Thursday, 27 December 2018

Problems that may come while implementing IOT || techtalksgroup ||


In the coming century, the biggest threat to us will not be the wars between the countries or states. The biggest threat or the war that we should be concerned about is the cyber war. It is a direct threat to our privacy, our private conversations, moments, pictures-everything that sums up our life.
Technology has always been a double-edged sword. With all the benefits and advantages, follows unknown and unprecedented threats. For us to succeed and work in harmony with technology, we need to address and confront the threats that it carries. Simply ignoring or putting them aside is not the solution.
In fact, it is the last thing we can do bring the house of cards crashing down. Ignoring a problem is the same as inviting the problem. And similar is the case with IoT, Internet of Things.
A very less number of people genuinely address the threats and challenges IoT could or will face as part of its journey.

Here Are the 5 Biggest Security Threats and Challenges for IoT

Anything which is connected to the Internet is open to threat. Like the saying goes, ‘There are two types of companies. One which has been hacked and one which does not not know it has been hacked.’ This rightly sheds some light on the fact that, we are always vulnerable. It all depends upon how less vulnerable you are.
Until and unless we do not address and come face to face with the evil of Internet, we would not be able to create counter measures that protect us from these threats.
Any threat, be it on IoT or on a website, is backed by a purpose. In 100% of the cases, these threats or attacks are human generated. The purpose may vary depending upon the intruder’s target:
i) Since IoT devices are used and operated by humans, an intruder may want to gain unsolicited access to the human.
ii) By eavesdropping on the wireless IoT devices the intruder may want to catch hold of confidential information.
iii) IoT devices run on low power and less computing resource capability, due to this they cannot afford to have complex security protocols. Hence, it becomes an easy target for intruders.

Vulnerability

The most basic and easy to pick threat to IoT devices is its vulnerability. Companies providing IoT solutions start with addressing this issue first before commemorating on the underlying software.
We also need to understand, vulnerability can be of two types: Hardware and Software. Hardware vulnerability is often tough to detect or penetrate. However, it is even tougher to repair or overhaul the damage.
Software vulnerability points towards a poorly written algorithm or a line of code with a backdoor. This backdoor can easily provide access to intruders prying for such moments.

Easy Exposure

This is one of the most fundamental issues faced by IoT industry. Any device, if unattended or exposed to troublemakers, is an open invitation to discomfort. In most of the cases IoT devices are not resilient to third-party exposure-they either lay open, easily accessible to anyone.
This means that an intruder can either, easily steal the device, connect the device to another device containing harmful data, or try to extract cryptographic secrets, modify the programming or even replace those devices with malicious ones of which the intruder has complete control.

Threats

Threats can be of two types: Human threat and Natural threat. Any threat arising from natural occurrences such as Earthquakes, Hurricanes, Floods or Fires can cause severe to very severe damage to IoT devices. In such cases, we often take a backup or create contingency plans to safeguard the data. But, any damage caused to the devices physically cannot be restored.
Today, IoT solutions have matured over time. Devices today have evolved to be waterproof. It is a long journey before IoT solution providers come up with something which is fireproof or earthquake proof.
On contrary, we do everything in power to curb any human threats to IoT devices. These threats are usually malicious attacks.

Human Attacks Can Be Further Identified As:

Cyber reconnaissance: Where an intruder uses cracking techniques and malicious softwares to conduct espionage on the targeted user; to either gain access to secret information or sabotage the existing systems.

Brute Force attacks on passwords: Intruders make an attempt to guess the user’s passwords with the help of an automated software which makes innumerable attempts until the right password grants the access.

Stalking or Tracking: User’s each and every move can be tracked or traced by the UID of the IoT device. Tracking a user gives out away their precise location in time where they wish to remain anonymous.

