Computer Information Technology

In this post, you will learn to create a web server just by executing a simple python script which is below. ##################### START OF SCRIPT ######################### import sys import getopt import BaseHTTPServer from SimpleHTTPServer import SimpleHTTPRequestHandler def start(argv):     HandlerClass = SimpleHTTPRequestHandler     ServerClass = BaseHTTPServer.HTTPServer     Protocol = "HTTP/1.0"     if sys.argv[1:]:         try:             opts, args = getopt.getopt(argv, "hp:", ["port="])         except getopt.GetoptError:             print "Error Try Again"             sys.exit()         for opt, arg in opts:             if opt in ("-p", "--port"):                 port = int(arg)         server_addr = ("127.0.0.1", port)         HandlerClass.protocol_version = Protocol         httpd = ServerClass(server_addr, HandlerClass)         socket = httpd.socket.getsockname()         pri

In this post you will learn how to decompile an apk file and understand its code and add some of your code to that apk . In this post i am sharing a link of youtube playlist which will demonstrate how to decompile a Twitter apk and understand its code, to inject our own code and get the username and password of the user. For this you will require Apktool jar, Procyon decompiler . After downloading it follow below steps 1. Download Linux wrapper . 2. Rename downloaded jar to apktool.jar 5. Move both files (apktool.jar & apktool wrapper) to /usr/local/bin (root needed) 6. Make sure both files are executable (chmod +x) After this just goto the youtube playlist link The most Important part of this post is how to understand the decompiled code of apk and adding our own code to that apk file and compile it again.

        We are going to see another powerful framework that is used widely in Penetration testing. Burp suite is an integration of various tools put together to work in an effective manner to help the pen-tester in the entire testing process, from the mapping phase to identifying vulnerabilities and exploiting the same. Burp Suite is a Java application that can be used to secure or penetrate web applications. The suite consists of different tools, such as a proxy server, a web spider, intruder, sequencer, comparator, repeater, decoder,etc....         Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.         Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and con

WinHex as a disk editing program and has developed into a forensic tools that is useful to digital evidence examiners of all skill levels. WinHex is a universal hex editor, particularly helpful in the realm of computer forensics, data recovery, low-level data editing. With WinHex you can view and hex edit the following: any kind of file, in particular binary files hard disks floppy disks CD-ROM & DVD (read-only) smart media, compact flash, memory sticks all other drive types accessible in Windows even your computer's RAM! Its An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. The disk editor specially supports the following file systems: FAT12, FAT16, FAT32, NTFS. Useful to inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. Th

The non-profit organization behind TOR – the largest online anonymity network that allows people to hide their real identity online – will soon be launching a "Bug Bounty Program" for researchers who find loopholes in Tor apps. The bounty program was announced during the recurring 'State of the Onion' talk by Tor Project at Chaos Communication Congress held in Hamburg, Germany. Bug bounty programs are cash rewards gave by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose them. Bug bounties are designed to encourage security researchers and hackers to responsibly report the vulnerabilities they discovered, rather than exploiting it. The bug bounty program will start in the new year . The Tor Project is following in the footsteps of a number of major technology companies, such as Facebook, Google, Paypal, and Mozilla, which offer bug bounti

Google Dork is an employee who unknowingly exposes sensitive corporate information on the Internet. Google dork queries are built with the advanced search operators that IT administrators, researchers and other professionals use in their daily work to narrow down search engine results. Because search operators can be strung together, an attacker can use complex queries to find information that was published on the Internet but was not meant to be found. The use of advanced search operators to find information that is not easily accessed through simple searches is sometimes called Google dorking or Google hacking. Google hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use. Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific

Older versions of Android can be remotely reset by Google if the company is issued with a court order, but only if they're locked using a pattern. This is according to a document prepared by the New York District Attorney's Office which revealed just how easily investigators could see the contents of a device. Devices running Android 5.0 and newer cannot be remotely reset as they use full disk encryption. However, this option is not switched on by default. The report found any device using an older version of the operating system is vulnerable to remote reset and according to the Android Developer Dashboard, this is 74.1 per cent of Android devices currently being used. However, this figure is slightly misleading. The remote reset feature does apply to phones running operating systems before Android L, but it only applies to people how have secured their device with a pattern. Google can't remotely reset phones secured with a PIN or passcode, meaning the numbe