Thursday, 27 September 2018

What are Rootkits..?? || techtalksgroup ||


What Is a Rootkit?

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words "root" and "kit." Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network. Root refers to the Admin account on Unix and Linux systems, and kit refers to the software components that implement the tool. Today rootkits are generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.

What Can a Rootkit Do?

A rootkit allows someone to maintain command and control over a computer without the computer user/owner knowing about it. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine. A rootkit on an infected computer can also access log files and spy on the legitimate computer owner’s usage.

Rootkit Detection

It is difficult to detect rootkits. There are no commercial products available that can find and remove all known and unknown rootkits. There are various ways to look for a rootkit on an infected machine. Detection methods include behavioral-based methods (e.g., looking for strange behavior on a computer system), signature scanning and memory dump analysis. Often, the only option to remove a rootkit is to completely rebuild the compromised system.

Rootkit Protection

Many rootkits penetrate computer systems by piggybacking with software you trust or with a virus. You can safeguard your system from rootkits by ensuring it is kept patched against known vulnerabilities. This includes patches of your OS, applications and up-to-date virus definitions. Don't accept files or open email file attachments from unknown sources. Be careful when installing software and carefully read the end-user license agreements.

Static analysis can detect backdoors and other malicious insertions such as rootkits. Enterprise developers as well as IT departments buying ready-made software can scan their applications to detect threats including "special" and "hidden-credential" backdoors.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

What is GodMode in Windows.? And how to activate it.. || techtalksgroup ||


GodMode is a special folder in Windows that gives you quick access to over 200 tools and settings that are normally tucked away in the Control Panel and other windows and menus.

Once enabled, God Mode lets you do all sorts of things, like quickly open the built-in disk defragmenter, view event logs, access Device Manager, add Bluetooth devices, format disk partitions, update drivers, open Task Manager, change display settings, adjust your mouse settings, show or hide file extensions, change font settings, rename the computer, and a lot more.

The way GodMode works is actually very simple: just name an empty folder on your computer as outlined below, and then instantly, the folder will turn into a super-handy place to change all sorts of Windows settings.

The steps for turning on God Mode is the exact same for Windows 10, Windows 8, and Windows 7:

Make a new folder, anywhere you like.

To do this, right-click or tap-and-hold on any empty space in any folder in Windows, and choose New > Folder.

Important: You need to make a new folder right now, not just use an existing folder that already has files and folders in it. If you proceed to Step 2 using a folder that already has data in it, all of those files will instantly become hidden, and while GodMode will work, your files will not be accessible.
When asked to name the folder, copy and paste this into that text box:

God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}


Note: The beginning “God Mode” text is just a custom name that you can change to whatever you wish to help you identify the folder, but make sure the rest of the name is exactly the same as you see above.

The folder icon will change to a Control Panel icon and anything after your custom folder name will disappear.

Tip: Although we just warned in the previous step to use an empty folder to get to God Mode, there is a way to unhide your files and reverse GodMode if you accidentally did this to an existing folder. See the tip at the bottom of this page for help.

Double-click or double-tap the new folder to open GodMode.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Monday, 24 September 2018

New Zero-Day Vulnerability Found Effecting All Versions of Windows || techtalksgroup ||


A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline.

Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer.

The Microsoft JET Database Engine, or simply JET (Joint Engine Technology), is a database engine integrated within several Microsoft products, including Microsoft Access and Visual Basic.

According to the an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, can cause an out-out-bounds memory write, leading to remote code execution.
An attacker must convince a targeted user into opening a specially crafted JET database file in order to exploit this vulnerability and remotely execute malicious code on a targeted vulnerable Windows computer.
"Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process," Trend Micro's Zero Day Initiative wrote in its blog post.
"Various applications use this database format. An attacker using this would be able to execute code at the level of the current process."
According to the ZDI researchers, the vulnerability exists in all supported Windows versions, including Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016.

ZDI reported the vulnerability to Microsoft on May 8, and the tech giant confirmed the bug on 14 May, but failed to patch the vulnerability and release an update within a 120-day (4 months) deadline, making ZDI go public with the vulnerability details.
Proof-of-concept exploit code for the vulnerability has also been published by the Trend Micro its GitHub page.Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft's October patch release.
Trend Micro recommends all affected users to "restrict interaction with the application to trusted files," as a mitigation until Microsoft comes up with a patch.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Monday, 17 September 2018

Chrome vs Chromium . || techtalksgroup ||


Chrome is a massively popular web browser that is developed and released by Google, and Chromium is a niche open-source browser that has far fewer users. However, Chrome and Chromium have a lot more similarities than differences. In fact, Chrome uses the same source code as Chromium, just with extra features that Google adds on top.

What is Chromium?

Chromium is an open-source web browser that's developed and maintained by the Chromium Project. Since it's open source, anyone is free to take and modify the source code as the please. However, only trusted members of the Chromium Project development community can actually contribute their own code.


Regular users are able to download a frequently updated version of Chromium, all compiled and ready to use, from download-chromium.appspot.com.

