1|Page Hacking

2|Page Hacking

Hacking
3|Page Hacking
TABLE OF CONTENTS
COPYRIGHT PROTECTION4
NOTES TO THE READER5
INTRODUCTION6
CHAPTER ONE: WIFI HACKING7
CHAPTER TWO: WHATSAPP HACKING11
CHAPTER THREE: FACEBOOK HACKING15
CHAPTER FOUR: GMAIL HACKING19
CHAPTER FIVE: ANDROID HACKING22
CHAPTER SIX: WEB HACKING27
CHAPTER SEVEN: WINDOWS HACKING32
CHAPTER EIGHT: SOCIAL ENGINEERING.36
CHAPTER NINE: CRYPTOGRAPHY.42
CHAPTER TEN: STEGNOGRAPHY.48
CHAPTER ELEVEN: DDOS ATTACK.50
CHAPTER TWELVE: EMAIL, SOCIAL ACCOUNT HACK AND DEFENSE.52
CHAPTER THIRTEEN: SATELLITE AND IP CAM HACKING54
CHAPTER FOURTEEN: DEFENSE AGAIN HACKING..58
4|Page Hacking
Copyright 2016
COPYRIGHT PROTECTION
The data contained in this book is secured under all Federal and International
Copyright Laws and Treaties. Consequently any utilization or reproduction of the
material in the book is precluded.
5|Page Hacking
NOTES TO THE READER
While the writers of this book have endeavored sensible endeavors to guarantee the
exactness and timeliness of the data contained in this book, the writer and distributer
expect no risk concerning misfortune or harm brought on, or charged to be created, by
any dependence on any data contained thus and repudiate all guarantees,
communicated or inferred, with regards to the precision or dependability of said data.
This production is intended to give exact and legitimate data with respect to the topic
secured.
6|Page Hacking
INTRODUCTION
Hacking has been a significant issue. Hacking has gained tremendous development
after the introduction of the web due to the access entry to frameworks around the
globe which this innovation gives. With the expanding utilization of the web, hacking
has additionally turned into a more significant issue lately. Hackers are typically young
people in the field of programming yet there are likewise some old sheep. Additionally
the simple access to a data has extended aptitude in the field of hacking. Presently it
doesn't require a specialist software engineer to hack a PC of private system. Only a
decent controlling article can transform a child into an expert hacker.
7|Page Hacking
CHAPTER ONE
WIFI HACKING

Wifi hacker is a wifi watchword hacking programming which empowers you to get full
access of any association close to you. Its propel tech can without much of a stretch
crush any wifi security created in year 2016 and later. This is the just a single free and
committed device for doing such sort of assignments. It additionally helps you in
making your own wireless association more secure and quick. Typically wifi hacker
programming are intended for just destroying a particular kind of security framework,
for example, WEP, WPA or WPA2. WPA 2 is the most propel innovation if there should
arise an occurrence of wifi hacker protection. Really it came as upgraded variant of
WPA and uses some of components from WEP to give you best security. WPA2 utilizes
the Advanced Encryption Standard (AES), which is the most encryption calculation
utilized for making passwords. You can envision this from this case:

With current and most innermost advance PC across the globe it takes many years for
breaking into any wifi hacking connection utilizing beast force attack.

Updates and Security Issues

8|Page Hacking

With the update to the security issues some blackhat experts grew such sort of
programming and instrument which can even break this divider in couple of hours.
Indeed, even today lion's share of the general population are uninformed of the propel
tech and utilize the past rendition of security. Now Wifi programmer programming
comes at the top; it outputs and demonstrates the system gadgets around you. This wifi
hacking programming not just tell you about the wifi hacking association around you
yet it likewise gives you full data about the security which they are utilizing. The
following are some recorded modules which accompany this stunning device.

Security Scanner and Connection

Proxy Grabber
Hack-In-To (Accessing To Any Network)

Wifi Hacking programming Features List:

9|Page Hacking

Wifi Hacker Software is truly simple to utilize due to its well ordered modules. Every
module accompanies new elements which you can delve into while testing you
possesses security. It's absolutely free device and is very adjustable with setting. You
can read and compose/change freeware opened codes. With this product you will
likewise get a free astounding reward which will manage you, about every one of the
components of programming. Utilizing both of these you can hack into any system
association in couple of minutes. You will likewise get full report of hunts all through
the association. It can be utilized on portable laptop or pc, well with the dispatch of new
application you can introduce it now on your android cell phone too. All elements
which are recorded underneath, is a full bundle which can be utilized for hacking and
securing any system association.

Works best on windows and android based working frameworks.

Easy to use interface
Wifi programmer Hacks into most developed security WPA 2 and other.
Accompanies Raz3r assault bolster
100% free of infections
Password hacker all in One Tool with zero cost.
10 | P a g e Hacking
How It Wifi Hacking Software Works?

It working look like truly basic from front end however here what happens in the back-
end. Wifi Hacker Software utilizes the one the most propel tech for social affair the
security data of the chose association. With the support of stunning customized hack
into modules it locate the 99% working secret key. You can intermediaries to beat the
following framework executed alongside the security. It wills absolutely namelessness
your assault absolutely safe from any-sort of wifi hack identification. The secret key
produced by the product can be utilized to get into the particular system. Here are the
accompanying strides which you can help you in introducing the wifi programmer
programming.

Download the wifihacker.zip for pc variant.

Unfasten and afterward stack the installer.
Run with fundamental setting and introduce the product

That is it you are done.

11 | P a g e Hacking
CHAPTER TWO
WHATSAPP HACKING

Whatsapp Messenger is a cross stage texting application. Whatsapp Messenger is

positively the most in fashionable instant electronic messaging application for smart
phone today. WhatsApp Messenger is accessible for android, iPhone, BlackBerry,
Nokia, Windows Phone and everyone today have whatsapp Messenger introduced on
their shrewd phones. But as each bit of innovation accompanies a couple of escape
clauses, so did Whatsapp Messenger.

Mobile

You may get to someone else's WhatsApp account through your cell phone, PC, or
spyware. Observing an individual's discussions without consent is an infringement of
security. Before you make any strides towards get to their WhatsApp account, approach
the person for authorization.
12 | P a g e Hacking
Uninstall WhatsApp from your telephone or gadget. This will clear your own data from
the application. You will reinstall it later and enter the individual's data rather than
your own.

Find and record the individual's Media Access Control (MAC address). Each telephone
is allocated a MAC address, a one of a kind identifier that serves as its online
personality. Macintosh locations are a progression of six sets of letters or potentially
numbers isolated by colons. For instance: 01:23:45:67:89: ab, 00:0a:95:9d: 68:16, and 00-
14-22-01-23-45.

