Pʀɪᴍᴇ'ꜱ Tɪᴍᴇ Nᴇᴡꜱ™


Гео и язык канала: не указан, не указан
Категория: не указана


Stay Tuned for Daily Latest Technological, Hacking, Gaming, Entertainment & More Interesting NEWS & ARTICLES

Связанные каналы

Гео и язык канала
не указан, не указан
Категория
не указана
Статистика
Фильтр публикаций


🌀 The Complete Ethical Hacking Course 2.0: Python & Kali Linux

🔻 Learn Network Penetration Testing, Ethical Hacking Using The Amazing Programming Language, Python Along With Kali Linux 🔺

Ⓜ️ Link > https://goo.gl/kQx1Cq

Credit: @Legitbhai

@Legitbhai


🌀To access these sites just follow these simple steps:🌀

🔺1. Navigate to the TOR Project website at this address: https://www.torproject.org/download/download.html.en and download the latest browser bundle for your operating system, never download any browser bundle from any other site! make sure that this is the site you are using:

🔺2. After downloading the browser bundle, just install it like any other software.

🔺3. Next, Start the TOR browser and it will connect to the TOR network ( it might ask you for a confirmation, just click ok):

🔺4. After the browser is started, and you see the confirmation screen that the browser is connected and everything is ok, make sure that you are running the latest version of the TOR browser:

🔺5. That’s it! you are all set to go, the only thing you need to do is the enter any .onion url into the address bar of the browser and you will be able to browse freely on the deep web:

⚠️Make sure you have Javascript disabled in the browser. Always be safe and use other measures to stay anonymous online such as PGP or anonymous VPNs. Enjoy your deep web experience!⚠️


Ⓜ️Tutorial by : @bloodeater_bot Ⓜ️


🌀A Short Explanation of .onion Sites:🌀

.onion is a pseudo-top-level domain host suffix (similar in concept to such endings as .bitnet and .uucp used in earlier times) designating an anonymous hidden service reachable via the TOR network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed (in most cases, The TOR browser bundle), Internet programs such as Web browsers can access sites with .onion addresses by sending the request through the TOR network. The purpose of using such a system is to make both the information provider and the person accessing the information more difficult to trace, whether by one another, by an intermediate network host, or by an outsider.


Ⓜ️Tutorial by @bloodeater_bot Ⓜ️


🌀Ⓜ️How to access onion sites?Ⓜ️🌀

In order to use most of the sites on the Hidden Marketplace list, you must be able to access and browse .onion sites on the TOR network. Accessing these sites is a very simple process; for those of you that are still not familiar with the TOR browser and network, we have created a simple tutorial to help you access any onion site on the deep web.


Ⓜ️Tutorial by @bloodeater_bot Ⓜ️


🔰Networking and Security in the Cloud Computing Era: How to Get Started🔰


Cloud computing has really changed the way businesses do a lot of things. Instead of relying on on-site physical servers and internal networking, corporations can now have more cloud storage space and computing power. The lack of steep initial investment makes cloud computing more accessible to small and medium enterprises too.

The move to cloud computing also poses a number of new challenges to tackle. Businesses need to adjust the way they handle networking and information security to meet the requirements of today’s cloud computing era. These several basic steps will help your business prepare for cloud computing better.

Connecting to the Cloud Cluster
Unlike conventional servers, cloud storage technologies don’t really rely on a single physical server. Security is handled differently than before, with layers such as firework and encryption still being used to provide maximum security. For these measures to be effective, your business needs to approach networking the right way.

An encrypted VPN tunnel over the internet is usually the solution of choice.
Companies still use the same comprehensive intranet and internal networking setup, but that setup now connects to the cloud using one or several VPN channels for maximum efficiency and security.

Depending on the cloud computing service you use, there are several ways to accomplish this. A simple VPN over the internet that relies on a dedicated, pre-allocated bandwidth is usually the easiest solution to implement. It is also possible to establish a wired or wireless network direcentero the data centre from which the cloud server is operated.

