Showing posts from July, 2013

DarkComet RAT Legacy v5.4.1

Now there is a good news and the Dark Comet RAT is back and is entirely legal. Developer of this RAT has also decided to remove those features that are ambiguous and illegal. He has removed the ability of configure the stub on the target system. He has also removed the ability of stub installation automatically and hidden in the system.

So many important features have been removed which makes this tool an important hacking tool. Both edit server and download editor were also removed. DDOS for stress testing has also been removed.
He does not want this program to be used as a Microsoft Backdoor (Trojan). This is the reason why he take this program back even after he is still disgusted by the misuse of this program by Syrian government.
The development of this DarkComet RAT is now finished. It means no new major function will be added to the RAT.

Download DarkComet RAT

How to spoof IP address using NMap

NMap is one of the most populat network exploration or security auditing tool This tool is an opensource tool and also called as "Network Mapper."
There are many usage of the tool. In this post i will show you the use of this tool in IP spoofing.

First of all you will have to select the network interface which you want to spoof. To do this see the list of available network interfaces.
Nmap –iflist

Use the “–e” argument in the interface you have selected. The “–S” parameter can be used to specify the IP address that nmap will use as the source address. It can be our real IP address or we can spoof the IP address.

nmap -e eth0 -S
In the above command, I have used the eth0 interface and spoofed a source IP of, with the IP

Hacking From Android Phones, Made Easy With (Anti) Android Network Tool Kit

Android Network Toolkit (ANTI) is an amazing android application. You could bring all the hacking tools on PC to your Android smartphone. Using this app is as simple as pushing a few buttons
How Anti Works ?
Anti will map your network, scan for active devices and vulnerabilities, and will  display the information accordingly, Green led signals an 'Active device', Yellow led signals "Available ports", and Red led signals "Vulnerability found". Also, each device will have an icon representing the type of the device. When finished scanning, Anti will produce an automatic report specifying which vulnerabilities you have or bad practices used, and how you can exploit/fix each one of them.

Scan- This will scan the selected target for open ports and vulnerabilities, also allowing the user to select a specific scanning script for a more advanced/targetedscan.

Spy - This will 'sniff' images transferred to/from the selected device and display them on your phone i…

Phishing attacks with Google Docs

Security researchers at Sophos labs found some phishing scams using Google Docs to steal Google account login details. Google Docs is the free service by Google which allow users to create online forms.
These are the few scams which are hitting users inbox and asking for login credentials. In the first example, email asks users to confirm their account to prevent service bloackage. The message reads:
Confirm your e-mail account please enter your Mailbox Details by clicking the link below:
Failure to provide details correctly will result to immediate closure of your mailbox account from our database.Links points to a Google Docs form which is a phishing page to steal users' login details. See the snapshot of the form below:

See the phishing page which asks for users' passwords.
Gmail account password is really very important as it is linked to various of your Google Service. This is gonna hit you badly. So you must know how to protect yourself from these kind of risks.

At Sopho…

Brutus Password Cracker -Tutorial

Brutus is a well known password cracking  program .With Brutus you can either carry out a brute forceattack or a dictionary attack to crack passwords for HTTP, FTP, POP3, Telnet, SMB (Netbios), Netbus, Brutus is one of the fastest, most flexible remote password crackers you can get your hands on

Features :-

Brutus version AET2 is the current release and includes the following authentication types
HTTP (Basic Authentication)HTTP (HTML Form/CGI)POP3FTPSMBTelnetOther types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.

The current release includes the following functionality :
Multi-stage authentication engine60 simultaneous target connectionsNo username, single username and multiple username modesPassword list, combo (user/password) list and configurable brute force modesHighly customisable authentication sequencesLoad and resume positionImport and Export custom authentica…

How to hack password using pendrive

As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit. 

MessenPassRecovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. Mail PassViewRecovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accoun…

How to download torrent file using IDM

I have been busy with my book so its getting tough to find out time for something new. But I will keep you posted with some new posts soon. Lets come back to today's post.

1. First of all , you have to download the torrent file(.torrent) which you want to download.

2. Then just go to the website and upload the torrent file that you have just downloaded and click on the cache! button

3. This will give you a new torrent file . You just have to copy the link of the new torrent file from the opened window.

4. Then go to the website and create an account there(in case you don’t have) and login to your account. Then paste the address of the new torrent obtained in step 3 and click on Get button.

5. Now you will get the list of available files present in that torrent file. Then click on the initiate bittorrent transmission button. This will give the full option to download the file. Just click on any link and you can see the download manager-IDM popping out f…

How to enable right click on websites

How to enable right click on any website [Google Chrome]Go to setting
Under the privacy tab, you will see a button named “Contente settings”
Select It andDisablethe java script from there by selecting “Do not allow any site to run java scripts”.
Press Done

How to enable right click on any website [Mozilla Firefox]Go to Tools-> Options
Go to “Content” tab insettings
Uncheckthe box saying “Enable Javascript”
Click OK

How to enable right click on any website [Internet Explorer]Go to Tools->Internet options
Go to “Security” tab from there
Under the section scripting, Select Disable and press OK

Warning :- Please take it under notice that as long as the java script is disabled, some functions on some websites will not work. So make sure you turn back on the java script after you get what you want.