How to hack a website using Cross site scripting (XSS)

What is  Cross site scripting :-

As quoted in wiky
"Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites were roughly 80% of all security vulnerabilities documented by Symantec as of 2007. Their impact may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigations implemented by the site's owner."

There is no single, standardized classification of cross-site scripting flaws. but most 
experts distinguish between at least two primary flavors of XSS non-persistent
and persistent to know whats persistent and non persistent click here

Read More... 7 Comments

Facebook -game Hacks

In this tutorial i will show you how one can hack How fast you click? game in Facebook by Dll injection

What is DLL injection ?

In computer programming, DLL injection is a technique used to run code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by third-party developers to influence the behavior of a program in a way its authors did not anticipate or intend  

Read More... 1 Comment

Acunetix Web Vulnerability Scanner -Free Download

Acunetix Web Vulnerability Scanner automatically scans your web applications / website (shopping carts, forms, dynamic content, etc.) and web services for vulnerabilities such as SQL injection, Blind SQL Injection, Cross site scripting, Google hacking, CRLF Injection & other web attacks. Acunetix crawls and analyzes websites including flash content, AJAX / Web 2.0. Also includes reporting for PCI Compliance, OWASP & more

Read More... 2 Comments

Google Hacking eBook - Download

Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users don't realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker's search. 

Read More... 4 Comments

How To Find Vulnarable Websites ?

In my previous post i explained some common techniques used for hacking a website.In this post i will be explaining some common techniques used by hackers to find vulnerable websites

How To Find Vulnerable Websites ?

•  Google Hacking
•  Using  web vulnerability scanners

Read More... 1 Comment

Common methods Used for Hacking a WebSite ?

Common methods Used for Hacking a WebSite ?

1. Remote File Inclusion or RFI

2. SQL injection

3. Cross site scripting or XXS

4. Local file inclusion or LFI

5. Directory Traversal attack

Read More... 0 Comments

Download Free Ardamax Keylogger

I my previous posts  i told you I would be giving some free keyloggers .Today  i would like to share one of my favorite keylogger "Ardamax Keylogger" ,You can download Ardamax Keylogger from the following link follow , Follow the given steps for compleate installation

Read More... 17 Comments

How to Hack Any Email Account

I know most of you might be wondering to know how to hack email? You as the reader are most likely reading this because you want to hack into someone’s email account or catch a cheating spouse, girl/boy friend by gaining access to their email accounts. So read on to find out the real and working ways to hack any email and expose the truth behind the lies.

Read More... 2 Comments

Netbios Hacking - A Network hack

This Netbios Hacking guide will tell you about hacking remote computer and gaining access to its hard disk or printer .Netbios hack is the easiest way to break into a remote computer  

Read More... 3 Comments

Best Port scanning Tools

What is port scanning?
It is similar to a thief going through your neighborhood and checking every door and window on each house to see which ones are open and which ones are locked. similarly computers have ports form 1 to 3000 ports  for communication 

EG:-  

• 21: FTP
• 22: SSH
• 23: Telnet
• 53: Domain Name System
• 80: World Wide Web HTTP
• 119: Network News Transfer Protocol
• 443: HTTP over Transport Layer Security/Secure Sockets Layer
• 445: microsoft-ds, Server Message Block over TCP

Read More... 1 Comment

How to Trace IP address from Emails

In my previous post i explained how to hack a ip address  In todays post i will Explain  how one can trace ip address from emails Headers

If you deal with Computer Security and Penetration testing , you must be knowing the importance on IP address . To perform any kind of penetration testing or hacking you first need to know the IP address . Here I am going to discuss how to obtain IP address from Gmail , Yahoo and Hotmail .

Read More... 2 Comments

How To Hide Text In Images

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. By using this trick your text will get hidden into any image of your choice without increasing its size or without reducing its quality. Your data will be encrypted in the image with RC_4 encryption plus SHA hashing. So, there is no need to worry that it can be easily cracked by anybody

Read More... 2 Comments

How to Hack a IP Address?

Most of you may be curious to know how to find the IP address of your friend’s computer or to find the IP address of the person with whom you are chatting in Yahoo messenger or Gtalk. Finding out someone's IP address is like finding their phone number, an IP address can be used to find the general location where that person lives. Now while most of the tutorials on the net teach you how to steal an ip address via MSN, or any other chat software, in this post I’ll show you how to find IP address of someones computer using script. Using this method for hacking someones ip adress is very easy and effectively, so just follow the steps bellow  

Read More... 9 Comments

What is a IP Address?

