Hide Keyloggers and Trojans with Binders

You would have probably heard that never run a .exe file if you are not confirmed about the authenticity of the person who send you that particular file, The reason why you might have heard that because Trojans, Keylogger, Spywares and Adwares use .exe format by default


So what do you think are you completely safe that you run untrusted MP3,JPEG files?

The answer is no, Its because you never know that virus has came with which format, It can take any format, It could be in JPEG, It could be in MP3 and it could be in almost any Format, So in this article I will tell you how hackers hide Keyloggers,Trojans and other harmful viruses in other files

 What is a Binder?

 A Binder is a software used to bind or combine to or more files under one name and extension, The files to be binded can have any extension or icon, Its all up to you and you have the choice to select the name, icon and various attributes of binded file, The Binded files can be even worse when they are crypted, because Bintext would not be able to find it and at the same time it could also bypass antivirus detection then you are almost guaranteed to be infected


Popular Binders

Here are some of the popular binders used by hackers to hide keyloggers and Trojans:

Simple Binder

Simple binder is one of my favorite binders of all time, I give thumbs up to the maker "Nathan", Its so easy to use and even a script kiddie can easily use it to bind keylogger or backdoors with other files


Weekend Binder

Weekend Binder can be used to bind two or more files under one extension and icon, If the binded file contains an application, the application also runs along with the actual binded files .


How to detect Crypted Binded files?

As I told you before that if a trojan or keylogger is binded with a file and it's crypted in order to bypass antivirus detection then its very difficult to detect it, However there is a great piece of software called resource hacker which is really effective when it comes to keylogger protection, It detects whether the file is binded or not.

Sniperspy keylogger For Mac OS Launched

Previously I wrote a review on Sniperspy and concluded it as the best Keylogger to Hack Facebook Password or any other email account Password, but unfortunately some of my blog readers use Mac OS and the sniperspy  did not work on Mac OS, but yesterday received the news from Sniperspy Team about Sniperspy keylogger for Mac OS has just launched so I  decided to give it a try and share with you

SniperSpy is the only software that allows you to secretly watch your Macintosh like a television! Login from ANYWHERE using another computer, smartphone or iPad.

After you install this program to the Mac you wish to monitor, it begins silently recording everything they do online. The program then uploads user activities and sends the data to your online account. You login to your account SECURELY to view logs using your own password-protected login.

View the screen LIVE and see everything they do online in real time! Browse the file system, view chats, websites, keystrokes and more, with screenshots. You can also access the LIVE control panel within your secure online account to perform live monitoring functions.

Features:

The Sniperspy for Mac OS has Following Features

Keystroke Recordings
The Sniperspy for Mac OS can record all the keystrokes typed on the victims computer. The victim wont even know if Sniperspy is installed in his/her computer

Chat Recordings

The Sniperspy for Mac OS can also track Yahoo, msn, skype etc chats

Live Screen Viewer

Sniperspy is the only software for Mac OS which has a unique feature of Live Screen Viewing, with this feature you can see victims computer just like a Television Screen

and much more

So what are you waiting for, Get your hands on the best Keylogger for Mac OS and Start Monitoring

For Buy Now and Download links kindly visit the link below

Sniperspy for Mac OS

Note:Installing computer monitoring tools on computers you do not own or do not have permission to monitor may violate local, state or federal law.

How to find a vulnerable Website?

Website security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers.
Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available through which even a newbie can find a vulnerable site and start Hacking

 Common Methods used for Website Hacking

There are lots of methods that can be used to hack a website but most common ones are as follows:


1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote File Inclusion(RFI)
4.Directory Traversal attack
5.Local File inclusion(LFI)
6.DDOS attack

I have explained some of these methods in my post "Common methods to hack a website"

Tools commonly used to find a vulnerable website

Acunetix

Acunetix is one of my favorite tool to find a venerability in any web application It automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

Download Acunetix Web Security Scanner

Nessus

Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.

Download Nessus from the link below
http://www.nessus.org/download

Retina-

Retina is another Vulnerability assessment tool,It scans all the hosts on a network and report on any vulnerabilities found.

Download Retina from the link below
http://www.eeye.com/Downloads/Trial-Software/Retina-Network-Security-
Scanner.aspx

Metasploit Framework

The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.

Download Metasploit(For Windows users) from the link below
http://www.metasploit.com/releases/framework-3.2.exe

Download Metaspolit(For Linux users) from the link below
http://www.metasploit.com/releases/framework-3.2.tar.gz

How to Hack a Facebook account using Hardware Keylogger

Did you know a keylogger is the simplest way to hack a Facebook account?, I have written lots of articles on software keyloggers such as sniperspy and winspy, but software keylogger is not the only keylogger used for facebook hacking , there is an other type of keyloggers and that are called hardware keyloggers.
A hardware keylogger is also used for keystroke logging, A hardware keylogger is plugged between the keyboard plug and the USB or PS/2 port socket, they work with PS/2 keyboards and also usb keyboards,

 A hardware keylogger is just like a normal USB drive or any other computer peripheral so that the victims can never doubt that it is a keylogger, Hardware keylogger has any inbuilt memory which stores the typed keystrokes, Here is how a hardware keylogger may look like:

KeyCobra - The next generation hardware keylogger 

Keycobra is one of my most favorite hardware keyloggers as it offers more than 2G of storage,This keystroke recorder comes in a standard version - 4MB memory capacity, 2,000,000 keystrokes (over 1,000 pages of text), and a Venom version 2 billion keystrokes (over 1 million pages of text), organized into an advanced flash FAT file system. It is compatible with all three operating systems windows,linux and Mac OS, Here are some features of hardware keylogger due to which keycobra is one of the most popular hardware keyloggers around.

