Tuesday, April 26, 2011

Many people want this type of services and searched over internet a waste their time but unable to get desired results.

A few days ago i got a website which have a lots of tracing services. It shows tracing results in a map along with all suitable information you want to know.

You can trace a Mobile number. For example , when we enter the 10 digit mobile number, then we get the Mobile Service provider, Location, City along with area in a map. 

Thats really awesome.

You can also trace IP Address of a person. Enter your IP address and it will show you the location of this IP address and complete details of the ISP with the contact number of that IP Address.

Features of this site is

Trace Mobile Number
Trace Vehical Number
Trace Pin Code
Trace IP Address
WHOIS Trace

GO TO THIS LINK:
http://www.indiatrace.com



please comment below if this post is useful for you..
Most of the persons want to know the IP address of their friends or the person they are chatting with. By using this simple trick you will get the IP address of the person you are chatting or your friends. By finding the IP address of the person you can trace the location of that person by using IP to location locators. Use any of my previous post of locating ip address.


you have to follow these simple steps.


  • Download this php file. from here: http://www.ziddu.com/download/13204906/ip.rar.html 
  • Host this file to any webshost. and get a url of your website like this.
  • suppose http://www.yourwebsite/ip.php is the url of your page
  • Now you just need to say the person to visit your website and this php script will capture his/her IP address for you and store it to ipaddress.txt file
  • go to http://www.yourwebsite/ipaddress.txt to view his/her IP address
this is very simple but effective method of stealing some one's IP address.




Facebook is the part of people's daily life. It's no. 1 socail networking website so it is used for spreading scams by spammers.  Scammers search through Facebook user accounts and gather information from public profiles to send phishing emails so they can gather more secure information such as bank account numbers, credit card numbers and user login and password to other secure sites. On facebook scammers use facebook applications to gather user's information and use their profile to post links of worms and trojans. I wrote a post on securing facebook account from hackers. Today i am going to write some steps to protect your facebook account from scams.


Steps

  1. Avoid clicking on short url's posted in facebook. If you want to click that link, verify it first from the person who posted it. MOst of this type of links are posted by facebook worms.
  2. Most of the scams are of the form of some videos. So avoid to click on such video link without verifying.
  3. If any of your friend send a link with some strange message, ask your friend first before click on those links.
  4. If after clicking on a link, it is aksing for some permission for using your profile information as every application ask before use. Be sure to check all the permission whether it is asking for valid permission or not.
  5. Try to use less application on facebook. Most of the applications on facebook are useless. 
i know it's hard to avoid facebook applications but use those application after verifying it. Most of the scammers use your information for phishing and selling your information to other parties.
Everybody  use email accounts and social networking websites such as orkut, twitter and facebook. There are many important informations of a person in these email accounts and social networking website. so it is important to protect these account from hackers. Because hackers always try to get others account to get those secret and personal data for bad
purpose. If use your email id for business and other services then it's a  great loss and trouble for you. So always try to be safe from hackers Follow these simple steps i am writing below to protect yourself from being hacked.

Never share your password to anyone.
  1. Don't use password as your nick name, phone no. or pet names..
  2. Use the combination of lower case, uper case, numbers and special characters  for passwords.
  3. Never click on any suspected link comes in a mail from unknown sender.
  4. Never give your passwords to any 3rd party websites for any service.
  5. Use different passwords for different accounts.
  6. Check
  7.  the website url every time before login. EX: check url to be
  8. http://www.facebook.com before login to face account. Never login to
  9. website such as http://www.facebook.otherwebsit.com (MOST IMPORTANT)
  10. Use secondary email address and mobile phone numbers with secret questions for account recovery.
  11. Never
  12.  use any javascript code in url while login to any of your email or any
  13. other website account. It may be a cookie stealer script.
  14. use latest antivirus and antimalware softwares with firewall on.
These are some steps which you can follow for safe surfing over the internet.

Don't give any chance to hackers...
EC-Council E-Business Certification Series
Developer - Thomas Mathew
Publisher - OSB Publisher
ISBN No - 0972936211

By explaining computer security and outlining methods to test computer systems for possible weaknesses, this guide provides the tools necessary for approaching computers with the skill and understanding of an outside hacker.


