Top 4 Android Apps To Turn Your SmartPhone Into Hacking Machine

So in this tutorial i will teach you how to turn your Android Smartphone into a lethal Hacking Machine using some Android Hacking Apps.

1. SpoofApp

 

Here is an app that spies at heart could use – SpoofApp. It allows you to use a fake Caller ID – a number that you are free to specify yourself, in order to protect your privacy or to pull a prank on someone. Sounds like fun, doesn’t it? Well, Apple didn’t think so, which is why it never allowed the app to enter its App Store. Google, however, didn’t mind, which is why SpoofApp was available on the Android Market for about two and a half years. However, it was banned from there last year as it allegedly was in conflict with The Truth in Caller ID Act of 2009.This can be useful in social engineering.

2. FaceNiff

Requirements: Android 2.1+ (rooted)
Overview: FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
Must Read: Top 10 Windows Antivirus Software of 2013
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It’s kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!). Please note that if webuser uses SSL this application won’t work.
Legal notice: This application is for educational purposes only. Do not try to use it if it’s not legal in your country. I do not take any responsibility for anything you do using this application. Use at your own risk.

3. Penetrate Pro

Root is required.
The most of the times you scan the Wi-Fi networks available around, they’re protected with key. Penetrate is an app that help you out with that. If the routers of that Wi-Fi networks are encrypted with WEP/WPA it will bring you the keys to access them. This seems a sort of cracking, but the developers says it isn’t, because it’s supposed to get the keys for penetration testing and you should use it only with permission from network owners. Well, apart from those regardings, it does what it says. Check the developer description to know which routers are supported.
Take in account that if you have an antivirus installed in your device, it will warn you about this app. The developer says it’s normal because it’s a security-related tool. Penetrate isn’t a danger for your phone.
This is the paid version (€1.99) that contains no ads, some more features and sponsors further development. What’s more, it allows you to use 3G to get the password instead of using dictionaries that you will have to download in the free version.
Penetrate works properly with the range of routers supported. We’re missing more though. Despite the apparent use for which it was developed this application, we all know the “regular” use. And if you’re looking for it, give it a chance. It’s a great app.

4. Anti-Android Network Toolkit

Anti Android network Toolkit | Android Hacking Apps #4

ROOT Required
Anti-Android Network Toolkit is an app that uses WiFi scanning tools to scan networks. You can scan a network you have the phone connected to or you can scan any other nearby open networks. Security admins can use Anti to test network host vulnerabilities to DoS attacks and other threats.

Working with ANTI-Android Network Toolkit

Upon opening the app, users are required to enter the username and password used for registering. Once logged in, a message pops up indicating how many Anti credits you have and gives you the option to purchase more.
The next screen shows you the local network targets. I had my phone connected to my WLAN and Anti automatically mapped my network. You can only connect to networks you can authenticate into or of course, unsecured, open ones.
I could see my subnet information as well as all connected hosts on the network. It also showed an icon of what the various hosts were on my network; for instance, a connected Windows 7 laptop was displayed with the Window icon and my Android phone with the Droid bot logo.
From this screen, additional networks can be added simply by entering their subnet information. Clicking the bottom of the screen on the WiFi logo brings up all WLANs in the proximity, so Anti also performs wireless network discovery.
When first displaying the local target screen where you can view your network, Anti asks to run an intrusive scan. This scan checks for open ports and other vulnerabilities on the network. The app scanned 256 possible IP addresses in my test network (which only has four connected devices) in 11.07 seconds. In that time, the app discovered a connected machine with 8 open ports.
There are several other tasks the app can do. Users can run a password cracker against hosts using various crack protocols. A password crack on my test network revealed the username and password to an unsecured network switch—the username and password displayed was correct, as I was able to use the credentials Anti found to Telnet into the command line interface of the switch.
With Anti, you can also connect to network devices legitimately, with proper credentials. The report feature will list all of the vulnerabilities found, giving network admins a way to perform a threat assessment

Read More

Top 5 Hacking Add-ons For Mozilla Firefox

Hacking Add-ons For Mozilla Firefox

Mozilla Firefox is one of the most popular Internet browsers around the world. What make it so special are the thousands of add-ons created by developers to shape the browser according to their wish. Mozilla has always been the favourite browser for hackers. From Packet sniffing add-ons to proxy add-ons, Firefox is the home of hackers. Let’s check out 5 hacking add-ons for Mozilla firefox.
Also read: Top 10 Google Chrome Extensions For Hackers

