Understanding Web Shells

What are Web Shells ?Web shells are basically programs written for a specific purpose in web scripting languages. Web scripting languages are used to develop websites: eg. jsp,php,asp,asp.net,perl-cgi etc .

What is the purpose?

Cross-Site Scripting (XSS) Tutorial: Learn About XSS Vulnerabilities, XSS Injections and How to Prevent Cross Site Scripting Attacks

 

 

XSS - What is Cross-Site Scripting?

Cross-Site Scripting (also known as XSS) is one of the most common application-layer web attacks. XSS vulnerabilities target scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. XSS in itself is a threat which is brought about by the internet security weaknesses of client-side scripting languages such as HTML and

chapcrack – A tool for parsing and decrypting MS-CHAPv2 network handshakes.

chapcrack is a tool for parsing and decrypting MS-CHAPv2 network handshakes, it was announced recently at Defcon as we read over here – Marlinspike demos MS-CHAPv2 crack.
The process is as follows:

How to hack google doodle game slalom canoe using simple method ? A simple method to hack google doodle game slalom canoe

How to hack google doodle game slalom canoe?  This question came to my mind after trying a few attempts on the game. Following the trend from last few days considering olympics, today google’s doodle is slalom canoe. The game is quite interesting and there are multiple ways to hack it or rather i would say here “perform better”.

The Social-Engineer Toolkit (SET) v3.5.1

The Social-Engineer Toolkit (SET) v3.5.1 has been released. This version adds the ability to us ethe SET config to not deploy binaries to the victim machine through the Java Applet. The new configuration option can be found under config/set_config and DEPLOY_BINARIES.

The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of

Windows 8 leaks as Microsoft rushes to rename Metro

Microsoft is having a rough end to the week as its newest software, Windows 8, has leaked online, putting the finished version of its upcoming update in the hands of pirates.

Hack with RAT TROJAN - PRORAT any account

Prorat a famous trojan for hacking system, facebook, gmail, yahoo, twitter and other accounts. Today i wil show you step by step guide to hack with Prorat.

Make free calls worldwide to any number

Hello Readers,
I am back with a new hack for calling any number world wide absolutely free. please note that this method is not mine and i would suggest not to use it. This is just for education purpose. for any misuse you will be responsible.

it works world wide.

Making a simple port scanner

Lets make a simple port scanner with opens a full TCP connection to detect if a port is open or not.

This is not the best way to scan because it makes a lot of noise, some other ways are Half TCP (TCP SYN) and TCP FIN.

Code in python::

import socket
i = “127.0.0.1″
for p in range(19, 26):
spy = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
spy.connect((i, p)

Why BACK TRACK ?

BackTrack purpose:
Information gathering: This category contains several tools that can be used
to get information regarding a target DNS, routing, e-mail address, websites,
mail server, and so on. This information is gathered from the available
information on the Internet, without touching the target environment.
• Network mapping: This category contains tools that can be used to check the
live host, fingerprint operating system, application used by the target, and
also do portscanning