Thursday, August 7, 2008

Social Engineering :

Social Engineering :

source :- http://www.securityfocus.com/infocus/1860

The purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years. A case study of a typical Fortune 1000 company will be discussed, putting emphasis on the importance of education about social engineering for every corporate security program.
Top five hacking moments on film
To break the ice, let's start this article by looking at this author's top five favorite hacking moments in modern movies, all of them quite old-school to emphasize a point:

5. Independence Day: Using an old space ship as cover for two humans to infiltrate the alien mother ship and upload a virus to destroy it.
4. Hackers: Dumpster diving in the target company's trash in order to obtain financial data from printouts.
3. War Games: Password cracking the military computer system by studying its creator.
2. Ferris Bueller's Day Off: Faking a grandmother's death to get Ferris's girlfriend excused from school through multiple phone calls and answering machine recordings.
1. Star Wars: R2-D2 gaining access to the death star main computer and shutting down the garbage dispensers (remember the com link!).

Question: Which of the above hacks did not employ a social engineering technique? Answer: None of the above.

In Independence Day, the characters spoofed the mother ship with a physical Trojan horse. In Hackers, dumpster diving can't be achieved with a computer. In War Games, Matthew Broderick's character studied his target before attempting to crack the password, and then in Ferris Bueller's Day Off, his phone scam was sheer brilliance. You've got to love the low-tech approach. And although it would seem R2-D2's hack was entirely technical, remember he had to sneak into the room with the computer access point before achieving his goal.

The lesson here is that social engineering is a major component of hacking in both fictional and real scenarios. By merely trying to prevent infiltration on a technical level and ignoring the physical-social level, we are leaving ourselves wide open to attack.
Social engineering redefined
Bruce Schneier, author of Secrets & Lies: Digital Security in a Networked World, reminds us that social engineering, aka "socio-technical attacks" is really all about the human aspect, and that means trust. Kevin Mitnick, renowned and reformed hacker, in his book The Art of Deception, goes further to explain that people inherently want to be helpful and therefore are easily duped. They assume a level of trust in order to avoid conflict. It's all about, "gaining access to information that people think is innocuous when it isn't," and then using that information against the real target. We are the weakest link in the security chain. This point cannot be underemphasized. People are the weakest link, not technology.

This article is a followup to a social engineering series written several years ago. The goal is to go beyond the basics and explore how social engineering has been employed as technology has evolved over the past few years. For further information on social engineering, see this author's previous article, "Social Engineering Fundamentals, Part I: Hacker Tactics" and "Part II: Combat Strategies."

Since social engineering involves the human element of any attack, it's important to get into the head of the hacker and understand her motivation. Historically, the motivation has been intellectual challenge, bragging rights, access to sensitive information, simple curiosity, or our biggest fear - malicious intent. By knowing why we are at risk, we can better protect ourselves from the foolish things we do, thereby allowing social engineers to exploit us.

Targets of an attack can be both physical and psychological. Social engineering attacks will occur in person, over the phone, and online. No medium is safe from them. Individuals are targets for rampant identity theft and businesses fall prey to exploitation of a variety of holes. Weak passwords are always a target, as are file backdoors and improperly set permissions. That's the obvious stuff. What's changed over the past few years is that borders progressively don't matter. Words like "cyberterrorism" have become mainstream and we now even have an FBI-organized counter-terrorism posse of hackers waiting to pounce in the event of a massive online terrorist attack. Even some of the best hackers will use social engineering techniques against a victim (in combination with a highly technical approach) because it's simple, easy, and very effective. Social engineering is everywhere.
Types of attacks
The biggest change over the past four years, since our original article series on SecurityFoucs, is the exponential growth of e-commerce. Browsers and the use of the SSL (secure socket layer) protocol now are the norm for viewing everything from financial data to party invitations over webmail. Those of us who still use pine for email are in the minority. The types of attacks we see today tend to be targeted more toward web applications. Hidden programs running on web sites and hidden programs in email enclosures opened through webmail programs can host all kinds of dangers.

Browser add-ons can mask all kinds of rogue programs. DDoS (Distributed Denial of Service) attacks are still quite common and are a royal pain to combat, but they're not increasing in number the way identity theft is. Malware continues to plague everyone, although the widespread viruses of the nineties seem to have taken a back door to the browser back doors, most often installed as drive-by spyware by visiting a website. VoIP (Voice over Internet Protocol), being the new buzzword, has also attracted attackers with results varying from authentication failures to crashing phones.