Android: Open "Settings". Select "About telephone" then "Status". Record the
deliver to one side of "Wi-Fi MAC address".
iPhone: Launch "Settings" and select "General". Click "About". Record the deliver
to one side of "Wi-Fi Address".
Windows telephone: Click "Settings" then "About". Click "More information".
Record the deliver to one side of "Macintosh address". Record the address.
BlackBerry: Select "Choices" then "Gadget". Click "Gadget and Status data".
Record the deliver to one side of "WLAN MAC".

Find and record your MAC address. With a specific end goal to get to the individual's
WhatsApp account, you should swap their MAC address for yours. When you are done
survey their record, you should supplant their MAC address with your own. Once
you've found your MAC address, record it.

Android: Open "Settings". Select "About telephone" then "Status". Record the
deliver to one side of "Wi-Fi MAC address".
iPhone: Launch "Settings" and select "General". Click "About". Record the deliver
to one side of "Wi-Fi Address".
13 | P a g e Hacking
Windows telephone: Click "Settings" then "About". Click "More data". Record the
deliver to one side of "Macintosh address". Record the address.
BlackBerry: Select "Choices" then "Gadget". Click "Gadget and Status
information". Record the deliver to the privilege of"WLAN MAC".

Introduce applications that will give you a chance to change your telephone's MAC
address. Keeping in mind the end goal to sign into WhatsApp as someone else, you
should supplant your MAC address with the individual's MAC address.

iPhone clients, first Install Cydia from the web. Once downloaded, open the
application and scan for "system cmds". Tap on "system cmds" then "Introduce".
Press "Affirm". Once downloaded, look for "Portable Terminal". Click "Versatile
Terminal", trailed by "Introduce" and "Affirm".
Android clients, first root your telephone. At that point, download "BusyBox"
and tap the application and introduce it. At long last, download "Terminal
Emulator". These applications are free from the Google Play Store.

Utilizing Spy Software

Acquire authorization from the individual whose telephone you'll be observing. The
applications that you'll be utilizing are proposed for guardians, life partners, or
businesses to screen the movement of their kids, life partners, or representatives. They
require that you utilize them just with earlier assent, so make a point to ask the
individual whose telephone you need to screen and get their full authorization before
you continue.

Pick an application or program to utilize. Spyware applications are intense - they will
concede you about unlimited access to a man's electronic gadget. They are equipped for
following somebody's area, checking a man's WhatsApp, and notwithstanding
14 | P a g e Hacking
recording an individual's telephone calls. There are various distinctive applications or
projects you can look over. Alternatives include:

FlexiSPY
Highster Mobile
mSpy
Phone Sheriff

Purchase and introduce the application. Once you've bought the application, introduce
the spyware on your gadget. Keeping in mind the end goal to screen a man's cell phone,
you should download the spyware application on their telephone as well.

Set up the application and begin following. Take after the application's directions to set
up a record. In the wake of everything is set up legitimately, you will have the capacity
to survey the individual's WhatsApp messages. You will likewise have admittance to
their passwords, telephone calls, and instant messages.

If you need extra help, visit the Spyware's site.

15 | P a g e Hacking
CHAPTER THREE
FACEBOOK HACKING
Facebook is one of the celebrated and greatest long range informal communication site
over the Internet, it gives various elements to shield your record from hacking assaults,
a huge number of individuals are utilizing Facebook for various purposes get a kick out
of the chance to develop their business or to make friends and so on.

Evidently this Facebook hacking site has been around for more than four years however
surely understood Security Company Panda Labs guaranteed to have found it as of late!
This shady administration asserts that exclusive 1% of Facebook destinations can't be
hacked.

The administration cost $100 to anyone who needs to get a record hacked which is well
moderate in the event that you are driven by nonsensical emotions, for example, envy
of a friend or family member associated with duping. You would toss $100 at an
examination without contemplating it!

The site urges individuals to wind up digital hoodlums and hack others Facebook
accounts offering additional credits consequently. The site is extremely proficient in
nature and it is anything but difficult to request this vile administration. I won't
uncover the site URL in this article for clear reasons!
16 | P a g e Hacking
It's not just the undeniable security risk of having your own data stolen which is the
stress. Hacked records can likewise be utilized to send spam, malware and different
nasties to the objectives contact list. I don't have to let you know how humiliating it
could have an interloper spread pernicious data about you through your Facebook
account! This stuff happens each day.

A fast couple of minutes with some area apparatuses let us know that this site is
enrolled in Moscow. Hypothesis is that the general population behind this
underground administration is individuals from the Eastern European Internet Mafia.
Installments have been followed through a well known cash exchange administration to
the Ukraine.

Facebook has been tormented with security issues since turning into the most well
known informal organization on the Internet. Truth is told, even before they were well
known they had issues. Facebook as of late reported that the extent of their client base is
moving toward the number of inhabitants in the United States! So you can see the
potential for digital criminal movement is immense.

You can in any case discover a lot of individuals who don't utilize Facebook particularly
as a result of security stresses. Be that as it may, on the off chance that you should
utilize the administration (wink) ensure you bulk up your security by utilizing hard to
figure passwords. Additionally you ought to change your secret word consistently to
minimize the hazard. It's a combat area out there!

Advanced Facebook Security Tips

Assurance from Sniffing

17 | P a g e Hacking
Sniffing is one of the popular and normal hacking in which an aggressor can sniff your
data while your data go through the wire (for wired system) or through air (for remote
system), Facebook gives a selective element of encryption means your Facebook first
scramble the data (your ID and secret word) than exchange it to the server.

To initiate this component go to your record setting - Account security - Check on

secure perusing (HTTPS). After your whole program transform http into https that is a
safe channel to exchange data.

Append Cell Phone to Your Facebook Account

This is a standout amongst the most imperative component to ensure your record to
being hacked, let assume an assailant stole your ID and secret word of Facebook, than
the aggressor attempt to sign in from your record from an obscure PC, Facebook
obstruct this sign in regardless of the possibility that the watchword and ID is right,
Facebook hinder this sign in light of an obscure PC attempt to sign in your record than
Facebook will communicate something specific into your number to check this sign in.
This all happen when you turn on this component, go to your record setting - account
security - stamp mind sign in endorsements.