Security Implementation
Securing a cloud environment is not something that can be done in one go. It is an ongoing process that requires regular evaluation and frequent adjustments. You can’t expect one security measure to handle everything, especially since we now have more advanced cyberattacks threatening the safety of business information.

The best way to implement security in today’s cloud computing era is in well-defined steps. You start with the most basic measures, such as firewall and load balancing, before implementing more advanced measures. Most conventional security instruments are still usable, but you get additional tools to deal with the increasing security risks.

Some providers have these solutions integrated out of the box. Look for those that have built-in DDoS protection, spam protection, and daily malware scan from the moment accounts are created.

Better Security Awareness
What is also important to improve is user awareness. Over 60% of cloud security cases began with a weak password or negligence by the users of the system. It is important for your business to have proper information security policies in place, and that every member of the company knows how these policies must be maintained at all times.

Cloud computing opens up a new wave of possibilities for small and big businesses alike. With the right network and security implementation, your business can fully take advantage of the extra resources and immense efficiency offered by cloud computing. These are the advantages you need to stay ahead on the market and will get you that much closer to success.


@DarkDenial


🔰Basic Web Application Testing Checklist for Beginners🔰

Hi,
In this article, you can see the listed basic checklist to start with the Web Application Testing. There is lot more vulnerabilities are there and those will be updated in the future post. Here are the basic Web Application Vulnerability checklist for absolute beginners.

Click-jacking

Plain-text communication

Password Hashing

Email Address Disclosure

Cookies without HTTP only

Missing Secure attribute

HTTPS method-Option Method enabled

Method interchange

Default server page disclosure

Server version disclosure

Trace.axd

Robots.txt, Sitemap.xml

Application error

Improper error handling

File path disclosure

IP address disclosure

Sensitive information disclosure

Sensitive information in URL

Autocomplete enabled

Session Fixation

Weak Session Management

Session not Validate after logout

Session Hijacking

Multi-login

Session Token in URL

Session Timeout

Unrestricted file upload

Insecure direct object reference

Insecure Download

Unauthorized access

Change password feature missing

Change password without old password

Absence of complex / Weak  password policy

Html 5 cross origin

Authorization Bypass

Weak encoding / encryption

Parameter Manipulation

Directory Listing, Indexing

Cache-able HTTPS

Default credentials

Default / admin page disclosure

Test page

Anti-automation

Blind SQL injection

Html injection

Invalidated redirect &Fwd

OTP bypass

Cross-domain referrer leakage

CSRF – Cross Site Request Forgery

XSS – Cross Site Scripting

SQL injection

Brute force

Account Lockout

Sensitive information in source code

User enumeration


@DarkDenial


🌀 Know More About Your Computer

Ctrl+A - Select All
Ctrl+B - Bold
Ctrl+C - Copy
Ctrl+D - Fill Down
Ctrl+F - Find
Ctrl+G - Goto
Ctrl+H - Replace
Ctrl+I - Italic
Ctrl+K - Insert Hyperlink
Ctrl+N - New Workbook
Ctrl+O - Open
Ctrl+P - Print
Ctrl+R - Fill Right
Ctrl+S - Save
Ctrl+U - Underline
Ctrl+V - Paste
Ctrl W - Close
Ctrl+X - Cut
Ctrl+Y - Repeat
Ctrl+Z - Undo
F1 - Help
F2 - Edit
F3 - Paste Name
F4 - Repeat last action
F4 - While typing a formula, switch between absolute/relative refs
F5 - Goto
F6 - Next Pane
F7 - Spell check
F8 - Extend mode
F9 - Recalculate all workbooks
F10 - Activate Menu bar
F11 - New Chart
F12 - Save As
Ctrl+: - Insert Current Time
Ctrl+; - Insert Current Date
Ctrl+" - Copy Value from Cell Above
Ctrl+’ - Copy Formula from Cell Above
Shift - Hold down shift for additional functions in Excel’s menu
Shift+F1 - What’s This?
Shift+F2 - Edit cell comment
Shift+F3 - Paste function into formula
Shift+F4 - Find Next
Shift+F5 - Find
Shift+F6 - Previous Pane
Shift+F8 - Add to selection
Shift+F9 - Calculate active worksheet
Shift+F10 - Display shortcut menu
Shift+F11 - New worksheet
Ctrl+F3 - Define name
Ctrl+F4 - Close
Ctrl+F5 - XL, Restore window size
Ctrl+F6 - Next workbook window
Shift+Ctrl+F6 - Previous workbook window
Ctrl+F7 - Move window
Ctrl+F8 - Resize window
Ctrl+F9 - Minimize workbook
Ctrl+F10 - Maximize or restore window
Ctrl+F11 - Inset 4.0 Macro sheet
Ctrl+F1 - File Open
Alt+F1 - Insert Chart
Alt+F2 - Save As
Alt+F4 - Exit
Alt+Down arrow - Display AutoComplete list
Alt+’ - Format Style dialog box
Ctrl+Shift+~ - General format
Ctrl+Shift+! - Comma format
Ctrl+Shift+@ - Time format
Ctrl+Shift+# - Date format
Ctrl+Shift+$ - Currency format
Ctrl+Shift+% - Percent format
Ctrl+Shift+^ - Exponential format
Ctrl+Shift+& - Place outline border around selected cells
Ctrl+Shift+_ - Remove outline border
Ctrl+Shift+* - Select current region
Ctrl++ - Insert
Ctrl+- - Delete
Ctrl+1 - Format cells dialog box
Ctrl+2 - Bold
Ctrl+3 - Italic
Ctrl+4 - Underline
Ctrl+5 - Strikethrough
Ctrl+6 - Show/Hide objects
Ctrl+7 - Show/Hide Standard toolbar
Ctrl+8 - Toggle Outline symbols
Ctrl+9 - Hide rows
Ctrl+0 - Hide columns
Ctrl+Shift+( - Unhide rows
Ctrl+Shift+) - Unhide columns
Alt or F10 - Activate the menu
Ctrl+Tab - In toolbar: next toolbar
Shift+Ctrl+Tab - In toolbar: previous toolbar
Ctrl+Tab - In a workbook: activate next workbook
Shift+Ctrl+Tab - In a workbook: activate previous workbook
Tab - Next tool
Shift+Tab - Previous tool
Enter - Do the command
Shift+Ctrl+F - Font Drop down List
Shift+Ctrl+F+F - Font tab of Format Cell Dialog box
Shift+Ctrl+P - Point size Drop down List
Ctrl + E - Align center
Ctrl + J - justify
Ctrl + L - align
Ctrl + R - align right
Alt + Tab - switch applications
Windows + P - Project screen
Windows + E - open file explorer
Windows + D - go to desktop
Windows + M - minimize all windows
Windows + S - search


@Legitbhai


🔰Networking Part 7🔰

Antenna Types, MIMO, Wireless Standards & Technologies, Compatibility

Antenna Types

An antenna is an electrical component made for sending and receiving radio signals. They convert electronic signals into electromagnetic waves and vice versa. Sometimes we need to turn down different signal antenna/gains so they don’t overlap other areas and create interference for other networks.


Omnidirectional antenna:

An Omnidirectional antenna radiates and intercepts radio frequencies in all directions around like a circle. Used in small homes, small business and rather simple places. It needs to be set somewhere central and high in location.

Unidirectional antenna:
focused signal in one particular direction
An Unidirectional antenna covers a particular angle at an enviroment- “only hits that hallway or that corner”. It is useful for connecting two access points and acts as a «bridge» by sending the signal towards next antenna. It allows us to push wireless signal more concentrated and further without losing strength and interference.

Multiple Input Multiple Output

Antennas that can sends & receive simultaneously

MIMO is a radio communications technology that provides increased link capacity and spectral efficiency combined with improved link reliability. It uses multiple antennas to enable a variety of signal paths to carry the data.


>802.11 n is the wireless standard that uses MIMO
>2×2, 3×3 (2 recieving 2 sending | 3 recieving 3 sending)

 

Wireless Standards


In 1997, Institute of Electrical and Electronics Engineers (IEEE) created the first WLAN standard. They called it 802.11 after the name of the group formed to oversee its development. Unfortunately, 802.11 only support a maximum bandwidth of 2Mbps which was too slow for most applications. However, after a while they created newer versions and it branched into many different technologies and standards.


IEEE 802.11 b 
11Mbps
>2.4 GHz
>140 meter reach

>also referred to as Wi-Fi 1

IEEE 802.11 a 
54 Mbps
>5 GHz
>120 meter reach

>also referred to as Wi-Fi 2


IEEE 802.11 g
54 Mbps
>2.4 GHz
>140 meter reach

>Runs with standard 802.11 b if the Wireless AP is compatible

>support by all wireless devices today

>also referred to as Wi-Fi 3

IEEE 802.11 n 
300Mbps (channel bonding)
>2.4/5 GHz which runs with all other WAPs
>250 meter reach

>also referred to as Wi-Fi 4

 

IEEE 802.11 ac

1300 Mbps (5 GHz)

450 Mbps (2.4 GHz)

>fastest maximum speed and best signal range

>also referred to as Wi-Fi 5

 

Compatibility


The compatibility is determined by our NIC and WAP. Specific 802.11 Standards have the possibility to be compatible with each other. The devices that talk together have to support the same standards or else they won’t be able to talk and communicate. When using different standards, our speed is determined by our lowest standard because it’s the «weakest link» in our system.
• A/N
>All of them has to run on 5GHz -6 GHz to be compatible
• B/G/N
>All of them already run on 2.4 GHz and makes them compatible

Wireless Technologies (For WAN)

Bluetooth, satellite, television and other ways of pushing data through

Satellite
-Need to install satellite towers for connection
-Can have wide stream and alot of data being pushed at once
-May seem slow because of the latency

WiMax
-worldwide interoperability microwave access
-Uses IEEE 802.1b
-Also known as Broadband Metropolitan Wireless
-up to 31 miles
-70mbps

Cellular

-Radio cell towers are placed in a hexagonal cell pattern to supply radio service
-Internet to cellphone
-Can also initialize Mobile hotspot

• 2G / GSM – Up to 38Kbps

• GPRS – Up to 171Kbps
• 3G – Up to 14Mbps
• HSPA+ High speed packet Access – Up to 168Mbps
• 4G – Up to 1000Mbp
s

@DarkDenial


🔰EU Offering Cash Bounty Incentives For Finding Security Flaws in Open Source Tools🔰


The European Union (EU) is back with a third edition of its Free and Open Source Software Audit (FOSSA) plan of action for 2019. As a security audit measure, FOSSA relies on its bug bounty programme. This covers numerous open source projects like VLC, Apache, Filezilla, Kafka and more. EU has reserved the highest allocation towards PuTTY, followed by Drupal and KeePass.

A Snapshot

FOSSA aims at bringing together the developer community to ensure better security of open source systems, such as CMS or other standard software used by the EU.

There are several open-source software that is widely used by the authorities, as well as the public at large. Reportedly some of these are used as part of the EU’s IT Infrastructure, and therefore they are keen on ensuring better security for such projects.


@bloodeater_bot


🔰BACKDOORS🔰

Backdoors, which create remote access to your system. This kind of malware changes your security to allow the hacker to control the device, steal your data, and even download more malware


@bloodeater_bot


🔰Part 6: Two Factor Authentication (2FA) and Multi-Factor Authentication (MFA)🔰

In 2018 this is an absolute must. If you are simply relying on usernames and passwords for authentication, you are setting yourself up for failure. Now, I get it, there are those that will say it’s too much of an inconvenience to turn on 2FA because it requires you to get a code from your phone or use one of your pre-shared keys, but not using 2FA is not smart in this day and age. There are too many options like Google Authenticator and Authy that allow code generation of QR codes or one-time-pads (OTP) that will make it that much harder for bad guys to attack your accounts/information. Don’t get me wrong, 2FA by itself is no silver bullet because there is malware specifically created to capture 2FA messages sent from a server to a mobile device. But it’s another layer in the defense in depth security strategy that people need to be aware of an addition to their repertoire.

@DarkDenial


🔰Part 5: App downloads🔰

Third party app stores are the primary way that ransomware and crypto miners are spread in the wild. Even Amazon’s own app store requires you to allow apps from unknown sources if you don’t have an Amazon-branded device. Bottom line, don’t use app stores you don’t know and us security software if possible (though that doesn’t provide much protection). Mobile apps are special in that each app runs code on a mobile device and can be reverse engineered/exploited by anyone with enough time and effort. Mobile apps are usually digitally signed by Apple and Google, but that is easily faked. Mobile apps live in an operating environment that is full of security vulnerabilities and exploits and many of them cannot be fixed because they are controlled by the carriers or equipment manufacturers. Carriers like T-Mobile, Verizon, AT&T and Sprint, many of which don’t have an interest in fixing the vulnerabilities because they are more interested in getting you to buy a new phone every year or every other year. Because data plans are at a premium, carriers can charge ridiculous amounts of money for data and wireless hotspot plans. With the introduction of 5G service, this will only amplify the speed at which attackers can serve up exploits to mobile users. Apple is notorious for convincing users to upgrade to new devices because of some new feature or operating system version and eventually, devices will no longer run the latest and greatest Operating System (anyone still remember the iPod touch?)


@DarkDenial


🔰Part 4: Location, Google Maps, Waze,🔰

This should not come as a surprise…..Google, Apple, Facebook, Banks are tracking you everywhere you go. Every purchase you make, every location you visit, every bank transaction or mobile deposit. Many of these services require your location information. It doesn’t matter if you turn off location, every time you open an app, that lets the app you are using to tell the server where you are. This information is very valuable to companies that sell your information to advertisers. Some people say “I don’t have anything valuable or anything to hide.” Well, what about the patterns established by you traveling to visit family members, parents, grandparents, kids, grandkids, etc. You can’t be everywhere and police your entire social circle and bad guys will capitalize on these patterns. Some key tips: Vary your route, be a hard target, read the small print when choosing which apps you use to navigate. If they require excessive permissions on your device, don’t use them. There are countless groups out there that would love nothing more than to gain access to your information and use it as part of a botnet, crypto mining scheme, etc.


@DarkDenial


🔰Part 3: Passwords and Password vaults🔰

There are three kinds of users in this world: 1. Those that use the same password for everything 2. Those that write their passwords down so they won’t forget, and 3. Those that use password vaults/generators. Passwords are the last line of defense when it comes to security and often the first thing that bad guys go after. Commonly referred to as creds, the usernames and passwords are what hackers seek to exfiltrate from the networks and systems they go after. Passwords should be changed at a minimum every 90 days and should be a complex pattern of letters, numbers, and special characters that are not easily guessed or cracked. No dictionary words allowed or any of the potential answers to your secret questions.

It doesn’t matter really the password service you use, just use one. Whether it’s LastPass, Dashlane, KeePass, or Apple’s built-in password manager. Every password in the wild is another chance for a bad guy to exploit.


@DarkDenial


🔰Part 2: Email🔰

Seems like email used to be so innocent; it was the way you shared funny pictures, images, cat videos. But now email is one of the main catalysts by which hackers launch attacks against unsuspecting users. It doesn’t matter if you’re a VIP, bank executive, hedge fund manager…Everyone is at risk including small and medium-sized businesses. Hackers usually don’t go after the harder targets that use industry standard security and follow best practices. They go after regular people that may not be able to afford to hire an INFOSEC or cybersecurity professional to protect their networks.