What is Chrome?

Chrome is a proprietary web browser that is developed, maintained, and released by Google. Since it's proprietary, you are free to download and use it, but you can't decompile, reverse engineer, or use the source code to build your own project.

Chrome is built on Chromium, which means that Google developers take the open-source Chromium source code and add their own proprietary code. For instance, Chrome has an automatic update feature, is capable of tracking your browsing data, and includes native support for Flash that Chromium lacks.

Chrome is available directly from Google.

The Biggest Differences Between Chromium and Chrome

Since both browsers are built on the same source code, there are two major differences between Chromium and Chrome: Chromium is updated far more frequently, and Google adds in a whole lot of extra stuff that you may or may not want.


Within those two broad categories, here are the seven most important specific examples where Chromium and Chrome are different from each other:


  • Chromium updates more frequently - Since Chromium is compiled directly from the Chromium Project source code, it changes constantly. Chrome has several release channels, but even the bleeding edge Canary channel updates less frequently than Chromium. If you want to get your hands on the absolute latest code that the Chromium Project has to offer, you need to use Chromium.
  • Chrome updates automatically - Chromium lacks an automatic update feature. So even though it updates more frequently, you need to update it manually. Since Chrome has an automatic update feature, it is capable of downloading and installing updates on its own. If you ever get too far out of date, it will even let you know.
  • Chrome tracks your web browsing - Chromium doesn't track your information, and Chrome does. If you don't want to provide Google with any information about your browsing habits on the internet, but you like Chrome, then Chromium may be an option.
  • Chrome locks you into the Google Play Store - By default, Chrome on Windows and Mac only lets you install extensions that you download from the Google Play Store, while Chromium allows outside extensions. If you want the same freedom in Chrome, you need to enable developer mode.
  • Chrome has native support for Adobe Flash - Flash isn't as widespread as it used to be, but there are still sites that don't work right if you don't have it. Since Flash isn't open source, Chromium doesn't support it natively. So if you want to use Flash in Chromium, and you aren't an expert, you may be in for a headache.
  • Chromium doesn't include closed-source media codecs - Chrome also includes licensed media codecs like AAC, H.264, and MP3 that Chromium doesn't. Without these codecs, media won't play in Chromium. So if you want to stream video on sites like Netflix and YouTube, you need to either use Chrome or install these codecs manually.
  • Chromium doesn't always have the security sandbox enabled by default - Both Chrome and Chromium have a security sandbox mode, but Chromium has it turned off by default in some cases.

Chromium vs. Chrome: Which One Wins?

Since Chromium and Chrome are so similar, and each one has benefits, it's difficult to say which one actually wins in a head to head fight. For most regular users, Chrome is the better choice, but for more advanced users, those who place an especially high value on privacy, and some Linux users, Chromium may be the way to go.

Who Should Use Chrome?

Anyone who wants to download a web browser and have it just work, right out of the box, should use Chrome instead of Chromium. This is especially true if you use either Windows or Mac.

Chrome is extremely easy to download and install, doesn't require any configuration, and you can use it to view movies and listen to music on the internet, and even view websites that use Flash, without a lot of extra headaches.

Who Should Use Chromium?

Chromium is a better choice for more advanced users who don't care about getting their hands a little dirty, and anyone who likes Chrome but doesn't want to be tracked by Google. It's also a viable choice for users of some Linux distributions that offer a modified version of Chromium that comes a lot closer to matching Chrome in terms of features.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Saturday, 15 September 2018

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter ||techtalksgroup||


A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter.

Web Pentest / Information Gathering:

  • Banner Grab
  • Whois
  • Traceroute
  • DNS Record
  • Reverse DNS Lookup
  • Zone Transfer Lookup
  • Port Scan
  • Admin Panel Scan
  • Subdomain Scan
  • CMS Identify
  • Reverse IP Lookup
  • Subnet Lookup
  • Extract Page Links
  • Directory Fuzz (NEW)
  • File Fuzz (NEW)
  • Shodan Search (NEW)
  • Shodan Host Lookup (NEW)

 Web Application Attack: (NEW)
  • Wordpress 
  • | WPScan 
  • | WPScan Bruteforce 
  • | Wordpress Plugin Vulnerability Checker 
Features: // I will add more soon. 
  • | WordPress Woocommerce - Directory Craversal 
  • | Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting 
  • | WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion 
  • | WordPress Plugin Events Calendar - 'event_id' SQL Injection

Auto SQL Injection


Features:
  • | Union Based 
  • | (Error Output = False) Detection 
  • | Tested on 100+ Websites

Generator:

  • Deface Page
  • Password Generator // NEW
  • Text To Hash //NEW


Installation
git  clone  https://github.com/cr4shcod3/pureblood
cd pureblood
pip install -r requirements.txt

--------------------DOWNLOAD PUREBLOOD-----------------------

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Thursday, 13 September 2018

Top 5 Kali Linux Tools Every Hacker Should Know All About |techtalksgroup|


Top Kali Linux Tools:-
Now let’s get started with the list of my favorite tools and a lot of other hackers favorite tools too.