Some Other Tips

Well the most essential tips to secure your record has been talked about above, however
it is insufficient in light of the fact that you need to secure record from an assault like
data get-together, programmer utilizes diverse social designing procedures to get into
your record, to get increasingly data about yourself and you're encompassing people
like companions, relatives and others.
18 | P a g e Hacking
Why assailants do this thing? The answer is relying upon different variables for
instance this sort of data social occasion identify with your employment and
occupation, this might be identified with your exploration on a particular field and
numerous more reason. So you should consider this whole thing as an effort to establish
safety,

Do not accept unknown person to your friend list

Do not include an obscure individual into your companion list
Limit yourself to share the individual data on Facebook
Do not share your exceptional creation

Last but not the least, secure your PC from keyloggers and diverse sorts of secondary
passages, do redesign your working framework, utilize a smart and update antivirus
and firewall solution.
19 | P a g e Hacking
CHAPTER FOUR
GMAIL HACKING
Gmail security - Methods to protect Gmail

Gmail is regarded as the popular internet based E-mail platform on the planet, actually
it's far more than merely an Email account. Lots of people utilize the extra features that
come with Gmail, just like Google Drive, YouTube, The calendar and so on. What if a
hacker gains entry to your Gmail account? He would gain access to your E-mails, your
documents on Drive, your calendar meetings and more. If the hacker gets access to our
Gmail account he could potentially hack every account we have on the web. Here's a
good example of how hackers break into a PayPal accounts once they hacked your
Gmail. All they will is go over your emails, discover what companies you're registered
to, in this example PayPal. Then they go over to PayPal.com click "I forgot my
password", some sites inquire some silly queries which can be quite simple for the
hacker to discover, such as "What was the name of your high school", and so the site
just sends the new password to your email account - Game over - the account has been
hacked. In this article we'll target Gmail security and just how Google helps us
accomplish these using uncomplicated features that they've developed.
A lot of our most crucial private information is in our Gmail and in the era of adware
and spyware, key loggers and phishing sites, using only your password to protect our
precious details may not be sufficient. Gmail is often a constant target for attackers
because it wins hackers a considerable source of income; thankfully Google is aware
20 | P a g e Hacking
about that. That's why Google built a number of things to assist all of us maximize our
Gmail security, lets examine those mechanisms.

Two-step verification

At times known as Multi Factor Authentication, this technique adds a level of

protection to your account. As soon as you enable this feature, you'll receive a SMS
message which has a confirmation code every time you sign in. Then Gmail asks for this
code in the sign on process. The two step verification guarantees that you have 2 things
so that you can sign in: Something you know (The password) and something you have
(Your cellular phone). You can tell Gmail to trust your computer for Thirty days, so you
won't be sent a Text message whenever you login. Two-step verification is a well
known principle in the Information Security community and its considered one of the
ideal methods to enhance security.

I strongly recommend making use of 2SV, it increases your security by many factors
and it's easy to enable.

Notifications

This feature helps you stay in tune with the security of your account. The notification
option, should you enable it, will alert you on the phone or by E-mail (A back up Email
address you have) in case your security password has been altered, or possibly a
suspicious sign on has been attempted. This really is helpful because if a hacker
manages to hack your account and to change the password, you may quickly take
action and reconfigure your other web accounts, like PayPal and Facebook to send mail
to your backup Email rather than your Gmail account. This will likely cut the
21 | P a g e Hacking
connection between the compromised Gmail account and your other website accounts.
This course of action will contain the hacker's access and reduce the danger.

Connected applications and Sites

Gmail can communicate with other web sites and you may choose to give these sites
access to your Gmail account, a few hackers make use of this option in order to get
access to unsuspecting victims' accounts. You ought to examine this list of connected
applications and site and make sure that you trust each of the websites which are listed,
Should you don't then remove them.

Recover

Lastly if you're concerned about losing the important data that's on your account you
could back up things by downloading it to your computer. Sadly Google only supports
back up for Buzz, Contacts, Drive, Reader and YouTube and not the inbox messages
themselves.
22 | P a g e Hacking
CHAPTER FIVE
ANDROID HACKING
Android is at present the most well known portable working framework being utilized
by more than 80% of the advanced cells. With such a tremendous prevalence, the stage
is additionally powerless against assaults. As indicated by Zimperium, a portable
security firm, there is a noteworthy imperfection in the working framework which gives
the programmers a chance to break into your gadget just by sending content to your
telephone number.

One primary concern you have to know is that, you don't need to open any connection
or download a degenerate document to offer access to the aggressors. They can simply
take the control over your telephone as and when you get the pernicious instant
message. As per a security analyst, the aggressors could pick up the entrance to your
telephone even before your telephone sounds to tell you about the message. It is by all
accounts more perilous; everything happens before you could see anything.

Here is the way the malevolent content assault works:

An aggressor just makes a video by stuffing the malware inside it and just sends it as a
message to your number. When your telephone gets the message, it forms the message
and triggers the weakness.

Google's informing application "Joints" forms the recordings right away and spares
them onto your telephone's exhibition so that the client doesn't need to squander the
23 | P a g e Hacking
time searching for the video. In any case, this is very unsafe as it welcomes the malware
specifically to the gadget.

It appears somewhat secure in the event that you are simply utilizing the default
informing application on your telephone as it is less hazardous as per the security
specialists. Since in the informing application, you should see the message before your
telephone begins handling the connection. Be that as it may, the clients don't need to
playback the video for the gadget to get contaminated.

Once the programmers pick up the entrance to your telephone, they will have the
capacity to duplicate the information on your telephone, erase it, and have the control
over your mouthpiece with the goal that they can screen every last move of yours. So
once they get in, they can do nearly anything they need.

Only a couple of months prior, Google was cautioned about the helplessness and it
have additionally built up a settle for it. In any case, it would set aside some time for the
settle to achieve your telephone. Luckily the security specialists who found the
powerlessness haven't found any confirmations of the endeavor being utilized
uncontrollably. In this way, the individuals who are utilizing "Home bases" as their
default informing application can do only seek after the settle soon. The individuals
who are utilizing the default informing application on the telephone will be somewhat
secure as it is less perilous. Additionally, the clients must be exceptionally watchful
about their telephone number and are exhorted not to post the number on the web
pointlessly.

Unholy Hacks: Dealing With the Vulnerabilities of New Android Phones in the
Market
24 | P a g e Hacking
New Android phones pop out in the market almost every month, with even more apps
being developed to maximize the ever-increasing specs of the latest Android phones.
These apps are the lifeblood of Android phones, as they expand a phone's capabilities
to match the needs and wants of the user.

This open nature of the Android platform, however, does mean that you have to be a bit
more cautious with the apps you install on your phone.

Unencrypted Keys

Do you stop and ever notice the 'permissions' that apps ask for when you first install
them on your new Android smart-phones? The data and features these apps access are
controlled by certain keys, which are supposed to be encrypted by the developer to
prevent third parties from using the said keys to access data and features on the
aforementioned new Android phones.

The problem, however, is that some developers - many, actually - do not encrypt these
keys. This was revealed by a study conducted by researchers at Columbia University,
where they downloaded more than a million Google Play apps and de-compile the data
from these apps. Less benevolent individuals could use or have already used the
unprotected keys to gain access to sensitive information they otherwise should never
have accessed if the keys were encrypted in the first place.