No longer will the emails come with obvious misspellings, poor grammar, and outlandish requests. Now, the spam email of 2018 is well crafted, looks legitimate, and may very well appear to come from someone you know. Attackers can craft emails that look exactly like they come from your bank, employer, and even credit monitoring agencies. Bottom line, don’t click on links sent to you in an email, copy and paste them into a web browser. Don’t open attachments from people you don’t know, or even maybe people that you do know and are claiming they are trying to be helpful. They may even use threatening tactics and say something like law enforcement is going to issue a warrant for your arrest if you don’t respond. The IRS and US Government will never contact you and threaten you via email with warrants or imprisonment, they will just garnish your wages and tax returns direclty. You should be aware of whether your email address has been compromised using sites like haveibeenpwned.com and other data breach sites.


@DarkDenial


🔰Part 1: Facebook:🔰

As of the time of writing this article, Facebook has approximately 2.23 Billion users worldwide and that means that even if you are not on Facebook, many of your friends might be. So you don’t have a Facebook account you say so you’re not at risk? Well, that’s not exactly true because of a trend called cybersquatting…That means that someone can claim your Facebook name and effectively pose as you simply by creating an account in your name even if you don’t have a Facebook account. Or maybe you don’t check Facebook that often. It’s also plausible that someone might make a Facebook account that is similar to yours and people in your network or friends of your friends might send you a friend request thinking that it’s you. Additionally, you absolutely should go into your Facebook account and view your profile as someone else sees it to make sure you’re not sharing information with people you don’t want to. If you’ve seen the news recently, hackers were able to exploit a vulnerability in the supposedly secure tokens that allow you to view your profile as one of your friends.

@DarkDenial


🔰Common Sense Security Strategies in the Digital World🔰

You’ve been Hacked! Pwned! Account Compromised. Bank account emptied. Credit cards were stolen and sold on the dark web. Facebook account hacked, now inappropriate messages or videos sent to your friends and family members. New accounts and credit cards opened in your name. Or worse, you’re on a vacation and suddenly your credit card is declined or you’re in the airport and your flight is canceled. Maybe you’re traveling through an airport and someone skims your credit card and starts making transactions while you’re in the air. What would you do? How long would it take you to respond? How many times have you received a phone call that says you have to pay some portion of a bitcoin (BTC), or a webcam video of you doing something inappropriate is going to be sent to all your contacts.

These are just a few of the scenarios that can and do happen in our increasingly connected world. With the Samsung Pay and Apple Pay, mobile payments that can be performed with your cell phone, Apple Watch, or Android Wear watch and the increasing number of Mobile devices and Internet of Things (IoT) devices security is paramount for everyone no matter what your career field or socioeconomic status. The purpose of this article is to give you some common sense tips to protect yourself and also give you the ability to help your friends and family stay safe online as well.


@DarkDenial




🔰Sitadel – An Open Source Tool for Finding Web Application Vulnerabilities🔰


Sitadel is a python based web application scanner. It’s flexible and has many different scanning options. It can get a full fingerprint of a server and bruteforce directories, admin pages, files etc. Also, it can search for injection type attacks (slq, html, xss, rfi, ldap and more), other information disclosures and popular vulnerabilities.

Installing Sitadel

Let’s first clone the repo from Github.

git clone

https://github.com/shenril/Sitadel.git

After that go inside the folder and run the setup script in python3.

cd Sitadel/ python3 setup.py install

Credits : @bloodeater_bot


Udemy courses All Paid Courses (100%)... Free... checked by me... Grab it soon or it will expire….

Courses:
1.Python Programming for Scratch Beginners to Advance Bootcamp
Link
: https://goo.gl/QXg9Q8
2.Programming with Python: Hands-On Introduction for Beginners
Link:
https://goo.gl/7gfM9B

📍 @Mrthug_Robot📍

Показано 20 последних публикаций.

116

подписчиков
Статистика канала