So how does social engineering fit into the picture? Before employing some of the techniques noted above, some preliminary social engineering can be incredibly fruitful. Footprinting - the art of gathering information (or pre-hacking), is like a robber casing a bank. It's commonly done to research a predetermined target and determine the best opportunities for exploitation. Footprinting can include anything from phone calls from a role playing person asking seemingly innocent questions to physically mapping out buildings and data centers. And footprinting is a major social engineering component of a choreographed attack.
Phishing trips
Phishing is the most common form of social engineering online, and most notably includes email spoofs. It's a rare day where the average email inbox doesn't include some sort of spoof. Today, eBay, Paypal and Citibank are the most common targets. Phishing itself is not new, but the frequency has increased over the past few years. The user receives email claiming that his Paypal account information needs updating and the email includes a link that sends the user to a fake web site where he is instructed to enter his password to update his information. The web site then stores the real passwords for use in identity theft attacks against the real Paypal site. For more information about phishing, see Scott Granneman's article, "Phishing For Savvy Users."

The best response is to delete these messages before even looking at them, just in case a rogue program might be launching in the background. However, to be sure a genuine message from a site like Citibank or eBay isn't being ignored, the best course of action is to log into their main site login, by typing http://www.ebay.com/, and then check the account for a record of the email or of any sort of problem. Due to the nature of phishing, you can't reliably click on a link in your email anymore and be sure it's what it appears.

In the case of eBay, go to "my messages" or "my ebay" to verify the authenticity of the email sent. Paypal doesn't have this feature yet. It's also easy to send a quick note to spoof@ebay.com or spoof@paypal.com, forwarding the message in question, and they will respond quickly as to its authenticity. eBay recently adapted their email sent to users to include usernames in the subject and body of the message, to emphasize authenticity. In general though, the best practice is to assume the email is a fake and remove it permanently from any email archives.
Case study - Company X
To illustrate the importance of incorporating social engineering education into a corporate security program, here is an overview of the security for a fairly typical high-tech company, called "Company X" for the purposes of this article. Company X, a multi-billion dollar organization, spends millions on hardware and security, but in reality it only does the minimum of what is necessary to keep its assets secure. Such is the life of an average security program in the competitive market of high-tech.


Company X's physical (building) security includes badges for all employees, locked doors, security guards, and restricted access. Employees, however, tend to hold doors open for others and don't tend to check the photos on IDs when doing so. Dumpster areas are gated but unlocked, leaving them open to potential dumpster divers. Phone security is standard, allowing internal transfers and outgoing calls with blocked IDs. Remote access is through a VPN with SecureID, the use of which requires permission from a superior and inactive accounts are suspended within 30 days. Wireless access points in the buildings also fall under these restrictions.

As for hardware, remote drives are used, but employees are instructed not to store confidential information on the drives. Laptops are common, but only roughly 30% of users lock them with the provided cables. Shared drives on the internal network are protected by group permissions. On the system level, the company runs weekly virus scans. Security teams have reduced administrative rights on machines so employees can't install rogue programs. Password requirements are fairly standard, requiring a variety of characters, changed every few months.

Software comes standard for each machine. Screen savers are password protected, but not always locked. Most machines are open to Internet access, with the exception of some site blocking. Passwords can be saved in browsers, however. Email suffers from frequent server problems, webmail is not always secure, and IM use internally is rampant.

In the areas where social engineering prevention could be most useful, barely anything is done. When an employee is on the phone with Help Desk support, the employee's number comes up on phone but no standard authentication questions are asked by either the Help Desk staff or the employee being helped. CallerID spoofing would be a very simple way to get a password reset. Security training is available for home network usage and basic encryption, but departments differ in their use of these tools. No standard training is given for new employees, leaving the organization open to staff passing around a wide range of bad habits.

Sadly, Company X's security is not much better than it was ten years ago and it has barely evolved with the times. It's tough enough to keep up with the latest technology, patches, and filters with corporate budget cuts. Security teams tend to get the short end of the stick until the company suffers a major outage from an attack. Since various attacks became more public in recent years, everybody and their brother company claims to be secure - but the reality is that most companies are like Company X, struggling to maintain a basic level of security.
Countermeasures
What could Company X and others like it do to prevent attacks on the social engineering level? On the technical side, they must continue to install spam filters and update software patches, as a bare minimum. Making cryptography standard for email and web access, not allowing passwords to be saved in browsers, and changing to an internal messaging program are key technology step. The next step would be to develop an incident reporting and tracking program. This way they can discover additional holes in their program and attend to those holes. Incident reporting won't necessarily catch the intruders, but it helps to find ways to deter them.