1) Firesheep Add-on

firesheep add-on for mozilla firefox

Firesheep is one of the most powerful add-ons plugin for Firefox version 3.6 or later, which gained much fame in a few days of its launch. The basic concept of Firesheep was, that it used a packet sniffer which encapsulated the unencrypted cookie data for social networking sites such as Facebook and Twitter and hence giving a free ticket to hackers to log in the victim’s account without entering username or password of the victim. The technique is known as session hijacking, cookie stealing and many such synonyms underlining the fact of stealing the cookie. The add-on copies the unique cookie data into a list (which you’ll notice at the right side of your browser) and double clicking the cookie gives you access. A cookie is basically a packet with encrypted hash about the information of the user’s secure page, which is generated at the time of login. The “Remember me” function is totally based on this unique hash cookie data, allowing you to skip the login process for frequent logins. So, in case a cookie theft, the browser with your cookie information assumes it to be and passes the login process. Eric Butler basically launched the add-ons plugin at a security point of view to demonstrate the risk of session hijacking and what unencrypted sessions could do. The act somewhat brought a security to users and method seems to sink at secure connections (HTTPS Connections).
Firesheep works on Windows platform and Mac, while it is not suitable yet for Linux.
We Recommend this article: 5 Most Dangerous Internet Worms Of All Time

2) Greasemonkey

Greasemonkey add-on for mozilla firefox

The Greasemonkey project, started in November, 2004 is another quite famous and innovative Firefox extension bringing a boon to the programmers. Greasemonkey provides a step to augmented browsing which means manipulating the webpage before or after it has been loaded with use of scripts installed as per user’s choice and coder’s calibre. Scripts are usually coded in JavaScript, and can be generated in CSS or XUL too. The webpages can be rendered as per like and ability of the webpage to be manipulated using JavaScript. Userscripts.org maintains a database of nearly all the greasemonkey scripts by all coders who submit it there and can directly be installed within the browser. Greasemonkey uses the Document Object Model interface to amend the webpage or a complete website. (Greasemonkey renders the page as to user and not globally.) Greasemonkey has been functional in providing an easy-to-do way for many sites from Facebook, Gmail, one click delete options, preventing pop ups on external clicks on hotmail, has the ability to embed price comparison while online shopping hence, can combine data from multiple webpages, can render the appearance of the site to fixing the bugs. Apart from these, Greasemonkey has been into controversies for providing hackers a way to render the page negatively, But now user scripts only allows certain set of instructions which coders must follow.
Check Out which is the best anti-virus of 2013: Top 10 Windows Antivirus Software 2013
Greasemonkey works with all Firefox versions.

3) Advanced dork

As we know, Google is the most powerful search engine at present and it cannot be a bane for anyone. Google is one of the best tools, for penetration testers and other security experts to directly reach the vulnerability through the search engine. Google allows you to search the web with its advanced techniques, letting our search to be in depth and specific. Google has millions of ways to track your search and provide required result, but remembering those million queries and techniques is complicated, This is where Advanced Dork Firefox plug-in comes into play. Advanced Dork saves a lot of time, and providing easy to use search features and along with provides a space to learn to people who are not aware of advanced Google search engines techniques. All these queries are just a right click away. Using advanced Dork is quite simple, You just have to select the word and choose from 15+ Google advanced operators such as intitle: inurl: intext: site: ext: and filetype etc., which render your search according to your need. Right clicking a hyperlink also provides features to search the linked domain and similarly, right clicking the address bar provides features like inurl, link, and cache, to search within the domain (not the present directory of the domain). Quoting again, Google is the most powerful tool on the web and Advanced dork brings you the ability to use it as powerfully as it is meant to be.

4) Cookie swap /Add n Edit cookies

Cookie Swap and Add n Edit Cookies are plug-ins of the same platform and used for session hijacking as explained in the first point. A cookie stores the session information of the user. A cookie for a hacker is as useful as a password; rather cookie works for a week or so even after the password is changed. This add-on help us to edit the cookies for a certain login session. If we have the unique cookie data for a specific user, we edit our cookies with the victim’s cookies, And Poof! We get a free ticket to that authenticated information. Cookie editor tools are vastly used not only to swap cookies and hack other sessions but for education purposes too.
Learn How to Reverse An Android Malware: How To Reverse An Android Malware

5) FoxyProxy

FoxyProxy Hacking add-on For Firefox

For hackers and Security experts, Staying behind the covers is a very vital element for their procedures. Proxy servers help a user to maintain the anonymity and reach the data restricted to their country or ip address range. Foxyproxy, with over 13 million downloads and translation is more than 34 languages offer reliable proxy servers in over 50 countries around the globe. The servers are automatically changed according to the URL patterns. Advanced loggings and animated icons show you which proxy servers were used for which URL providing complete Foxyproxy usage details. Though many such add-ons like TorButton, SwitchProxy, QuickProxy, xyzproxy, ProxyButton, ProxyTex , etc. Already exist to be used while you browse but FoxyProxy is the best of it and provides more features than others.
Note: These add-ons will not work on mozilla firefox for android.

