Gmail SMS : nouveau service pour l’Afrique

Posted on mercredi 25 juillet 2012 - 0 commentaires -

Google a annoncé la semaine dernière le lancement d’un nouveau service spécialement pour l’Afrique qui permet aux utilisateurs de Gmail de pouvoir envoyer et recevoir des emails directement depuis leur téléphone, comme s’ils envoyaient des sms.








Ce nouveau service appelé Gmail SMS ne sera disponible que pour Le Ghana, le Nigeria ainsi que le Kenya. Ces trois pays sont les seuls à pouvoir en profiter pour le moment en espérant que Google le développe dans d’autre régions. Au niveau du fonctionnement, les e-mails seront automatiquement adaptés au format SMS afin de faciliter la transmission de mails. Les utilisateurs pourront ainsi répondre à leurs mails aussi facilement que si ils recevaient un texto.



SANS Security 560 (GPEN): Network Penetration Testing and Ethical Hacking

Posted on lundi 23 juillet 2012 - 1 commentaires -





SANS Security 560 (GPEN): Network Penetration Testing and Ethical Hacking
English | Books (.pdf) + Audio (.mp3) + DVD (.iso) | 4.09 GB


Security vulnerabilities, such as weak configurations, unpatched systems, and botched architectures, continue to plague organizations. Enterprises need people who can find these flaws in a professional manner to help eradicate them from our infrastructures. Lots of people claim to have penetration testing, ethical hacking, and security assessment skills, but precious few can apply these skills in a methodical regimen of professional testing to help make an organization more secure. This class covers the ingredients for successful network penetration testing to help attendees improve their enterprise's security stance. 

We address detailed pre-test planning, including setting up an effective penetration testing infrastructure and establishing ground rules with the target organization to avoid surprises and misunderstanding. Then, we discuss a time-tested methodology for penetration and ethical hacking across the network, evaluating the security of network services and the operating systems behind them.
Attendees will learn how to perform detailed reconnaissance, learning about a target's infrastructure by mining blogs, search engines, and social networking sites. We'll then turn our attention to scanning, experimenting with numerous tools in hands-on exercises. Our exploitation phase will include the use of exploitation frameworks, stand-alone exploits, and other valuable tactics, all with hands-on exercises in our lab environment. The class also discusses how to prepare a final report, tailored to maximize the value of the test from both a management and technical perspective. The final portion of the class includes a comprehensive hands-on exercise, conducting a penetration test against a hypothetical target organization, following all of the steps.
The course also describes the limitations of penetration testing techniques and other practices that can be used to augment penetration testing to find vulnerabilities in architecture, policies, and processes. We also address how penetration testing should be integrated as a piece of a comprehensive enterprise information security program.





DOWNLOAD HERE(extabit): "I think you should buy it is the best"
http://extabit.com/file/29h0q1vjarjdu/SANS Security 560 (GPEN).part11.rar
http://extabit.com/file/29h0q1vjarg82/SANS Security 560 (GPEN).part10.rar
http://extabit.com/file/29h0q1vjarjci/SANS Security 560 (GPEN).part09.rar
http://extabit.com/file/29h0q1vjarjb6/SANS Security 560 (GPEN).part08.rar
http://extabit.com/file/29h0q1vjarste/SANS Security 560 (GPEN).part07.rar
http://extabit.com/file/29h0q1vjarjde/SANS Security 560 (GPEN).part06.rar
http://extabit.com/file/29h0q1vj6e4jm/SANS Security 560 (GPEN).part05.rar
http://extabit.com/file/29h0q1vj6eh6q/SANS Security 560 (GPEN).part04.rar
http://extabit.com/file/29h0q1vj6eqlu/SANS Security 560 (GPEN).part03.rar
http://extabit.com/file/29h0q1vj6eh9u/SANS Security 560 (GPEN).part02.rar
http://extabit.com/file/29h0q1vjarppu/SANS Security 560 (GPEN).part01.rar

Mirror (rapidgator):
http://rapidgator.net/file/24489741/SANS_Security_560_(GPEN).part01.rar.html
http://rapidgator.net/file/24489539/SANS_Security_560_(GPEN).part02.rar.html
http://rapidgator.net/file/24489446/SANS_Security_560_(GPEN).part03.rar.html
http://rapidgator.net/file/24489661/SANS_Security_560_(GPEN).part04.rar.html
http://rapidgator.net/file/24489795/SANS_Security_560_(GPEN).part05.rar.html
http://rapidgator.net/file/24489873/SANS_Security_560_(GPEN).part06.rar.html
http://rapidgator.net/file/24490671/SANS_Security_560_(GPEN).part07.rar.html
http://rapidgator.net/file/24490558/SANS_Security_560_(GPEN).part08.rar.html
http://rapidgator.net/file/24490825/SANS_Security_560_(GPEN).part09.rar.html
http://rapidgator.net/file/24490772/SANS_Security_560_(GPEN).part10.rar.html
http://rapidgator.net/file/24490050/SANS_Security_560_(GPEN).part11.rar.html