Not to bite the hand that feeds us, but as Mitnick says, "anyone who thinks that security products alone offer true security is settling for the illusion of security." Therefore, training cannot be emphasized enough. New employee training, repeat training, regular updates, and fun security tips can keep the security education process fresh and lively. Some companies now use t-shirts and other paraphernalia to advertise security practices and remind employees to beware of suspicious phone calls and other potential phishing attempts. Help Desk staff need to have proper authentication procedures for all support calls. Security personnel should be adequately trained as well, and screened beyond regular employees in case they themselves pose a risk to the company.

Security policies used to have more bark than bite, but these days it's now common to put more teeth into them. Corporate policies, standards, guidelines, and so on cover a wide range of areas but the important thing is to develop them with growth and accountability in mind. Topics that should be covered in corporate policies include information sensitivity, password protection, ethics, acceptable use, email, database credentials, extranet usage, VPN security, and server security.

Also, pay attention to what's happening on the national and international level as far as ID theft laws and database protection are concerned. New bills are being developed to make identity theft more difficult through the greater protection of personal information.
The bottom line
Unfortunately, the reality is that intruders rarely get caught, and even when they are caught, the penalties haven't traditionally been stiff. Shouldn't we be more worried about serial murderers running loose than a bunch of computer geeks? Seriously though, identity theft, corporate espionage and cyber-terrorism are here to stay, so the bottom line lies in making a commitment to combating potential attackers.

At Company X the buck ultimately stops with the CIO, who must commit to improving their security program before they lose a significant amount of money and intellectual property to a major attack. That requires committing both the financial and people resources to the problem, and not dropping education and training from the budget. As individuals, we must commit to increasing our awareness of the risks we face and the potential openings we create for social engineers to fool us. The key, according to Schneier, lies in, "securing the interaction between the data and the people."

In any good security program, a realistic balance must be reached. There's always a fine line between an "atmosphere of paranoia" and a productive environment. However, if we err on the side of stronger security, knowing human error is the problem, we'll be more likely to achieve success. Just remember that we, the people, are the weakest link and as Mitnick writes, "Don't' be gullible!

Friday, June 20, 2008

ABCD OF HACKING

few unknown hacking site
http://72.14.235.104/search?q=cache:mBPybjpBOGIJ:hackersinternational.com/access/content/Hacking_Secrets_Revealed.pdf+hacking+secrets+revealed&hl=en&ct=clnk&cd=1http://ihacked.50webs.com

http://noballs.org/ebooks/

http://www.catb.org/~esr/faqs/hacker-howto.html
http://www.hackthissite.org/ http://www.phrack.org/issues.html?issue=1 http://www.totse.com/en/hack/introduction_to_hacking/hack101.html

http://www.iwar.org.uk/hackers/resources/harmless-hacking/gtmbeg1.html

http://www.hackersinternational.com/access/home_access.html

http://www.hackthissite.org/pages/info/programs.php

http://www.hackthissite.org/articles/ ftp://ftp.freenet.de/pub/filepilot/windows/

http://serialturk.blogcu.com/3695641/

http://www.hackaday.com/category/cellphones-hacks/


===================================================================================

ABCD OF HACKING

Some World wide Web (WWW) sites of interest to hackers :

http://crimelab.com//bugtraq/bugtraq/html
http://cs.purdue.edu/homes/spaf/coast.html
http://cs.purdue.edu/homes/spaf/pcert.html
http://first.orghttp://l0pht.com
http://tamsun.tamu.edu/~clm3840/hacking.html/
http://www.net23.com
http://www.tnt.uni-hannover.de/stud/hamid.html
http://www.spy.org /Security/Local/News
http://www.phantom.com/~king
===========================================================

some ftp sites of interest to hackers:----------

ftp://ftp.aql.gatech.edu/
ftp://ftp.bellcore.com/
ftp://ftp.cert.org/
ftp://ftp.cipher.com/
ftp://ftp.deimos.cs.uah.edu/
ftp://ftp.csua.berkeley.edu/ /pub/cypherpunks
ftp://ftp.eff.org/ /pub/cud
ftp://ftp.etext.org/ftp://ftp.netcom.com/ /pub/bradleym
ftp://ftp.netsys.com/
ftp://ftp.win.tue.nl/
ftp.garbo.uwasa.fi:pc/crypt
ftp.ghost.dsi.unimi.it:/pub/crypt
ftp://ftp.hackthis.pc.cc.cmu.edu/
ftp://ftp.halcyon.com/
ftp://ftp.info.cert.org/
ftp.ripem.msu.edu:pub/cryptftp://ftp.rtfm.mit.edu/
ftp://ftp.spy.org/ftp://ftp.theta.iis.u-tokyo.ac.jp/ /pub1/security