Introduction
This module attempts to bridge various aspects of ethical hacking by suggesting an approach for undertaking penetration testing. There are different ways of approaching a penetration test.
  • External Approach
    • With some prior knowledge
    • Without prior knowledge
  • Internal Approach
    • With some prior knowledge
    • With deep knowledge
Whatever the approach adopted, it is a fact that penetration testing is constrained by time and availability of resources, which varies from client to client. To effectively utilize both these telling factors, penetration testers adopt some form of structure or methodology. These can be checklists developed by consulting practices, widely available resources such as Open Source Security Testing Methodology or a customized attack strategy.
There are is no single set of methodology that can be adopted across client organizations. The skeletal frame of testing however is more or less similar. The terms of reference used for various phases may differ, but the essence is the same. As discussed in preceding modules, the test begins with:
  • Footprinting / Information Gathering phase
  • Discovery and Planning / Information Analysis phase
  • Detecting a vulnerability / security loophole
  • Attack / Penetration / Compromise
  • Analysis of security posture / Cover up / Report
  • Clean up
The general objective of a penetration test is to reveal where security fails. The result of a penetration test can be:
  • successful attack - when the objective is met within the scope of the attack
  • a partial success - when there has been a compromise, but not enough to achieve the objective
  • a failure - when the systems have been found to be robust to the attack methodology adopted
Foot printing / Information Gathering phase:
  • Client site intelligence
  • Infrastructure fingerprinting
  • Network discovery and Access point discovery
Discovery and Planning / Information Analysis phase
  • Target Identification
  • Resource and Effort Estimation
  • Modeling the Attack strategy (s)
  • Relationship Analysis
Detecting a vulnerability / security loophole
  • Vulnerability Analysis
  • Scanning
  • Enumeration
  • Zeroing the target
Attack / Penetration / Compromise
  • Exploring viable exploits (new / created / present)
  • Executing the attack / Alternate attack strategy
  • Target penetration
  • Escalating the attack
Analysis of security posture / Cover up / Report
  • Consolidation of attack information
  • Analysis and recommendations
  • Presentation and deliverables
Clean up
  • Clean up tasks and procedures
  • Restoring security posture

Download Here:
http://www.ziddu.com/download/13121682/Ethical_Hacking_and_Countermeasures_EC_Council_Exam_312_50_.rar.html
The Hacker’s Underground Handbook

The Hacker’s Underground Handbook
Learn What it Takes to Crack Even the Most Secure Systems
By: David Melnichuk

The Hacker’s Underground Handbook will guide you through password hacking, windows hacking, malware, phising, web hacking, network hacking and Linux (intro, installation, etc). All this material fully packed with images, thus being a top step-by-step guide, on the course of which you cannot fail.

A great starting book which will guide you in the right direction, helping you understand the basic concepts of computer security and matters that you should take in consideration.


Download Here:

PUBLISHED BY- Syngress Publishing, Inc. ISBN-10: 1-59749-154-3
ISBN-13: 978-1-59749-154-9

This book is all about XSS. It will cover these topics on XSS.


Cross-site Scripting Fundamentals.
The XSS Discovery Toolkit
XSS Theory
XSS Attack Methods
Advanced XSS Attack Vectors
XSS Exploited
Exploit Frameworks
XSS Worms
Preventing XSS Attacks

Download Here:

Friday, April 22, 2011



First of all,why you want to hack a webpage?Is it a certain webpage or any site at all? There are many reasons to hack a website, or a webmaster.Maybe you want to take a revenge or maybe you want to have fun or just learn how to do it ! You can deface the website which means replace the original index with a new one or you can gain access to the member area of the site which might be easier.
 
