EL SOL / UNA SONDA ESPACIAL MÁS CERCA QUE NUNCA

Un nave europea pasa a 77 millones de kilómetros del astro ...
El satélite 'Solar Orbiter' tomó en los momentos de su máxima aproximación algunas imágenes en luz ultravioleta, que llegarán a la Tierra en cuestión de solo unos días ...


La sonda europea Solar Orbiter, lanzada en febrero pasado, sobrevivió este 15 de junio a su primer encuentro cercano con el Sol al pasar a 77 millones de kilómetros de su superficie, la mitad de la distancia que separa al astro de nuestro planeta.
Durante la semana posterior a este primer perihelio (la posición más cercana al centro de la órbita) los operadores de la misión revisarán el funcionamiento de una decena de herramientas científicas que porta la nave, informa la Agencia Espacial Europea (ESA). Aproximadamente el mismo tiempo será necesario para descargar, a través de una antena situada en la provincia argentina de Mendoza, las imágenes tomadas en ese tenso momento desde el satélite.

La Solar Orbiter no es la nave espacial más próxima al Sol, puesto que la sonda Parker Solar Probe de la NASA, lanzada en 2018, se encuentra ya en su corona exterior. Sin embargo, el aparato estadounidense no tiene telescopios que permitan mirar directamente al astro, algo por lo que sí destaca la misión europea.

"Nuestros telescopios de escaneo ultravioleta tienen la misma resolución espacial que los del Observatorio Dinámico Solar (SDO) de la NASA, que toma imágenes de alta resolución del Sol desde una órbita próxima a la Tierra", comparó el científico de la misión Daniel Müller. "Debido a que actualmente estamos a la mitad de la distancia del Sol, nuestras imágenes tienen el doble de resolución que las del SDO durante este perihelio".

Leer el articulo completo, clic! en el enlace: Actualidad.rt.com / Ciencia
Related posts
Tidak ada komentar:

Top 9 Best Websites To Learn Hacking

  • Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
  • Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
  • HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
  • The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
  • Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
  • Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
  • KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
  • Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.
  • Phrack Magazine: Digital hacking magazine.
Tidak ada komentar:

Entropy: Netwave And GoAhead IP Webcams Exploiting Tool


About Entropy Toolkit
   Entropy Toolkit is:
  • A set of tools to exploit Netwave and GoAhead IP Webcams.
  • A powerful toolkit for webcams penetration testing.

Entropy Toolkit's installationEntropy Toolkit's execution

Entropy Toolkit's examples:
  • Example of exploiting a single webcam
    entropy -b 1 -i [webcam's ip address and port] -v
    Example: entropy -b 1 -i 192.168.1.100:80 -v
  • Example of exploiting webcams from a list
    entropy -b 2 -l [file text] -v
    Example: entropy -b 2 -l iplist.txt -v
  • Example of exploiting webcams using shodan
    entropy -b 2 -v --shodan [you shodan api key]
    Example: entropy -b 2 -v --shodan PSKINdQe1GyxGgecYz2191H2JoS9qvgD

Entropy Toolkit disclaimer:
   Usage of the Entropy Toolkit for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, federal, and international laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Entropy Toolkit license: MIT license.

Download Entropy Toolkit
(Sign up Windscribe for free, get full protection and stay anonymous
with the best free VPN. Read more here)

Related posts


  1. Pentest Red Team
  2. Pentest Environment
  3. Hacking Linux
  4. Hacker Language
  5. Hacker Ethic
  6. Hacking Apps
  7. Pentest Iso
  8. Pentest Box
  9. Hacker Ethic
  10. Hacking Groups
  11. What Hacking Is
  12. Hacking Vpn
  13. Pentest Ubuntu
  14. Hacking Software
  15. Hacking Linux
Tidak ada komentar:

How To Start | How To Become An Ethical Hacker

Are you tired of reading endless news stories about ethical hacking and not really knowing what that means? Let's change that!
This Post is for the people that:

  • Have No Experience With Cybersecurity (Ethical Hacking)
  • Have Limited Experience.
  • Those That Just Can't Get A Break


OK, let's dive into the post and suggest some ways that you can get ahead in Cybersecurity.
I receive many messages on how to become a hacker. "I'm a beginner in hacking, how should I start?" or "I want to be able to hack my friend's Facebook account" are some of the more frequent queries. Hacking is a skill. And you must remember that if you want to learn hacking solely for the fun of hacking into your friend's Facebook account or email, things will not work out for you. You should decide to learn hacking because of your fascination for technology and your desire to be an expert in computer systems. Its time to change the color of your hat 😀

 I've had my good share of Hats. Black, white or sometimes a blackish shade of grey. The darker it gets, the more fun you have.

If you have no experience don't worry. We ALL had to start somewhere, and we ALL needed help to get where we are today. No one is an island and no one is born with all the necessary skills. Period.OK, so you have zero experience and limited skills…my advice in this instance is that you teach yourself some absolute fundamentals.
Let's get this party started.
  •  What is hacking?
Hacking is identifying weakness and vulnerabilities of some system and gaining access with it.
Hacker gets unauthorized access by targeting system while ethical hacker have an official permission in a lawful and legitimate manner to assess the security posture of a target system(s)

 There's some types of hackers, a bit of "terminology".
White hat — ethical hacker.
Black hat — classical hacker, get unauthorized access.
Grey hat — person who gets unauthorized access but reveals the weaknesses to the company.
Script kiddie — person with no technical skills just used pre-made tools.
Hacktivist — person who hacks for some idea and leaves some messages. For example strike against copyright.
  •  Skills required to become ethical hacker.
  1. Curosity anf exploration
  2. Operating System
  3. Fundamentals of Networking
*Note this sites





More articles
Tidak ada komentar:

USE OF CRYPTOGRAPHY IN HACKING

WHAT IS CRYPTOGRAPHY?

The Cryptography is derived from the Greek words "Kryptos". This is the study of secure communication techniques that allow only the sender and recipient of a message to view it's contents of transforming information into nonhuman readable form or vice versa is called cryptography.

As we know that information plays a vital role in running of any business and organizations etc, sensitive details in the wrong hands can leads to loss of business.

Cryptography is the science of ciphering and deciphering messages.To secure communication organizations use cryptology to cipher information .

                            Or

Cryptography is a method of protecting information and communication through the use of codes so that only those whom the information is intended can read and process it.

In Computer Science, Cryptography refers to secure information and communication techniques derived from mathematical concepts , a set of rule based calculations called algorithm to transform message in ways the hard to readable for human.

This is one of the secure way of communications for a hacker with the help of virtual private network(VPN) like Tor Browser which is also very helpful to change the IP Address(Location of the sender ) for illegal purpose to perform crime in cyberspace . I will discuss in brief about the VPN .



How to Encrypt and Decrypt the text in Cryptography?

Open this website with the help of internert surfing for encryption-"http://wwwmd5online.org" 

Open the link for Decrypt the code text-"http://www.md5online.org/md5-decrypt.html"

Type whatever you want for encryption and it will crypt in the code form, copy that code and forward to the intended person whom you want for secure communication and then he/she will Decrypt in the real form.




               
       







Related posts


Tidak ada komentar:

Secret Hack Codes For Android Mobile Phones

Secrete Hack codes for Android Mobile phones

Secret hack codes are usually hidden from users to prevent misuse and exploit. Android is a very new platform so there aren't many hack codes for Androids available. Today I will share all of the hack codes of Android cellphones that I know. I have tested these codes on my Samsung Galaxy with the Android OS version 2.2. I am sure these will work on all previous versions. 


Secret Hack Codes for Android Mobile Phones:


1. Complete Information About Your Phone 

 *#*#4636#*#*

 This code can be used to get some interesting information about your phone and battery. It shows the following 4 menus on the screen:

  • Phone information
  • Battery information (How to maximize or boost battery life in android phones)
  • Battery history
  • Usage statistics


2. Factory data reset


*#*#7780#*#*

This code can be used for a factory data reset. It'll remove the following things:

  • Google account settings stored in your phone
  • System and application data and settings
  • Downloaded applications

It will NOT remove:

  • Current system software and bundled application
  • SD card files e.g. photos, music files, etc.

Note: Once you give this code, you will get a prompt screen asking you to click on the "Reset phone" button, giving you the chance to cancel your operation.


3. Format Android Phone


  *2767*3855#

Think before you input this code. This code is used for factory formatting. It will remove all files and settings, including the internal memory storage. It will also reinstall the phone firmware.

Note: Once you give this code, there is no way to cancel the operation unless you remove the battery from the phone.


4. Phone Camera Update


*#*#34971539#*#*

This code is used to get information about phone camera. It shows following 4 menus:

  • Update camera firmware in image (Don't try this option)
  • Update camera firmware in SD card
  • Get camera firmware version
  • Get firmware update count

WARNING: NEVER use the first option. Your phone camera will stop working and you will need to take your phone to a service center to reinstall camera firmware.


5. End Call/Power

 

*#*#7594#*#*

This one is my favorite. This code can be used to change the action of the "End Call/Power" button. Be default, if you hold the button down for a long time, it shows a screen asking you to select between silent mode, airplane mode, and power off.

Using this code, you can enable this button to power off without having to select an option, saving you some time.


6. File Copy for Creating Backup


*#*#273283*255*663282*#*#*


This code opens a file copy screen where you can backup your media files e.g. images, sound, video and voice memo.


7.  Service Mode


*#*#197328640#*#*

This code can be used to enter into service mode. In service mode, you can run various tests and change settings.


8. WLAN, GPS and Bluetooth Secret Hack Codes for Android:


*#*#232339#*#* OR *#*#526#*#* OR *#*#528#*#*           – WLAN test (Use "Menu" button to start various tests)

*#*#232338#*#*                  – Shows WiFi MAC address

*#*#1472365#*#*                – GPS test

*#*#1575#*#*                      – Another GPS test

*#*#232331#*#*                  – Bluetooth test

*#*#232337#*#                    – Shows Bluetooth device address


9. Codes to get Firmware version information:


*#*#4986*2650468#*#* – PDA, Phone, H/W, RFCallDate

*#*#1234#*#* – PDA and Phone

*#*#1111#*#* – FTA SW Version

*#*#2222#*#* – FTA HW Version

*#*#44336#*#* – PDA, Phone, CSC, Build Time, Changelist number


10. Codes to launch various Factory Tests:


*#*#0283#*#* – Packet Loopback

*#*#0*#*#* – LCD test

*#*#0673#*#* OR *#*#0289#*#* – Melody test

*#*#0842#*#* – Device test (Vibration test and BackLight test)

*#*#2663#*#* – Touch screen version

*#*#2664#*#* – Touch screen test

*#*#0588#*#* – Proximity sensor test

*#*#3264#*#* – RAM version


@EVERYTHING NT

Read more
Tidak ada komentar:

Sslmerge - Tool To Help You Build A Valid SSL Certificate Chain From The Root Certificate To The End-User Certificate


Is an open source tool to help you build a valid SSL certificate chain from the root certificate to the end-user certificate. Also can help you fix the incomplete certificate chain and download all missing CA certificates.

How To Use
It's simple:
# Clone this repository
git clone https://github.com/trimstray/sslmerge

# Go into the repository
cd sslmerge

# Install
./setup.sh install

# Run the app
sslmerge -i /data/certs -o /data/certs/chain.crt
  • symlink to bin/sslmerge is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Parameters
Provides the following options:
  Usage:
    sslmerge <option|long-option>

  Examples:
    sslmerge --in Root.crt --in Intermediate1.crt --in Server.crt --out bundle_chain_certs.crt
    sslmerge --in /tmp/certs --out bundle_chain_certs.crt --with-root
    sslmerge -i Server.crt -o bundle_chain_certs.crt

  Options:
        --help        show this message
        --debug       displays information on the screen (debug mode)
    -i, --in          add certificates to merge (certificate file, multiple files or directory with ssl certificates)
    -o, --out         saves the result (chain) to file
        --with-root   add root certificate to the certificate chain

How it works
Let's start with ssllabs certificate chain. They are delivered together with the sslmerge and can be found in the example/ssllabs.com directory which additionally contains the all directory (containing all the certificates needed to assemble the chain) and the server_certificate directory (containing only the server certificate).
The correct chain for the ssllabs.com domain (the result of the openssl command):
Certificate chain
 0 s:/C=US/ST=California/L=Redwood City/O=Qualys, Inc./CN=ssllabs.com
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
 2 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
   i:/C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
The above code presents a full chain consisting of:
  • Identity Certificate (Server Certificate)
    issued for ssllabs.com by Entrust Certification Authority - L1K
  • Intermediate Certificate
    issued for Entrust Certification Authority - L1K by Entrust Root Certification Authority - G2
  • Intermediate Certificate
    issued for Entrust Root Certification Authority - G2 by Entrust Root Certification Authority
  • Root Certificate (Self-Signed Certificate)
    issued for Entrust Root Certification Authority by Entrust Root Certification Authority

Scenario 1
In this scenario, we will chain all delivered certificates. Example of running the tool:

Scenario 2
In this scenario, we only use the server certificate and use it to retrieve the remaining required certificates. Then, as above, we will combine all the provided certificates. Example of running the tool:

Certificate chain
In order to create a valid chain, you must provide the tool with all the necessary certificates. It will be:
  • Server Certificate
  • Intermediate CAs and Root CAs
This is very important because without it you will not be able to determine the beginning and end of the chain.
However, if you look inside the generated chain after generating with sslmerge, you will not find the root certificate there. Why?
Because self-signed root certificates need not/should not be included in web server configuration. They serve no purpose (clients will always ignore them) and they incur a slight performance (latency) penalty because they increase the size of the SSL handshake.
If you want to add a root certificate to the certificate chain, call the utility with the --with-root parameter.

Certification Paths
Sslmerge allows use of two certification paths:

Output comments
When generating the chain of certificates, sslmerge displays comments with information about certificates, including any errors.
Here is a list of all possibilities:

not found identity (end-user, server) certificate
The message is displayed in the absence of a server certificate that is the beginning of the chain. This is a unique case because in this situation the sslmerge ends its operation displaying only this information. The server certificate is the only certificate required to correctly create a chain. Without this certificate, the correct chain will not be created.

found correct identity (end-user, server) certificate
The reverse situation here - message displayed when a valid server certificate is found.

not found first intermediate certificate
This message appears when the first of the two intermediate certificates is not found. This information does not explicitly specify the absence of a second intermediate certificate and on the other hand it allows to determine whether the intermediate certificate to which the server certificate was signed exists. Additionally, it can be displayed if the second intermediate certificate has been delivered.

not found second intermediate certificate
Similar to the above, however, it concerns the second intermediate certificate. However, it is possible to create the chain correctly using the second certification path, e.g. using the first intermediate certificate and replacing the second with the main certificate.

one or more intermediate certificate not found
This message means that one or all of the required intermediate certificates are missing and displayed in the absence of the root certificate.

found 'n' correct intermediate certificate(s)
This message indicates the number of valid intermediate certificates.

not found correct root certificate
The lack of the root certificate is treated as a warning. Of course, when configuring certificates on the server side, it is not recommended to attach a root certificate, but if you create it with the sslmerge, it treats the chain as incomplete displaying information about the incorrect creation of the chain.

an empty CN field was found in one of the certificates
This message does not inform about the error and about the lack of the CN field what can happen with some certificates (look at example/google.com). Common Name field identifies the host name associated with the certificate. There is no requirement in RFC3280 for an Issuer DN to have a CN. Most CAs do include a CN in the Issuer DN, but some don't, such as this Equifax CA.

Requirements
Sslmerge uses external utilities to be installed before running:

Other

Contributing
See this.

Project architecture
See this.


Related articles

  1. Pentest App
  2. Pentest Website
  3. Hacker Computer
  4. Hacker Computer
  5. Hacking Resources
  6. Pentest News
  7. Hacking Meaning
  8. Pentest+ Vs Oscp
  9. Pentest Plus
  10. Pentest+ Vs Oscp
  11. Pentest Gear
Tidak ada komentar:

Diggy - Extract Enpoints From APK Files


Diggy can extract endpoints/URLs from apk files. It saves the result into a txt file for further processing.


Dependencies
  • apktool

Usage
./diggy.sh /path/to/apk/file.apk
You can also install it for easier access by running install.sh
After that, you will be able to run Diggy as follows:
diggy /path/to/apk/file.apk


Read more
Tidak ada komentar:

Sherlock Tool | Find Usernames Across Social Networks

Related posts


Tidak ada komentar:

5 BEST HACKING BOOKS 2018

Most of the people don't go with videos and read books for learning. Book reading is a really effective way to learn and understand how things work. There are plenty of books about computers, security, penetration testing and hacking. Every book shows a different angle how things work and how to make system secure and how it can be penetrated by hackers. So, here I have gathered a few of the best hacking books of 2018 available on the market.

BEST HACKING BOOKS OF 2018

There are hundreds of books about hacking, but I have streamlined few of best hacking books of 2018.

1. THE HACKER'S PLAYBOOK PRACTICAL GUIDE TO PENETRATION

This handbook is about experting yourself with the hacking techniques in the hacker's way. This is about penetration testing that how hackers play their techniques and how we can counter them.

CONTENTS

  • Introduction
  • Pregame – The Setup
  • Setting Up a Penetration Testing Box
  • Before the Snap – Scanning the Network
  • The Drive – Exploiting Scanner Findings
  • The Throw – Manual Web Application Findings
  • The Lateral Pass – Moving Through the Network
  • The Screen – Social Engineering
  • The Onside Kick – Attacks that Require Physical Access
  • The Quarterback Sneak – Evading AV
  • Special Teams – Cracking, Exploits, Tricks
  • Post Game Analysis – Reporting
Download the Hacker's Playbook Practical Guide to Penetration.

2. ANDROID HACKER'S HANDBOOK

The Android Hacker's Handbook is about how the android devices can be hacked. Authors chose to write this book because the field of mobile security research is so "sparsely charted" with disparate and conflicted information (in the form of resources and techniques).

CONTENTS

  • Chapter 1 Looking at the Ecosystem
  • Chapter 2 Android Security Design and Architecture
  • Chapter 3 Rooting Your Device
  • Chapter 4 Reviewing Application Security
  • Chapter 5 Understanding Android's Attack Surface
  • Chapter 6 Finding Vulnerabilities with Fuzz Testing
  • Chapter 7 Debugging and Analyzing Vulnerabilities
  • Chapter 8 Exploiting User Space Software
  • Chapter 9 Return Oriented Programming
  • Chapter 10 Hacking and Attacking the Kernel
  • Chapter 11 Attacking the Radio Interface Layer
  • Chapter 12 Exploit Mitigations
  • Chapter 13 Hardware Attacks
Download Android Hacker's Handbook.

3. PENETRATION TESTING: A HANDS-ON INTRODUCTION TO HACKING

This book is an effective practical guide to penetration testing tools and techniques. How to penetrate and hack into systems. This book covers beginner level to highly advanced penetration and hacking techniques.

CONTENTS

  • Chapter 1: Setting Up Your Virtual Lab
  • Chapter 2: Using Kali Linux
  • Chapter 3: Programming
  • Chapter 4: Using the Metasploit Framework
  • Chapter 5: Information Gathering
  • Chapter 6: Finding Vulnerabilities
  • Chapter 7: Capturing Traffic
  • Chapter 8: Exploitation
  • Chapter 9: Password Attacks
  • Chapter 10: Client-Side Exploitation
  • Chapter 11: Social Engineering
  • Chapter 12: Bypassing Antivirus Applications
  • Chapter 13: Post Exploitation
  • Chapter 14: Web Application Testing
  • Chapter 15: Wireless Attacks
  • Chapter 16: A Stack-Based Buffer Overflow in Linux
  • Chapter 17: A Stack-Based Buffer Overflow in Windows
  • Chapter 18: Structured Exception Handler Overwrites
  • Chapter 19: Fuzzing, Porting Exploits, and Metasploit Modules
  • Chapter 20: Using the Smartphone Pentesting Framework
Download Penetration Testing: A Hands-On Introduction To Hacking.

4. THE SHELLCODER'S HANDBOOK

This book is about learning shellcode's of the OS and how OS can be exploited. This book is all about discovering and exploiting security holes in devices to take over.
Authors: Chris Anley, John Heasman, Felix "FX" Linder, Gerardo Richarte.

CONTENTS

  • Stack Overflows
  • Shellcode
  • Introduction to Format String Bugs
  • Windows Shellcode
  • Windows Overflows
  • Overcoming Filters
  • Introduction to Solaris Exploitation
  • OS X Shellcode
  • Cisco IOS Exploitation
  • Protection Mechanisms
  • Establishing a Working Environment
  • Fault Injection
  • The Art of Fuzzing
  • Beyond Recognition: A Real Vulnerability versus a Bug
  • Instrumented Investigation: A Manual Approach
  • Tracing for Vulnerabilities
  • Binary Auditing: Hacking Closed Source Software
  • Alternative Payload Strategies
  • Writing Exploits that Work in the Wild
  • Attacking Database Software
  • Unix Kernel Overflows
  • Exploiting Unix Kernel Vulnerabilities
  • Hacking the Windows Kernel
Download The ShellCoder's HandBook.

5. THE HACKER'S HANDBOOK WEB APPLICATION SECURITY FLAWS

This handbook is about finding and exploiting the web applications.
Authors: Dafydd Stuttard, Marcus Pinto.

CONTENTS

  • Chapter 1 Web Application (In)security
  • Chapter 2 Core Defense Mechanisms
  • Chapter 3 Web Application Technologies
  • Chapter 4 Mapping the Application
  • Chapter 5 Bypassing Client-Side Controls
  • Chapter 6 Attacking Authentication
  • Chapter 7 Attacking Session Management
  • Chapter 8 Attacking Access Controls
  • Chapter 9 Attacking Data Stores
  • Chapter 10 Attacking Back-End Components
  • Chapter 11 Attacking Application Logic
  • Chapter 12 Attacking Users: Cross-Site Scripting
  • Chapter 13 Attacking Users: Other Techniques
  • Chapter 14 Automating Customized Attacks
  • Chapter 15 Exploiting Information Disclosure
  • Chapter 16 Attacking Native Compiled Applications
  • Chapter 17 Attacking Application Architecture
  • Chapter 18 Attacking the Application Server
  • Chapter 19 Finding Vulnerabilities in Source Code
  • Chapter 20 A Web Application Hacker's Toolkit
  • Chapter 21 A Web Application Hacker's Methodology
So, these are the top 5 best hacking books on the market. There may be more fascinating books in the future that make take place in the top list. But for now, these are the best hacking books. Read and share your experience with these books.
Related word
Tidak ada komentar:
Langganan: Postingan (Atom)