8 Articles for Learning Android Mobile Malware Analysis

Online attackers are paying increased attention to mobile devices. At the moment, the biggest mobile threat vector seems to take the form of trojan applications designed to run on a mobile phone and containing unwanted "features." If you come across a malicious program of that nature, how can you analyze it? This quick post notes several articles and tools that focus on examining

Reverse Engineering Tools For Android

This tool was created by nelhage Reverse Android: Some miscellaneous Android reverse-engineering tools.

This repository contains some tools I've written for reverse-engineering Android
applications, as well as any that I may write in the future.

You can find the initial announcement of these tools on my blog:
http://blog.nelhage.com/2010/12/some-android-reverse-engineering-tools/

The contents

Howto: Wireless Ownage Video Of Securitytube.net

With over 40+ HD videos containing 12+ hours of Wireless Ownage, this DVD weighs in at around 4.2 Gigabytes! A quick breakdown of the course topics and associated videos is available here. Direct Download Links: 1. Mirror thanks to Mister_X from the Aircrack Team:

http://securitytube.aircrack-ng.org/Wi-Fi-Security-Megaprimer/WLAN-Security-Megaprimer-v1.iso
2. Mirror thanks to Chaos

SSLSniff with iOS Detection

Apple has announce iOS 4.3.5 and I found something looks interesting
Data Security
Available for: iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM), iOS 3.1 through 4.3.4 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.4 for iPad
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: A

Pwn Residential Router With Routerpwn

Routerpwn.com is a web application that helps you in the exploitation of vulnerabilities in residential routers.

It is a compilation of ready to run local and remote web exploits.
Programmed in Javascript and HTML in order to run in all "smart phones" and mobile internet devices.
It is only one page, so you can store it offline for local exploitation without internet connection.







==

HowTo: Learn Batch Programming Fast And Easy

Batch Programming is extremely helpful if you want to automate small tasks, Batch programming is though only restricted to windows platform but it has lots of other uses and the best part is that it's very easy as compared to other programming languages, While browsing on google for batch programming related e-books I came across a fantastic book which teaches batch programming

Metasploit Console Customizable Prompts

The Metasploit Console now supports customizable prompts similar to how bash has the PS1 variable. To set a custom prompt the setg command can be used to set the Prompt variable. For example:
msf > setg Prompt "%T - (Sessions: %S Jobs: %J) "
Thu Jul 21 02:25:43 -0400 2011 - (Sessions: 0 Jobs: 0) >

This command will result in the timestamp, session count and job counts to be displayed within

SQL Injection Bypass WAF

Great article, the source is in the bottom of this post.

1)Comments: SQL comments are a blessing to us SQL injectors. They allow us to bypass a lot of the restrictions of Web application firewalls and to kill certain SQL statements to execute the attackers commands while commenting out the actual legitimate query. Some comments in SQL:

//, — , /**/, #, –+, — -, ;


2)Case Changing:

Damn Small SQLi Scanner [DSSS]

Damn Small SQLi Scanner(DSSS) has been made as a PoC where I wanted to show that commercial (SQLi) scanners can be beaten under 100 lines of code. It supports blind/error  SQLi tests, depth 1 crawling and advanced comparison of different response attributes to distinguish blind responses. If you are satisfied with your commercial tool scanning results then I believe that you could even be more

Howto: Install Chrome OS on Macbook AIR

Download the install image from here
Extract the archive using your decompression tool of choice (The Unarchiver for Mac works great)
Burn the image to a USB stick using dd (check the wiki if you need help with this, same as Flow/Vanilla instructions)
Insert both this USB stick and the OS X install drive into your Macbook Air while it’s switched off
Hold the “C” key down and press the power

Wifuzz-"Smashing APs for fun & profit "

WiFuzz is a 802.11 fuzzer to trigger corner-case situations in the network stack of today's Access Points.


Source: http://code.google.com/p/wifuzz/wiki/WiFuzz
If you like my blog, Please Donate Me


One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

SQL Injection Tools List

Sqlninja ( http://sqlninja.sourceforge.net/ ) Supports only Microsoft SQL Server.

sqlmap ( http://sqlmap.sourceforge.net/ )
Full support: MySQL, Oracle, PostgreSQL and Microsoft SQL Server.
Partial support for: Microsoft Access, DB2, Informix, Sybase and Interbase.