Controlled Attacks: Using Denial of Services (DoS), Trojans or Viruses are some examples of controlled attacks. In such cases, intruders develop a particular Virus which is programmed to function in a certain manner in order to destroy the host device. Programmers and developers have to be vigilant while working on current IoT solutions since hackers today have strong artillery to launch cyber attacks around the globe.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Monday, 10 December 2018

Alibaba's Voice Asistant is smarter than Google's Voice Asistant. Check it out !! || techtalksgroup ||



In May, Google made quite the splash when it unveiled Duplex, its eerily humanlike voice assistant capable of making restaurant reservations and salon appointments. It seemed to mark a new milestone in speech generation and natural-language understanding, and it pulled back the curtain on what the future of human-AI interaction might look like.
                But while Google slowly rolls out the feature in a limited public launch, Alibaba’s own voice assistant has already been clocking overtime. On December 2 at the 2018 Neural Information Processing Systems conference, one of the largest annual gatherings for AI research, Alibaba demoed the AI customer service agent for its logistics company Cainiao. Jin Rong, the dean of Alibaba’s Machine Intelligence and Technology Lab, said the agent is already servicing millions of customer requests a day.

The pre-recorded demo call involved the agent asking a customer where he wanted his package delivered. In the back-and-forth exchange, the agent successfully navigated several conversational elements that demonstrated the breadth of its natural-language capabilities.

Take this exchange at the beginning of the call, translated from Mandarin:

Agent: Hello, I am Cainiao’s voice assistant. I am—
Customer: Hello.
A: Yes, hi, you have package scheduled for morning delivery to 588 Culture West Road. Is it convenient for you to receive?
C: Who are you?
A: I am Cainiao’s voice assistant. I’d like to confirm your morning delivery to 588 Culture West Road. Does that work for you?
C: I’m not home in the morning.
A: Then do you have another address that you’d like to use?

Within 30 seconds, the agent has smoothly handled three common, and tricky, conversational ingredients: interruption, nonlinear conversation, and implicit intent. Interruption is self-explanatory: the agent can respond to the customer’s interruption and continue relaying relevant information without starting over or skipping a beat.

The nonlinear conversation occurs when the customer asks, “Who are you?” This requires the agent to register that the customer is not answering the preceding question but rather starting a new line of inquiry. In response, the agent reintroduces itself before returning to the original question.

The implicit intent occurs when the customer responds, “I’m not home in the morning.” He never explicitly says what he actually means—that home delivery won’t work—but the agent is able to read between the lines and follow up sensibly.
These elements may be boringly commonplace in human conversations, but machines often struggle to handle them. That Alibaba’s voice assistant can do so suggests it’s more sophisticated than Google Duplex, judging from similar sample calls demoed by Google. It’s worth noting, however, that Alibaba’s demo call is designed for onstage presentation; the experience could differ in reality.
Currently, the agent is used only to coordinate package deliveries, but Jin said it could be expanded to handle other topics. He wouldn’t fully reveal how the assistant was trained. But he alluded to using the massive number of customer recordings at the company’s disposal, in addition to other resources. On a typical day the company averages 50,000 customer service calls, according to the presentation slides—a number that quintuples for Singles’ Day (November 11), its highest revenue-generating holiday of the year.
Alibaba is also developing digital assistants for other aspects of its business, including a food-ordering agent that can take your order in noisy restaurants and stores; a humanlike virtual avatar that can field questions about Alibaba products; and a price-haggling chatbot that is already used by 20% of sellers on Alibaba’s resale platform Xianyu.
At their core, each of these assistants is powered by the speech-recognition and natural-language-processing engine called AliMe, developed by the company’s Machine Intelligence and Technology Lab. They are then packaged and adapted to different parts of the business.
Alibaba’s biggest advantage in this field is the overwhelming wealth of data it has to train its AI. The assistants learn and improve faster because of the amount of practice they get in handling all kinds of situations. A huge business incentive to deploy these technologies quickly also helps. In addition to handling a high volume of customer support calls, Alibaba delivers one billion packages per day. Offloading certain tasks to AI helps alleviate the burden on humans and keep the business running smoothly.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Face Detection V/S Facial Recognition. Check it out !! || techtalksgroup ||



What is Face Detection?