Vulnerable (ASLR) Protection

Address Space Layout Randomization (ASLR) is a feature in many new Android

phones that protects them from buffer overflow attacks, which in turn have the
25 | P a g e Hacking
potential to corrupt and/or exploit data on even the newest Android phones on the
market.

The problem, however, is that recent performance optimization measures on the

Android platform have weakened this protection in order to speed up some of the more
recent Android smart-phones. Researchers from Georgia Tech are responsible for
revealing the vulnerability.

Not everything is gloom and doom, though. There are a few measures you can take to
better protect your new Android smart-phones against unauthorized access:

1. Keep Your OS Updated - seriously, this is the most reliable method of protecting
your phone. Even the latest Android phones receive updates that can address the
aforementioned vulnerabilities, so keep an eye out for updates on your phone's
version of Android.

2. Get Apps From The Google Play Store - while not all apps in the Play Store are
100% secure, the vetting procedures required for apps to get into the store in the
first place significantly reduce the chances that you install a malicious app on
your phone in the first place.

3. Avoid Rooting or Jail-breaking - you may get more functionality from a rooted or
jail-broken phone, but you do at the risk of making it easier for malicious code to
worm its way into the OS.
26 | P a g e Hacking

4. Install 'Vault' Apps - if you want to protect specific files or documents on your
phone, then you may want to install an app that 'locks' data behind an extra layer
of password-enabled encryption. You can at least expect these apps to protect
your files even if your new Android phones are compromised.

Just remember: even the new Android device that hit the market can be vulnerable to
the right kind of exploit. Stay up to date, take measures to protect your phone, and you
will find your data a lot safer than you first thought!
27 | P a g e Hacking
CHAPTER SIX
WEB HACKING
In the event that there is one thing that individuals would prefer not to endure when
they are on the web, it is a hacker that upsets Internet associations and even influences
the records a client has on a PC. Here is a gander at how hacking the web raises security
issues and how hackers can be halted so that these security issues won't be an issue.

One of the ways that hacking the web raises security issues is that it can make unsafe
software. Hackers can without much of a stretch embed malware into a PC. This
comprises of records that can be particularly harming to the PC. The purpose behind
these harming capacities is that a hacker can without much of a stretch look through
and alter records that are inside a site or the PC of a client on a site. Hacking the web
raises security issues since it influences the sites includes, as well as influences the
clients of the locales that have been influenced.

Hackers who chip away at hacking the web can take particular data that different
gatherings may provide for sites. This incorporates telephone numbers that can be
utilized to call individuals with spontaneous offers. Sometimes, a hacker may have
more control over the malware that is utilized and accordingly embed this product into
a cell phone that is recorded on a site database. This can bring about the programmer to
take significantly more telephone numbers.

As a rule, the hackers can send information to individuals on a contact rundown and
this is then considered spam. They can send infections and different bits of malware
28 | P a g e Hacking
that will just wind up growing the level of force that the hacker has. A few people may
not comprehend what to do with the messages that they get from a hacker since they
may not know precisely whether the message is real. This makes it clear that hacking
the web raises security issues.

A Hacker can take the particularly touchy budgetary information, and this is another
motivation behind why hacking the web raises security issues. For individuals who will
be sending money related data and other imperative bits of information to a site the
data can be particularly essential. A hacker for that individual to use for that
individual's preference can take the data. This incorporates not just charge card
numbers and other data with respect to these cards additionally Social Security
numbers.

Since hacking the web raises security issues, it is best to utilize a couple of
straightforward tips to work with enhancing security. For organizations that run sites
that might be inclined to programmers, it is best to introduce a decent firewall onto the
server. This can be utilized to screen approaching transmissions and piece any product
that will be sent to the server without the consent of the organization that claims the
server.

Having the fitting antivirus software is required. A run of the mill firewall program will
have the majority of this data. This can be utilized for a server the length of the program
will consequently upgrade itself as new data on infections and different unsafe things
that hackers may need to access a site or your PC are known. With programmed
overhauls, it will be less demanding to be secured.

Furthermore, for individuals who visit these locales, a firewall can be utilized. General
measures that the normal individual ought to utilize can help as well. These incorporate
29 | P a g e Hacking
going to just sites that can be trusted and by not opening any online connections from
any messages that may have been sent therefore from going by any destinations.

It is obvious that hacking the web raises security issues. By dealing with these dangers
with a decent firewall and antivirus program and by perceiving how hackers will
investigate influencing a framework it will be simpler to handle hackers and some other
risky things that may come around.

Website Security - Beware Of Various Types of Website Hacking

Is it true that you are thinking about whether your site and online information base is
secure? Is it very simple for a malevolent shrewd person to break into the security of
your site and utilize it to satisfy some perniciousness purposes? On the off chance that
yes, then site security is something that you ought to deal with keeping in mind the end
goal to shield the same from malignant exercises. Hacking is something that is known
to take away the sound rest off a site proprietor. This is one of the primary progressing
worries of a decent number of site proprietors. Hacking is essentially identified with
undesirable interruption by the onlooker of a keen malevolence mind into a site and
utilizing it to serve some indecent aims.

A hacker, infection or even a spam bot holds the capacity of bringing on noteworthy
harm to your site and in this way, hampering the matter of your organization. A
programmer can increase unapproved passage into your site, take data like client
information, card subtle elements, physical locations, contact numbers and other
valuable information, and utilize the same of exploitative exercises. This can bring
about a lot of misfortune regarding time and cash spent in recovering the things on
track. Infection and spam bots are additionally fit for doing some comparative kind or
30 | P a g e Hacking
serious harm. Along these lines, similarly as Website Security is concerned,
counteractive action is greatly better than cure.

Further, I have examined some fundamental sorts of hacking that can presumably
influence the working of your site. Have a more critical take a gander at these sorts of
web hacking with a specific end goal to keep your site from the plausible eventual
outcomes.

Injection Attack

It is something that is infused by any outsider into the principle edge of the site through
the URL of the site. SQL infusion is the most widely recognized types of infusion
assault that includes entering SQL codes into the structures or by means of URL with a
specific end goal to assault and move the SQL database. The hackers can erase, recover,
change and upgrade the data show over the database.

Cross Site Scripting

Cross Site Scripting or XSS is one of the fundamental vulnerabilities which for the most
part assault the clients of MySpace, Google and Microsoft. It is about settling in the
JavaScript into the hyperlink and the scripts begin seizing sessions, advertisements and
appropriate the indispensable data. The fundamental distinction between a hyperlink
and a scripted connection is that it will demonstrate a surplus code toward the end.

Website Misuse and Accidental Hacking

There is no settled breaking point on how one abuse a site and not each programmer is
master. You may have gone over various approaches to abuse a site either inadvertently
or by chance. In some cases incidentally tapping on the catches when you shouldn't do
31 | P a g e Hacking
as such or performing something more than customary can bring about issues on the
sites that are not legitimately customized. On the off chance that the clients are abusing
a site deliberately or incidentally, in this manner producing a few blunders can render
the site pointless.