Every machine on the Internet­ has a unique identifying number, called an IP Address. A typical IP address looks like this

• 216.27.61.137

An IP address is a fascinating product of modern computer technology designed to allow one computer (or other digital device) to communicate with another via the Internet. IP addresses allow the location of literally billions of digital devices that are connected to the Internet to be pinpointed and differentiated from other devices. In the same sense that someone needs your mailing address to send you a letter, a remote computer needs your IP address to communicate with your computer.

"IP" stands for Internet Protocol, so an IP address is an Internet Protocol address. What does that mean? An Internet Protocol is a set of rules that govern Internet activity and facilitate completion of a variety of actions on the World Wide Web. Therefore an Internet Protocol address is part of the systematically laid out interconnected grid that governs online communication by identifying both initiating devices and various Internet destinations, thereby making two-way communication possible.

Read More... 0 Comments

What is Phishing ? Know The Basics

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. eBay, PayPal and other online banks are common targets. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used.

Read More... 3 Comments

Hack passwords with Cain and Abel

In this post i will show you how to crack  local password with cain and abel 

First download cain and abel from "http://www.oxid.it/cain.html" and install it on your system.

Make sure that you have disabled the antivirus/firewall running on your system before installing and throughout this process.

The most effective tecnique  used here is  Brute-Force

Brute-Force - As this techniques takes more time to complete, the attacker prefer this technique  only when there is a hope that the password contain same type of characters or may be two. i.e only loweralpha, only alpha, only numeric or may be loweralpha-numeric, also it should contain less than 7 characters. Otherwise it takes more time to crack password, which may be the mixture of all types of characters along with special symbols.

Read More... 8 Comments

Password Cracking Tools

In my previous post i explained some basic methods by which you can  crack passwords  . Today i will list out some of the best password cracking tools 

Cain and Abel :- The top password recovery tool for Windows. This Windows-only password recovery  tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Read More... 2 Comments

Different Hacking Methods

In my last post i explained about  different types of hackers  .Today i will be explaining   about different methods of attacks carried out by  hackers

Attackers
Any person or software that violates the security policy of the network system is called an attacker. Such a person or program intentionally attempts to gain an unauthorized access to information resources. Such an unauthorized activity uses specially moulded codes or techniques.

Two types of attacks are:

• Passive Attack
• Active Attack

Read More... 0 Comments

What is MD5 Hash ? and How to Use It

In this post I will explain you about one of my favorite and interesting cryptographic algorithm called MD5 (Message-Digest algorithm 5). This algorithm is mainly used to perform file integrity checks under most circumstances. Here I will not jump into the technical aspects of this algorithm, rather will tell you about how to make use of this algorithm in your daily life. Before I tell you about how to use MD5, I would like to share one of my recent experience which made me start using MD5 algorithm.

Read More... 0 Comments

Basics Of Password Cracking

To become a good hacker you  need to be a good password cracker  .There are a variety of programs that a hacker uses to decrypt or guess a password .There are a wide variety of different types of password hacking programs but the most common methods include the following types of attacks.

Read More... 1 Comment

How to Become a Hacker

Most of us are very curious to learn Hacking and want to become a Hacker, but don’t know where to start. If you are in the same situation, then this is the right place for you.

Everyday I get a lot of emails where people ask me – How to Become a Hacker?. In fact this question is not easy to answer because, hacking is not an art that can be mastered overnight. It requires knowledge, skills, creativity, dedication and of course TIME. Everyone can become a Hacker provided they learn it from the basics. So if you wanna become a hacker, then all you need is to fallow the bellow steps

Read More... 1 Comment

Meaning of Hacking and the Different Kinds of Hackers

When you hear news about hackers penetrating a website, your reaction will typically involve dilating pupils and astonishment -- if the website is your own, symptoms may include a big deal of swearing and deep hate for the hacking community as well.

What you probably don't know, though, is that not all hackers are doing this for their pure amusement: some of them may have done it without malicious intentions, some others even with the aim of improving your security system.

Read More... 2 Comments