Different Types of Wireless Attacks - Theory

As we all know that wireless networks are spread at each and every  part of the world starting from personal home to corporate business, schools/universities, cafes etc.. Major merit of wireless network is of eliminating the big and tidy cables which acquires space and not spoiling the look of your working area. But as we all know that each coin has two sides. There are demerits of wireless networks as well. It comes with high possibility of attacks on it. In this article I am going to describe different techniques of wireless attacks from the world and what we should do to prevent those attacks on wireless networks.

Firewall Unleashed

Introduction

Firewalls are used to monitor and control the inbound and outbound traffic on the protected network. They have an ability to block and allow the internal as well as external services within the network. Before allowing access to the service, a firewall may also force the client / user to pass through an authentication. Sometimes a firewall can be also used in IPSEC tunnels as a platform. It monitors security-related events.

Transport Layer Security - Part 2 SSL

Introduction
I have already discussed about SSL in my previous article. Here I will be explaining you SSLv3. It is developed by Netscape company .In this section I will discuss on SSLv3.

General SSL Architecture
It is designed to secure end-to-end service on the internet. I will illustrate that SSL is not a single handed protocol. It is a layer of more than one protocol such as
a.    SSL record protocol
b.    SSL handshake protocol
c.    SSL change cipher spec protocol
d.    SSL alert protocol

Suspicious File Analysis With PEFRAME

In this article I am going to conduct a walk through with a nice python tool named PeFrame. This tool should be an analyst’s first choice in order to analysis a piece of static malware. I am going to discuss each and every feature provided by this tool and I will also show you why it is important to find information through the malware.

Transport Layer Security - Part 1

This is a non-technical guide which will make you familiar with the transport layer. The main purpose of writing this guide is to point out why we need major security implementation on the transport layer. What if the components of this layer get compromised?

Scalpel : Data Recovery From Byte Strings

In digital forensics, file carving is an essential process. It is a technique in which investigator uses databases of headers as well footers. These headers and footers contain byte strings. So, suppose you have 5 JPEG files. So all those 5 files will have same header & footer byte strings. So this tool carves data by analyzing that byte string. This Is an advance tool as it also carves file even after its metadata is removed.

Phishing Countermeasures Unleashed

In this article I have my best to gather and explain all those possible ways by which phishing can be avoided. Here I am going to explain Phishing counter measures in very details. As you know phishing is kind of technical and psychological attack on human nature, which make him/her to reveal their sensitive information to the attacker. For more information on phishing you may visit Wikipedia and search for a topic “Phishing”. Here I am going to provide you all possible counter measures for phishing attacks.

SSL Unleashed

In this article I am going to tell you everything about SSL that what it is why we need it, technical and non technical aspects of SSL etc.. This article covers the introduction, SSL certificate, Encryption, process of encryption and how your browser interact and trust that certificate provided by the website you are visiting.

Existence of SSL

There are basically 2 aspects of SSl. One is Encryption and second is Identification.  Now encryption is what you hide the content of the data sent from one machine to another machine. It is done by changing the content of the data in identical to garbage form which is human readable but not human understandable. It is exactly like speaking in different languages with what one person is not familiar. I am Indian if someone speaks in Russian language, it is not understandable by me. So here Russian language is like encrypted language for me. However if I get a translator and he/she translates that Russian language into Hindi  then I can say that now that is understandable by me. So it is said that message has been decrypted. Identification is related to trust.  In the previous scenario, how can I trust the translator who is converting Russian language to Hindi? Is she/he legitimate ? Can I trust him/her? In the digital world, it is something like this. Your machine has to trust the SSL certificate (security mechanism), provided by the website via an SSL certificate issuing vendor.

Dissecting Malware – Static Analysis of Malware

This article will be showing you how doing static malware analysis. Which are the processes involved within a static analysis. Static malware analysis is the first essential step taken by the malware analysts or reverse engineers working under forensics department.