The definition of face detection refers to computer technology that is able to identify the presence of people’s faces within digital images. In order to work, face detection applications use machine learning and formulas known as algorithms to detecting human faces within larger images. These larger images might contain numerous objects that aren’t faces such as landscapes, buildings and other parts of humans (e.g. legs, shoulders and arms).

Face detection is a broader term than face recognition. Face detection just means that a system is able to identify that there is a human face present in an image or video. Face detection has several applications, only one of which is facial recognition. Face detection can also be used to auto focus cameras. And it can be used to count how many people have entered a particular area. It can even be used for marketing purposes. For example, advertisements can be displayed the moment a face is recognized.


Face recognition can confirm identity. It is therefore used to control access to sensitive areas.

How Face Detection Works

While the process is somewhat complex, face detection algorithms often begin by searching for human eyes. Eyes constitute what is known as a valley region and are one of the easiest features to detect. Once eyes are detected, the algorithm might then attempt to detect facial regions including eyebrows, the mouth, nose, nostrils and the iris. Once the algorithm surmises that it has detected a facial region, it can then apply additional tests to validate whether it has, in fact, detected a face.

Face Detection vs. Face Recognition

One of the most important applications of face detection, however, is facial recognition. Face recognition describes a biometric technology that goes way beyond recognizing when a human face is present. It actually attempts to establish whose face it is. The process works using a computer application that captures a digital image of an individual’s face (sometimes taken from a video frame) and compares it to images in a database of stored records. While facial recognition isn’t 100% accurate, it can very accurately determine when there is a strong chance that an person’s face matches someone in the database.

There are lots of applications of face recognition. Face recognition is already being used to unlock phones and specific applications. Face recognition is also used for biometric surveillance. Banks, retail stores, stadiums, airports and other facilities use facial recognition to reduce crime and prevent violence.

So in short, while all facial recognition systems use face detection, not all face detection systems have a facial recognition component.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Saturday, 24 November 2018

What are Chatbots and how does a chatbots work..?? || techtalksgroup ||


A chatbot is an artificial intelligence (AI) software that can simulate a conversation (or a chat) with a user in natural language through messaging applications, websites, mobile apps or through the telephone.

 A chatbot is often described as one of the most advanced and promising expressions of interaction between humans and machines. However, from a technological point of view, a chatbot only represents the natural evolution of a Question Answering system leveraging Natural Language Processing (NLP).



The ability to identify the user’s intent and extract data and relevant entities contained in the user’s request is the first condition and the most relevant step at the core of a chatbot: If you are not able to correctly understand the user’s request, you won’t be able to provide the correct answer.
Returning the response: once the user’s intent has been identified, the chatbot must provide the most appropriate response for the user’s request. The answer may be:

• a generic and predefined text
• a text retrieved from a knowledge base that contains different answers
• a contextualized piece of information based on data the user has provided
• data stored in enterprise systems
• the result of an action that the chatbot performed by interacting with one or more backend application
• a disambiguating question that helps the chatbot to correctly understand the user’s request

Why chatbots are important

Chatbot applications streamline interactions between people and services, enhancing customer experience. At the same time, they offer companies new opportunities to improve the customers engagement process and operational efficiency by reducing the typical cost of customer service.

To be successful, a chatbot solution should be able to effectively perform both of these tasks. Human support plays a key role here: Regardless of the kind of approach and the platform, human intervention is crucial in configuring, training and optimizing the chatbot system.
Which chatbot application is right for you?
There are different approaches and tools that you can use to develop a chatbot. Depending on the use case you want to address, some chatbot technologies are more appropriate than others. In order to achieve the desired results, the combination of different AI forms such as natural language processing, machine learning and semantic understanding may be the best option.
In upcoming posts, we will give you an overview of the main chatbot applications so you can evaluate them based on your specific needs and desired goals.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Wednesday, 7 November 2018

Top Programming Languages that can be used for implementing Image Recognition || techtalksgroup ||


Image recognition is one of the features that is deployed in most modern devices and programs. The feature has a wide range of applications, the most common one being in security systems. It enables devices to recognize the identity of a person or object just by its image. Face recognition is a product of image recognition.