In this way, on the off chance that you need to possess a sheltered and secure site, then
you out to take a shot at the site security and shield the same from these likely sorts of
hacking.
32 | P a g e Hacking
CHAPTER SEVEN
WINDOWS HACKING

Windows is an extraordinary working framework with countless components -

including client accounts and passwords. The secret key framework has been a security
include for 1,000's of years, however shockingly for us - on the off chance that we
overlook it on our Windows PCs, there are valuable few approaches to get once more
into your PC without it. This instructional exercise will demonstrate to you a
straightforward and compelling strategy that will permit you to "hack" the secret key of
your PC by utilizing an uncommonly made bit of programming. This is what you have
to do...

The secret word of Windows is the primary boundary to stop hackers getting to your
PC, yet in the event that you produce the watchword, you could be in a bad position.
There are presently just two approaches to settle the issue of not knowing secret word
on your framework - by either reinstalling Windows or by utilizing a watchword reset
device to "hack" the watchword. Give us a chance to start by saying that the principal
strategy (reinstalling Windows) is really the most troublesome and it will wipe every
one of your information. If its all the same to you beginning once again, then you ought
33 | P a g e Hacking
to hope to reinstall Windows and permit your PC to keep running with a new form of
the framework... be that as it may, on the off chance that you would prefer not to lose
any of your information, you ought to take a gander at utilizing a secret key reset
program to repair the issue.

So as to reset your Windows secret word without losing any of your information, it's
fitting that you utilize a product device known as a "watchword reset" program. These
are moderately new apparatuses which have been intended to find the put away secret
key settings on your PC and expel the put away points of interest from that point. These
projects work extremely well in view of the way they are intended to experience the put
away secret key settings of your PC and expel any of the information inside there. We
are very lucky in that all forms of Windows store passwords similarly - they keep them
in an arrangement of indistinguishable records and settings on your hard drive, which
are then used to "think about" against the secret word you write in. The reason you are
denied get to is on the grounds that these put away secret key settings don't correspond
with the one you wrote in - implying that in the event that you can some way or
another expel the put away settings, you'll have the capacity to sign into your
framework once more.

The best approach to "hack" your put away secret word and permit your PC to log you
in again is to utilize a watchword reset program. These are programming instruments
that have been intended to look over the hard drive of your framework and expel the
different put away secret word settings that are on your framework. These devices are
extremely sheltered to utilize, and will essentially stack up before Windows does and
after that reset the secret word settings on your hard drive. It will then restart your PC,
where you ought to have the capacity to log back in once more. These devices are
34 | P a g e Hacking
presently turning out to be exceptionally famous because of their usability and
unwavering quality.

Regardless of in the event that you have Windows XP, Vista or 7; on the off chance that
you overlook the director secret word for the framework, there are not very many
approaches to get back in once more. Truth is told, the main two approaches to recover
access to your PC on the off chance that you don't have the secret word any more, is to
either reinstall the framework, or to "hack" it with an extraordinary bit of programming.

To start with, how about we discuss reinstalling your framework, windows is only a
major program that keeps running on your PC. This implies you can "reinstall" it to
access your PC once more. In any case, this exhibits a HUGE issue - reinstalling
Windows will truly wipe your hard drive and will leave your PC with no of your
settings, documents or projects that you had introduced some time recently. This
technique is not prescribed in the event that you need to keep your records/programs...
also, is just utilized by a chosen few individuals who simply need to access their PC
once more.

The more strong strategy to recapture access to your PC is to utilize an extraordinary bit
of programming, known as a 'watchword resetter' apparatus. This product essentially
stacks up before Windows loads and afterward "hacks" the documents inside your
framework that contain the watchword. We're fortunate in that all forms of Windows
keep their passwords put away similarly, implying that you can utilize one of these
projects to stack up onto your Windows 7 framework, change the different documents
and envelopes that store the secret key, and permit you to sign in once more.

This system is favored by most, and is the one that will reset the secret key of your PC
with no further issues. Obviously, you could likewise reinstall your PC - yet that would
35 | P a g e Hacking
lead your framework to have none of your records/settings inside. You can utilize the
watchword reset programming to rapidly access your PC once more, by giving it "a
chance to hack" your framework's records and settings.

>>Open COMMAND PROMPT while Locked by User.

Open scratch pad

Type www.command.com
Then spare as cmd.bat at desktop
Then enter now its open.appreciate

>>If your PC is moderate? At that point tidy up the slam

Open scratch pad

Type FREEMEM=SPACE (64000000)
Save it as ram.vbs
Tresently run the script.

Look at!! >>Crack BIOS Password

Open the CPU

Observe the Motherbord
Remove the Silver Battery (3v)
Wait 2 minutes and place the Battery

>>Restoring a Lost Desktop-

Start
Run
Sort a period" . "
At that point press Enter
36 | P a g e Hacking
CHAPTER EIGHT
SOCIAL ENGINEERING
Security is only ever as strong as its weakest link, and the majority of the time, an
organizations users becomes the weakest point. No matter how much money is
invested in security, installing firewalls, intrusion prevention systems, complex remote
access systems, security guards, physical access passes or a myriad of other solutions
that combine to form strong layered security, if users are not educated in the basic
principles of security, it is all pointless.

One of the greatest risks to an organization is the possibility that one of its users could
be manipulated or deceived into performing some action or disclosing confidential
information to someone outside the business. Information Security terminology defines
this manipulation as "social engineering". While the term social engineering is a fairly
new term, this type of attack is as old as the human race itself. Two of the most famous
social engineering attacks are those of the story of the wooden horse of Troy from
Homer's "The Odyssey", and dating even further back to the start of the Bible with
Adam and Eve and the Devil's manipulation of Eve to persuade her to take a bite from
the apple in the Garden of Eden.

In the story of the wooden horse of Troy, after the Greeks had failed to overthrow Troy,
they built a giant wooden horse which they left outside the city. Leaving one soldier
behind, the Greeks left the outskirts of Troy to return home. When captured, the soldier
told the people of Troy the Greeks had left the wooden horse as an offering to the Gods
37 | P a g e Hacking
to ensure safe travel. He also disclosed they had created the horse too large for it to be
moved within Troy as bad luck would befall the Greeks if this came to pass. Little did
the people of Troy know that hidden inside the horse were a number of Greek soldiers.
Of course the people of Troy could not resist moving the horse inside the gates to inflict
ill-luck on the Greeks. In this text book example of social engineering, the soldier had
manipulated the people of Troy into performing the action of moving the horse, with
the Greeks inside, inside the city walls, something the Greeks had not been able to do
themselves. That night the Greeks slipped out of the horse, killed the guards and
opened the city gates to allow the rest of the Greek army in to defeat Troy.

While not IT related, the story of Troy is a perfect example of strong security defeated
via the weakest link, something people do not necessarily even see as security related.
Troy had withstood the attacks of the Greeks for over a decade. They had guards and
soldiers, strong impenetrable walls and food to sustain them for countless years. It was
only via the weakest link in their security model, their residents that the Greeks were
able to succeed.

In the present day, IT and physical related social engineering attacks are aimed at users
in an attempt to reach a number of specific outcomes. The most common objectives are:

Gaining access to restricted data;

Gaining access to restricted areas;
Monetary gain and profit; and
Identity theft

The first two in the list, gaining access to restricted data and areas, are most commonly
aimed at gaining unauthorized access to an organization. Identity theft is generally
38 | P a g e Hacking
aimed at individuals, whereas monetary gain targets both areas. While initiation and
execution of these attacks follow different methods and paths, they all follow the same
principle: manipulate the user without them knowing.

Organizations are not the only prey of the social engineer. The vast amount of SPAM
and Phishing attacks everyone receives in their email is just another form of social
engineering. Phishing attacks, the act of attempting to gain sensitive information by
masquerading as a trusted individual, is a perfect example. The only differences
between the attacks described above and Phishing are the targets and the methods.
Phishing tends to aim at individuals on a personal level, rather than aimed at an
individual in an attempt to compromise an organization. Also, while the above methods
are manual attacks, Phishing is generally automated and aimed at hundreds, thousands
or even millions of users. This method provides the attacker with a much higher success
rate and correspondingly, considerably more profit.

The only defense against social engineering is education. Organizations should

implement a security awareness program that becomes a requirement when new staff
begin, including annual refresher courses for established staff. Security awareness is an
integral part of an organizations overall security implementation, and as such, is a
mandatory requirement in the Payment Card Industry Data Security Standards
(PCI:DSS), section 12.6. Security awareness and training is also specified in section 5.2.2
of the ISO 27001 security standards. While security awareness training should include
such areas as password policies and acceptable use, the following areas specific to social
engineering should be discussed:

Always wear identification badges

39 | P a g e Hacking
Identification badges should be worn and visible at all times by all staff, contractors and
visitors. These should be easily identifiable and to all staff. Visitor IDs should be
returned at the end of their visit and disposed of properly.

Question unknown people

If staff sees someone within their area that they do not recognize, or someone trying to
tailgate, question them. Ask to see their ID or who they are visiting and escort them to
that staff member.

Remove or turn around identification badges when outside the office

Staffs who wear identification in full view when outside the office are providing more
than enough information for an attacker to start a social engineering attack. While some
passes only display a photo, most have valuable information to a social engineer.
Common information displayed on corporate ID passes includes their full name,
company and even the department the user belongs to within that company. When
leaving the premises, remove the badge and place it in your pocket or handbag, or at
the very least, turn the badge around so no information is visible.

Never write down passwords

Passwords should never be written down, period. Choose passwords that can be easily
remembered without the need to write it down. Users commonly write down
passwords and stick them to monitors, under keyboards, on their cubicle walls or place
them in their desk drawer. A social engineer, contractor, visitor, cleaner or even other
staff can easily see these when walking by a desk or by taking a few seconds to look for
them. Papers, especially post-it notes that easily stick to other items, are commonly
40 | P a g e Hacking
thrown out in the trash accidentally. This allows easy access for social engineers
performing trashing attacks.

Help Desk staff should always validate users fully before disclosing any information

When talking to users on the telephone, any request to disclose or modify information
should require Help Desk to fully validate the user on the other end. Validation
questions should always include some form of "non-wallet question". A non-wallet
question is something about a user that cannot be discovered from reading the contents
of their wallet. If questions like, DOB, address or drivers license number are used, a
social engineer that has stolen a wallet or been through a user's trash will have easily
obtained this information. Non-wallet questions should be something that the user
knows and is not easily found out via trashing, Googling or simple social engineering of
the user to obtain the information.

Shred all documents

All documents with any form of sensitive information should be shredded or placed in
secure disposal bins that are shredded by a trusted third-party company. No documents
with any confidential data should ever be thrown in the trash or recycling bins.

Do not open email attachments or visit URLs from unknown people or from
suspicious looking emails

Users should be educated in basic phishing attacks and how they can identify a
phishing attack versus a real email from a valid source.

A few examples include:

41 | P a g e Hacking
Banks and other financial institutions will never send emails asking for your
credentials or to log in to your account by using a link in the email.
If a suspicious looking email is sent requesting you to visit a URL to a company
you know, do not click on the link. Instead, open your web browser and
manually type the known URL for the company and visit the site that way.
Never open an attachment sent by someone you do not know.
Be wary of executable type attachments, for example, .exe, .com, .scr, sent by
friends unless you are expecting this type of document. They may not realize
that they are sending you a malicious file.

If a security awareness program is developed and implemented, the chances of

successful social engineering attacks become far less likely. If an organizations users
are no longer the weakest link, attacks against the company become a lot harder. Not
only does security awareness help protect an organization; it also helps defend users in
their personal lives. Understanding common attacks and how to recognize and defend
against them will help users protect themselves against attacks such as phishing, aimed
at stealing their bank account or other personal details.
42 | P a g e Hacking
CHAPTER NINE
CRYPTOGRAPHY
In the 21st Century, information is being exchanged electronically at an ever-increasing
rate. Financial markets, commerce, and communication between citizens of all nations
are utilizing the Internet and proprietary networks to exchange sensitive information. In
pace with this trend are those rogue persons increasingly intercepting this information
or supplanting it with misleading or erroneous messages. To continue effectively in this
space Java developers should be aware and capable of building components and
architecting systems based on a reliable technology that can fit within a secure
environment. An available technology for securing facets of systems is Cryptography.

Sun recognized that their Java programming language was being used to develop e-
commerce systems. To address the requirement for secrecy they offered the JCE to the
Java community as a downloadable API from their website. When Sun acknowledged
that systems were increasingly using this API, they bundled it with the SDK in 2002.

The JCE is a pluggable technology. Sun defined the JCE interface but the technology is
quite flexible; it allows different entities to provide its implementation. This facility was
largely motivated by the fact that cryptographic products are under US federal export
controls. The US government maintained that cryptography products are "weapons"
and mandated that they fall under federal export controls.

The strength of a JCE implementation is largely dependent on the key sizes that it
supports. Sun's standard JCE implementation currently shipped with the SDK is in
43 | P a g e Hacking
compliance with the US's export controls. This means any Java system utilizing Sun's
JCE implementation can be exported outside the US. However, the cost of using this
implementation means a reduction of the Java system's strength. The beauty of the JCE
is that it is possible to develop a system honouring the JCE and plug in a stronger JCE
implementation. One such JCE implementation is Cryptix[2], an open source solution
being maintained and developed by developers from The Netherlands and around the
world. The Cryptix solution is useful since the code is open, has an active community,
and has deep experience writing cryptographic software.

Before a developer can take advantage of the JCE it is useful that he understand the
technology on which it is based. To this end the document will establish a few
definitions and continue with a disclosure of cipher systems and protocols. These will
aid the reader with understanding the JCE as well as other documents related to
cryptography.

Definitions

Secret Key: A secret piece of information which is shared by two parties and used when
securely exchanging information. To be effective the secret key is smaller than the
information to be shared. It is used in conjunction with a cryptographic algorithm to
encrypt or decrypt sensitive data.

Encrypt: The method of scrambling information to secure it against onlookers.

Encryption is used with a secret key that is known only by the sender and receiver of
the sensitive information.

Decrypt: The method of descrambling information from a previous encryption.

Decryption requires the knowledge of a secret key.
44 | P a g e Hacking
Cryptographic Algorithm: Method which describes how a secret key is utilized to
encrypt or decrypt information. It is also known as cipher.

Plaintext: The information to be secured.

Ciphertext: The scrambled information after an encryption process using a

cryptographic algorithm and a secret key.

The JCE includes an assortment of cryptographic algorithms to perform encryption and

decryption. Assuming a correct implementation, the greater the size of a secret key
supported by an algorithm, the more secure an algorithm can be made. Cryptographic
algorithms are used in the context of two systems.

Cryptographic Systems

There are two systems used in cryptography: symmetric and asymmetric (or public-
key). Symmetric cryptography deals with keeping information secure with a single key;
whereas asymmetric cryptography can secure information utilizing two keys. In the
case of public-key systems, information is secured with a publicly known key and
decrypted only with the secret private key.

Symmetric cryptography has the advantage of being fast. The operations it performs are
transposition and substitution; which can be effectively expressed in hardware or
software. The problem with symmetric cryptography is that its secrecy relies on the
privacy of the shared key. An example of a symmetric cryptosystem would be one
utilizing the DES (Data Encryption Standard), Blowfish, AES (Rijndael)[3] algorithm.

Asymmetric cryptography requires two keys (one to be kept secret, and another which
can be publicly known). This scheme is superior to symmetric systems because it can
45 | P a g e Hacking
facilitate secure key exchange and authentication, but it does so at the cost of slower
processing times. Public-key systems use hard mathematical problems for the basis of
their security.[4]

With these two systems various cryptographic protocols can be expressed and utilized
for sharing secrets.

Cryptographic Protocols

In line with other security texts the author will use the characters Alice, Bob, and Eve.
The first two are representative of systems that want to engage in a secure information
exchange. Eve represents an entity who wishes to intercept sensitive information or to
pose as Alice or Bob.

Consider that Alice and Bob are both intelligence operatives. Alice wants to give Bob
the coordinates of a valuable witness who is in a safe house. The witness must show up
in 8 days to testify at a court in The Hague. Unfortunately both are on different
continents: Alice lives in Toronto and Bob is located in Holland. Alice does not want
anyone else, like Eve, to find out where the witness is located, because Eve would
surely divulge the location to the Mafia - the organization against which the witness
will testify. Eve is also interested in thwarting Bob's attempts to find the witness and
will do whatever it takes to push him off course. Alice and Bob each have the use of the
Internet and access to a Java development system, including a full strength
implementation of the JCE.

Alice and Bob are knowledgeable in cryptography and Java development. Over an
insecure means Alice and Bob determine they will use the Rijndael algorithm to
46 | P a g e Hacking
scramble their information [5]. The next step is for each to consider a protocol with
which both will use to securely and effectively exchange information.

Simple Symmetric Protocol

Alice may choose to use the simple symmetric protocol. It requires that Alice and Bob
establish a secret key with which the location can be encrypted. The two need to
somehow agree upon the secret key in a secure manner- like in a private conversation,
for example. The steps to accommodate a secure exchange using a simple symmetric
system would be:

Alice would type the witness' location into a simple text file using an editor.
Alice would use the Rijndael cipher from the JCE to scramble the text file using
the secret key agreed upon with Bob.
Alice would send the output of step 2 to Bob using email.

4. Bob reads his email, expecting a scrambled bit of text from Alice, and uses his JCE
decryption Java program to descramble the text using the secret key agreed upon with
Alice. Bob would now have the location of the witness.

Hybrid Symmetric/Asymmetric System

Utilizing an asymmetric cipher it is possible for Alice to securely send a secret key to
only Bob. Eve could not determine it while it is in transit to Bob because it is encrypted
with his public key (and the only way of decrypting such a message is with Bob's
corresponding private key). Only Bob's private key will descramble the secret key. With
the secret key known only to Alice and Bob, both can utilize their favorite symmetric
algorithm, Rijndael, to securely exchange information.[6]
47 | P a g e Hacking
Alice and Bob decide upon this protocol and find no success in its use. Alice and Bob
know that each are operating within a secure channel - but Bob is receiving a large
number of emails from Alice. As Bob opens each one the contents are directing him to
locations where the witness cannot be found.

After some false leads on the whereabouts of the witness, Bob is becoming more
reluctant to trust the supposed encrypted emails from Alice. He is receiving a large
number of emails from Alice offering the location of the witness, but he can't determine
which one is correct. He suspects that Eve is using his public key and sending emails to
him feigning to be Alice. There are only days left to find the witness before the
important court appearance. To address this, Bob calls Alice up on the telephone and
instructs Alice to sign her emails so he can authenticate the origin of the emails. Now,
should Eve continue to try to send Bob off-track - Alice's email can be picked out from
the other junk emails?

Signing Protocol

In addition to facilitating secure key exchanges, public key systems also support the
ability to sign a message, the electronic equivalent of a person's written signature.
Specifically, it is with one's private key that a person may electronically sign a
document. To reduce the amount of processing and overhead with signing large
documents, hash functions can be used to reduce the effort.
48 | P a g e Hacking
CHAPTER TEN
STENOGRAPHY
When was the last time you didn't dread going to work? Do you long for integration
between the work you do and the ideals you value - a true vocation? Well, you're not
alone. There are countless numbers of people who share your despair and frustration.

In today's uncertain world, a specialized career that offers self-employment

opportunities and those benefits from evolving technology is especially desirable. Self-
employment offers a certain degree of control over your income, work hours, and work
environment.

Closed Captioning service has grown significantly due to evolving legislation. All
transcription services, whether it be Court Reporting, Broadcast or Closed Captioning,
or Real-time Reporting, have improved from the advancement of technology, ensuring
future demand for these services.

Now, more than ever before, we must rely on ourselves for stability. I know many of
you have undergraduate or graduate degrees, but work at jobs where either the salary
or the challenge is not commensurate with your education or aptitude.

