Tuesday, 11 April 2023

Difference between LAN, MAN and WAN

Prerequisite – Types of area network LAN, MAN and WAN

LAN stands for local area network. It is a group of network devices that allow communication between various connected devices. Private ownership has control over the local area network rather than the public. LAN has a short propagation delay than MAN as well as WAN. It covers smaller areas such as colleges, schools, hospitals, and so on.

MAN stands for metropolitan area network. It covers a larger area than LAN such as small towns, cities, etc. MAN connects two or more computers that reside within the same or completely different cities. MAN is expensive and should or might not be owned by one organization.

WAN stands for wide area network. It covers a large area than LAN as well as a MAN such as country/continent etc. WAN is expensive and should or might not be owned by one organization. PSTN or satellite medium is used for wide area networks.

Differences between LAN, MAN, and WAN

Basis	LAN	MAN	WAN
Full-Form	LAN stands for local area network.	Man stands for metropolitan area network.	WAN stands for wide area network.
Geographic Span	Operates in small areas such as the same building or campus.	Operates in large areas such as a city.	Operates in larger areas such as country or continent.
Ownership	LAN’s ownership is private.	MAN’s ownership can be private or public.	While WAN also might not be owned by one organization.
Transmission Speed	The transmission speed of a LAN is high.	While the transmission speed of a MAN is average.	Whereas the transmission speed of a WAN is low.
Propagation delay	The propagation delay is short in a LAN.	There is a moderate propagation delay in a MAN.	Whereas, there is a long propagation delay in a WAN.
Congestion	There is less congestion in LAN.	While there is more congestion in MAN.	Whereas there is more congestion than MAN in WAN.
Design & Maintenance	LAN’s design and maintenance are easy.	While MAN’s design and maintenance are difficult than LAN.	Whereas WAN’s design and maintenance are also difficult than LAN as well MAN.
Fault tolerance	There is more fault tolerance in LAN.	While there is less fault tolerance.	In WAN, there is also less fault tolerance.

What Is VPN?

Definition

A Virtual Private Network (VPN) adds security and anonymity to users when they connect to web-based services and sites. A VPN hides the user’s actual public IP address and “tunnels” traffic between the user’s device and the remote server. Most users sign up for a VPN service online anonymity to avoid being tracked, and they often use public Wi-Fi where increased risks threaten the safety of their data.

Why Do I Need a VPN?

When you make a connection to a web server, your browser performs a lookup on the domain name from Domain Name Services (DNS) servers, gets the IP address, and then connects to the server. In most cases, the connection is encrypted using SSL/TLS. Even with SSL/TLS, numerous attacks on public Wi-Fi are possible. For example, a clever attacker can perform a downgrade on the version of TLS used to encrypt data, making communication vulnerable to brute force.

With a VPN added to the connection, the VPN service packages data in its own encryption and sends it across the network. The targeted server sees the VPN’s public IP address instead of the user’s public IP address. Should an attacker hijack the connection and eavesdrop on data, good VPN encryption eliminates the possibility of a brute force opportunity, which discloses data in a cryptographically insecure connection.

How to Use a VPN

The first step in VPN setup is finding a provider that’s right for you. Several VPN providers are available, but each one has its pros and cons. For example, you need a provider with a protocol that all devices support. It should be easy to set up, available from any geolocation, and provide cryptographically secure encryption for adequate security in public Wi-Fi use.

A main differentiating factor between a good VPN and one that offers little advantages is the number of users on a single IP address. Some service providers block VPN IP addresses because spammers and malicious threat actors also use VPN to anonymize their connection. Service providers can download a list of VPN IP addresses and block them from accessing local services. Good VPN offers private IP addresses, which costs more but also offers increased freedom and anonymity on the Internet.

After you choose a VPN, you then must configure your device to use it. These configurations are specific to each VPN provider, so yours equip you with their step-by-step instructions. Some VPN providers give you an install file to help with the setup process, which is helpful if you are unfamiliar with operating-system configurations.

How VPN Works

A VPN is an intermediary between your computer and the targeted server. Instead of relying on a browser to encrypt communication between your device and the server, the VPN adds its own encryptions and routes communication via its own servers. You often hear the term “tunneling” when it comes to VPN services. The idea is that the VPN service opens a “tunnel” between you and the targeted server. Then, the VPN sends your data through its “tunnel” so that no one else on the network can eavesdrop and hijack your data.

Technically, the VPN sets up a connection where your device communicates on the VPN network instead of the local network, including public Wi-Fi. You authenticate with the VPN server using your stored credentials and then receive a connection to the VPN servers. With the tunnel set up, you use a virtual network connection between you and the VPN server that encrypts and protects data from eavesdroppers. If you use an SSL/TLS connection, the data is encrypted and then encrypted again using the VPN service. It adds double encryption to your communication, improving the security of your data.