Best Programming Language For Image Recognition

1. Matlab

                                            matlab programming language for image recognition
Matlab is an independent programming language that has its own framework and IDE which come in a more robust workspace. The programming language comes with a broad range of tools that you can use to handle more technical programming tasks with ease. Image recognition and face processing are some of the tasks that can be handled by Matlab.
Matlab offers an array of built-in tools for matrix calculation. It is imperative to note that image recognition and matrix calculation go hand in hand. Some of the tools that are available in Matlab can perform complex image processing tasks such as cropping, rotating, masking among others.
There is also a dedicated Matlab code for invoking and implementing face recognition feature. This code uses the AT&T database. For this reason, you should download the AT&T database before using this code. Most advanced face recognition applications are written in Matlab.

2.Python

                                            python programming languages for image recognition
Currently, Python is rated as the most popular programming language. Its simplicity and versatility are some of the reasons why many programmers prefer to use it. Despite being simple, Python is a language that you can depend on to perform complex tasks. It can be used to create image processing and recognition features.
The popularity of Python has made it be quite resourceful. It is packed with several libraries that are needed for several functionalities, among them-image recognition. One of the most powerful and efficient libraries is the Scikit-Learn Machine Learning library. Apart from image recognition, the libraries can be used for more intelligent functions such as face recognition and motion detection.

2. C/C++/C#

                                                             c++
You can never go wrong when it comes to the C family of programming languages. They are powerful and can do anything, including creating image processing and recognition functionalities. The C family of programming languages gives you two options for creating image processing feature. You can choose to code everything from scratch whereby you write the codes manually. The second option is to use the existing libraries that are specially designed for these programming languages. These libraries include OpenGLEmguCV, OpenCV, and many others. They have an intelligent image processing feature for image recognition.

4. Java

                                                      Java Programming Language
Like C and C++, we can never afford to underestimate the power of Java programming language. This language is powerful enough to perform complex functionalities. It can be used to create applications for image processing and image recognition.
As a standalone programming language, you can create an image processing functionality from scratch. The advantage of this method is you will have the full control of the functionality. Alternatively, there are powerful libraries that can be incorporated into Java for the purpose of creating the image recognition feature. OpenCV is just one of the libraries that is compatible with Java. You can choose whichever method that suits you.

The OpenCV Tool

                                                               opencv
Open Source Computer Vision is an advanced tool that is used for real-time processing. It is also a cross-platform tool hence can be integrated into any programming language for the purpose of executing image processing and recognition functions. It can be integrated with C, C++, Java, Python and Android programming languages.
OpenCV comes with patent-free algorithms that you can use without any legal restrictions. It can be used for commercial and academic purposes. It has a dedicated Face Recognizer class which you can use to experiment the capabilities of image recognition feature without any hassle. The class is accompanied by an information-rich documentation which will show you how to implement the image recognition feature. In overall, OpenCV is a go-to tool for image recognition regardless of the programming language that you are using.
There are several other programming languages that you can use for developing image recognition functionality. Before you start using any language, learn how to process matrix as it is the building block of image recognition programming.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

://www.instagram.com/theprogrammer.harshit 

Tuesday, 30 October 2018

TOR Enabled Sim Card will keep your communication Anonymous

Although technology has overall made life easier, it has made things a lot less private. As a result, you need to be extra careful when you are browsing online, as it very difficult to maintain privacy out there. It is even possible that your ISP or VPN provider is maintaining a log of everything that you do online.



So, how do we protect our online privacy? Brass Horns Communications, a UK-based non-profit internet service provider that focuses on privacy and anti-surveillance services, has an answer for this. The company is currently beta-testing a SIM card that will automatically route your data through Tor, thereby securing online privacy and evading surveillance.

For those unaware, Tor (originally known as The Onion Router) is a free piece of software for enabling anonymous communication. Tor directs Internet traffic through a free, volunteer-operated network of computers around the world to hide a user’s location and usage from anyone conducting network surveillance or traffic analysis. While Tor protects a user’s privacy, it does not hide the fact that someone is using Tor. The most common method through which people access Tor is the Tor Browser Bundle on desktop, or with the Orbot app on Android.