Static Malware Analysis

Best and childish way to analyze malware is to scan it with multiple antivirus services. There are ton of antivirus available in the world, so your malware will surely be identified by at least any of them from the world. What exactly antivirus does that, they have the thousands of malicious file signatures and patterns within themselves. So they scan malware and if the file pattern gets matched with their database, it gets detected.

Cyber Warfare - Building Your Nation's Cyber Army - Digital Arm Force

This article will be showing you why we need to really think of our nation’s cyber army. Where we are, which digital weapons we have? What are the challenges faced by your countries in the digital world. So, How to overcome this problem? How to recruit your digital arm force smartly? This article will help the government as well as private security firms too.

         History of Hacking

Over the past years we have seen many big hacking case studies which lead us to think seriously about cyber crime world. Some of the stories I want to share with you.

Moonlight Maze: Although the feds aren't talking publicly about a three-years-plus cyber-attack believed to be coming from Russia, a member of the U.S. National Security Agency's Advisory Board says the case, dubbed "Moonlight Maze," reveals huge cracks in the U.S. government's defense system. The Moonlight Maze stealth attack, which has targeted sensitive but unclassified information since it was launched in March 1998, is the "largest sustained cyber-attack" on the U.S., according to Adams. (Abreu, 2001)

Detecting Firewall/IPS via hping3 Before Starting Your Pentest

Before starting your network/web application security auditing it is always good to detect whether your target server is running any firewall/IPS or not. It has been always a best practice and method to send some crafted packets to the server in order to check the response form the server. In this article you will learn how to craft packets and how to send the server on their various ports using hping3. Also you will analyze each and every request coming and going from your machine to your target. Here my target is www.chintangurjar.com which's IP I have taken.

A Complex-Powerful-Hybrid Processor - THE MIND

Hello guys, this post are not related to information security. It was an incident which happened yesterday to me. After it got finished I deeply analyzed it. Yesterday I went to job. My job is to take care 70 year old grandpa. Usually we got to 3 walk and come back. Then I serve them his dinner and I leave the house. 

Yesterday I reached at home around 4.45 pm in noon. I put bag near the artificial kitchen of little girl. She used to play and cook in her kitchen. Baby is 2 year old. That little girl has 2 elder brothers having age of 4 year old and 3 year old. These 3 children are very naughty. Baby is cute and very clever. Boys are funny, naught and lazy. Usually after coming from home they do not keep their stuff at their proper place. One of the elder brother's school bag is 90% identical to my college bag. Now what happened is at that day I left my bag at that toy kitchen. Boys use to remove their bags, shoes over there after coming home from the school. 

Network Intelligence Gathering

This article is all about different information-gathering techniques on the network. It is the most essential and important task of attackers. Knowing the opponents and their interests can be valuable. Here I am going to show you which are the different ways and techniques one can do the network information/intelligence gathering.

INTRODUCTION

Let’s think of any thrilling movie theft. What do robbers do before they break into the bank or anything else? They gather information. They collect each and every bit of information about the bank system, alarm methodology, CCTV interface, the guards’ changing time, and a list of weapons that the guards have. After gathering information they make plans and attack or rob the bank. Assume they don’t have this information and they rob the bank directly. What will happen? You will find that they are caught by the police.

The same scenario can also be applied in the information security world. Before attacking or testing something, a hacker/tester needs to find information about his/her target. This target can be a network, web application, organization, or person. In our world, finding information is also called footprinting or doxing. Also, the word “reconnaissance” can be used sometimes.

Cyber Security Tips - Mind Map

Hi guys, I thought to make one big mind map of new comers in security fields as well all students and non-matured techies. This mind map will teach them how to be safe online and how not to get hacked. So Enjoy this mind map and share this link wherever you wish.

Download :  http://goo.gl/HQt7KL

Transmitting Data Via Hidden Form Fields

It is pretty obvious thing that web application passes data to user in different form. Its not the only one way transaction,sometimes user also need to parse the data to the server in form of login credentials, registration, file upload etc..

