Don't Hack Them. Hack-Me!

Want to learn web application hacking on the fly? What if there is a platform that has almost all the vulnerable web apps for you to test, play and research about web application security? What if you don't have to pay a single dime for this application? What if you don't have to worry about running vulnerable web apps in your own machine and get hacked by others while you are learning to hack? Well, wait no more as the platform is here.

[TIPS] Learn Linux/Unix CMD Line the Easy Way

Hey Guys. This time it's going to be a very simple and short post about something I found in the Net recently. See, we have to admit that most of the powerful tool (heck even Operating System) are Linux / Unix base. As much as we love our Windows 8.1 interface, but the power still goes to command-line. And we know that most of the security tools are best run in command-line (unless you have a choice to run it in GUI). So mastering command line to a certain level would be a great upper hand for any pentesters or sys admins to do their job.

Uncheck Bloatwares with UNCHECKY!

Ever installed free software in your machine? This usually happens in Windows base Installer where the software will be installed by clicking “Next -> Next -> Next -> Install -> Finish”. Normal users will do it quick enough until they do not actually see for what reason are they clicking the “Next” button for. It’s not their fault (not totally) but this is where the other party takes advantage. Since you are not checking what you are clicking next for, they include some other “additional packages” along with the software that you are installing. So what happen once you installed the software? When you open your browser, it will be like below. Then all of the sudden your homepage changed to some odd looking Chinese Google Like Website. Your searches are going in a search engine that you never ever used in your life.

Bloated Browser with Bloat Wares

Example of Bloat Wares (Not Harmful, But Unnecessary)

Ever faced this problem? Believe it or not, I have seen people where their browser is almost closing half of their browsing screen. That much of bloatwares been installed without him/her knowing it. Well bloatwares are not bad (some of them are). But bloat ware is something that will bloat your PC processing power to process something unnecessary that you will not be using. Thus this will slow down your PC. Well you might as well say, “It’s okay I can just uninstall it if I installed it”. Believe me guys, uninstalling this bloatwares are not easy. There will be residual pieces of the software in your machine even after you uninstalled it. So what are the ways to avoid installing unnecessary bloats wares in your PC and congest it?

Fogpad: Document Editor with Encryption for Google Drive

Everybody uses cloud storage now. Some of the big name is Dropbox, Google Drive, SkyDrive and many other nameable drives out there. Each cloud storage has its own capabilities, storage space and multiple add-ons that is used to enhance its capabilities. One such add on is done for Google Drive where there is a tool that can be used to create and encrypt your documents on the fly. Cool enough eh. Let’s see how it works.

So this FogPad (Only God knows what it means) is a tool used to create and edit documents (similar to Microsoft Office) and saves it automatically in your Google Drive storage. The good thing about this is, whenever you are creating a document (for Free account, you can create up to 10 documents) it will prompt you to password protect your documents (each and every one of them) and it will encrypt it with so called Military grade encryption which is 256 bits AES algorithm. Which is cool. You don’t have to install or use any other third party app in your machine before you can upload a password encrypted military grade encryption algorithm to your storage.

Send Your Secrets And Let it Self Destruct the Mission Impossible Way

We all have seen Mission Impossible. Do you remember for every mission, Ethan Hunt takes up, he will be informed about the mission in a very unique way and at the end of the message it will say it will self-destruct? After that we see whatever medium that was used to communicate with Ethan Hunt blows up (Watch the video above for a clearer understanding). And we will be like WOW that’s awesome man. Well now you have a chance to do something similar like that just that it does not blows up. It shreds itself. This is a very interesting service (I think the first on the net) which is so easy, does not require any registration or logins and you can send an encrypted self-destructive note in 30 seconds. Cool huh? Let’s see what it is.

Hackers Can Be Funny Too. They Always Start With Their Neighbours.

Hacking has always been something very bad (well that is what people will think). Usually the perception of hackers is that they are this mean guys who sit with a Vendetta mask behind a keyboard and steal money from the bank or hack into the government facilities and steal confidential information. But there is this guy who is saying that why want to make hacking a bad thing, let’s make it a fun thing. For both hackers and the users (we hope they get fun). So this guy by the name Joshua Wright a.k.a. Will Hack For Sushi Guy created a virtual machine that is fun enough that can make the users (that we going to lure) either laugh their ass of or get irritated and annoyed.

Web Base Email Encryption: Mailvelope vs SecureGmail

After the PRISM’s intention has been shed on broad day light, people get paranoid over the things they do in the Net. Email is certainly one of their concerns. Given that the Electronic Communications Privacy Act is still in debate, this PRISM thingy is just adding in the horror. It is also said that any encrypted emails, messages or files will be kept even longer by the NSA until they see what’s inside the secure envelope you are sending out.

Today I am going to share with you ways to secure one aspect of the “Big Boy’s” watch list. The emails. Emails has been crucial nowadays from cooperate usage until personal usages. Gone were the days where people install email client in their machine to use emails (well some of them still do) but people nowadays are very happy in what the web base emails can give them. Cutting of the configuration time and getting the right settings on place, now you can do almost anything in web. There was something lacking in web base emails which is encryption. With email clients such as Thunderbird, Outlook and etc, you have the option to encrypt the emails using PGP methodology however in web based emails they are just not there yet (or maybe forever). Well I don’t think the email providers would ever do that feature built in their emails on web but however some people who are concerned about security made a few tools that can help us to achieve just that missing part in the web based emails.