Remember, when connected to a VPN server, the IP address shown to the target server is the VPN server’s IP address. If the VPN server is virtually or physically located in another country, the target web server will identify your location as the VPN country location.

What Is IP And TCP?

What is TCP?

Transmission Control Protocol (TCP) is a communications standard that enables application programs and computing devices to exchange messages over a network. It is designed to send packets across the internet and ensure the successful delivery of data and messages over networks.

TCP is one of the basic standards that define the rules of the internet and is included within the standards defined by the Internet Engineering Task Force (IETF). It is one of the most commonly used protocols within digital network communications and ensures end-to-end data delivery.

TCP organizes data so that it can be transmitted between a server and a client. It guarantees the integrity of the data being communicated over a network. Before it transmits data, TCP establishes a connection between a source and its destination, which it ensures remains live until communication begins. It then breaks large amounts of data into smaller packets, while ensuring data integrity is in place throughout the process.

As a result, high-level protocols that need to transmit data all use TCP Protocol. Examples include peer-to-peer sharing methods like File transfer protocol(FTP) , Secure Shell (SSH), and Telnet. It is also used to send and receive email through Internet Message Access Protocol (IMAP), Post Office Protocol (POP), and Simple Mail Transfer Protocol (SMTP), and for web access through the Hypertext transfer Protocol (HTTP)

An alternative to TCP in networking is to user datagram protocol (UDP) which is used to establish low lanyeycy connections between applications and decrease transmissions time. TCP can be an expensive network tool as it includes absent or corrupted packets and protects data delivery with controls like acknowledgments, connection startup, and flow control.

UDP does not provide error connection or packet sequencing nor does it signal a destination before it delivers data, which makes it less reliable but less expensive. As such, it is a good option for time-sensitive situations, such as Domain Name System (DNS) lookup, Voice over Internet Protocol (VoIP), and streaming media.

What is IP?

The Internet Protocol (IP) is the method for sending data from one device to another across the internet. Every device has an IP address that uniquely identifies it and enables it to communicate with and exchange data with other devices connected to the internet. Today, it’s considered the standard for fast and secure communication directly between mobile devices.

IP is responsible for defining how applications and devices exchange packets of data with each other. It is the principal communications protocol responsible for the formats and rules for exchanging data and messages between computers on a single network or several internet-connected networks. It does this through the Internet Protocol Suite (TCP/IP), a group of communications protocols that are split into four abstraction layers.

IP is the main protocol within the internet layer of the TCP/IP. Its main purpose is to deliver data packets between the source application or device and the destination using methods and structures that place tags, such as address information, within data packets.

What is TCP/IP? Working Layers and Advantages of TCP/IP

TCP vs. IP: What is the Difference?

TCP and IP are separate protocols that work together to ensure data is delivered to its intended destination within a network. IP obtains and defines the address—the IP address—of the application or device the data must be sent to. TCP is then responsible for transporting and routing data through the network architecture and ensuring it gets delivered to the destination application or device that IP has defined. Both technologies working together allow communication between devices over long distances, making it possible to transfer data where it needs to go in the most efficient way possible.

In other words, the IP address is akin to a phone number assigned to a smartphone. TCP is the computer networking version of the technology used to make the smartphone ring and enable its user to talk to the person who called them.

Now that we’ve looked at TCP and ICP separately, what is TCP/IP? The two protocols are frequently used together and rely on each other for data to have a destination and safely reach it, which is why the process is regularly referred to as TCP/IP. With the right security protocols in place, the combination of the TCP/IP allows users to follow a safe and secure process when they need to move data between two or more devices.

How Does Transmission Control Protocol (TCP)/IP Work?

The TCP/IP model is the default method of data communication on the Internet. It was developed by the United States Department of Defense to enable the accurate and correct transmission of data between devices. It breaks messages into packets to avoid having to resend the entire message in case it encounters a problem during transmission. Packets are automatically reassembled once they reach their destination. Every packet can take a different route between the source and the destination computer, depending on whether the original route used becomes congested or unavailable.

TCP/IP divides communication tasks into layers that keep the process standardized, without hardware and software providers doing the management themselves. The data packets must pass through four layers before they are received by the destination device, then TCP/IP goes through the layers in reverse order to put the message back into its original format.

As a connection based protocol, the TCP establishes and maintains a connection between applications or devices until they finish exchanging data. It determines how the original message should be broken into packets, numbers and reassembles the packets, and sends them on to other devices on the network, such as routers, security gateways, and switches, then on to their destination. TCP also sends and receives packets from the network layer, handles the transmission of any dropped packets, manages flow control, and ensures all packets reach their destination.

A good example of how this works in practice is when an email is sent using SMTP from an email server. To start the process, the TCP layer in the server divides the message into packets, numbers them, and forwards them to the IP layer, which then transports each packet to the destination email server. When packets arrive, they are handed back to the TCP layer to be reassembled into the original message format and handed back to the email server, which delivers the message to a user’s email inbox.