DefacingYou can deface the site through telnet or your browser by running remote commands on an old or misconfigured server, the hard thing to do is find an old server , maybe a network of a school or university would do,get a CGI BUG searcher.This program will scan ranges of IPs for web-servers and will scan them for known bugs in their cgis or other bugs and holes.You can learn how to exploite a certain hole by adding in yahoo the name of the bug/hole and the word exploit,search for “cmd.exe exploit”.There are more than 700 holes that many servers might have! You can also deface a website by finding the ftp password and just browse through the sites ftp and replace the index.htm.You do that with the :
Brute forceTo do that you need a brute forcer or brute force attacker and some word lists,the brute forcer sends multiple user/pass requests of words that picks up from namelists and tries to hack the account untill it does! So lets say imagine a porn site that asks for a password , you go there you copy their address , you add the address in a program called brute forcer and then from the brute forcer you choose a text file with names to be used as usernames and a text with names to be used as passwords,the brute forcer will try untill it finds a correct user/pass This should be easier for the newbies than exploiting cgi bugs , many of the newbies havent even heard of it i hope i didnt confuse you with this tutorial there might be more tuts about web hacking and cgi bugs and such.Till then try to find the way to cgi bugs yourself with the cgi scanners in the Web Hacks section or download a brute forcer to crack accounts.


Source

Make free CALLS from computer on Telephone (100 % free) !

Using this VOIP program, you can call landline numbers in any country for FREE.
FreeCall is still a Freeware app but you only get 300 minutes a week.
To bypass this restriction:
Keep the setup.exe. Freecall’s protection system is quite flawed, when the program 
announces you cannot use any more minutes = Uninstall and reinstall and it will reset your 300 minutes which only takes a moment

A)   You must make an account with the program when it loads ap, then when your logged in (it will say at the bottom: “The client is logged on”)
B) Go to the dial pad TAB, ignore the on screen buttons, at the bottom type in your number and remember you need to add country codes at the beginning – NO spaces in the number either.  e the on screen buttons, at the bottom type in your number and remember you need to add country codes at the beginning – NO spaces in the number either.
C)  And it does do all countries for free – i’ve used it from
     NZ to england, USA, Spain and Aussie and they used it
     back.
D) If it didn’t work, you need to check your firewall settings etc, this is an obvious but a program like this needs full access.
Argentina free*
Australia free*
Austria free*
Belgium free*
Canada free*
Czech Republic free*
Denmark free*
France free*
Germany free*
Hong Kong (+mobile) free*
Hungary free*
India(landline+mobile)
Ireland free*
Italy free*
Luxembourg free*
Malaysia free*
Netherlands free*
New Zealand free*
Norway free*
Poland free*
Portugal free*
Puerto Rico (+mobile) free*
Russian Federation free*
Singapore free*
Slovenia free*
South Korea free*
Spain free*
Sweden free*
Switzerland free*
Taiwan free*
United Kingdom free*
United States (+mobile) free*
You can call this country for free from all countries…

1. As you all must have know these days all Cyber cafe owners have a program for administration to control all PC’s in local area network. So all files can be inter transmitted. 

2. First of all press Ctrl+Alt+Del the task manager or any controlling application, will open. Then from APPLICATIONS select the program that is controlling all PC’s & terminate it, This is for security reason. Now log of PC, & you ll get user names of the PC. 

3. But some times, cyber cafes have security clients installed that have restricted access to Task Manager, restart the computer & press F8 continuously before windows boots. 

The Menu will open, select Safe Mode from it. And now you can copy files from networked PC’s without any security layer.
Next step is where you’ll need to crack the hashes. SO go to your home PC , Download & install Saminside cracking tool. And from some another Cyber cafe try to crack the hashes of that PC. By same log off method explained below.
This where you actually perform hacking. Have a gret time & tell us weather it worked for you. 

Meanwhile if you can get IP address, of the PC you wish to hack try to get it from ip-explorer.com, but this is not the part of this hack its sort of next step of hacking from outside the network.
Everyone seems to agree that IT is a tough field. But what does it take to overcome the adversities and become a successful IT pro? These qualities may be the key.


I recently wrote a string of articles discussing various reasons to leave IT — and various alternative careers for dissatisfied IT workers. I received an amazing amount of feedback from readers who have always wanted to express similar sentiments. But that leaves out a huge swath of people: those who desperately want a career in IT, as well as those who are caught somewhere in Limbo, trying to answer questions regarding their ability to remain in their chosen field.

So I thought I would go about this topic from another angle to help those people decide whether they’re made up of the stuff necessary for a career in IT. I’m fairly confident everyone agrees it’s a tough field. What everyone may not agree on is what it takes to be a successful IT worker. Let’s see if this list of 10 things fits your qualifications.

