Dark Web 🔥

2021-03-23 11:02:18 ​​ MAN IN THE MIDDLE ATTACK

Man-in-the-Middle (MITM) attack happens when a hacker inserts themselves between a user and a website.

Attackers have many different reasons and methods for using a MITM attack. Typically, they’re trying to steal something, like credit card numbers or user login credentials. Sometimes they’re snooping on private conversations, which might include trade secrets or other valuable information

Usefull Types of Man-in-the Middle Attacks

Wi-Fi Eavesdropping

If you’ve ever used a laptop in a coffee shop, you may have noticed a pop-up that says “This network is not secure.” Public wi-fi is usually provided “as-is,” with no guarantees over the quality of service.

However, unencrypted wi-fi connections are easy to eavesdrop. It’s much like having a conversation in a public restaurant – anyone can listen in

Another Wi-Fi Eavesdropping attack happens when a hacker creates its own wi-fi hotspot, called an “Evil Twin.” They make the connection look just like the authentic one, down to the network ID and passwords. Users may accidentally (or automatically) connect to the “evil twin,” allowing the hacker to snoop on their activity.

Email Hijacking

In this type of cyber security attack, a hacker compromises a user’s email account. Often, the hacker silently waits, gathering information and eavesdropping on the email conversations. Hackers may have a search script that looks for specific keywords, like “bank” or “secret Democrat strategies.”

Email hijacking works well with social engineering. Hackers might use information from a hacked email account to impersonate an online friend. They may also use spear-phishing to manipulate a user to install malicious software.

Session Hijacking

This type of Man-in-the attack is typically used to compromise social media accounts. With most social media sites, the website stores a “session browser cookie” on the user’s machine. This cookie is invalidated when the user logs off. But while the session is active, the cookie provides identity, access, and tracking information.

A Session Hijack occurs when an attacker steals a session cookie. This can happen if the user’s machine is infected with malware or browser hijackers. It can also happen when an attacker uses a cross-scripting XSS attack – where the attacker injects malicious code into a frequently-used website.

Advance Tutorials On Man in the middle attack are coming soon stay connected with Us Open / Comment

2021-03-23 11:02:08 ​​ 4 Proven Ways To Find a Website's IP Address

This tutorial teaches you how to find the IP address of a website. You can do this by using your computer's built-in "traceroute" function, or by downloading and using a free traceroute app for your iPhone or Android.

#1 ON WINDOWS

• Open your PC and click on start menu. Search For "cmd" (Without quotes)

• Right Click on cmd and click on "Run as administration"

• Now enter a command -

ping website address -t

Ex. - ping google.com -t

• Now hit enter. You will get it.

===============================

# 2 ON MAC OS

• Open Spotlight (Click the magnifying glass-shaped icon in the top-right corner of the screen.)

• Search for Network Utility and open it. After that Click on Traceroute tab in network utility.

• Now Enter website address in input box and click on trace button You will see the IP address of website

================================

#3 ON ANDROID

• Download and install PingTools Network Utility app then open it.

• Tap ☰. It's in the upper-left corner of the screen. A pop-out menu will appear.

 • Now tap Traceroute Enter Website address and click on trace button 

=================================

#4 ON IPHONE

•Install and Open Inettools app

•Click on Traceroute then Click on adress bar and input website address (e.g. google.com) 

•Click on start. You will see the IP address of website. 

=================================

Note - Do not try to find ip address of Government sites (.gov, .gov.in, ac.in etc)

Share And Support Us Open / Comment

2021-03-23 11:01:51 Cross-site Scripting (XSS)

Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. The web page or web application becomes a vehicle to deliver the malicious script to the user’s browser. Vulnerable vehicles that are commonly used for Cross-site Scripting attacks are forums, message boards, and web pages that allow comments.

A web page or web application is vulnerable to XSS if it uses unsanitized user input in the output that it generates. This user input must then be parsed by the victim’s browser. XSS attacks are possible in VBScript, ActiveX, Flash, and even CSS. However, they are most common in JavaScript, primarily because JavaScript is fundamental to most browsing experiences. Open / Comment

2021-03-23 11:01:39 ​​ Convert OB Config To StandAlone.exe

Cracker Console-Based Output Showing Statistics In The Title And The Cracking Progression On Screen Two Proxy Libraries, One For Limited Retries And Another For No Limits Fast Task-Based Multithreading System Completely Automated Process.

There Are Some Limitations

Link:
https://github.com/ipwnosx/Convert-OpenBullet-Configs-to-Standalone

Share And Support Us Open / Comment

2021-03-13 00:24:57 Who is ready for
PayPal Transfer
CashApp Transfer
Western Union Transfer

$100 BTC for $1000
$200 BTC for $2000
$300 BTC for $3000

Hit me up for Good Business
@xatony Open / Comment

2021-03-12 16:00:24 Hack Facebook Account Password Using Brute Force

First lets know something about Brute force attacks, “A brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN).


In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data.”


But, In our case I’ll be using a Python script and a Long Dictionary Of passwords.


Requirements

A Kali Machine / Or Any Python Engine Will work!
Facebook.py ( v1 or v2 )
A FaceBook id
CrackStation Word List! Which I'll upload shortly.

STEPS


Step 1. Install Python-mechanize using command mention below
~#apt-get install python-mechanize


Step 2. Add facebook.py using the command below
~# chmod +x facebook.py *
~# python facebook.py


Step 3. Now enter |Email| or |Phone number| or |Profile ID number| or |Username| of the victim,


Step 4. Now Give The "Path" Of Your CrackStation Word list


Step 5. Now it will try all passwords present in the word list, So relax as it will take time depending on speed of your processor and password strength of your victim!

@spunkyweb Open / Comment

2021-03-07 11:01:09 Pi is a new digital currency developed by Stanford PhDs, with over 10 million members worldwide. To claim your Pi, follow this link https://minepi.com/kharlm and use my username (kharlm) as your invitation code. Open / Comment

2021-03-05 12:23:08 Fresh clone cards still on going at very affordable rate with pretty high balance on them all @dcdwhize

Tap in now for your clone cards @dcdwhize Open / Comment

2021-02-27 03:00:55 TERMUX GUIDE

Ultimate Guide To Ethical Hacking With Termux

LINK
https://play.google.com/store/apps/details?id=com.techhammer.termux

Share & Support Us Open / Comment

2021-02-27 03:00:55 The Complete Android Ethical Hacking Practical Course C|AEHP

100% Hands-On Real World Practical Approach on Android Ethical Hacking. Learn to Prevent FACEBOOK , INSTAGRAM hacking!

Link :- https://icontricks.tech/cyber-security/

Share And Support Us Open / Comment