TCP/IP uses a three-way handshake to establish a connection between a device and a server, which ensures multiple TCP socket connections can be transferred in both directions concurrently. Both the device and server must synchronize and acknowledge packets before communication begins, then they can negotiate, separate, and transfer TCP socket connections.

Monday, 10 April 2023

Termux Command List

What are Termux Commands?

in simple words, Termux Commands are the terminal commands, which is executed to perform a particular task. These commands are similar to Linux Commands.

Termux Commands List :

Important Termux Commands

Command	Purpose, Usage
termux-setup-storage	Will setup the storage system
apt update	will update the available packages
apt upgrade	will upgrade the available packages
pkg install	will install new packages, eg: pkg install php
pkg uninstall	will uninstall packages, eg: pkg uninstall php
pkg list	will show installed packages
pkg search	will search packages, eg: pkg search php
pkg-list-installed	will show the list of installed packages

Important System Level Commands

Command	Purpose, Usage
uname -a	Will Display the system information
whoami	Will Display the current user information
history	Will Display the list of perviously typed commands
clear	Will clear the teminal
pwd	Will print the present working directory
ls	will list the directories, files in that directory
cd	you can open a folder/directory using cd command, usage cd test
mv	mv command is used to rename a file, folder, also used to move a file from one directory to another
cp	cp is used to copy files from directory to another
rm	will remove the file, folder, usage rm test.txt
touch	will create a new file, touch test.txt
mkdir	will create a new directories, usage mkdir test

Before we dive deep, let's start with some cool commands.
Let's Learn How To Use Cmatrix effects on Termux

For That Type Below Command

pkg install cmatrix

After that type

cmatrix

Ctmatrix effects will be displayed on termux

Another Cool Command is Sl
Type

pkg install sl

After that type sl
That's all a small Train will Start Running On Termux

Now let's see what the background running tasks through termux are
just type the below command

Top

Now let's find the factor of any number for that install below package by typing

pkg install coreutils

After that to find the factor of any number, then type the factor number
eg: factor 100

Let's play with text on termux
we can write text in different styles, firstly try with the figlet
Type

pkg install figlet

After that type figlet and type the text you want to write in the figlet style

For Colourful text, you have to install toilet package for that, type below command

pkg install toilet

After that type toilet "your text"
You can also try color combination eg
toilet -f mono12 -F gay "Your Text"

Calendar in termux, if you can't to see the calendar in termux then type

cal

To see the calendar
To see the time and date just type date in termux

Now let's talk about some helpful commands

apt update

This command used to update the termux built-in busybox and other packages

apt upgrade

This command is used to upgrade the packages to the latest

Accessing and managing files in termux

To manage and access files in termux then you must type below command

termux-setup-storage

To access a directory cd command is used
The termux default directory is located at /data/data/com.termux/
You can access it anytime by typing cd $home

ls Command is used to see the list of sub directories

To access your internal sdcard you have to type cd /sdcard && ls

To Access your External Sdcard the same command is used cd /sdcard0/ && ls

To Remove/delete an empty Directory or a file, use this command: rm -rf filename
Where filename belongs to the name of the file or directory
Similarly, you can use rm -r filename

To Make a Directory mkdir Command is used
Eg: mkdir Hello
Where Hello Belongs to a Directory Name

For Copying files from one directory to another, cp Command is used
eg: cp /path/file /path
Similarly for moving files mv Command is used

Termux also Supports zipping and Unzipping of Zip files
For that zip , unzip Commands are used

Let's talk about Networking
ifconfig Command is used to get all the information regarding your Network IP Address
To check a particular website is accessible or not in your ISP then you can check that through termux by typing

ping website

Eg: ping google.com

The Interesting thing is you can access the internet through termux, directly in the command line

Firstly you have to install the w3m package by typing

pkg install w3m

After that, type the below command to access any website

How Do Hackers Hack Your Phone

How Do Hackers Hack Phones

How do hackers hack phones? Several ways. Just as there are several ways you can prevent it from happening to you.

The thing is that our phones are like little treasure chests. They’re loaded with plenty of personal data, and we use them to shop, bank, and take care of other personal and financial matters—all of which are of high value to identity thieves.

Types of Smartphone Hacks and Attacks

Hacking software

Whether hackers sneak it onto your phone by physically accessing your phone or by tricking you into installing it , a sketchy website, or a phishing attack, hacking software can create problems for you in a couple of ways:

Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type, tap, and even talk on your phone.
Trojans: Trojans are types of malware that can be disguised in your phone to extract important data, such as credit card account details or personal information.

Some possible signs of hacking software on your phone include:

A battery that drains way too quickly.
Your phone runs a little sluggish or gets hot.
Apps quit suddenly or your phone shuts off and turns back on.
You see unrecognized data, text, or other charges on your bill.

In all, hacking software can eat up system resources, create conflicts with other apps, and use your data or internet connection to pass along your personal information into the hands of hackers—all of which can lead to some of the symptoms listed above.