1: Thick skin

Let’s face it. Workers in the IT industry get hit hard, from every direction. If you’re not getting your chops busted by someone insisting you get a job done yesterday, you’re getting torn apart because the client’s QuickBooks data file can’t be recovered. It doesn’t seem to matter how much skill you have. If you can’t take the biting comments and accusations of clients, you won’t make it. Thick skin also helps you get through those periods when you, or your boss, doubts those skills you have. You don’t want to have to leave at the end of the day thinking you have failed at every job you’ve done, just because someone had it in for you that day.

 

2: Persistence

The IT industry is an ever-changing landscape, and every day a new problem makes itself known. In some cases, those problems don’t ever seem to want to go away. Without the ability to grapple with an issue for extended periods of time, you might find this industry more of a challenge than you care to take on. Viruses will always be an issue. Updates that tank systems will happen with more consistency than you want to deal with. End users will never really understand how computers work. If you don’t have the persistent, stubborn nature necessary to meet these challenges, get out now or you will be beat down daily.

3: Youth

Although I like to think IT is a field not affected by age discrimination, it really is best suited for the younger professionals. There are numerous reasons for this. First, there are the hours. IT often requires far more hours than the usual 9-t0-5 job. When a company goes down, the administrator must respond — and this could easily mean any time of day, night, or week. Those hours add up and (generally speaking) only the younger workers can keep those types of hours up week after week. Add to that the energy required to keep systems and networks up, and it should be obvious the best IT workers tend to fall into that 25 to 45 age range. The good news? Even if you start at the age of 25, there’s a 20-year career waiting for you.

4: Patience

Users and clients are endlessly frustrating. If you have little or no patience, those people will quickly drive you out of the field. And if they don’t completely drive you away, they will at least drive away your joy for the human race. Without patience, you won’t stand a chance in the IT field. But it’s not only because of the people. Systems will test your patience as well. We’ve all seen the video of the IT admin going ballistic on a PC. It happens. A persistent problem arises and it makes you want to ram your fist down the throat of the PC you’re working on. With enough patience, you will save both your knuckles and your sanity.

5: Skills

This one should go without saying — but I must mention it. Too many times, you see people hop into the field because they managed to get through the MSCE training. But those certified workers quickly realize their classes only prepared them how to walk through a GUI. In the real world, problems arise that require numerous skills to resolve. The skills necessary to work in the IT field don’t end with the ability to properly configure a domain or Exchange server, they tend to be all inclusive. You never know what you’re going to be required to do on a given day. Think about it this way. When you are seen as an IT administrator, you are not only a specialist in DB administration, you are also a walking help desk who will be asked any and all questions related to work and home computers. And if you don’t have the answers for the right person (at the right time), you might find yourself at the back of the line watching someone else with the answers.

6: The ability to improvise

I mean this on many levels. Not only do you need to know how to improvise a conversation. Admit it — there will be times when you’ll have to convince someone that you know exactly what you are doing, even when you don’t. But you will also run into situations where you have to improvise a solution. I have witnessed (and experienced) situations where the prescribed solution simply did not work. When that happens, the only way out is to come up with a solution on your own.

7: A good sense of PR

If you’re a consultant, you have to be your own marketing firm. Most solo consultants do not have the budget to hire out their PR work, so they wind up doing it all on their own. This means social networking, building a Web site, writing and submitting advertisements, old-school networking, and much more. If you can’t do this, your business will flounder. When you go into business for yourself, you must know the best routes for marketing in your area. Whether this is TV, radio, social networks, or flyers, you have to have the motivation and skills to handle that aspect of the business. Although word of mouth is the best PR you can get, it still has to begin somewhere.

8: Connections

This might seem a bit strange, but as a member of the IT field (especially if you’re a solo consultant), you have to have connections in many related and nonrelated industries. For example, you will have customers who need rooms cabled, so you might need someone who can do drywall finishing. You might need to have an electrician in your back pocket. If you don’t have specific skills, you need to know those in the industry who do. The last thing you want to tell a client is that you can’t do something. Instead, you can tell them you will get it done and then subcontract that job. So long as the job gets done and the customer is happy, you will still look good. But if you can’t job something out, and you have to tell the client no, the possibility of that client returning to you grows slimmer and slimmer.