===============================================================================

Enable right click on websites

Lots websites have disabled the right click function of mouse button..... it's really annoying.This is done so that you don't able to copy the(via right-click:>>save picture) thier photos or images or any goodies.Unfortunately it disables all right click funtionality .You can enable it by clicking:Tools>>internet option >>security tab>>custom levelscroll down to scripting section, set active scriting to disableClick ok a couple of times .You'll probably want to turn this back to "enable" when your done

=================================================================================
starting hacking ? abcd of hacking................

to start hacking u must know first :-

01) your hardware ( includes everything , assembling pc , knowing motherboard each & every part , basics abt lan , router,modem & their working , etc.......then explore your pc by inside :-

02) ie. knowing different types of software ( every category like SECURITY SOFTWARE , DEVELOPER TOOLS ( like adobe dreamweaver ,site spinner ,cofeecup html editor etc) , Utilities & Drivers ( like system mechanic , registory editor ) , Networking Software ( ping tracer , scanner etc) , Chat, VoIP & E-mail Software e.t.c

03) if using win xp operating sys. then first of fall learn,understand xp , explore secret tips , and many more u can get everything about xp here:-

http://freepctech.com/pc/xp/xpindex.shtml
http://xp.codeitbetter.com/
http://windowxpforu.blogspot.com/search/label/Tips%20Tricks%20Secrets%20of%20XP
http://www.hsinlin.com/tips/winxptop.html
http://www.metacafe.com/watch/754299/windows_xp_secret_tricks/
http://www.hiddentricks.com/windows-tricks.html

04) Learn DOS prompt ( each and every command for a perfect hacker ) { v.imp step to start hacking} Learn how to make a few batch files. here u can get list of dos commands :-

http://www.computerhope.com/msdos.htm
http://rahulhackingarticles.wetpaint.com/page/All+Dos+Commands?t=anon
http://www.easydos.com/dosindex.html
http://www.uv.tietgen.dk/staff/mlha/PC/Soft/DOS/com/

05) read article on hacking , pc magazines , reading public forums on hacking , reading e-books on hacking , using google to hack ...........................

06) must have some knowledge about HTML ,C++, visual basic .... (i'd recommend learning html as your first language )

07) understanding networking & security tools ..............

08) knowing different tools of hacking & how to use them..............few tools like :-
Key Loggers
port scanner
ip scanner
fake id creator
network tracer
RAT (Remote Administration Tool) of 2003 {Global Killer 1.0
Artic 0.6b
Beast 2.00
Kikbak 0.9 }
Spywares
Trojans { Adult_Chat dialer Express
FactoryNetwork Dialer }

and many more :- u can get a list from here :-

http://www.thenetworkadministrator.com/2003MostPopularHackingTools.htm
http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/
http://sectools.org/

09) KNOW FTP , TCP/Ip , UDP , DHCP , also know how to use unix operating sys..........

10) understanding diassembler language ....... ( or wat is called now as "REVERSE ENGINEERING" )http://www4.in.tum.de/lehre/seminare/hs/WS0506/mvs/files/Vortrag_Golesteanu.pdf

http://www.jenkins-ip.com/serv/serv_6.htm

http://www.reverse-engineering.net/

ABCD OF HACKING

1000000+ free appz s/w cracks....

1000+ WINDOWS APPLICATIONS

1000+ WINDOWS APPLICATIONSTHIS FTP SERVER HAVE

1000+ IMPORTANT WINDOWS APPLICATIONS WITH CRACK.

