Hi guys, I am newbie to web security and I recently bought a vps for my forum and trying to secure it as much as possible. I'm using Nginx server as frontend, apache as backend on Debian 8. I'm keeping up to date web servers and distro Not using so many 3rd party tools. Using ...more
I bought a vps to try to learn exploiting different distros. I'm using https for my main domain. And not using mail related ports. I run a nmap -Ss -O with my ip, which are should be closed you think? Server Distro: Debian 8
Hi guys, I saw a command to start webcam chat with the victim. I tried to it but it says that phone's browser not compatible with it. I want to prank my friend. Which browser should I install to her phone? I want the payload to automatically open the browser and start web cam ...more
I am thinking to get a SSL for my forum. Will it make my forum more secure against hackers who want to get user passwords etc.?
Hi guys, I have been learning C for 10 months. I think that I'm ready to write basic tools with it. But I'd like to examine other tools written in C to gain more experience. You can send me any tool written in C. Thank you.
Do you know any open source spy software for android? I just want to work on that to make my own free spy software.
Is there an option for downloading all files in the directory? like "download -all". Do I need to download them one by one?
I'm trying android payload over WAN but If victim's connected to 3G / 4G / Mobil Network, payload doesn't work. It gives a session but you can't do anything with it and dies quickly. However, if the victim is connected to WiFi, Hotspot etc. Payload works fine. I've opened por ...more
1) How can we specify webcam for snapping or streaming. I'm trying webcamsnap 2 but doesn't work(does the same as webcamsnap) what is the command for it? 2) Can we put the phone on silence and delete a message through shell?
How can we bind our metasploit android payload with another legit apk? About 10 nullbyters are asking this for weeks, maybe months. We couldn't find straightforward guide for that. We somehow need to run our android reverse tcp payload as background service. But we don't know ...more
I've just heard of it. How do they work? How can we avoid getting them? Let's say I'm using multiple things to be anonymous as much as I can. Like: 1) Public wifi from far with yagi antenna (with no log dns) 2) No log offshore VPN 3) Routing all traffic through TOR. 4) Proxy ...more
I know it say on the top of the airodump if there is a wpa handshake. However I guess it's not very stable. So how can we check it manually with wireshark or etc.? When I filterede .cap file with "eapol || wlan.fc.typesubtype == 0x04 || wlan.fc.typesubtype == 0x08" If there a ...more
I'm gonna send my .cap file to one of the online crackers. But the limit is 10mb and mine is 29. How can I extract it? Edit: I found it. Open the .cap file with wireshark and filter the result with "eapol || wlan.fc.typesubtype == 0x04 || wlan.fc.typesubtype == 0x08" (without ...more
Looking for a how to for this. I looked up everywhere and couldn't find anything straight forward. Is there any way that we can embed our metasploit android payload into .3gp or .mp4 file to make StageFright exploit work?