According to Brass Horn’s Onion3G service site, it claims that the “The Onion3G design is a closed network between your 3G device/MiFi/modem and the Brass Horn Comms Tor bridges, this may make the collection of Internet Connection Records (and by extension other forms of bulk surveillance) less effective.”

It also claims that it’s a safer mobile provider because it only issues “private IP addresses to remote endpoints which if ‘leaked’ won’t identify you or Brass Horn Communications as your ISP.”

Brass Horn Onion3G SIM card only has 3G connectivity. In order to use this Tor-dedicated SIM card, it is necessary to install Orbot app on the device. Further, only apps that have a proxy feature, like Twitter, are compatible. Also, it is available only for Android users.

The Tor-SIM card will cost £2.00 per month for a prepaid account. Further, £0.025 will be charged for per Megabyte (MB) transferred over the network. Pre-payment can be topped up at any time using a credit card like Visa, Mastercard, or cryptocurrencies like Bitcoin, ZCash or Monero.

Currently, the service is offered in the UK only and is likely to be made available to the public in 2019. Those interested in joining the beta phase can find more information here.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit 

Thursday, 18 October 2018

Had you ever imagined of a Cell-Phone without a Battery. Check it Out..!! || techtalksgroup ||


Some years before the basic requirement of any person is simply Food, Cloths, and Shelter but today one more thing is added to this queue at that is Cell-phones . Cell-Phones had become the basic requirements of today user . No work is remained now a days that cannot be performed using a smartphones. Bu the biggest problem that comes with smartphone user is to charge the phone, but suppose a lifestyle where you have to just use the smartphone without getting worry about its battery.

Phone manufacturers are constantly striving to create new products that can run longer on a single battery charge but a team of engineers at the University of Washington (UW) has gone the extra mile: They built a cell phone that doesn't need a battery at all. When radio waves interact with an antenna, the waves induce electricity to flow through the antenna.


While radio waves carry energy and we're surrounded by transmitters generating these waves, this doesn't mean you could power your home by hooking all your electronics to antennas. That's because radio wave propagation follows the inverse-square law — the strength of a radio signal weakens by the square of the distance from the transmitter. It doesn't take long before you're too far from a transmitter to harvest enough electricity to do useful work.

Making a phone call requires that the device you're using has continuous power. "You can't say hello and wait for a minute for the phone to go to sleep and harvest enough power to keep transmitting," said paper co-author Bryce Kellogg, a UW electrical engineering doctoral student, in a press release. "That's been the biggest challenge — the amount of power you can actually gather from ambient radio or light is on the order of 1 or 10 microwatts. So real-time phone operations have been really hard to achieve without developing an entirely new approach to transmitting and receiving speech."

To get around that problem, the team designed a base station that transmits RF signals to the battery-free cell phone. With both the base station and the photodiodes, the phone can operate up to 50 feet or about 15 meters from the base station.

Making a call is simple. You just punch in the phone number you want to call and the circuit board sends this information via radio waves to the base station in a digital packet. The base station takes this data and makes a call on Skype to a cellular network. The station continues to remain in contact with the phone via radio waves, allowing the caller to hear the other side of the conversation. To speak, you just have to hold down a button to activate the microphone.

The simple design means the phone operates on just a few microwatts. Despite the low power approach, the result is pretty amazing.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit 

Thursday, 27 September 2018

What are Rootkits..?? || techtalksgroup ||


What Is a Rootkit?

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words "root" and "kit." Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network. Root refers to the Admin account on Unix and Linux systems, and kit refers to the software components that implement the tool. Today rootkits are generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.

What Can a Rootkit Do?

A rootkit allows someone to maintain command and control over a computer without the computer user/owner knowing about it. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine. A rootkit on an infected computer can also access log files and spy on the legitimate computer owner’s usage.

Rootkit Detection

It is difficult to detect rootkits. There are no commercial products available that can find and remove all known and unknown rootkits. There are various ways to look for a rootkit on an infected machine. Detection methods include behavioral-based methods (e.g., looking for strange behavior on a computer system), signature scanning and memory dump analysis. Often, the only option to remove a rootkit is to completely rebuild the compromised system.