NOW THATS WHAT I CALL A HUGEEEEEEEEEEE COLLECTION OF APPZ..

ftp://ftp.freenet.de/pub/filepilot/windows/

ftp://194.44.214.3/pub/
ftp://ftp.uglan.ck.ua/games2/
ftp://24.205.131.21/
ftp://217.172.16.3:8778/
ftp://194.187.207.98/


====================================================================

How to deface a friendster account profile

i just wanna give you an easy tutorial how to deface a friendster profile or we can call it how to redirect the main page (profile) to other link. over here we just need

three simple steep to do it: -

-==1==-- login to your own friendster account -

-==2==-- find your victim account -

-==3==-- begin to write a testimonial-----------------------------------------------------------

hai how are you? you are so sexy, but why your eyes like my cat's pussy? and everything what do you want to write

ending manner------------------------------------------------------------------------------------------
copy and paste the source above exactly after you put the link where you want to put the the main profile page. and wait until your sexy victim login to their own account and when the victim going to the pending testimonial area to check the testimonial directly their page will redirect to the link that you put it before. usually this exercise just work by internet explorer (the victim will redirect when they login to their account by using internet explorer)but you can try it by any browser mozilla, opera, netscape, or i.e. i am sorry if i have any mistake by this simple tutorial because i just wanna share my experience and my knowledge.thanks and happy fun

==================================================================================
20 hidden things.........plz read this v-imp

1. It boasts how long it can stay up. Go to the Command Prompt in the Accessories menu from the All Programs start button option, and then type 'systeminfo'. The computer will produce a lot of useful info, including the uptime. If you want to keep these, type 'systeminfo > info.txt'. This creates a file called info.txt you can look at later with Notepad. (Professional Edition only).

2. You can delete files immediately, without having them move to the Recycle Bin first. Go to the Start menu, select Run... and type 'gpedit.msc'; then select User Configuration, Administrative Templates, Windows Components, Windows Explorer and find the Do not move deleted files to the Recycle Bin setting. Set it. Poking around in gpedit will reveal a great many interface and system options, but take care -- some may stop your computer behaving as you wish. (Professional Edition only).

3. You can lock your XP workstation with two clicks of the mouse. Create a new shortcut on your desktop using a right mouse click, and enter 'rundll32.exe user32.dll,LockWorkStation' in the location field. Give the shortcut a name you like. That's it -- just double click on it and your computer will be locked. And if that's not easy enough, Windows key + L will do the same.

4. XP hides some system software you might want to remove, such as Windows Messenger, but you can make it show everything. Using Notepad or Edit, edit the text file /windows/inf/sysoc.inf, search for the word 'hide' and remove it. You can then go to the Add or Remove Programs in the Control Panel, select Add/Remove Windows Components and there will be the software and you can now uninstall it.

5. For those skilled in the art of DOS batch files, XP has a number of interesting new commands. These include 'eventcreate' and 'eventtriggers' for creating and watching system events, 'typeperf' for monitoring performance of various subsystems, and 'schtasks' for handling scheduled tasks. As usual, typing the command name followed by /? will give a list of options.

6. XP has IP version 6 support -- the next generation of IP. Unfortunately this is more than your ISP has, so you can only experiment with this on your LAN. Type 'ipv6 install' into Run... (it's OK, it won't ruin your existing network setup) and then 'ipv6 /?' at the command line to find out more. If you don't know what IPv6 is, don't worry.

7. You can at last get rid of tasks on the computer from the command line by using 'taskkill /pid' and the task number, or just 'tskill' and the process number. Find that out by typing 'tasklist', which will also tell you a lot about what's going on in your system.

8. XP will treat Zip files like folders, which is nice if you've got a fast machine. On slower machines, you can make XP leave zip files alone by typing 'regsvr32 /u zipfldr.dll' at the command line. If you change your mind later, you can change things back by typing 'regsvr32 zipfldr.dll'.

9. XP has ClearType -- Mic*ft's anti-aliasing font display technology -- but doesn't have it enabled by default. It's well worth trying, especially if you were there for DOS and all those years of staring at a screen have given you the eyes of an astigmatic bat. To enable ClearType, right click on the desktop, select Properties, Appearance, Effects, select ClearType from the second drop-down menu and enable the selection. Expect best results on laptop displays. If you want to use ClearType on the Welcome login screen as well, set the registry entry HKEY_USERS/.DEFAULT/Control Panel/Desktop/FontSmoothingType to 2.

10. You can use Remote Assistance to help a friend who's using network address translation (NAT) on a home network, but not automatically. Get your pal to email you a Remote Assistance invitation and edit the file. Under the RCTICKET attribute will be a NAT IP address, like 192.168.1.10. Replace this with your friend's real IP address -- they can find this out by going to www.whatismyip.com -- and get them to make sure that they've got port 3389 open on their firewall and forwarded to the errant computer.