Read More

How Hackers Use Google Search For Hacking

As you all know that Google indexes 80% of the internet providing you all information you require, but it also provides some confidential information, which in hands of a hacker can prove fatal.
and you can do it by just right search query.
here are some examples for you.

HOW HACKERS USE GOOGLE FOR HACKING SECURITY CAMERAS?

There are many security cameras used for monitoring places like parking lots, college campus, road traffic etc and which provide the information on web.
All You have to do is Type in Google search box exactly as follows and hit enter
inurl:”viewerframe?mode=motion”
Open any of the link and you will gain access to the live camera which has full controls. You are now all done. You can perform all the actions on that camera, such as: zoom in, zoom out,rotate the camera etc.

How To Gain Personal and Confidential Documents.

You can gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc via Google search.
Just type in
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”
if you want to get excel file, then
filetype:xls inurl:”email.xls”
and for gaining access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query.
intitle:index.of finances.xls

Using Google To Get Free Stuffs

Using Google search You can get free music,ebooks and lot more free stuffs.
you just need to enter this quire.
“?intitle:index.of?mp3 Lady Gaga“
after hitting this you will get all album list of Lady Gaga, where you can download her songs by your choice.
similarly if you want to get free ebooks type :
“?intitle:index.of?pdf ebooks“
it will provide you all pdf with the name ‘ebooks’.
You can do a lot more by just entering the right keyword.

Read More

How to crack the iPhone passcode

crack iPhone passcode

Crack iPhone Passcode

Just follow these steps to crack iPhone passcode:

1. Even when your iPhone is locked up, you can still sync it with your computer. Do that first so all your data is backed up in iTunes. If you’re using iCloud, you might want to switch it over to your computer for now just to be sure your information is safe.
2. Put your iPhone into DFU mode. To do this, reboot your iPhone by holding down the power and home buttons simultaneously for about 10 seconds. When you see the Apple logo, let go of the power button but continue holding down the home button. Soon you will see an image displaying a USB cable, the iTunes icon, and a message that says “Connect to iTunes.”
3. Assuming you still have your iPhone connected to your computer with iTunes open, you’ll also see a message telling you iTunes has detected an iPhone in recovery mode and needs to restore. Now you can click the Restore button in iTunes and then wait for iOS to download and install on your iPhone.
4. Sync your iPhone with iTunes to restore all your data and you’ll have it back to normal with no password!

Read More

What To Do When You Are At ATM On Gunpoint

What To Do When You Are At ATM on Gunpoint

When a thief forced you to take money from the ATM, do not argue or resist, you might not know what he or she might do to you. What you should do is to punch your PIN in the reverse…Eg: If your PIN is 1234, you punch 4321. The moment you punch in the reverse, the money will come out, but will be stuck into the machine half way out and it will alert the police without the notice of the thief.
Every ATM has it; It is specially made to signify danger and help. Not everyone is aware of this. SHARE THIS TO ALL YOUR FRIENDS

Read More

All About RAT- Remote Administrative Tool

All About RAT- Remote Administrative Tool

Imagine a situation where your every online activity, your online chats, your passwords, the websites you visit, the files you download, the “secret” files in your hidden folder is spied upon by someone without you ever knowing a thing of it.
Scary thought isn’t it? In worst case scenario, a pervert sitting miles away in front of a computer is secretly streaming live videos from your sister’s /wife’s/girlfriend’s webcam, even listening to the microphone. This mere thought is enough to send chill down the spine of many.
Sadly such kinds of cybercrimes are happening at a rate, much faster than you can imagine. With a help of freely/cheap available softwares, even an average 12 year old can achieve that. All one need is an internet connection.

All About RAT- Remote Administrative Tool:

No, I am not talking about the rodent here. RAT or Remote Access Tool/Trojan are kind of remote monitoring sofwares. RAT consist of two parts,
1. Client.
2. Server.
Client is the main module that is installed on the attacker’s PC and the server is a tiny file (usually in kBs) which the attacker distributes to his would be victims. Once successfully installed in victims’ PC, the attacker gains total control over the computer.