1. Metasploit:-

Metasploit is a framework for developing exploits, shellcodes, fuzzing tool, payloads etc. And it has a very vast collection of exploits and exploitation tools bundled into this single framework. It is available for all major Operating Sytems out there Windows, OS X, and Linux and comes pre-installed in Kali Linux. It is an offensive tool and to attack your own or your company’s infrastructure to check for security loopholes and to fix them before an actual attacker can break in.
It can also be used to target web applications, networks, and servers etc. You get both GUI and command line interface. There are to products for Metasploit a Free Community version and a paid Metasploit Pro.

2. Nmap (Network Mapper):-

Nmap is used to scan whole networks for open ports and for mapping networks and a lot more things. It is mainly used for scanning networks and discover the online PC’s and for security auditing. Most of the network admins use Nmap to discover online computer’s, open ports and manage services running. It uses raw IP packets in such a creative way to know what hosts are available on the network and what ports are open which services (applications name and version) are running on those systems.
It comes into version GUI and Command Line. Zenmap is the GUI version what I recommend is that first learn the command line and then move on to the GUI if you feel confident.

3. Armitage:-

Armitage is a graphical cyber attack management tool and it provides a GUI interface for all Metasploit features and makes it easier to understand and use. If you really want to understand and grow into the advanced features then Armitage is a great choice for you.

Armitage organizes Metasploit’s capabilities around the hacking process. There are features for discovery, access, post-exploitation, and maneuver.

And if you are working in a team then it can be a real help to share information with your team:
  • Use the same sessions.
  • Share victim hosts, capture data, download files etc.
  • Communicate using a shared event log.
  • Run bots to automate the tasks.

4. John The Ripper (JTR):-

John The Ripper is a very popular tool for password cracking it is also known as JTR and also it has the coolest name of all the tools. Mostly it is simply referred as ‘Jhon’ it is the most commonly used tool for password cracking and to perform dictionary attacks. John The Ripper takes text files, referred as a ‘wordlist’, which contains the list of commonly used passwords or real passwords cracked before, and it encrypts the password in the wordlist in the same way as the password which is being cracked. And then compare the output string with the encrypted string of the provided password.

This tool can be used to perform different types of dictionary attacks. If you are confused between Jhon The Ripper and THC Hydra then the most simple way to explain it is that THC Hydra is used to crack a password for online services and Jhon The Ripper is used for offline password cracking.

5. Wireshark:-

Wireshark is an open source tool for network analysis and profiling network traffic and packets and this kind of tools are referred to as Network Sniffers.

Wireshark, previously known as Ethereal, is used to monitor network traffic and analyze the packets that are sent out. Wireshark can intercept network traffic ranging from connection level information to bits of the information which make up a signal packet. All of this is done in real time and show to the user in a readable format. There are a lot of developments made in the tool (platform) over the years and it includes filters, color-coding the packets depending on their information and these features really help the penetration testers to dig deeper in the network traffic and inspect the packets in detail.

Note: If you are really interested in Network administration and penetration testing then knowing how to use Wireshark is a required skill. There are a lot of resources available online from where you can learn about using Wireshark in depth.

So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms.

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:-https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit

Wednesday, 12 September 2018

Download The Free Kali Linux Book || tech talks group ||


Whether you are new to infosec, or a seasoned security veteran, the free "Kali Linux Revealed" online course has something to teach you. the saying "You can't build a great building on a weak foundation" rings true in the information security field as well , and if you use (or want to learn to use) kali in a professional way, you should familiarise yourself as best as you can with the internals of the penetration testing distribution - and that's what this training is all about - turning you into a Kali Linux professional user.

DOWNLOAD PDF - https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf

Learning how to master a kali gives you the freedom to create kali Linux recipes like the Kali ISO of Doom, or the kali Evil Ap. you'll be able to build optimize and custom kali kernels, host them on your own repositories and create your own custom Kali Appliances - and there's so much more.

After Reading This Book You Will Be Able To --

  • Use the Kali OS proficiently.
  • Automate, customize and pre-seed Kali Linux Installs.
  • Create kali appliances such as the Kali ISO of  Doom.
  • Build, modify and host kali packages and repositories.
  • Create, fork and modify simple kali packages.
  • Customize and rebuild your kernel.
  • Deploy Kali over the network.
  • Manage and orchestrate multiple installations of kali.
  • Build and customize Kali ARM images.
  • Create custom pentesting devices. 
So that's it. Hope you guys like it. If yes then please .. comment down below and do not forget to like follow and share our social media platforms. 

Facebook Page:- https://www.facebook.com/theprogrammer.harshit/
Google Plus:- https://plus.google.com/u/0/communiti…/117296242526461886479
Blog:- https://www.techtalksgroup.blogspot.com
Instagram:- https://www.instagram.com/theprogrammer.harshit