11. You can run a program as a different user without logging out and back in again. Right click the icon, select Run As... and enter the user name and password you want to use. This only applies for that run. The trick is particularly useful if you need to have administrative permissions to install a program, which many require. Note that you can have some fun by running programs multiple times on the same system as different users, but this can have unforeseen effects.

12. Windows XP can be very insistent about you checking for auto updates, registering a Passport, using Windows Messenger and so on. After a while, the nagging goes away, but if you feel you might go insane before that point, run Regedit, go to HKEY_CURRENT_USER/Software/Mic*ft/Windows/Current Version/Explorer/Advanced and create a DWORD value called EnableBalloonTips with a value of 0.

13. You can start up without needing to enter a user name or password. Select Run... from the start menu and type 'control userpasswords2', which will open the user accounts application. On the Users tab, clear the box for Users Must Enter A User Name And Password To Use This Computer, and click on OK. An Automatically Log On dialog box will appear; enter the user name and password for the account you want to use.

14. Internet Explorer 6 will automatically delete temporary files, but only if you tell it to. Start the browser, select Tools / Internet Options... and Advanced, go down to the Security area and check the box to Empty Temporary Internet Files folder when browser is closed.

15. XP comes with a free Network Activity Light, just in case you can't see the LEDs twinkle on your network card. Right click on My Network Places on the desktop, then select Properties. Right click on the description for your LAN or dial-up connection, select Properties, then check the Show icon in notification area when connected box. You'll now see a tiny network icon on the right of your task bar that glimmers nicely during network traffic.

16. The Start Menu can be leisurely when it decides to appear, but you can speed things along by changing the registry entry HKEY_CURRENT_USER/Control Panel/Desktop/MenuShowDelay from the default 400 to something a little snappier. Like 0.

17. You can rename loads of files at once in Windows Explorer. Highlight a set of files in a window, then right click on one and rename it. All the other files will be renamed to that name, with individual numbers in brackets to distinguish them. Also, in a folder you can arrange icons in alphabetised groups by View, Arrange Icon By... Show In Groups.

18. Windows Media Player will display the cover art for albums as it plays the tracks -- if it found the picture on the Internet when you copied the tracks from the CD. If it didn't, or if you have lots of pre-WMP music files, you can put your own copy of the cover art in the same directory as the tracks. Just call it folder.jpg and Windows Media Player will pick it up and display it.

19. Windows key + Break brings up the System Properties dialogue box; Windows key + D brings up the desktop; Windows key + Tab moves through the taskbar buttons.

20. Windows XP secretly KNOWS that the average user has no idea what they are doing. Therefore, it doesn't let you do really stupid things like deleting the windows directory (at least not without spending several hours convincing it that you REALLY want to do this). Oh yeah, and internet explorer kinda sucks.

=====================================================================================

ABCD OF HACKING

1000000+ free appz s/w cracks....

1000+ WINDOWS APPLICATIONS

1000+ WINDOWS APPLICATIONSTHIS FTP SERVER HAVE

1000+ IMPORTANT WINDOWS APPLICATIONS WITH CRACK.

NOW THATS WHAT I CALL A HUGEEEEEEEEEEE COLLECTION OF APPZ..

ftp://ftp.freenet.de/pub/filepilot/windows/

ftp://194.44.214.3/pub/
ftp://ftp.uglan.ck.ua/games2/
ftp://24.205.131.21/
ftp://217.172.16.3:8778/
ftp://194.187.207.98/

ABCD OF HACKING

free ftp sites & e-books 1000+

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2554202585535435809


http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2554202585535435809



Hacking_Linux_Exposed-McGraw_Hill_Osborne-2001.djvu

hackingguide3.1.pdf

webhackingattacksanddefense.zip

beginner's_guide_to_hacking_servers.zip

Hacking- password revealer (1).doc

How to hack by ICQ.doc

how to make a cable box scramblar.doc

The Ultimative Hacker Documents (debugger encoder password Spy Remote Computer

Controling Sniffing...doc

Website Hack (1) (1).doc

Hack - Hacking Tutorial.doc

hack how-to.doc

mcgraw.hill.hacking.exposed.web.applications.int.ebook-ddu.pdf.html

Guide_To_Hacking_DirecTV_-_DSS_-.