Rootkit Protection

Many rootkits penetrate computer systems by piggybacking with software you trust or with a virus. You can safeguard your system from rootkits by ensuring it is kept patched against known vulnerabilities. This includes patches of your OS, applications and up-to-date virus definitions. Don't accept files or open email file attachments from unknown sources. Be careful when installing software and carefully read the end-user license agreements.

Static analysis can detect backdoors and other malicious insertions such as rootkits. Enterprise developers as well as IT departments buying ready-made software can scan their applications to detect threats including "special" and "hidden-credential" backdoors.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

What is GodMode in Windows.? And how to activate it.. || techtalksgroup ||


GodMode is a special folder in Windows that gives you quick access to over 200 tools and settings that are normally tucked away in the Control Panel and other windows and menus.

Once enabled, God Mode lets you do all sorts of things, like quickly open the built-in disk defragmenter, view event logs, access Device Manager, add Bluetooth devices, format disk partitions, update drivers, open Task Manager, change display settings, adjust your mouse settings, show or hide file extensions, change font settings, rename the computer, and a lot more.

The way GodMode works is actually very simple: just name an empty folder on your computer as outlined below, and then instantly, the folder will turn into a super-handy place to change all sorts of Windows settings.

The steps for turning on God Mode is the exact same for Windows 10, Windows 8, and Windows 7:

Make a new folder, anywhere you like.

To do this, right-click or tap-and-hold on any empty space in any folder in Windows, and choose New > Folder.

Important: You need to make a new folder right now, not just use an existing folder that already has files and folders in it. If you proceed to Step 2 using a folder that already has data in it, all of those files will instantly become hidden, and while GodMode will work, your files will not be accessible.
When asked to name the folder, copy and paste this into that text box:

God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}


Note: The beginning “God Mode” text is just a custom name that you can change to whatever you wish to help you identify the folder, but make sure the rest of the name is exactly the same as you see above.

The folder icon will change to a Control Panel icon and anything after your custom folder name will disappear.

Tip: Although we just warned in the previous step to use an empty folder to get to God Mode, there is a way to unhide your files and reverse GodMode if you accidentally did this to an existing folder. See the tip at the bottom of this page for help.

Double-click or double-tap the new folder to open GodMode.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Monday, 24 September 2018

New Zero-Day Vulnerability Found Effecting All Versions of Windows || techtalksgroup ||


A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline.

Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer.

The Microsoft JET Database Engine, or simply JET (Joint Engine Technology), is a database engine integrated within several Microsoft products, including Microsoft Access and Visual Basic.

According to the an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
"Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process," Trend Micro's Zero Day Initiative wrote in its blog post.
"Various applications use this database format. An attacker using this would be able to execute code at the level of the current process."
According to the ZDI researchers, the vulnerability exists in all supported Windows versions, including Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016.

ZDI reported the vulnerability to Microsoft on May 8, and the tech giant confirmed the bug on 14 May, but failed to patch the vulnerability and release an update within a 120-day (4 months) deadline, making ZDI go public with the vulnerability details.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page.Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Trend Micro recommends all affected users to "restrict interaction with the application to trusted files," as a mitigation until Microsoft comes up with a patch.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Monday, 17 September 2018

Chrome vs Chromium . || techtalksgroup ||


Chrome is a massively popular web browser that is developed and released by Google, and Chromium is a niche open-source browser that has far fewer users. However, Chrome and Chromium have a lot more similarities than differences. In fact, Chrome uses the same source code as Chromium, just with extra features that Google adds on top.

What is Chromium?

Chromium is an open-source web browser that's developed and maintained by the Chromium Project. Since it's open source, anyone is free to take and modify the source code as the please. However, only trusted members of the Chromium Project development community can actually contribute their own code.


Regular users are able to download a frequently updated version of Chromium, all compiled and ready to use, from download-chromium.appspot.com.

What is Chrome?