One way of transmitting data which are not modifiable directly at client side is Hidden HTML Form Fields. While creating a webpage some fields are created in with hidden type so that it wont be appear at client side but everyone will be interacting with that indirectly. To illustrate this lets take an example.

Let's suppose any online purchasing website. If customer is going to buy a product then only modifiable value at client side will be quantity only. How much quantity a customer is going to buy that has to be filled by client only. If customer selects quantity 2 so there will be a function at client side that price will be multiplied by the quantity and will be displayed on the screen. Thus how whole payment transaction is carried away. In this case price field's value is written hidden type in html page rather than normal one. Because website owner does not want customer to change prize it has to be static. So that remains hidden not modifiable.

CyberCrime - From A Different View Point

Many of you are already familiar with cyber crime. I am just going to share which are the areas in cyber crime that one should keep in mind apart from only hacking and bank fraud. These areas are also called as "Traditional Crime Techniques".

In this article I am going to compare traditional crime techniques to the cyber crime techniques and methodologies. We will come to know how common is that in the real world and how hacker got an idea of doing digital crime by analyzing real world traditional crime.

Information Gathering - Why? How? & What?

Lets suppose any thriller stealing movie. Think what does robbers do before they hack the bank or anything else? They gather the information. They collect each and every information about bank system, alarm methodology, CCTV interface, Guards changing time, list of weapons having with guards.After gathering information they make plan and attack or rob the bank. You all are clever. So assume they don't have these much of information and they are going to rob bank directly, what will happen ? You will find them caught with by police.

Same scenario also applied in information security world. Before attacking or testing something a hacker/tester needs to find the information about his/her target. Now this target can be a network, web application, organization or a person. In our world finding information is also called as footprinting or doxing. Also the term reconnaissance can be used sometimes.

Juicy Areas of Web Application For Pentesters

In this tutorial I am going to write small things which everyone knows already but I am trying to convey it in another manner of checklist. I am going to talk on some juicy areas for pen tester. Mainly it will be focusing on fingerprinting concept. While doing fingerprinting of any website, which are the areas mainly a pen tester or web application security analyst should target at high priority.

First thing to check is the server name and the version information. This information is really helpful to pen testers because older versions have already exploits in market. So If they got older server version they can directly check whether that exploit is working or not.

Python Service Banner Grabbing Script

Hello Guys I have written some small banner grabbing script in python. It is very simple and basic. By using this script you can check the services any network or domain. You will be able to know which services as well as version of service they are using.

In our penetration testing we do some nmap or other port scanning. After we come to know that these much of ports are opened, we try to find the version of service they are using. We do that in order to find  if there is any direct exploit available or not. So in this case this little code will help you to find out the version of services.

Its just basic script which does FTP, HTTP banner grabbing.

Penetration Testing - FTP Service

[1] The source code of the older version of ProFTPD server (1.3.3a) was downloaded from the ProFTPD source code repository located at ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3a.tar.bz2.

Penetration Testing - SAMBA SERVER

Aim: The aim is to understand how the countermeasures are applied in order to protect the potential vulnerable organization using the samba server.

Detail summery of configuration in Victim computer.

The attacker system, victim server (Linux) and client (Windows XP) was setup in a virtual environment using VMware workstation 9. They all belong to the host only network and are isolated from the rest of the network.

Web Service With CGI Support - Penetration Testing

This report shows an hands-on penetration testing using Apache server with cgi access, it identifies some vulnerabilities and performs exploits with this vulnerability and It further patches it by mitigating this known threats.

INTRODUCTION

APACHE

Apache can also be referred to as Apache HTTP Server. It is a standard that is established for allocating services for website online which has developed the World Wide Web. It is a free platform of web server which is been used by most of the website. The server is been used by most of the operating systems e.g. Unix, Linux, Window, Microsoft Windows, Mac OS etc but was originally designed for Unix.

Lets send packet without PING command - Introducing Scapy

Whats scapy?

Its packet manipulation mechanism. One can send and receive the packet of large no. of protocols. Its useful to send and receive reply in order to further analysis. Scapy provides many classical tasks such as :

• probing
• tracerouting
• scanning
• network discovery

Lets develop a source code from executable : Reverse engineering approach

Why mobile security is important ?