Hack the Stack - Using Snort and Ethereal to Master the 8 Layers of an Insecure Network

Posted on - 0 commentaires -




Hack the Stack - Using Snort and Ethereal to Master the 8 Layers of an Insecure Network
Publisher: Syngress | ISBN: 1597491098 | edition 2007 | PDF | 486 pages | 11,3 mb


This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker's exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur.



Download links:
(Become Premium for maximum speed, resumming ability and no waiting):
http://rapidgator.net/file/27001661/1597491098.pdf.html

Mirror:
http://letitbit.net/file/27001879/1597491098.pdf.html




Skype source code distributed by Anonymous

Posted on jeudi 19 juillet 2012 - 0 commentaires -

The group Anonymous cybercitizens the source code for software Skype Internet telephone conversation. Microsoft acquired, there is little, the system / communication software Skype. Of VoIP has reported that $ 8.5 billion to the authors of this tool of Internet telephony. The Anonymous accuse Microsoft of wanting to install a backdoor, a hidden door in the software, to enable governments, including that of Uncle Sam, to decipher the conversations. The strength of Skype being unable to "listen" to a call. In response to this fear, Anonymous has released more source code of Skype. The holy grail 3 files distributed via the P2P. In data released: Skype1.4_binaries; SkypeKit_sdk + runtimes_370_412.zip; skypekit binaries for Windows and x86_Linux + SDK for Windows and skype55_59_deobfuscated_binaries. Suffice to say that the data are very sensitive.


The group Anonymous cybercitizens the source code for software Skype Internet telephone conversation. Microsoft acquired, there is little, the system / communication software Skype. Of VoIP has reported that $ 8.5 billion to the authors of this tool of Internet telephony. The Anonymous accuse Microsoft of wanting to install a backdoor, a hidden door in the software, to enable governments, including that of Uncle Sam, to decipher the conversations. The strength of Skype being unable to "listen" to a call. In response to this fear, Anonymous has released more source code of Skype. The holy grail 3 files distributed via the P2P. In data released: Skype1.4_binaries; SkypeKit_sdk + runtimes_370_412.zip; skypekit binaries for Windows and x86_Linux + SDK for Windows and skype55_59_deobfuscated_binaries. Suffice to say that the data are very sensitive.


In 2007, ZATAZ.COM was surprised at the remarks made by the German police about Skype. German police indicated at an annual meeting of security, she was unable to decipher the encryption used in the Internet telephone software Skype. Can not control the calls made on individuals suspected of a crime or an act of terrorism. "The encryption used by this software makes our job difficult," will explain Joerg Ziercke, president of the Federal Bureau of the German police (Germany's Federal Police Office - BKA). We were amazed by indicating five years, "This is a new promotion perplexing! Why talk about a program that seems so disturbing, if not to encourage" bad guys "to use it for better ... listen! "


German spy software, business friends The spyware German police, a program concocted by friends of the interior minister of the country. ZATAZ.COM was the first newspaper to return to the surprising discovery of CCC in Berlin. Members of the Chaos Computer Club had received from an unknown spyware BKA (Bunderstrojan). A spyware, a Trojan, the German police [Read]. A trojan that made it much more than that were authorized by law Teutonic. Since the tool is making waves at the point of view out snakes larger than an ox. Behind this tool, the company DigiTask GmbH. The latter had already made ​​an offer of "service" in 2007 with the Department of the Interior of Bavaria to promote espionage Skype.


In addition to having features worthy of trojans cybercriminals, the Chaos Computer Club has shown that Bunderstrojan could be hijacked by cybercriminals. For information, call ZATAZ.COM that Digitask GmbH is a German company 100% owned by the consortium Deloitte Consulting. An economic entity which has, as members of the advisory German political figures such as the Interior Minister of Bavaria Edmund Stoiber and former German Minister of Interior Otto Schily.