Chrome is a proprietary web browser that is developed, maintained, and released by Google. Since it's proprietary, you are free to download and use it, but you can't decompile, reverse engineer, or use the source code to build your own project.

Chrome is built on Chromium, which means that Google developers take the open-source Chromium source code and add their own proprietary code. For instance, Chrome has an automatic update feature, is capable of tracking your browsing data, and includes native support for Flash that Chromium lacks.

Chrome is available directly from Google.

The Biggest Differences Between Chromium and Chrome

Since both browsers are built on the same source code, there are two major differences between Chromium and Chrome: Chromium is updated far more frequently, and Google adds in a whole lot of extra stuff that you may or may not want.


Within those two broad categories, here are the seven most important specific examples where Chromium and Chrome are different from each other:


  • Chromium updates more frequently - Since Chromium is compiled directly from the Chromium Project source code, it changes constantly. Chrome has several release channels, but even the bleeding edge Canary channel updates less frequently than Chromium. If you want to get your hands on the absolute latest code that the Chromium Project has to offer, you need to use Chromium.
  • Chrome updates automatically - Chromium lacks an automatic update feature. So even though it updates more frequently, you need to update it manually. Since Chrome has an automatic update feature, it is capable of downloading and installing updates on its own. If you ever get too far out of date, it will even let you know.
  • Chrome tracks your web browsing - Chromium doesn't track your information, and Chrome does. If you don't want to provide Google with any information about your browsing habits on the internet, but you like Chrome, then Chromium may be an option.
  • Chrome locks you into the Google Play Store - By default, Chrome on Windows and Mac only lets you install extensions that you download from the Google Play Store, while Chromium allows outside extensions. If you want the same freedom in Chrome, you need to enable developer mode.
  • Chrome has native support for Adobe Flash - Flash isn't as widespread as it used to be, but there are still sites that don't work right if you don't have it. Since Flash isn't open source, Chromium doesn't support it natively. So if you want to use Flash in Chromium, and you aren't an expert, you may be in for a headache.
  • Chromium doesn't include closed-source media codecs - Chrome also includes licensed media codecs like AAC, H.264, and MP3 that Chromium doesn't. Without these codecs, media won't play in Chromium. So if you want to stream video on sites like Netflix and YouTube, you need to either use Chrome or install these codecs manually.
  • Chromium doesn't always have the security sandbox enabled by default - Both Chrome and Chromium have a security sandbox mode, but Chromium has it turned off by default in some cases.

Chromium vs. Chrome: Which One Wins?

Since Chromium and Chrome are so similar, and each one has benefits, it's difficult to say which one actually wins in a head to head fight. For most regular users, Chrome is the better choice, but for more advanced users, those who place an especially high value on privacy, and some Linux users, Chromium may be the way to go.

Who Should Use Chrome?

Anyone who wants to download a web browser and have it just work, right out of the box, should use Chrome instead of Chromium. This is especially true if you use either Windows or Mac.

Chrome is extremely easy to download and install, doesn't require any configuration, and you can use it to view movies and listen to music on the internet, and even view websites that use Flash, without a lot of extra headaches.

Who Should Use Chromium?

Chromium is a better choice for more advanced users who don't care about getting their hands a little dirty, and anyone who likes Chrome but doesn't want to be tracked by Google. It's also a viable choice for users of some Linux distributions that offer a modified version of Chromium that comes a lot closer to matching Chrome in terms of features.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Saturday, 15 September 2018

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter ||techtalksgroup||


A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter.

Web Pentest / Information Gathering:

  • Banner Grab
  • Whois
  • Traceroute
  • DNS Record
  • Reverse DNS Lookup
  • Zone Transfer Lookup
  • Port Scan
  • Admin Panel Scan
  • Subdomain Scan
  • CMS Identify
  • Reverse IP Lookup
  • Subnet Lookup
  • Extract Page Links
  • Directory Fuzz (NEW)
  • File Fuzz (NEW)
  • Shodan Search (NEW)
  • Shodan Host Lookup (NEW)

