Computer Information Technology

        We are going to see another powerful framework that is used widely in Penetration testing. Burp suite is an integration of various tools put together to work in an effective manner to help the pen-tester in the entire testing process, from the mapping phase to identifying vulnerabilities and exploiting the same. Burp Suite is a Java application that can be used to secure or penetrate web applications. The suite consists of different tools, such as a proxy server, a web spider, intruder, sequencer, comparator, repeater, decoder,etc....         Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.         Burp is e...

WinHex as a disk editing program and has developed into a forensic tools that is useful to digital evidence examiners of all skill levels. WinHex is a universal hex editor, particularly helpful in the realm of computer forensics, data recovery, low-level data editing. With WinHex you can view and hex edit the following: any kind of file, in particular binary files hard disks floppy disks CD-ROM & DVD (read-only) smart media, compact flash, memory sticks all other drive types accessible in Windows even your computer's RAM! Its An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. The disk editor specially supports the following file systems: FAT12, FAT16, FAT32, NTFS. Useful to inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. Th...

The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – will soon be launching a "Bug Bounty Program" for researchers who find loopholes in Tor apps. The bounty program was announced during the recurring 'State of the Onion' talk by Tor Project at Chaos Communication Congress held in Hamburg, Germany. Bug bounty programs are cash rewards gave by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose them. Bug bounties are designed to encourage security researchers and hackers to responsibly report the vulnerabilities they discovered, rather than exploiting it. The bug bounty program will start in the new year . The Tor Project is following in the footsteps of a number of major technology companies, such as Facebook, Google, Paypal, and Mozilla, which offer bug bounti...

Google Dork is an employee who unknowingly exposes sensitive corporate information on the Internet. Google dork queries are built with the advanced search operators that IT administrators, researchers and other professionals use in their daily work to narrow down search engine results. Because search operators can be strung together, an attacker can use complex queries to find information that was published on the Internet but was not meant to be found. The use of advanced search operators to find information that is not easily accessed through simple searches is sometimes called Google dorking or Google hacking. Google hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use. Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific...

Older versions of Android can be remotely reset by Google if the company is issued with a court order, but only if they're locked using a pattern. This is according to a document prepared by the New York District Attorney's Office which revealed just how easily investigators could see the contents of a device. Devices running Android 5.0 and newer cannot be remotely reset as they use full disk encryption. However, this option is not switched on by default. The report found any device using an older version of the operating system is vulnerable to remote reset and according to the Android Developer Dashboard, this is 74.1 per cent of Android devices currently being used. However, this figure is slightly misleading. The remote reset feature does apply to phones running operating systems before Android L, but it only applies to people how have secured their device with a pattern. Google can't remotely reset phones secured with a PIN or passcode, meaning the numbe...

Hackers can monitor 4G mobile networks to detect users' location using supposedly anonymised identifiers Security researchers have revealed how simply contacting somebody via WhatsApp or Facebook messenger can reveal a smartphone owner's location by exploiting a security flaw in 4G mobile networks. A hacker could use the apps to discover the supposedly anonymised identifiers that are assigned to devices when they connect to a network, and use them to locate their owner, according to researchers in Finland and Germany. When a smartphone connects to a mobile network, it is assigned a temporary number called a TMSI (Temporary Mobile Subscriber Identity). The network then uses this eight-digit number to identify a device, rather than a phone number, to make communication more private. However, a hacker monitoring radio communications could tie this TMSI to an individual by sending them a Facebook message or WhatsApp chat, both of which trigger a special "paging reques...

Do Not Scan These IP Addresses ( Unless you want to get into trouble ) The IP addresses listed in the below images are associated with critical information resource centers of US. Scanning these IP addresses will be considered an attempt to break the US's Information Security. Therefore do not scan these IP addresses unless you want to get into trouble. Credits to Hacking-Tutorial.com for the list. RANGE 6 6.* – Army Information Systems Center RANGE 7 7.*.*.* Defense Information Systems Agency, VA RANGE 11 11.*.*.* DoD Intel Information Systems, Defense Intelligence Agency, Washington DC RANGE 21 21. – US Defense Information Systems Agency RANGE 22 22.* – Defense Information Systems Agency RANGE 24 24.198.*.* RANGE 25 25.*.*.* Royal Signals and Radar Establishment, UK RANGE 26 26.* – Defense Information Systems Agency RANGE 29 29.* – Defense Information Systems Agency RANGE 30 30.* – Defense Information Systems Agency RANGE 49 49.* – Joint Ta...