9: The desire to learn

As I mentioned earlier, IT is an ever-changing industry. The minute a technology is released, it is out of date. So anyone wanting to tackle a career in IT must have a strong desire to learn. You will be challenged on a daily basis to learn something new. If you don’t like learning (be it on your own, with another person, or in a classroom), you should forget about IT. Without the desire to learn, you will quickly fall behind the competition. And believe me, it’s a competitive world out there, especially so with the economy still attempting to recover.

10: Passion

Passion for IT is an intrinsic need for every IT worker. If you don’t love technology and solving problems, IT is not the right field for you. That passion is the intangible thing that will often get you through the day when everything else on this list fails. And a strong passion for IT will also drive most of the other points here far beyond what sheer intelligence and business savvy can manage. After years of working in the field, passion will also help you get up every morning excited for the workday ahead. Without passion, the IT field can quickly become an empty, soulless place.

When it’s right

I’ve been pretty hard on the IT industry over the past few months. But ultimately, it is an exciting field to work in. Where else can you play with technology all day, solve problems, and make sure businesses continue to exchange product for currency on a daily basis? But just because you know how to resolve Problem A with Solution X doesn’t mean you are suited for the IT industry. It requires much more than what your local computer science program will teach you. On top of all those Windows, Linux, and Mac skills, you need life, business, and marketing skills (with the added benefit of youth). With all those qualities intact, you are sure to enjoy a long, successful career in the IT field.

Source:- TechRepublic 

Wednesday, April 13, 2011

What to do if your Google/gmail account is hacked?

It will be a nightmare for you if your google account gets hacked,Most of the people in these cases waste their money contacting the password recovery services wasting their money,I dont say they dont get back password,But you can do it by putting in some efforts

I will begin with Google. it's a pity thing your account got hacked. in most cases it was you own fault that it got hacked. in rare cases i it the hacked who really did something . you should take care. Read more on how to prevent your self from getting hacked.


Now coming back to the main discussion . you can do the following to once hacked.


Change password:- The first thing you need to do in case your account is hackedis change your password and all security details. in most cases the hacker doesn't has your password but cookies.So once you change it the problem is solved. In case you are not even able to log in use the following link to reset your password

Contact Google:- Once you have performed step one. immediately contact Google.You can use one of the forms based on your account type.You will be asked the exact creation date of your Google Account and also a copy of that original ?Google Email Verification? message. if you are lucky then only google will help you . In any case you will receive a reply from form them.


With Gmail id:- If you use a gmail id to login then use this form to contact google.
Without Gmail id:- If your Google Accounts is not linked to Gmail i.e you dont use gmail id to login then use this form.

Inform all your buddies:- Send a mail to all your buddies informing them that your account has been hacked.Who know what the hacker might have done. 
I was asked by many people to tell me the way to protect your orkut account.PLese reply and show your feed backThis Simple Tutorial will Save you from Spam mails and Hacking Tricks used by Many hackers.
As you know you can hide your primary email address from non-friends but if by mistake you add a unknown person to your friend list, then he/she will be able to see your primary email address which you use to login. He can send dangerous emails (keyloggers etc.) and steal your Orkut account. There are two Methods to be safe:


1. 
Changing Primary Email:
Go To Edit Profle Page of your profile, then click on COntact tab and change your Primary Email address to some other id, which you don't use much. Your login id will remain same but your friends will see your other email id.

2. 
Using Fake EMail id:
It is the most effective way of hiding email id, but it requires a new account, If you have some larger communities and want safety, then follow this method:

 Create a new Orkut account, On the Sign Up page enter any id which does not exist like yourname@yourname.com, me@orkutaccount.com etc.
Then after entering other details, you will be redirected to your home page and with a message "Verify Your Email", Just igonore it and do as stated below
Now Go to google.com, you will see your fake id on the top-right corner yourname@yourname.com, You can see "My Account" Option there.
Go To "My Account Page" and create a gmail id from there. (You can see it under Try Some More)
Done! You have your new login id but your friends will still see your fake id :| Enjoy
 

The smile pockets a rattling controversy. 