 Web Application Attack: (NEW)
  • Wordpress 
  • | WPScan 
  • | WPScan Bruteforce 
  • | Wordpress Plugin Vulnerability Checker 
Features: // I will add more soon. 
  • | WordPress Woocommerce - Directory Craversal 
  • | Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting 
  • | WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion 
  • | WordPress Plugin Events Calendar - 'event_id' SQL Injection

Auto SQL Injection


Features:
  • | Union Based 
  • | (Error Output = False) Detection 
  • | Tested on 100+ Websites

Generator:

  • Deface Page
  • Password Generator // NEW
  • Text To Hash //NEW


Installation
git  clone  https://github.com/cr4shcod3/pureblood
cd pureblood
pip install -r requirements.txt

--------------------DOWNLOAD PUREBLOOD-----------------------

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Thursday, 13 September 2018

Top 5 Kali Linux Tools Every Hacker Should Know All About |techtalksgroup|


Top Kali Linux Tools:-
Now let’s get started with the list of my favorite tools and a lot of other hackers favorite tools too.

1. Metasploit:-

Metasploit is a framework for developing exploits, shellcodes, fuzzing tool, payloads etc. And it has a very vast collection of exploits and exploitation tools bundled into this single framework. It is available for all major Operating Sytems out there Windows, OS X, and Linux and comes pre-installed in Kali Linux. It is an offensive tool and to attack your own or your company’s infrastructure to check for security loopholes and to fix them before an actual attacker can break in.
It can also be used to target web applications, networks, and servers etc. You get both GUI and command line interface. There are to products for Metasploit a Free Community version and a paid Metasploit Pro.

2. Nmap (Network Mapper):-

Nmap is used to scan whole networks for open ports and for mapping networks and a lot more things. It is mainly used for scanning networks and discover the online PC’s and for security auditing. Most of the network admins use Nmap to discover online computer’s, open ports and manage services running. It uses raw IP packets in such a creative way to know what hosts are available on the network and what ports are open which services (applications name and version) are running on those systems.
It comes into version GUI and Command Line. Zenmap is the GUI version what I recommend is that first learn the command line and then move on to the GUI if you feel confident.

3. Armitage:-

Armitage is a graphical cyber attack management tool and it provides a GUI interface for all Metasploit features and makes it easier to understand and use. If you really want to understand and grow into the advanced features then Armitage is a great choice for you.

Armitage organizes Metasploit’s capabilities around the hacking process. There are features for discovery, access, post-exploitation, and maneuver.

And if you are working in a team then it can be a real help to share information with your team:
  • Use the same sessions.
  • Share victim hosts, capture data, download files etc.
  • Communicate using a shared event log.
  • Run bots to automate the tasks.

4. John The Ripper (JTR):-

John The Ripper is a very popular tool for password cracking it is also known as JTR and also it has the coolest name of all the tools. Mostly it is simply referred as ‘Jhon’ it is the most commonly used tool for password cracking and to perform dictionary attacks. John The Ripper takes text files, referred as a ‘wordlist’, which contains the list of commonly used passwords or real passwords cracked before, and it encrypts the password in the wordlist in the same way as the password which is being cracked. And then compare the output string with the encrypted string of the provided password.

This tool can be used to perform different types of dictionary attacks. If you are confused between Jhon The Ripper and THC Hydra then the most simple way to explain it is that THC Hydra is used to crack a password for online services and Jhon The Ripper is used for offline password cracking.

5. Wireshark:-

Wireshark is an open source tool for network analysis and profiling network traffic and packets and this kind of tools are referred to as Network Sniffers.

Wireshark, previously known as Ethereal, is used to monitor network traffic and analyze the packets that are sent out. Wireshark can intercept network traffic ranging from connection level information to bits of the information which make up a signal packet. All of this is done in real time and show to the user in a readable format. There are a lot of developments made in the tool (platform) over the years and it includes filters, color-coding the packets depending on their information and these features really help the penetration testers to dig deeper in the network traffic and inspect the packets in detail.

Note: If you are really interested in Network administration and penetration testing then knowing how to use Wireshark is a required skill. There are a lot of resources available online from where you can learn about using Wireshark in depth.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit