Yearly Archives: 2015

/2015

Bypass MAC filtering on wireless networks

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

In this tutorial we will be looking at how to bypass MAC filtering on a wireless network. MAC filtering is often used as a security measure to prevent non whitelisted MAC addresses from connecting to the wireless network. With MAC filtering you can specify MAC addresses […]

By |November 29th, 2015|Papers|

Malware Types Explained

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

In this article we will be looking at the different kinds of malware and what they do. When performing static or dynamic malware analysis it is crucial to have a good understanding of the different malware types available so you are able to recognize them and focus […]

By |November 29th, 2015|Papers|

Dynamic Malware Analysis Tools

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

In this tutorial we will be covering Dynamic Malware Analysis Tools which are used to analyse activity after the execution of malware in virtual machines. We will be looking at tools like Procmon, Process Explorer, Regshot, ApateDNS, Netcat, Wireshark and INetSim to analyse the malware. Dynamic Malware Analysis is typically performed after static malware […]

By |November 29th, 2015|Papers|

Basic Malware Analysis Tools

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

In the upcoming posts we will be talking about basic malware analysis and we will start with discussing the many different Basic Malware Analysis Tools which are available. A Malware Analyst is someone highly skilled in reverse engineering malware to get a deep understanding about what a certain piece of malware does and […]

By |November 29th, 2015|Papers|

Hacker Claims He helped FBI Track Down ISIS Hacker (Who was killed in Drone-Strike)

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

Remember Junaid Hussain?

Junaid Hussain – a hacker turned ISIS cyber mastermind who was killed in a US drone strike in August this year.

But something has emerged what we don’t know about the death of Hussain.

The infamous hacker who in the past hacked the Anonymous pseudo-official Twitter […]

By |November 24th, 2015|Papers|

Dell’s Laptops are Infected with ‘Superfish-Like’ pre-installed Malware

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

Similar to the Superfish malware that surrounded Lenovo laptops in February, another big computer manufacturer Dell spotted selling PCs and laptops pre-installed with a rogue SSL certificate that could allow attackers:

To impersonate as any HTTPS-protected website and spy on when banking or shopping online.

The rogue certificate, […]

By |November 24th, 2015|Papers|

steganography: How To Hide File’s behind a Image.

hello guys today I will show u how to hide file in jpg !

so lets start with the setup :

A) Set up:

1. Must have a .zip or .rar compressor.
2. Willingness to learn.

B) And now follow steps :

Steps:
1. Save the picture of choice to your desktop.
2. Make a new .rar or .zip folder on your desktop.
3. […]

By |November 23rd, 2015|Papers|

Pentesting a web application..

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

A little cheatsheet to help with manually reviewing web applications.

Command Execution:

PHP Code:

exec           – Returns last line of commands output
passthru       – Passes commands output directly to the browser
system         – Passes commands output directly to the browser and returns last line
shell_exec     – Returns commands output
“ (backticks) – Same as shell_exec()
popen          – Opens read or write pipe to process of a command
proc_open      – Similar to popen() but greater degree of control
pcntl_exec     – Executes a program

Apart from eval there are other ways to execute PHP code: include/require can be used for remote code execution in the form of Local File Include and Remote File Include vulnerabilities.

PHP Code Execution:

PHP Code:

eval()
assert()  – identical to eval()
preg_replace(‘/.*/e’,…) – /e does an eval() on the match
create_function()
include()
include_once()
require()
require_once()
$_GET($_GET);
$func = new ReflectionFunction($_GET); $func->invoke(); or $func->invokeArgs(array());

List of […]

By |November 23rd, 2015|Papers|

SPOOFING YOUR MAC ADDRESS

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

MAC (Media Access Control) is a number that identifies your network adapter or adapters for connecting to the internet. To remain highly anonymous you should first of all change your mac address. Although it may not be the most important thing to do but surely it […]

By |November 22nd, 2015|Papers|

WhatsApp Spy: Know when someone goes to sleep or wakeup

Extreme Hacking | Sadik Shaikh
Ethical Hacking Institute Course in Pune-India

Today I’ll be teaching you a new hack you could do using the ultimate WhatsApp Spying Website: http://whatcha.xyz/

WhatCha is an online service, that tracks anyone’s number on WhatsApp and give you a detailed log on when your victim goes online or offline.

And since almost everyone you […]

By |November 21st, 2015|Papers|