Phishing attacks

These are a classic form of attack. In fact, hackers have leveled them at our computers for years now too. Phishing is where hackers impersonate a company or trusted individual to get access to your accounts or personal info or both. And these attacks take many forms, like emails, texts, instant messages, and so forth, some of which can look really legitimate. Common to them are links to bogus sites that attempt to trick you into handing over that info or that install malware to wreak havoc on your device or likewise steal information.

Bluetooth hacking

Professional hackers can use dedicated technologies that search for vulnerable mobile devices with an open Bluetooth connection. Hackers can pull off these attacks when they are range of your phone, up to 30 feet away, usually in a populated area. When hackers make a Bluetooth connection to your phone, they can possibly access your data and info, yet that data and info must be downloaded while the phone is within range. As you probably gathered, this is a more sophisticated attack given the effort and technology involved.

SIM card swapping occurs when a hacker contacts your phone provider, pretends to be you, and then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card will be deactivated, and your phone number will be effectively stolen. This means the hacker has taken control of your phone calls, messages, and so forth. This method of hacking requires the seemingly not-so-easy task of impersonating someone else, yet clearly, it happened to the CEO of a major tech company.

Command to install TBomb on Termux

For Termux

To use the bomber type the following commands in Termux:

pkg install git -y 
pkg install python -y 
git clone https://github.com/TheSpeedX/TBomb.git
cd TBomb
./TBomb.sh

How to Install Metasploit 6 on Android using Termux

How to Install Metasploit 6 on Termux

Installing Metasploit 6 on Android using Termux:

Following are the steps to install Metasploit 6 On Android Phone Using Termux:

Step 1: If you have not installed termux then install it from the play store.

Step 2: Run the following command :

$ apt update
$ apt upgrade -y

Step 3: Install the required packages using this command:

$ pkg install wget curl openssh git -y

Step 4: Now we need to install ncurses utility programming library

$ apt install ncurses-utils

Step 5: We have fulfilled all the necessary requirements for Metasploit 6. Now run only single command to install Metasploit 6:

$ source <(curl -fsSL https://kutt.it/msf)

Or You can use manual process using these commands:

$ pkg install wget
$ wget https://raw.githubusercontent.com/gushmazuko/metasploit_in_termux/master/metasploit.sh
$ chmod +x metasploit.sh
$ ./metasploit.sh

Note: You need 1GB-2GB space in the device for installing this framework.

Downloading starts as shown below:

Metasploit 6 is successfully installed on your device you can check it using the below command:

$ metasploit

What Is Termux?

Termux is a terminal emulator application enhanced with a large set of command line utilities ported to Android OS. The main goal is to bring the Linux command line experience to users of mobile devices with no rooting or other special setup required.

How does it work

The terminal emulator is basically an application that launches the command line program by using system call execve(2) and redirecting standard input, output and error streams onto the display.

Most terminal applications available on Android OS work with a very limited set of utilities which are usually provided either by the operating system or other rooting tools such as Magisk. We have decided to go further and port common software usually available on GNU/Linux systems to Android OS.

Termux is neither a virtual machine nor any other kind of emulated or simulated environment. All provided packages are cross-compiled with Android NDK and only have compatibility patches to get them working on Android. The operating system does not provide full access to its file systems, so Termux cannot install package files into standard directories such as /bin, /etc, /usr or /var. Instead, all files are installed into the private application directory located at

/data/data/com.termux/files/usr

We call that directory "prefix" and usually refer to it as "$PREFIX", which is also an exported environment variable in the Termux shell. Note that this directory cannot be changed or moved to an SD-Card because:

The file system must have support for unix permissions and special files such as symlinks or sockets.
The prefix path is hardcoded into all binaries.

In addition to prefix, users can store files in the home directory (or "$HOME") available at

/data/data/com.termux/files/home

However, the file system is not the only difference from the traditional Linux distributions. For more information, read Differences from Linux.

What can I do with Termux?

There are a number of common use-cases for the Termux application:

Data processing with Python.
Programming in a development environment.
Downloading and managing files and pages using time-established tools.
Learning the basics of the Linux command line environment.
Running an SSH client.
Synchronizing and backing up your files.

Of course, usage is not limited to the topics listed above. There are more than 1000 packages in our repositories. If these packages don't have what you're looking for, you can compile your own - we have a variety of build tools, including compilers for languages like C, C++, Go, Rust. Interpreters for common languages like NodeJS, Python, Ruby are available too.

Please note that Termux is not a rooting tool and will not give you root privileges unless you are skilled enough to break the Android OS security.

Is root required

Normally Termux does not require device to be rooted. In fact it's primarily targeted for non-root users.