General RAT features:

• Screen/Desktop capture or image control
• Webcam capture
• File management (download/upload/execute/etc)
• Shell control
• Computer control (power off/power on/log off/etc)
• Registry management (query/add/delete/modify)
• Record victims Keystrokes (Keylogger)
• DDoS

Other Fun Functions:

Remote Administration Tools come with a wide variety of handy tools and features. Here are some fun things you can perform with most common RAT’s:

• Block mouse and keyboard
• Change your desktop wallpaper
• Download, upload, delete, and rename files
• Drop viruses and worms
• Edit Registry
• Format drives
• Grab passwords, credit card numbers
• Hijack homepage
• Hide desktop icons, taskbar and files
• Log keystrokes, keystroke capture software
• Open/Close CD-ROM tray
• Overload the RAM/ROM drive
• Print text
• Play sounds
• Randomly move and click mouse
• Record sound with a connected microphone
• Record video with a connected webcam
• Shut-down, Restart, Log-Off, Shutdown monitor
• Steal Passwords
• View screen
• View, kill, and start tasks in task manager
And lots more.

Three most popular RAT

1. Blackshades (Paid)
2. DarkComet (Free)
3. CyberGate(Paid/Trail)

Read More

How Hackers Spread Malware and Virus

Do you know that thousands of Computers are being infected with some kind of Trojan/Malware each second as we speak? And no, it’s not only the Windows Users that’s being targeted nowadays; even Operation Systems like i0S and Linux are now the favourite hunting grounds for hackers.
What’s the root cause of such massive computers falling prey to malwares? The answer is Ignorance and lack of awareness among the general public. The biggest misconception among the people is, since they have a “Premium” Anti-Virus installed in their computer, they are 100% secure. Nothing could be further from the truth.
Antivirus provides protection only from the known viruses but what about the unknown and new ones? Do you know, hundreds of new viruses are being coded and released every day? To make it worse, there exist special types of software called Crypters which makes a known virus Fully UnDectected(FUD) without changing the behaviour of the virus, in some cases adding more teeth to them.
Some Underground hacking communities even provide tutorials and ebooks on how to infect people. Some ebooks even claim to “teach you” how to infect 1000+ computers on a single day. While others who already have a massive amount of computers under his control sells the bots for as little as 2$ per thousand bots. More about such ebooks can be found at the end of this article.

Let’s have a look at the top Four ways in which Malware and Virus are spread:

1). Torrents

I bet you saw this coming. But do you know the latest movie which you ripped last night and seeding it away in glory right now could potentially be a carrier of viruses? Yes, it’s possible if your computer was already infect by a virus which had the capability of binding itself to torrent files. Looking at it from the other side, the trusted members of a torrent site could also theoretically infect you without them even known it. Not to mention about bogus and fake files binded with viruses uploaded every day to torrent site by fake profiles. The point is danger is always lurking on Torrent sites. They best to minimise them is to take precautions while downloading torrents. Always check the uploader, his previous uploads, the comments given by other users and how old the torrent is. It’s also a good idea to google the name of the torrent and check its description and pictures with those given in the Torrent site.

2). Youtube

Youtube and Dailymotion: Search “ ‘Any Software name here’ Crack” in  Youtube or DailyMotion, you will be literally flooded with hundreds of video tutorials showing you how to run the crack file. Almost 90% of the videos will be accompanied by a download link and in most of the cases the file offered in the download link will be binded with a Trojan. Use your common sense in such cases.

3). Facebook

Yes, you read that right. With over 901 million active users at the end of March 2012, Facebook is one of the favourite hunting grounds for hackers. They are actively pulling out new and innovative tricks to lure the users into downloading their virus. Be those spammy links like “OMG! I can’t believe this!” or  “Go to this website to get your free iPhone”, they are constantly coming up with clever ideas to entice the users in click their malicious links. So they next time you are tempted to click on a link in Facebook, think twice about it.

4). Chat Room

 This method is also rampant on the internet right now. There are thousands of chatrooms, right from Omegle, Yahoo to numerous teen chat rooms. Most of the time it’s not even a  human but an automated software called bot that does all the spamming of the chatrooms with infected links. This is a very easy method and requires little or no effort on part of the hacker to infect hundreds of users within a single day. It’s better to avoid such chatrooms whenever possible, if not, then make it a point to never click any link on such chatrooms next time you visit.

Remember I told about the premium ebooks about spreading malwares sold on Underground forums at the beginning of the article. Due to the nature of the materials written there, it can’t be published on a public blog but I have given a download link. It contains the top malware spreading guides which got leaked but limited to only a few people.
Due to prevent mass abuse of the ebooks, the ebooks are uploaded in a server that requires you to complete a small 60 second survey in order to download them. You make ask, I don’t spread Viruses, Do I need them?  There is a saying, “To catch the thief, Think like a Thief.”

Read More