Now a days world is becoming tiny with the latest inventions in gadgets. Hardwares are becoming smaller and smaller and their efficiency and usability is increasing rapidly.

There is a drastic growth in mobile application development in past 3 years.

Average 500% people are using mobiles for day 2 day transaction. From all those people 60% of people are not installing anti virus in their phone and 50% of mobile users jailbreak their phones. Number of chances are very high that mobile applications can be used in a wrong manner to harm other people.

REMOTE SHELL - Penetration Testing

Introduction: SSH secure shell is used to establish a remote connection to a Linux box where SSH service is running. SSH runs on port 22 and applications like Open SSH v2.0 provide SSH utilities.  SSH can protect a network from attacks like IP spoofing, IP source routing etc,. However, we will study some vulnerabilities associated with SSH and provide necessary counter measures.

MITM ATTACK - Configuration To Exploitation

DO YOU KNOW WHAT IS THE ADVANCE WEB ATTACK NOW A DAYS?
Can I ask you something?

Is there anyone who refuses to accept that you have used or you are using a public WI-FI for internet access in your mobile, laptop or an IPAD. I am sure, no one will refuse to accept this. Let me ask you another question.

Do you know your ID and Password are open to all ? Do you know anyone can see your ID password?

Yes, this is true, you might not aware of this but it is fact. When we use public or open Wi-Fi and we login into our Facebook, Twitter or email account, our credentials can be hijacked by an attacker via MITM attack which stands for Man-in-the-Middle attack.

How I fixed Metasploit Database Connectivity Problem

While working on windows exploit last night when I tried to run metasploit it was not able to connect with the database. But metasploit was running fine. When I searching for particular exploit, it wasn't able to give me the result and was giving me below error.

Email Encryption With RSA Algorithm & 4096 Keysize

In this video demonstration I am explaining why we need email encryption.

There are couple of reason behind this like
1. Many countries spy on telecommunication and web communications in order to find some suspicious activity. No one can say no as we have already many informers who have leaked government secret data in which government's polices are clearly visible to everyone.

Owning OS by XSS vulnerability

In this demonstration , I am going to show you that from even a very common XSS attach, how a we can gain access to whole system. For these I am using 2 Operating system one is Kali Linux and another is XP machine which will work as a client. For exploitation I will be using Metasploit Framework(console). For particular this exploitation there is one exploit named "ms10_046_shortcut_icon_dlllloader". Basically it is able to start the local server. That server will be serving the exploits to the victim. Once victim opens that URL, he will be hacked.

Track Geo-Location via NMAP

Hello guys,

In this tutorial, I am going to show you how to use NMAP to track the Geo location of particular IP address.


This Geo Ip Location service (IP Address Map lookup service) is provided for FREE by Geobytes, inc to assist you in locating the geographical location of an IP Address. Click here to  checkout our other FREE localization services.

Nefilter extensions using xtables-addons on ubuntu 9.04

I wanted to use IPP2P extensions and TARPIT target on my Linux box running Ubuntu 9.04. IPP2P allows me to block some common peer to peer applications while Tarpit target slows down the tcp connections by setting the tcp window size to 0 after a successful TCP handshake is completed .

Brute force Directory and Files on a Web server using dirb and Backtrack 4

One of the most commonly used web application directory/files brute force tool is dirbuster from OWASP ; which is a GUI based tool written using java. Dirb is also a directory/files bruter force tool but unlike owasp Dirbuster; it is a command line utility and can be run from a shell. It is available for download at : http://dirb.sourceforge.net/

Want To Create A Secure PHP Website?

Hello guys, before some month ago I found some good checklist paper of PHP security. So i made a beautiful graph using that data. It is all about PHP security checklist.

If you do not want to give penetration testing work to any security company, you can simply avoid it by following this data. While creating your PHP website you just need to keep in mind all these things which can prevent hacker by hacking your website.  So follow this checklist and build a secure website.

OpenVPN Configuration CentOS - XP ( Server - Client )

OpenVPN
    This is an open source application. It provides ‘VIRTUAL PRIVATE NETWORK’. It provides tunneling in which we can transmit packets securely. The main aim of using any VPN is to secure the network. In my demonstration I am going to install, configure and test openvpn within server and client. I will also generate RDP through rdesktop utility. RDP will be forwarded via TLS tunnel. And as a proof we will also analyze the packet through tcpdump.

Post Fix Configuration - CentOS - XP With Outlook

It is the simple mail transfer agent which is frequently used for mail exchange service in Linux machines. Due to having use of directory it is quite easy for all administrators to handle it. Postfix has built-in many layers of security.

Important Notes

         -> Main.cf file located in /etc/postfix/main.cf need to be edited.

         -> Mail box which we are going to include in main.cf file will receive all the mails.

         -> Logs of all mail will be stored in /var/log/maillog

How Common Attacks Are Being Blocked By Linux IPTABLES

Here in this section I am going to discuss some common attacks can be done on any type of Linux machine and I will also describe that how they are being blocked by iptables.

ICMP Flood | Ping Traffic

This is also known as ping of death attack or an ICMP flood. One must block ping traffic by using iptables. One must block all ICMP incoming packets from outside connection. You can let it allow for your internal network.  Below command shows how ICMP flood can be dropped by using iptables.DROP is used for dropping packet.

DNS - Domain Name Server Configuration - Server CentOS , Client XP

DNS  is nothing but the numerical form of IP address which can be easily remembered and used. It can resolve full domain name from the  IP address and vice-versa. There is master name server and slave name server.

Configuration of DNS server
To install DNS server we need to install bind package from terminal using following command:

# yum search bind

It will list all available bind packages. From all packages we have installed bind.i686 : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Command is as follows.

Command Line Magic - See Data Usage In Linux

As we can see and sort our folders according to our requirement in windows, I was asking myself that is there any way that we can do that in linux ?

Then i searched a bit on 'opensource' internet world and I found one inbuilt linux command which is du.

du stands for Data Usage. But alone du command should not be used. I used du command along with head and sort command.

Command Line Magic - Pick A Random Number From Your Given Range

One day my friend told me that what to do to pick a random number form desired range. I told there are many algorithms infact you can create your own C program for that just 10 to 15 lines of code.

He told I don't know the syntax of C so can you find something else for that. Then I played with Ubuntu terminal and created command.

Initially I was searching for any command for terminal which can give me random link. But I was unable to find. Then I got this link on internet.

DHCP Configuration - Server CentOS - Client XP

        In Linux server the IP address is statically assigned which will be 192.168.13.0/24. Here server will be capable to ping the client machine and that has to be same from the client machine which will be also able to ping the server machine which is running on CentOS. For that DHCP Server will be installed in the Linux server to assign the static IP address to their client machine.

DHCP Cofiguration – Dynadmic Host Configuration Protocol

DHCP is used to manage IP address centrally. It also protects the IP address centrally. It automatically assigns the IP address to the guest OS. Not only the IP address but it also assigns gateway, DNS server, Net BIOS and network information. DHCP assigns IP address statically as well as dynamically. Here we will assign a static IP address so that we can manage our IP address centrally.

VPN Flaws & Limitations

Virtual Private Network is a technology that has been taken for granted by several organizations as the secure protocol for communication between their various branches. But even though it has robust nature, it is, like most other technologies, not completely secure. We will hereby discuss some of the security flaws of the VPN technology.

VPNs could be the most targeted area for an attack simply because of the amount of sensitive information it carries. VPNs also connect two internal networks via the insecure Internet, which means that a VPN has access to internal network of an organization. So successfully attacking a VPN means gaining control of the internal network of the organization. Moreover the VPN traffic is invisible to Intrusion Detection Systems. So they will be blind to an attack over the VPN.