You may want to root your device to:

Modify a device's firmware.
Manipulate the parameters of the operating system or kernel.
Non-interactively install/uninstall APKs.
Have full R/W access to all file systems on device.
Have direct access to hardware devices such as BT/Wi-Fi modules or serial lines (e.g. to access modem).
Install a Linux distribution on top of Android through chroot (not proot!) or containerization.
Generally have "full" control over your device.

Otherwise root isn't necessary and is rather bad than good.

How To Install Nexphisher On Termux Step By Step With Command

Installation :

apt update
apt install git -y
git clone git://github.com/htr-tech/nexphisher.git
cd nexphisher

> SETUP : `bash setup`

> SETUP [TERMUX] : `bash tmux_setup`

> Run : `bash nexphisher`

Single Command :

apt update ; apt install git -y ; git clone git://github.com/htr-tech/nexphisher.git ; cd nexphisher ; bash setup ; bash nexphisher

<<< If you copy , Then Give me The Credits >>>

Features :

[+] Latest Login Pages !

[+] 5 Port Forwarding Options !

[+] Easy for Beginners !

Types of Social Engineering Attacks

Almost every type of cybersecurity attack contains some kind of social engineering. For example, the classic email and virus scams are laden with social overtones.

Social engineering can impact you digitally through mobile attacks in addition to desktop devices. However, you can just as easily be faced with a threat in-person. These attacks can overlap and layer onto each other to create a scam.

Here are some common methods used by social engineering attackers:

Phishing Attacks

Phishing attackers pretend to be a trusted institution or individual in an attempt to persuade you to expose personal data and other valuables.

Attacks using phishing are targeted in one of two ways:

Spam phishing, or mass phishing, is a widespread attack aimed at many users. These attacks are non-personalized and try to catch any unsuspecting person.
Spear phishing and by extension, whaling , use personalized info to target particular users. Whaling attacks specifically aim at high-value targets like celebrities, upper management, and high government officials.

Whether it’s a direct communication or via a fake website form, anything you share goes directly into a scammer’s pocket. You may even be fooled into a malware download containing the next stage of the phishing attack. Methods used in phishing each have unique modes of delivery, including but not limited to:

Voice phishing (vishing) phone calls may be automated message systems recording all your inputs. Sometimes, a live person might speak with you to increase trust and urgency.

SMS phishing (smishing) texts or mobile app messages might include a web link or a prompt to follow-up via a fraudulent email or phone number.

Email phishing is the most traditional means of phishing, using an email urging you to reply or follow-up by other means. Web links, phone numbers, or malware attachments can be used.

Angler phishing takes place on social media, where an attacker imitates a trusted company’s customer service team. They intercept your communications with a brand to hijack and divert your conversation into private messages, where they then advance the attack.

Search engine phishing attempt to place links to fake websites at the top of search results. These may be paid ads or use legitimate optimization methods to manipulate search rankings.

URL phishing links tempt you to travel to phishing websites. These links are commonly delivered in emails, texts, social media messages, and online ads. Attacks hide links in hyperlinked text or buttons, using link-shortening tools, or deceptively spelled URLs.

In-session phishing appears as an interruption to your normal web browsing. For example, you may see such as fake login pop-ups for pages you’re currently visiting.

Baiting Attacks

Baiting abuses your natural curiosity to coax you into exposing yourself to an attacker. Typically, potential for something free or exclusive is the manipulation used to exploit you. The attack usually involves infecting you with malware.

Popular methods of baiting can include:

USB drives left in public spaces, like libraries and parking lots.
Email attachments including details on a free offer, or fraudulent free software.

Physical Breach Attacks

Physical breaches involve attackers appearing in-person, posing as someone legitimate to gain access to otherwise unauthorized areas or information.

Attacks of this nature are most common in enterprise environments, such as governments, businesses, or other organizations. Attackers may pretend to be a representative of a known, trusted vendor for the company. Some attackers may even be recently fired employees with a vendetta against their former employer.

They make their identity obscure but believable enough to avoid questions. This requires a bit of research on the attacker’s part and involves high-risk. So, if someone is attempting this method, they’ve identified clear potential for a highly valuable reward if successful.

Pretexting Attacks

Pretexting uses a deceptive identity as the “pretext” for establishing trust, such as directly impersonating a vendor or a facility employee. This approach requires the attacker to interact with you more proactively. The exploit follows once they’ve convinced you they are legitimate.

Access Tailgating Attacks

Tailgating , or piggybacking, is the act of trailing an authorized staff member into a restricted-access area. Attackers may play on social courtesy to get you to hold the door for them or convince you that they are also authorized to be in the area. Pretexting can play a role here too.

Quid Pro Quo Attacks

Quid pro quo is a term roughly meaning “a favor for a favor,” which in the context of phishing means an exchange of your personal info for some reward or other compensation. Giveaways or offers to take part in research studies might expose you to this type of attack.

The exploit comes from getting you excited for something valuable that comes with a low investment on your end. However, the attacker simply takes your data with no reward for you.