Features 

• Record ALL Keystrokes - even Facebook passwords!
• Huge memory capacity, organized as an advanced flash FAT file system
• Advanced text menu for viewing recorded data, includes Net Detective, Phrase Search, Key Filtering, Unplug Counter and more!
• Super fast memory contents download with USB Download Accelerator (included)

And much more

Here is an screen shot of logs captured by keycobra as it has captured keystrokes for chat.

So what are you waiting for, Grab your hands on the next generation hardware keylogger, Visit the official website of hardware keylogger for more information:

KEYCOBRA - Next Generation hardware keylogger

Free Kaspersky Internet Security 2011 License Key (1 Year)

There is no doubt that Kaspersky Internet security is one of the most popular Internet security suites, It is claimed that Kaspersky detects more than 98% of the threats, but due to its high cost it is really difficult for e very one to afford it, Therefore I am posting a method to get Free Kaspersky Internet Security 2011 License Key for one year which is worth almost 60$ per license, So follow the steps to get a Free Kaspersky Internet Security 2011 License key

1. First of all goto the Chinese promotional website here

2. Type your email address in the both boxes

3. Next enter the capacha

4. You will now receive the key on your email address you provided in the second step

5. This key won't work on English version so you need to download a Chinese version of Kaspersky Security 2011, Download  it  from here

6. Once you have downloaded the kaspersky chinese version, open the installer and Click on the button marked with the blue box to proceed with the installation.

7. Enter the license key you receiver earlier in the text box

and click on the button marked with blue in the below image.

8. Once the kaspersky Internet Security 2011 Chinese version has been installed, Follow the steps below to change it into the English version

• Go to Safe Mode in Windows
• Go to Registry Editor .
• Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP11\environment.
• Update the value of SkinSwitchDisabled from 1 to 0.
• Restart the computer.
• Run Kaspersky again and press”Shift + F12″ to change the language to English.

Firesheep Makes Facebook Hacking Easy

Recently a new firefox addon Firesheep have been a cause of thousands of email accounts, As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly last 24 hours, With Firesheep the hacker can control any account without even knowing the username and password of the desired account, As Facebook is worlds most popular Social Networking website, therefore it has been the major victim of it, Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies, Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account

How can a Hacker use Firesheep to Hack a Facebook or any other account?

Now I will tell you how can a hacker use firesheep to hack a facebook or any other account, You will need the following things:

• Public wifi access
• winpcap
  
• Firesheep(Download)

Method

1. First of all download "Firesheep" from the above link and use the "openwith" option in the firefox browser

2. Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebar and click on Firesheep

3. Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly

Hope you liked the post! Pass the comments

Some posts from Past on Facebook Hacking:

How to hack Facebook Password
Hack Facebook Password using winspy
4 ways on how to hack Facebook password
Hack Facebook account using Facebook freezer

How to surf web anonymously with TOR

We all many times use proxies for staying anonymous on internet. Lets quickly check out , what we are actually doing while using proxies. We first connect to a proxy server which brings resources requested by us from the web server.

    
Thus a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing. Suppose we break into a server using a proxy server thinking that we are anonymous. But what if owner of web server starts enquiring about the clients connecting to it using the proxy server  and it is possible that owners of proxy server might  reveal our identity. This means we cant actually rely on proxy servers for being anonymous online. Here comes the concept of THE ONION ROUTING (TOR) into picture. By using this , the client traffic is supposed to be passed from three different servers or nodes before reaching to actual web server. It may randomly take any path through any three nodes.

Lets consider it has taken path shown by green arrows. Now

* Node 1 knows only actual origin(client) but not actual destinantion(web server).
*Node 5 neither knows actual origin nor actual destinantion.
*Node 9 knows actual destination but not actual origin.

Thus no one exactly knows which client is accessing which web server. So it is highly anonymous.

Installing and Using TOR:

Step 1. Download the TOR client from the given link and run the setup .
   
http://www.ziddu.com/download/12331095/vidalia-bundle-0.2.1.26-0.2.10-1.exe.html

Note: You need to install a Mozilla firefox add on which is included in package you have downloaded to use Tor.

                                          
Step 2. Open the 'Vidalia Control Panel' from the task bar and Click on 'Start Tor'.

                         
Step3. Now open Mozilla Firefox browser, single click on red highlighted 'Tor Disabled' on right corner of browser and it will turn to green highlighted 'Tor Enabled'.

Now just log on to 'www.whatismyip.com' and you will see your new public IP address that will keep changing after an interval of time according to the path randomly taken by web traffic through three different nodes.

About The Author
This is a guest post written by Aneesh M Makker. Aneesh M.Makker is an Ethical hacker from Malout, a town in Punjab.Click here to visit his Facebook Profile