_Satellite_Access_Card_Programming__2_.pdf.html

Hacking_XBOX.PDF.html

Ebook_-_Hacking_-_How_To_Crack_Any_Software_Protection.pdf.html

Hacking The art of exploitation PASSWORD: http://hek-tek.info

Web Applications Hacking Exposed ISBN 007222438X PASSWORD: ebc

2_eBook_-_DOC_-_Guide_To_Hacking_DirecTV_-_DSS_-

_Satellite_Access_Card_Programming--111.doc.html

Hacking_for_dummies_-_Access_to_other_peoples_systems_made_simple.pdf.html

From_Pathetic_spagetti_coders__orkut__McGraw_Hill_-

_Hacking_Exposed_2nd_Ed_.pdf.html

Introduction to Ethical Hacking Module 1 by Salih pk

Grumpy_Old_Fart_s_Big_Book_of_Hacking.rar.html

Breaking_into_computer_networks_from_the_Internet_hackingguide.rar.html

All In One GOOGLE Hacking Books

hackers black book

Steps to Hacking

McGraw.Hill_Hacking.Exposed.Windows.Server.2003-RU.rar.html

Wiley.Hacking.Movable.Type.Jul.2005.eBook-LinG.rar.html

Wiley.Hacking.Movable.Type.Jul.2005.eBook-LinG.rar.html


Hacking_into_computer_systems_-_a_beginners_guide.doc.html
Sb4XXX hacking guide
www.chipollo.info_-_hacking-for-dummies-2004.rar.html PASSWORD: www.chipollo.info
Hacking_The_Art_of_Exploitation_-_NoStarch.exe.html PASSWORD: www.avaxhome.ru
Hacking The Art of Exploitation PASSWORD: http://www.wickeddownloads.com/wdboard/index.php?board=89.0
Hacking The Art of Exploitation
BluePortal.org_Hacking_The_Art_of_Exploitation_-_NoStarch.rar.html PASSWORD: http://blueportal.org
Crack Searching Shareware Hacking All In One rar
Wi Foo The Secrets of Wireless Hacking
Addison Wesley Professional Wi Foo The Secrets of Wireless Hacking Jun 2004 eBook DDU chm
OSB Ethical Hacking and Countermeasures EC Council Exam 312 50 Student Courseware PASSWORD: spinzone.org
Wi Foo The Secrets of Wireless Hacking
Hacking a Terror Network The Silent Threat of Covert Channel SYNGRESS
Hacking_Java_The_Java_Professional_s_Resource_Kit.zip.html
DNS Hacking
Ntl Pace Cable hacking
Addison_Wesley_The.Secrets.of.Wireless.Hacking.rar.html
Addison.Wesley.Professional.Wi-Foo.The.Secrets.of.Wireless.Hacking.Jun.2004.eBook-DDU.rar.html
Hack Attacks Revealed A Complete Reference with Custom Security Hacking Toolkit Wiley 2001 pdf
A collection of Hackingstuff PASSWORD: Updatesofts.com
Snort_-_Advanced_Hacking_Techniques_and_Experiences_-_WEIGEL_IS.pdf.html
Hacking Book part1 PASSWORD: Updatesofts.com
Google_as_a_hacking_tool.pdf.html
Extreme Tech Hacking Video Game Consoles Turn your old video game systems into awesome new portables Part 1 of 2 PASSWORD: Mat.Riks.Info
Hacking Windows XP ExtremeTech PASSWORD: Mat.Riks.Info
complete_set_of_hacking_tools_and_manuals__html_and_txt_ebooks__and_programs_.zip.html



http://www.esnips.com/web/hackoffglsWebResearch

hacking

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2553447410025714721

beginer & newbies plz see this........

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2551796888453600289

For hacking news...............................

plz see

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2551797225608533025

ultimate hacking magazine .........................

http://www.phrack.org/issues.html?issue=1

http://www.phrack.org/issues.html?issue=1

http://www.phrack.org/issues.html?issue=1

www.cityofdevil.blogspot.com

-------------

hacking in 15 seconds.........


read this quite intresting.............

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2561078888305873953
for imp websites see

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2551799413894370337


for cool collection of tricks see..........

http://www.orkut.com/CommMsgs.aspx?cmm=38348851&tid=2551797618598040609

certified ethical hacking course...............wow

http://rapidshare.com/users/YFV0CE?byfilename=1

ÅNKîT fadia hacking book

http://rapidshare.com/files/7433211/ANKIT_FADIA.rar

Certified Ethical Hacker Series ..free download...
Certified Ethical Hacker Series
Certified Ethical Hacker Series
Links
http://www.cbtnuggets.com/webapp/product?id=250
http://rapidshare.com/files/12053837/Certified.Ethical.Hacker.Series.part1.rar
http://rapidshare.com/files/12059501/Certified.Ethical.Hacker.Series.part2.rar
http://rapidshare.com/files/12065410/Certified.Ethical.Hacker.Series.part3.rar
http://rapidshare.com/files/12070225/Certified.Ethical.Hacker.Series.part4.rar


Hacking Tool Box
Links
http://rapidshare.com/files/23170150/hacking_tools.rar.html


Vbulliten 3.6.5 with 400+ hacks
Links
http://rapidshare.com/files/27942956/vB.3.6.5_470hacks.rar


300+ Keygens/Cracks for games & software
size== less than 20 mb
Links
http://rapidshare.com/files/29356054/300_KGs.rar

ABCD OF HACKING

few unknown hacking site
http://72.14.235.104/search?q=cache:mBPybjpBOGIJ:hackersinternational.com/access/content/Hacking_Secrets_Revealed.pdf+hacking+secrets+revealed&hl=en&ct=clnk&cd=1http://ihacked.50webs.com

http://noballs.org/ebooks/

http://www.catb.org/~esr/faqs/hacker-howto.html
http://www.hackthissite.org/ http://www.phrack.org/issues.html?issue=1 http://www.totse.com/en/hack/introduction_to_hacking/hack101.html

http://www.iwar.org.uk/hackers/resources/harmless-hacking/gtmbeg1.html

http://www.hackersinternational.com/access/home_access.html

http://www.hackthissite.org/pages/info/programs.php

http://www.hackthissite.org/articles/ ftp://ftp.freenet.de/pub/filepilot/windows/

http://serialturk.blogcu.com/3695641/

http://www.hackaday.com/category/cellphones-hacks/


BESIDES THIS N ALL YOU COULD VISIT :

http://www.hacker.org/forum/
and other hacking forums !

amisauv.

ABCD OF HACKING

To start hacking u must know first :-

01) your hardware ( includes everything , assembling pc , knowing motherboard each & every part , basics abt lan , router,modem & their working , etc.......then explore your pc by inside :-

02) ie. knowing different types of software ( every category like SECURITY SOFTWARE , DEVELOPER TOOLS ( like adobe dreamweaver ,site spinner ,cofeecup html editor etc) , Utilities & Drivers ( like system mechanic , registory editor ) , Networking Software ( ping tracer , scanner etc) , Chat, VoIP & E-mail Software e.t.c

03) if using win xp operating sys. then first of fall learn,understand xp , explore secret tips , and many more u can get everything about xp here:-

http://freepctech.com/pc/xp/xpindex.shtml
http://xp.codeitbetter.com/
http://windowxpforu.blogspot.com/search/label/Tips%20Tricks%20Secrets%20of%20XP
http://www.hsinlin.com/tips/winxptop.html
http://www.metacafe.com/watch/754299/windows_xp_secret_tricks/
http://www.hiddentricks.com/windows-tricks.html

04) Learn DOS prompt ( each and every command for a perfect hacker ) { v.imp step to start hacking} Learn how to make a few batch files. here u can get list of dos commands :-

http://www.computerhope.com/msdos.htm
http://rahulhackingarticles.wetpaint.com/page/All+Dos+Commands?t=anon
http://www.easydos.com/dosindex.html
http://www.uv.tietgen.dk/staff/mlha/PC/Soft/DOS/com/

05) read article on hacking , pc magazines , reading public forums on hacking , reading e-books on hacking , using google to hack ...........................

06) must have some knowledge about HTML ,C++, visual basic .... (i'd recommend learning html as your first language )

07) understanding networking & security tools ..............

08) knowing different tools of hacking & how to use them..............few tools like :-
Key Loggers
port scanner
ip scanner
fake id creator
network tracer
RAT (Remote Administration Tool) of 2003 {Global Killer 1.0
Artic 0.6b
Beast 2.00
Kikbak 0.9 }
Spywares
Trojans { Adult_Chat dialer Express
FactoryNetwork Dialer }

and many more :- u can get a list from here :-

http://www.thenetworkadministrator.com/2003MostPopularHackingTools.htm
http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/
http://sectools.org/

09) KNOW FTP , TCP/Ip , UDP , DHCP , also know how to use unix operating sys..........

10) understanding diassembler language ....... ( or wat is called now as "REVERSE ENGINEERING" )http://www4.in.tum.de/lehre/seminare/hs/WS0506/mvs/files/Vortrag_Golesteanu.pdf

http://www.jenkins-ip.com/serv/serv_6.htm

http://www.reverse-engineering.net/