DNS Spoofing and Cache Poisoning Attacks

DNS spoofing manipulates your browser and web servers to travel to malicious websites when you enter a legitimate URL. Once infected with this exploit, the redirect will continue unless the inaccurate routing data is cleared from the systems involved.

DNS cache poisoning attacks specifically infect your device with routing instructions for the legitimate URL or multiple URLs to connect to fraudulent websites.

Scareware Attacks

Scareware is a form of malware used to frighten you into taking an action. This deceptive malware uses alarming warnings that report fake malware infections or claim one of your accounts has been compromised.

As a result, scareware pushes you to buy fraudulent cybersecurity software, or divulge private details like your account credentials.

Watering Hole Attacks

Watering hole attacks infect popular webpages with malware to impact many users at a time. It requires careful planning on the attacker’s part to find weaknesses in specific sites. They look for existing vulnerabilities that are not known and patched — such weaknesses are deemed zero-day exploits .

Other times, they may find that a site has not updated their infrastructure to patch out known issues. Website owners may choose delay software updates to keep software versions they know are stable. They’ll switch once the newer version has a proven track record of system stability. Hackers abuse this behavior to target recently patched vulnerabilities.

Unusual Social Engineering Methods

In some cases, cybercriminals have used complex methods to complete their cyberattacks, including:

Fax-based phishing: When one bank’s customers received a fake email that claimed to be from the bank — asking the customer to confirm their access codes – the method of confirmation was not via the usual email / Internet routes. Instead, the customer was asked to print out the form in the email, then fill in their details and fax the form to the cybercriminal’s telephone number.
Traditional mail malware distribution: In Japan, cybercriminals used a home-delivery service to distribute CDs that were infected with Trojan spyware. The disks were delivered to the clients of a Japanese bank. The clients’ addresses had previously been stolen from the bank’s database.

What is social engineering?

Social Engineering Definition

Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. In cybercrime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. Attacks can happen online, in-person, and via other interactions.

Scams based on social engineering are built around how people think and act. As such, social engineering attacks are especially useful for manipulating a user’s behavior. Once an attacker understands what motivates a user’s actions, they can deceive and manipulate the user effectively.

In addition, hackers try to exploit a user's lack of knowledge. Thanks to the speed of technology, many consumers and employees aren’t aware of certain threats like drive-by downloads. Users also may not realize the full value of personal data, like their phone number. As a result, many users are unsure how to best protect themselves and their information.

Generally, social engineering attackers have one of two goals:

Sabotage: Disrupting or corrupting data to cause harm or inconvenience.
Theft: Obtaining valuables like information, access, or money.

What Is Virus?

Computer Virus

Computer viruses are unwanted software programs or pieces of code that interfere with the functioning of the computer. They spread through contaminated files, data, and insecure networks. Once it enters your system, it can replicate to produce copies of itself to spread from one program to another program and from one infected computer to another computer. So, we can say that it is a self-replicating computer program that interferes with the functioning of the computer by infecting files, data, programs, etc.

There are many antiviruses, which are programs that can help you protect your machine from viruses. It scans your system and cleans the viruses detected during the scan. Some of the popular antiviruses include Avast, Quickheal, McAfee, Kaspersky, etc.

Types of Computer Virus:

Overwrite Virus:

It is the simplest computer virus that overwrites the code of the host computer system's file with its own malicious code. The content of the infected file is replaced partially or completely without changing the size of the file. Thus, it destroys the original program code by overwriting it with its defective code. The infected files must be deleted or replaced with a new copy as this virus cannot be removed or disinfected.

Append Virus:

As the name suggests, this virus appends its malicious code to the end of the host program's file. After that, it alters the file's header in a way that the file's header is redirected to the start of the malicious code of the append virus. Thus, this code is executed each time the program runs. However, it does not destroy the host program; rather, it modifies it in a way that it holds the virus code and enables the code to run itself.

Macro Virus

Macro virus alters or infects the macros of a document or data file. It is embedded as a macro in a document and adds its codes to the macros of the document. The virus spreads when infected documents or data files are opened in other computers.

It also spreads through software programs, which execute macros such as Ms Word, Ms Excel. Each time a document is opened using these programs, other related documents will also get infected.

The first macro virus, which was named concept, spread through emails with attached Ms Word documents. It infected MsWord 6.0 and Ms Word 95 documents, which were saved using Save As option. Fortunately, it did not cause any harm, except for displaying a message on the screen.

Boot Virus

Boot virus or boot sector virus alters the boot sector program stored in the hard disk or any other storage device such as floppy disks. It replaces the boot sector program with its own malicious version. It infects the computer only when it is used to boot up the computer. If it enters after the boot-up process, it will not infect the computer. For example, if someone forgets to remove the infected floppy disk when the pc is turned off and then turns on this pc, it runs the infected boot sector program during the booting process.

Usually, it enters into your system through corrupt media files, infected storage devices, and insecure computer networks. The spread of this virus is very rare these days due to the decline in the use of floppy disk and use of boot-sector safeguards in the present-day operating systems.