The trojan BKA, an investigative tool questionable? Ralf Benzmüller, Director of G Data Security Labs, the trojan has several technical limitations. "Communication is a server control example insufficiently secure, says he ZATAZ.COM. A malware can then send any data from a forged address to the central server. This makes the evidence collected in any questionable police investigations. Conversely, cybercriminals can also order the infected PC and inject any malicious code. "The virus, with the source code posted on the web, detects BKA. "Cybercriminals are now able to locate the trojan infected PC and use them for themselves by injecting their malicious code via the upload function available" emphasizes ZATAZ.COm Ralf Benzmüller.

Minecraft et sa petite faille de sécurité

Posted on lundi 16 juillet 2012 - 0 commentaires -



Une faille de sécurité a été découverte dans les serveurs de Minecraft, permettant via le système d'authentification de se logguer avec le compte d'un autre et de jouer avec son personnage.
Marcus Persson alias Notch s'en est rendu compte il y a quelques jours lorsque plusieurs joueurs ont remarqué que son compte personnel avait été utilisé sur différents serveurs où il n'a jamais mis ses pieds virtuels.

Cet exploit dont vous trouverez tous les détails ici, concernait uniquement les gens qui ont migré récemment leur compte vers un compte Mojang et qui utilisent leur adresse email pour s'authentifier.
Mais rassurez-vous, Notch a tout de suite réagi à ce problème en coupant les serveurs servant à l'authentification afin d'analyser le problème et le patcher en quelques heures.

Rapide le garçon ! Heureusement, aucune donnée personnelle ou mot de passe n'a été rendu visible via cet exploit, et bien sûr tout est revenu dans l'ordre au pays de cubes cubiques.

La Mole v0.3 en téléchargement - Outil automatique SQL Injection exploitation

Posted on - 0 commentaires -


La Mole est un outil automatique SQL Injection d'exploitation. Tout ce que vous devez faire est de fournir une URL vulnérables et une chaîne valide sur le site que vous testez et The Mole permettra de détecter l'injection et de l'exploiter, soit en utilisant la technique de l'union ou d'une technique basée sur requête booléenne.


caractéristiques

  • Soutien pour les injections en utilisant MySQL, MS-SQL Server, Postgres et bases de données Oracle. Interface de ligne de commande. 
  • L'auto-complétion pour les commandes, les arguments de commande et les noms de base de données, tables et les colonnes. Prise en charge de filtres, afin de contourner certaines IPS ou IDS règles en utilisant des filtres génériques, et la possibilité d'en créer de nouveaux facilement. 
  • Exploits Injections SQL par le biais de GET / POST / Cookie paramètres. 
  • Développé en Python 3. Exploits injections SQL qui retournent des données binaires. 
  • Interpréteur de commandes puissant pour simplifier son utilisation. 




Vous pouvez télécharger la v0.3 Mole ici:
windows
linux

Hacking web2com System

Posted on samedi 14 juillet 2012 - 5 commentaires -

Bonjour après une  grande absence  i am back pour  vous  expliquer un petit phénomène
dans cette article on va parler de la  web marketing er spécialement a  la  mailing  ou les  spammer 
je  vais utiliser par exemple une  agence de web marketing très connue dans  le  domaines situé en sfax 
j ai contacté depuis 2 ou 3 année le  directeur pour  lui vendre la  plus  grande base de donnée en Tunisie 
et il a  refusé puisque il a aussi une partie de ma base de donnée que  j ai déjà  piraté avec  mon équipe mais  une  chose  trop  importante il a  affirmer qu'il a la même base avec  même les  mot de passe O_o une  Gega base avec  300 000  utilisateur , 300 000 email => 300 000 mot de passe O_o donc  j'ai essayé ce soir d'Etudier un peut  ce système  d'envoi de mail utiliser par l'agence WEB2COM 


j ai reçu plusieurs mail comme chaque jours , mails  mails mails => SPAM

voila une  copie de la  code source de l'email :-D 
avec  une  bonne en tête


c  le  6 eme serveur héberger chez OVH


comme vous voyer la copyright du script qui est le  responsable d'envoi des SPAM 




après une  petit recherche  sur  GOOGLE 



Biensure  je  pense pas que  l'agence WEB2COM va acheté cette  application 
c  sure  et 100 % qu'ils sont utilise la  version  NULLED 

:-D 

questions : avez vous confiance en WEB2COM si vous  saviez qu il acheter et utilise des produits piraté et même des base de donnée piraté qui comporte généralement nos vrai mot de passe  ??? 

est ce que  agence national de la  sécurité informatique contrôler et vérifier ces  société de type spammer en Tunisie ?? 

désoler pour  mes  fautes en français  et merci pour  votre  attentions 

MR  k3vin mitnick 
(mes  referencer )