Hacking Truths

0×10 Introduction
XSS (cross site scripting) is usually criticized. It is said that XSS can do nothing, actually. All it can do is make a nice little alert box on your screen, telling you your cookies. That is a wrong assumption. Although it may be slightly difficult, you can use XSS to steal a user’s [...]

Popularity: 4% [?]

⇥ Read the article in full

This is the Collection of Best Windows Hacking Tools:
1. Cain & Abel - Cain & Abel is a password recovery tool for the Microsoft Windows Operating System. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, [...]

Popularity: 3% [?]

⇥ Read the article in full

6. Metasploit Framework - The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper - John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus - Nessus is the world’s most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world’s largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS - Internetwork Routing Protocol Attack Suite - Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack - RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.

Popularity: 3% [?]

This is a Cool Collection of Top Ten Linux Hacking Tools.
1. nmap - Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts [...]

Popularity: 3% [?]

⇥ Read the article in full

This is a small trick that worked for me but this is really interesting.
Hacking MSN is actually VERY simple. Msn is designed to route the connection through a microsoft server while you are chatting. However, when a file is sent, a DCC (direct connection) is created. This was purposely done because otherwise microsoft would waste [...]

Popularity: 1% [?]

⇥ Read the article in full

This is Really Amazing. I was moving through my Browser’s settings and found the file where all the passwords are stored. I was really shocked that it allowed me to have a look at all the Username and Password which I had asked my computer to remember which also included my Internet Username and Password. [...]

Popularity: 2% [?]

⇥ Read the article in full