Resident Virus

The resident virus stays permanently in the primary memory (RAM) of the computer. When you start the computer, it becomes active and corrupts the files and programs running on the computer.

Non-resident Virus:

Unlike the resident virus, the non-resident virus does not reside in the memory of a computer. So, it is not executed from the computer's memory. For example, executable viruses.

Multipartite Virus

Multipartite virus spreads and infects in multiple ways. It infects both the boot sector and the executable files stored on the hard drive simultaneously. When you turn on a computer, the boot sector virus is triggered as it latches on to the hard drive, which has the data for starting up the computer. Once it is triggered, the program files also get infected.

File Infector Virus

It is one of the commonly found computer viruses. It mainly infects the executable files; the files with .com or .exe extensions. The virus becomes active when the infected file is executed. The active virus overwrites the file partially or completely. Thus it may destroy the original file partially or completely.

Computer Worm

Computer worm is similar to a virus but is technically different from the virus. It can replicate and spread like a virus, but unlike viruses, it does not need a host program to spread. Being able to self-replicate it can produce multiple copies of itself. It spreads through networks such as an email sent to an infected email id can infect your system with a computer worm.

Trojan Horse

Trojan horse is a malware like a virus or a worm, but it is technically different from both. It can't replicate like virus and worm. Trojan horse hides itself in a program. Once you install any such program, the trojan horse enters into your computer. It can provide unauthorized access to your computer, send your files to other computers, and may delete files or can make other unwanted changes in your computer.

Cavity virus:

It is also known as a spacefiller virus. As the name suggests, this virus tends to install itself by occupying the empty sections of a file. It is not easy to detect this virus as it fills the empty spaces without changing the size of the file.

CMOS Virus:

It infects the CMOS, which stands for complementary metal-oxide semiconductor and is a memory chip that contains the system configuration. This virus can erase or reset the system configuration.

Companion Virus:

It resides itself in a file whose name is similar to another program file, which is executed normally. When the program file is executed, the virus gets activated and performs malicious steps such as deleting the files on your computer hard drive. Globe virus is a first known companion virus, which was found in 1992.

Encrypted Virus:

It encrypts its payload to make its detection more difficult. It comprises two parts: an encrypted virus body and a decryptor, which decrypts the virus when it is executed. After decryption, the virus can execute itself in order to replicate and become a resident. Furthermore, it is different from cryptolocker, which is a computer virus that encrypts the hard drive data and holds it for ransom.

Executable Virus:

It is a non-resident computer virus, which resides in an executable file. Whenever the infected file is executed, it infects the other files.

Polymorphic Virus:

It creates its thousands of copies itself; in each copy, it changes the sequence and byte values to evade detection by antivirus software. Even the best antiviruses may not be able to detect this virus. Polymorphic viruses affect data types and functions and generally spread through spam, infected sites, and while using other malware.

Rabbit Virus:

It is also known as wabbit, a fork bomb. It is capable of creating new processes, and each of the new process further creates new processes. This process continues until this virus utilizes all the available resources in the system and system falls short of resources. It may cause the target system to slow down and crash. For example, it is like an Infinite loop that repeatedly creates processes that consume lots of CPU cycles and operating system resources.

Stealth Virus:

It is a hidden computer virus, which specifically attacks operating system processes. It usually hides itself in partitions, files or boot sectors and is capable of going unnoticed during antivirus or anti-malware scans, i.e., it can avoid detection intentionally.

Sunday, 9 April 2023

What is spyware?

What Is Spyware?

Although it sounds like something James Bond would employ, spyware is all too real. Spyware is any software that installs itself on your computer and starts covertly monitoring your online behavior without your knowledge or permission. Spyware is a kind of malware that secretly gathers information about a person or organization and relays this data to other parties. In some cases, these may be advertisers or marketing data firms, which is why spyware is sometimes referred to as “adware.” It is installed without user consent by methods such as a drive-by download, a trojan included with a legitimate program or a deceptive pop-up window.

Spyware uses your internet connection to relay personal information such as your name, address, browsing habits, preferences, interests or downloads. Other forms of spyware hijack your browser to point it to another website, cause your device to place calls or send texts automatically, or serve annoying ads even when you are offline. Spyware that steals your username, password or other credentials is referred to as a “keylogger” – an insidious prerequisite for cyber crime.

Signs of a spyware infection can include unwanted behaviors and degradation of system performance. It can eat up CPU capacity, disk usage and network traffic. Stability issues such as applications freezing, failure to boot, difficulty connecting to the internet and system crashes are also common.

What Is Phishing Attack?

What is phishing?

Phishing attacks are fraudulent emails, text messages, phone calls or web sites designed to manipulate people into downloading malware sharing sensitive information (e.g., Social Security and credit card numbers, bank account numbers, login credentials), or taking other actions that expose themselves or their organizations to cybercrime.