Network Virtualization Security Issues

Network Virtualization is the next big thing in the world of networking. Although the current internet architecture is quite robust and complete, but it needs multiple protocol stacks to suffice the needs of modern technologies like mobile and embedded devices, new communication paradigms etc. Network visualization offers a solution to many challenges of current network architecture like scalability, flexibility and cost of infrastructure.

MITM Attack Scenario

Almost all companies, be it a giant multinational or a small startup consisting of just a small team, needs to secure their confidential data. And they do, more or less. They use all the traditional ways of protecting their data, install firewall softwares, anti-virus and anti-malware packages. They buy expensive sophisticated hardware that claims to guard their data while they sleep peacefully at night. But are they really secure? Do these companies realize their weakest link in the chain?

Http Tunneling

Most of the companies and enterprises use proxies and firewalls for their company’s network security. But majority firewalls and proxies block most or all other services but one – http/https. They allow traffic to destination port 80 or 443 to pass in order for their employees to surf the web. So this particular behavior of the firewall can be exploited in order to connect to remote servers with services running on different ports other than 80 or 443. Let us see how.

Bittorrent Based DDOS Attack

BitTorrent is the most famous and widely used peer to peer file transfer protocol. Created in 2001 by Bran Cohen, it quickly caught users’ attention all over the world and it became more popular than other existing such networks like Napster, Gnutella and FastTrack. But its popularity combined with a basic flaw in the design and working of this protocol has opened the possibility for a Distributed Denial of service attack on arbitrary server of the attacker’s choice. Here we are going to look how this is possible.

ARP Poisoning - A Theoretical Approach

ARP Poisoning is an attack that can be carried out in a LAN that relies on Address Resolution Protocol for its internal routing. ARP Poisoning can then be further extended in different forms of attack like Man-in-the-middle-attack, Packet sniffing, Denial of Service etc. In this attack the attacker spoofs the ARP cache of the target machine.

Pinterest Starters

What is Pinterest?

-> It is same like your stitch board. This is virtual stitch board. It allows to organize and share beautiful things. That we find on internet. People can create their own pin-boards in which they plan their weddings, decorate their homes and organize their favorite recipes. Also much more can be done with the help of Pinterest.

-> we can surf pin-boards created by different peoples.

It gives fun with information and knowledge.

iFrame Injection

As we all know that the iFrame and Script are the HTML tags. But Now a days hackers are using iFrame and its internal attributes like Height Width and Frame border more. Typically iFrame allows a developer to embed the content of one page to the another page. Calling one page's content to other page and showing there. Means A developer can call multiple page's content to show all in one page.

But the cyber criminals has found the exploit this functionality in order to run their malicious code to the client side.Hackers are using more iFrames as well as the Script command to execute java scripts as well as other malicious scripts to the client side through their websites. This type of attack is also called as Drive-By Attack. This type of attack is allowing hackers to run their code invisibly as well as silently.

Know More about iFrame for HTML5 - http://www.w3schools.com/html5/tag_iframe.asp

REFERENCES : 

1. http://www.avgthreatlabs.com/webthreats/info/invisible-iframe-injection/ 
2. https://billing.handsonwebhosting.com/knowledgebase/220/iFrame-Injection-Attack---Site-compromised-or-hacked.html 

Information Gathering With WhatWeb Tool - Linux

This tool is bascially created for the website fingerprinting.It identifies the web technology and giving us the below details.This tool has more than 900 plugins to identify each and every information about the website in which you want to do fingerprinting. THis tools also supports the aggression level of the website. To control speed and reliability. 

Generally when you visit a website or a single page you can get much information about the site and much more. But sometimes it when you don't get any information then this WhatWeb comes in the pictures. It has an ability to interrogate the website in detail,in order to take out the further information of the website, server and much more.

Source : http://blog.tevora.com/info/whatweb-tool-for-pen-testers/

Terminal Magic - Histroy Command

This video is created for IT folks and IT ninjas who are beginner to linux terminal. Here I have make this video for all those people who want to get the best knowledge of HISTORY command. I have made this video in such way that you will get how to use history command in various ways to reduce the time complexity and getting the effective result in no time.