Pangolin 3.2.3 free edition ( http://down3.nosec.org/pangolin_free_edition_3.2.3.1105.zip )
Your web applications using Access,

SSLH = HTTPS, SSH, and OpenVPN on the same port.

What is it?sslh accepts HTTPS, SSH and OpenVPN connections on the same port. This makes it possible to connect to an SSH server or an OpenVPN on port 443 (e.g. from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.
InspirationThis feature has already been implemented as a

HTML 5 - XSSQL attack

Html 5 brings a lot of new features to the web. One of its features is SQLite - a client side database engine which allows storage of data on the client side. Databases can be created and queried by the JavaScript.
It is pretty clear that many developers would use the opportunity to store information on the client side. The risk will be high if they use this repository and store their

ECCOUNCIL was hacked again.

After couple months ago, Eccouncil was hacked with SQL Injection( I don't sure about that). Now I get the rumor that it was hacked again. Please see the detail here.

Link: http://gaysec.net/gay/eccouncilacademy.org.txt

If you like my blog, Please Donate Me


One Dollar $1.00 Two Dollar $2.00 Three Dollar $3.00

Howto: Attacking through proxies

This post will tell you "How to use attacking tool with proxies".

 1. Attack through Tor
     1.1 Start Privoxy and Tor service.
         $ /usr/sbin/privoxy  /etc/privoxy/config
         $ /usr/bin/tor
     1.2  Create tunnel to the Tor service with socat
         $ socat TCP4-LISTEN:8080,fork SOCKS4:127.0.0.1:target.com:80,socksport=9050


     We're ready to attack or scanning with Nessus

Chrome Extensions for Security Professional

During Recent days we have seen a phenomenal increase in usage of Google Chrome Browser, however Security Professionals are still looking at Firefox for there day to day life usage, the basic reason behind it is large set of firefox extensions backing it up, we have also custom builds like OWASP Mantra doing the round.
So for those who love using Google Chrome and still miss the large

Hacking with Evilgrade on Backtrack5

           After install evilgrade on Backtrack5(Tutorial how to install evilgrade on Backtrack5). Now we try to use it. And this tutorial, we will use the new Metasploit tool name's "msfvenom" to create the shell and use it to pwn victim. You can download this tutorial document and my ettercap-ng that was compiled by myself in the last of this post.

Attacker IP: 192.168.168.156 [Backtrack 5

Howto: Compile "Slowloris with TOR" Source Code.

Slowloris, DoS tool, holds connections open by sending partial HTTP requests. It continues to send subsequent headers at regular intervals to keep the sockets from closing. In this way webservers can be quickly tied up. In particular, servers that have threading will tend to be vulnerable, by virtue of the fact that they attempt to limit the amount of threading they'll allow. Slowloris

Howto: Install evilgrade on Backtrack5

EvilGrade exploits weaknesses in the auto-update services of multiple common software packages. It is able to trick the service into believing there is a signed update available for the product, thus prompting the user to install the upgrade. Unfortunately the upgrade is in actuality an attacker’s payload. The nefarious part about this product is that it is very difficult for the average

Vega | Open Source Web Application Scanner

Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Vega includes an automated scanner for quick tests and an intercepting

Exposed Anonymous and LulzSec by Teampoison

After LulzSec and Anonymous released the Operation Anti Security = #AntiSec that some hackers disagree and agree and LulzSec  broke up the group. Now hacker group name's Teampoison has released about information of LulzSec and Anonymous members. You can view it in the below link.


Download Link: http://www.wupload.com/file/45239054/expose_lulzsec_and_anonymous.docx
Pastebin Link: http://

Article: Penetration Testing with Brute Forcing Tool.

This article will show you how to use Metasploit for penetration testing with brute forcing module or another technique of Metasploit and how to post exploitation without TTY. This article has written by myself and sorry about my bad English. Please download pdf to view.