Keyloggers have been a major problem today as once they get installed in your computer the hacker can get almost any information, I have written couple of posts on keylogging and reviewed some of the best keyloggersavailable now a days
The program which are specially used to detect and protect your computers from keyloggers are Antiloggers, I have tested lots of Antiloggers and found Zemana Antilogger only which is capable of detecting almost every keylogger.
Normally a keylogger is detected by a good antivirus or Antispyware program, but hackers use some methods such as crypting, hexing, binding etc through which the keylogger can easily Antivirus as well as Antispyware program

Zemana AntiLogger now covers pretty much every aspect of Windows including registry modification and dll injection prevention and protects Windows from other spyware-related techniques with Anti-Keylogger, Anti-SreeenLogger, Anti-WebLogger and Anti-ClipboardLogger tools of its own. Another useful feature this apps has is while-list approach (in contrast to Anti-Virus blacklist approach) meaning it automatically recognizes "safe" programs and does not treat them as "suspects"

For more information on this program and download details visit the following link 
Zemana Antilogger Download


The area of Mac security software is fairly broad to Mac users. The primary aspects of security software for the Mac are antivirus programs, patches and updates for the Mac OS X, and updates from commonly used applications such as web browser Safari, Adobe Shockwave, and Google Chrome.

In general, Mac users should be kept up-to-date on security fixes for all of the listed primary items above. Applying fixes will be automatic in the case of a program like Google Chrome while the Adobe Shockwave product will inform you of updates so long as you are connected to the Internet.
Security vulnerabilities can reach in to Mac email applications as well to where you have what are known as botnets putting out spam email messages using your Mac. That is why you want an antivirus program that is robust and will provide you with security monitoring for emails as well as your hard disk and web site usage. Along with that, it is important to stay current on the latest Mac OS X fixes that apply to your operating system. Checking with Apple's website to ensure your current with security fixes is a good way to confirm the facts. There are also web blogs particular to Mac users that will indicate the latest Mac security software issues and fixes for widely-used products such as Safari.

Antivirus programs are plentiful for the latest Mac OS X versions in use. It becomes harder to find support for antivirus software on older Mac OS X versions. Be aware of end-of-lifesoftware so that you are not caught short when it comes to security. The latest trojan horse viruses that are attacking Mac users are also a good thing to be aware of even if you have solid antivirus program software.

Computer security is a big issue and is constantly playing catch up to those who exploit operating systems flaws, browser code weaknesses, and application program security flaws. Security flaws also exist in such ancillary programs the Mac uses such as Java. Java is used heavily for web-based communications and applications. Exploitations of Java can lead to corruption of your local system hard disk and data files.

To avoid suffering the maladies of a compromised Mac computer system, always stay on top of the latest Mac security software fixes and visit trusted web sites while quickly aborting any unfamiliar web site to you that you were referred to or found wherein you see a lot of pop up advertising and free software checks of your Mac hard disk or statements about your Mac may be infected.

For those Mac users that also run a Windows volume or partition, it is wise to have an equally running antivirus program on the Windows side. There are viruses that will go between both the Windows and Mac sides of your Mac computer. In fact, MS Office products that use visual basic along with macro commands are notorious for impacts from malware and trojans.

The use of a robust antivirus program that will monitor both your Windows and Mac volumes, folders and files is that way to go. 


As you know that passwords are the only form of securityavailable now a days, Its really important for one to create a strong passwords,
Keeping a weak passwords can make you vulnerable to attacks such as Brute force, Dictionary attacks, Rainbow Tables etc.
So in this article I will tell you to create a strong password so you can secure your account from getting hacked 

What makes a strong password?


A password can be considered strong if it contains following things:

  • It needs to contain special characters such as @#$%^&
  • It must be at least 8 characters long.
  • It must not have any common words such as 123, password, your birth date, your login name and any words that can be found in the dictionary,(This will prevent you from getting hacked by a Dictionary Attack)
  • a variation of capitalization and small letters
Alternatively there is a website named www.strongpasswordgenerator.com which automatically generates a strong password for you, The website allows you to choose a password length and also gives you hints through which you can easily memorize the password



Hope you liked the post ! Pass the comments