Robocode With Video Tutorial

WHAT IS ROBOCODE?
Robocode is a programming game where the goal is to develop a robot battle tank to battle against other tanks in Java or .NET. The robot battles are running in real-time and on-screen.The motto of Robocode is: Build the best, destroy the rest! Besides being a programming game, Robocode is used for learning how to program, primarily in the Java language, but other languages like C# and Scala are becoming popular as well.
Schools and universities are using Robocode as part of teaching how to program, but also for studying artificial intelligence (AI). The concept of Robocode is easy to understand, and a fun way to learn how to program.

Virtual Desktop Infrastructure - Interactive Presentation

References [PDF]:

1. http://www.vmware.com/pdf/virtual_desktop_infrastructure_wp.pdf
2. http://blogs.technet.com/b/yungchou/archive/2010/01/06/microsoft-virtual-desktop-infrastructure-vdi-explained.aspx

Exploiting SQL Injection "Attack"

Hi Geeks,Lets start with the tutorial.Before starting I am dam sure that most of you didn’t understood the question.

Exploiting the SQL injection Attack

Meaning :- This shows that how we can exploit SQL injction “Attack”.I am not going to show you that how one can attack a website with “SQL Injection Attack.”But here I specified “Attack” word in the title.Which shows that we are attacking the SQL injection “Attack”means We are going to protect our website by being attacked from the hackers,who are attacking our site with SQL injection.So here I want to show you that how we can do secure coding.

Doxing - A Technique To Trace

 

Reference :

1. http://www.prohackingtricks.com/2011/06/doxing-way-of-tracing-anonymous-people.html
2. https://www.facebook.com/MyTechbook/posts/542421479142686
3. http://www.yousaytoo.com/doxing-hackers-information-gathering-technique/1723996

Report - Digging Deep Into Anonymity World

Eat yourself up before someone else eats you. Proving this adage right we have done this rough research on being anonymous online. I doubt anyone can be more silent than this. Read out to find out. 

Presentation : How To Remain Anonymous Online

Eat yourself up before someone else eats you. Proving this adage right we have done this rough research on being anonymous online. I doubt anyone can be more silent than this. Read out to find out. 

REFERENCES :

1. proxpn.com
2. en.wikipedia.org/wiki/Java_Anon_Proxy
3. https://secure.logmein.com/products/hamachi/download.aspx‎ 
4. en.kioskea.net 
5. en.wikipedia.org/wiki/Proxy_auto-config 
6. http://en.wikipedia.org/wiki/Email_encryption 
7. www.sbwave.com/www.hushmail.com/ 
8. psst.sourceforge.net/'
9. www.x-im.net/ 
10. www.mozilla.org/en-US/collusion/ 
11. http://www.businessinsider.com/google-still-wants-to-track-your-every-move-but-dont-worry-you-can-opt-out-goog-2010-3
12. https://panopticlick.eff.org/ 
13. www.fakenamegenerator.com/ 
14. http://www.cse-cst.gc.ca/its-sti/publications/itsg-csti/itsg06-eng.html 
15. http://www.pcworld.com/article/226785/encrypt_your_hard_drives.html
16. www.truecrypt.org/ 
17. en.wikipedia.org/wiki/Anonymous-OS 
18.  wiki.gitbrew.org/wikibrew/OccupyOS
19. www.revsys.com/writings/quicktips/ssh-tunnel.html 
20. en.wikipedia.org/wiki/Tunneling_protocol 

Presentation : Virtual Desktop Infrastructure

This is a basic introduction slide to virtual desktop infrastructure.

References [PDF]:

1. http://www.vmware.com/pdf/virtual_desktop_infrastructure_wp.pdf
2. http://blogs.technet.com/b/yungchou/archive/2010/01/06/microsoft-virtual-desktop-infrastructure-vdi-explained.aspx

Presentation : Long Tail Threats

This presentation will help you to understand how we can prevent our organization from being attacked.

Source : http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report/long-tail.aspx