labs are completed but we are working on a way to deliver the content which requires me to code up a course delivery software. So feel free to hack the course delivery software once its up, if you break in or bypass authorizations I will give you the full course for free provided you help me fix it. :P 


Pre- Requisites: 

This is more of a intermediate / advanced course with a white box code approach to bug hunting and a dynamic approach to application hacking and exploiting targets, with that said you will need the following pre-requisites: 

  • Ability to code in some language and understanding of coding concepts. 
  • Application hacking or development background with firm understanding of vulnerabilities


Contact Info:

As this is free, I only ask that you provide constructive feedback as we are creating other more advanced hacking courses on random subjects we are interested in. Most of which will be free.  And feedback helps us not do things which are not useful and integrate new ideas where they make sense.

Cheers and I hope this finds you well.

Twitter: 

Email: 

  • info@cclabs.io

WebPage:  


Course Outline / Release Order: 

Orange = = Whats included additionally for the full course

Blue = = What will be released free in blogs / videos 

(Mostly every Mondays) over the next few months


Building and Scoping Things

    Chapter 1: Cliff Notes on Blockchain

        Intro:

        What is a Blockchain and how is it secured

        Smart Contracts

        What is a Decentralized Application (DApp)?

        Diving into Blockchain Components:

        Distributed Vs Decentralized

        Provenance Use Case:

        Consensus and Mining:

            Hands on Lab - Blockchain Consensus walkthrough Lab

        Summary:

        References:


    Chapter 2: Threat Modeling and Scoping Engagements

        Architecture Considerations:

        Business Logic Locations and Technology Decisions

        Development Environments

        Threat Modeling

        Summary

        References:


    Chapter 3 – Solidity for Penetration Testers Part 1 (Hello World)

        About Solidity

            Hands on Lab - Remix interface overview

        Structure of a Smart Contract

            Hands on Lab – HelloWorld

        Summary

        References:


    Chapter 4 – Solidity for Penetration Testers Part 2

        Beyond Hello World

            Hands on Lab – Code HelloWorld bank

        Code Level Walk Through of HelloWorld Bank

        Checks Effects Interactions:

        Summary


Part 2: Hacking and Exploiting Things

    Chapter 5 - Glass Half Full or Glass Half Empty: Integer Attacks

        Underflows and Overflows

        Withdraw Function Vulnerable to an underflow

        Transfer Function Vulnerable to a Batch Overflow

        Batch Overflow Code Explanation:

            ERC20 Batch Overflow Case-Study

            Walkthrough of The Vulnerable Function

            Reviewing the Real Attack Transaction

            Hands on Lab - Exploiting Our Own ERC20 Batch Overflow

            Hands on Lab - Fixing the ERC20 Overflow

            Exam Prep - DApp Target + Detailed Lab Guide

            Hands on Lab -Safe Math Walk Through

        Integer Attacks Summary

        Integer Attacks References

          

    Chapter 6 - You Again: Leveraging Reentrancy Attacks

        Reentrancy Intro

        Checks Effects Interactions Pattern

        Simple Reentrancy Example Code

        Passing the Checks:

        Looping the Interaction:

        Updating the Effects:

        Attacking Code Example:

            Hands on Lab - Attacking a Simple Reentrancy

            Hands on Lab - Fixing the Checks Effects interaction Pattern

        Send vs Transfer Vs Call.Value

            Case Study – The Dao Hack

            Exam Prep - DApp Target + Detailed Lab Guide

        Reentrancy Summary

        Reentrancy References


    Chapter 7 Do You Have a Hall Pass: Access Control Attacks

        Understanding Smart Contract Authorization and Visibility

        Visibility:

        Simple Visibility Example:

        Implementing Authorization:

        Example Walk-through of No Authorization

        Thinking about Smart Contracts as unpublished API's for DApps

            Case of the Video Game Heist

        Enumerating functions in a contract

            Hands on Lab - Directly Calling Public Functions with Web3

            Hands on Lab - Example Fix with Simple Authorization

        Exit Scam Warning

            Hands on Lab - Example Fix-2 Using Modifiers for Simple Authentication

            Hands on Lab - Example Using Openzeppelin for Role Based Access Control

            Exam Prep - DApp Target + Detailed Lab Guide

        Authorization Summary:

        Authorization References


    Chapter 8 - Dude Where's My Data: Storage Vs Memory Attacks

       Intro - Not Written Yet – Up Next

       Code Example -  Not Written Yet – Up Next

       Case study? - Not Written Yet – Up Next

       Exploiting vulnerability -  Not Written Yet – Up Next

       Summary -  Not Written Yet – Up Next

       References -  Not Written Yet – Up Next


    Chapter 9 - Do I know you:  TxOrigin vs Message.sender Attacks

        What's the difference?

        Man In the Middle Via tx.origin

            Hands on Lab -  Simple tx.origin Example Walkthrough

            Hands on Lab -  Vulnerable TX.Origin Example Walkthrough

            Exam Prep - DApp Target + Detailed Lab Guide

        Action steps to familiarize yourself with the contract:

        Attack Options:

        Summary

        References


    Chapter 10 - Who Am I: Delegate Call Attacks

        How delegate calls work:

        Delegate Call vs Call

        Simple Delegate Call Example Code

        Simple Delegate Code Example Walkthrough

            Hands on Lab - Simple Delegate Example Walkthrough

        Variable Memory Issues with Delegate Calls

        DelegateCall Storage Simple Example Code

            Hands on Lab - DelegateCall Storage Walkthrough

            Exam Prep - DApp Target + Detailed Lab Guide

        Case Study - Parity Wallet Attack:

        Attack Transactions Explained

        Dangerous fallback function using delegatecall

        The Parity Wallet Code

        Delegate Chapter Summary

        Delegate References:


    Chapter 11 - Look into My Crystal Ball: Bad Randomness Issues

        Cryptographic Implementations and Predictable PRNGs

        Simple BlockHash Example

            Hands on Lab - BlockHash Vulnerability Walk and Talk

            Exam Prep - DApp Target + Detailed Lab Guide

        Preventing Randomness Issues

        Bad Randomness Summary

        Bad Randomness References


    Chapter 12 - Automated Static Application Security Testing

        Content - Not written - Up Next 

            Hands On Lab - Not written - Up Next 

        Summary Not written - Up Next 

        References - Not written - Up Next 


Chapter 13 - CTF Exam

        Final Exam and CTF Certification Exam Target 

        Final Exam Reporting


Appendices

    Appendix I – Pre-Requisite Suggestions:

        Programming Pre-Requisites:

        Web Application Hacking Pre-Requisites:

    Appendix II – Other Blockchain Learning Resources and Certifications

    Appendix III – Non-Exhaustive Scoping Questions

    Appendix IV – Non-Exhaustive List of things to check for



Related word
Publicado por ale_psyduck en 10:07 0 comentarios
Suscribirse a: Entradas (Atom)

Escríbe tus dudas, comentarios o sugerencias a:

psicoupavrb@gmail.com

Historia de la Educación

Historia de la Educación
recetas de cocina