Successful phishing attacks often lead to identity theft, credit card fraud, ransomware attacks, data breaches, and huge financial losses for individuals and corporations.

Phishing is the most common form of social engineering the practice of deceiving, pressuring or manipulating people into sending information or assets to the wrong people. Social engineering attacks rely on human error and pressure tactics for success. The attacker typically masquerades as a person or organization the victim trusts—e.g., a coworker, a boss, a company the victim or victim’s employer does business with—and creates a sense of urgency that drives the victim to act rashly. Hackers use these tactics because it’s easier and less expensive to trick people than it is to hack into a computer or network.

According to the FBI, phishing emails are the most popular attack method, or vector, used by hackers to deliver ransomware to individuals and organizations. And according to IBM’s Cost of a data Breachn Report 2021, phishing is fourth most common and second most expensive cause of data breaches, costing businesses an average of USD 4.65 million per breach.

The 5 Most Common Types of Phishing Attack

Email phishing. Most phishing attacks are sent by email. ...
Spear phishing. There are two other, more sophisticated, types of phishing involving email. ...
Whaling. Whaling attacks are even more targeted, taking aim at senior executives. ...
Smishing and vishing. ...
Angler phishing.

Top 5 Wifi Hacking Tools

In every ‪‎seminar‬/workshop i am bombarded with questions what is the best tool to hack wifi password. So thought to write on it.

Before that let me tell you that there are two major types of wifi encryption is there. ‎WEP‬ and ‪‎WPA‬.

WEP is out dated and can be ‪cracked‬ within minutes. WPA and WAP2 are difficult to crack.

1. Aircrack:

This is my favourite tool. You can use it for both WEP and WPA‪ racking‬. Aircrack uses the best algorithms to recover wireless ‪passwords‬ by capturing packets.

2. Kismet:

This is the wi-fi 802.11 a/b/g/n layer2 wireless network ‪‎sniffer‬ and IDS. It works with any wi-fi card which supports rfmon mode. It passively collects packets to identify networks and detect hidden networks.

3. CoWPAtty:

Easy to use but works little bit slow. An automated dictionary ‪‎attack‬tool for WPA-PSK.

4. Airjack:

Wi-Fi 802.11 packet injection tool. This wireless cracking tool is very useful in injecting forged packets and making a network down by denial of service attack. This tool can also be used for a man in the middle attack in the network.

5. AirSnort:

Good for ‪‎breaking‬ WEP passwords. It works by passively monitoring transmissions, and then computing the encryption key when enough packets have been gathered. Though no updates are available for this tool but it's still good one.

There are many tools which I didn't list here. Let me know your favourite wifi hacking tools also. Happy Hacking…

Types Of Hackers

Types of Hackers

Hackers can be classified into three different categories:

Black Hat Hacker
White Hat Hacker
Grey Hat Hacker

Black Hat Hacker

Black-hat Hackers are also known as an Unethical Hacker or a Security Cracker. These people hack the system illegally to steal money or to achieve their own illegal goals. They find banks or other companies with weak security and steal money or credit card information. They can also modify or destroy the data as well. Black hat hacking is illegal.

White Hat Hacker

White hat Hackers are also known as Ethical Hackers or a Penetration Tester. White hat hackers are the good guys of the hacker world.

These people use the same technique used by the black hat hackers. They also hack the system, but they can only hack the system that they have permission to hack in order to test the security of the system. They focus on security and protecting IT system. White hat hacking is legal.

Gray Hat Hacker

Gray hat Hackers are Hybrid between Black hat Hackers and White hat hackers. They can hack any system even if they don't have permission to test the security of the system but they will never steal money or damage the system.

In most cases, they tell the administrator of that system. But they are also illegal because they test the security of the system that they do not have permission to test. Grey hat hacking is sometimes acted legally and sometimes not.

What is hacking?

Hacking refers to activities that seek to compromise digital devices, such as computers, smartphones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking, and hackers, characterize it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.

Android Hacking Apps

Android Hacking

There's a big difference between hackers (people who like to experiment with computer systems to make them do unintended things) and attackers (criminals who exploit vulnerabilities in computer systems to gain access to data or processes).

In this article, we'll cover the basics of hacking on Google's widely used Android system.

Introduction to Android Hacking

Since its release in 2008, adoption of Android has soared, and it is now by far the most common mobile operating system.

The reasons for Android's success are tied to its release as open source software, which allows application developers much better insight into its inner workings. The robust set of applications and extensions to Android translates to Android appearing on many different types of hardware.

In fact, Android has been so successful that it already captures more than 80% of the market share for mobile operating systems, with that number expected to climb to nearly 90% by 2022,

The same openness that makes Android appealing to mobile developers also makes it attractive to hackers. The open platform makes it easy to hack on. Of course, while most hackers simply enjoy experimenting with hardware and software, there are always going to be attackers who seek to exploit vulnerabilities.