Stenography is an exciting vocation that pays well and provides a work environment
that offers on-going learning about a diverse array of subject matter. And, you don't
have to incur a huge amount of debt, or spend an unreasonable amount of time on
training.
49 | P a g e Hacking
What is a Stenographer?

A Stenographer is an individual who transcribes speech-to-text using a stenography

machine. The words Captioner, Reporter, Court Reporter, Transcriptionist, and
Stenographer, are sometimes used interchangeably, depending on the environment
where the transcription takes place and the method by which speech is transcribed.

Requirements to Become a Stenographer

Whether you've decided it's time to change careers or it's time to become your own
boss, there are two resources you'll need to become a Stenographer - time and money.
You can expect to spend anywhere from one year to two and-a-half years becoming
proficient enough at keyboarding to pass the certification exam required by your state,
if your state requires one. Most do, currently, eighteen do not.

Although you will need to invest in training and equipment, the cost is much less than
the amount of start-up money required opening your own "brick-and-mortar" business.
And, it the cost is also less than a four-year college degree. The cost varies greatly,
however, depending on the method of training you choose.

Four Steps to Becoming a Stenographer

Choose desired method, and complete the training

Purchase equipment
Obtain certification
Obtain employment, or begin marketing yourself as a freelancer
50 | P a g e Hacking
CHAPTER ELEVEN
DDOS ATTACK
In order to fully stopping DDOS attacks, you need to understand the concepts behind it
first. Denial of Service attacks or DDOS attacks are common in the internet. It is actually
an attempt of several groups to make a computer source seem unavailable to several
users and community members. It generally consists of concerted efforts from several
individuals or multiple people to prevent a server or a website functioning. Usually, the
attacks are designed to indefinitely or temporarily take down a site. Stopping Denial of
Service attacks can be done through several techniques. Firewalls, switches, and other
forms of Intrusion detection programs are primarily used to stopping DDOS attacks but
in this day and age, they are ineffective when it comes to well planned intrusions. In
order to stop the new generation of attacks, users would need to learn of new
mitigation techniques. These techniques are still effective regardless of what type of
attack occurs. By knowing these techniques, users would surely be able to protect their
servers and by stopping DDOS attacks they would be able to aid their respective
systems.

One of the most common ways in stopping Denial of Service attacks is through the use
of active Verification. Active verification can be done through Legitimate IP address
crossing and matching. It is necessary to identify cache and legitimate IPs through a
memory bank for a limited period so that you would be able to detect which IP
addresses are spoofed and which ones are legitimate. Once the checking is done, you
can further protect and check on legitimate IP addresses by rate through limiting
51 | P a g e Hacking
zombies which have the capabilities to complete three way handshakes. Usually,
stopping DDOS attacks would be easy when using this technique since most attacks are
written using various scripts which continuously vary from a few parameters from
several network packets. Another way to stop the attacks would be to perform an
anomaly check on headers as well as states and the rates of any device. Several
applications can actually filter out the IP addresses and attack packets hence stopping
DDOS attacks. By using simple firewall rules, such attacks would not be possible.

Protocol and Granular rate limiting are also excellent ways in stopping Denial of Service
attacks. Similar to target headers and rate problems, further analysis of protocols in
your computer as well as the analysis of the generic firewall should be done in order to
control any form of attacks. Granular limiting can be done when attacks are
unpredictable. It is actually a type of management technique wherein it identifies and
checks rate violations from past records of IP addresses and behaviors coming from the
system. Granular limiting is also a good way to stop DDOS attacks because it rates the
set of protocols in your system by checking on the past behavior of the system in every
session. You can do granular rate limiting techniques in your computer in order to
control data. All of these tricks are effective DDOS-attacks and they can be done either
manually or through the use of a software program.
52 | P a g e Hacking
CHAPTER TWELVE
EMAIL, SOCIAL ACCOUNT HACK AND
DEFENSE
There are several instances of email and social account hacking that becomes a
precursor of many problems to the concerned person. Though the service providers are
employing new techniques to counter the hacking, it also requires vigil from the
concerned user.

Your email account is a very personal thing that contains important messages either
personal or professional, so it is something that you would surely want to keep private
or confidential to you. As a matter of fact, now days due to the ultra fast delivery and
communication mechanism emails are being vigorously used in corporate and business
communications also. But is your email as safe as you think? What if someone is
sneaking through your mail and has gained complete control over your access? What if
you cannot login to your own email account one fine day? These may sound terrible but
they are happening and emails are being hacked by people having malicious intentions.

Well, as a precautionary measure you can try having two or three accounts, one for
specific purpose like you can carry online shopping from one id, socialize with another
id and so on. However, still if it is hacked then there is one thing for sure, your personal
information has not remained personal anymore. You will find people in distress
because of their Hotmail account hacked or AOL account hacked and their agony is
53 | P a g e Hacking
quite justified. Though the email service providers try their best to use robust
technology, still there is a pertinent ongoing battle of wits happening between hackers
and the email service providers.

No matter how hard these providers try or how much efficient security mechanism are
installed by them, if the users are not careful and alert then there will be cases of email
account hacking. So, as a user you must be a little watchful towards some simple signs
that might indicate that your email is not personal anymore. Well, a very simple thing is
to notice if any message has been checked as read and interestingly, you did not read it.
As a user, you must have a clear idea of the messages you have read and have not read.
Sometimes, the hacker might want to take complete control of your email account by
changing the password. If the notification of password change reaches you and you
have not made the changes then it is for sure that someone has tinkered with your
account. Try to contact your email service provider so that necessary actions can be
taken and your email can be secured from that hacker. If you become a little complacent
on these warning signs then you might just have invited further troubles.
54 | P a g e Hacking
CHAPTER THIRTEEN
SATELLITE AND IP CAM HACKING
Satellites have accepted a pivotal part in our contemporary society; they are utilized as
a part of both private and open divisions for various purposes, from correspondence to
explore. Sadly, with the dissemination of this unpredictable framework, the enthusiasm
of governments and programmers likewise expanded; their security is today a mainstay
of the digital security methodology of the most exceptional government.

The flood of digital dangers has developed quickly in the most recent years in the pace
of mechanical advancement. Aggressors are representing a developing test to satellite
armada administrators and bringing up issues on the level of security to guarantee
likewise for business satellites, security specialists are persuaded that they should be
"solidified" precisely like the safe military satellites. Important digital powers, for
example, the US and UK fear a conceivable hostile from remote unfriendly
governments, non-state performers and even single programmers, yet it will be it is
unquestionable that the principle concerns are identified with the forceful conduct of
China, particularly around there. Chinese programmers, most likely state-supported
substances, have as of now accessed US satellite; these episodes showed the earnest
need to secure both military and business satellites from outer assaults and
interruptions.
55 | P a g e Hacking
The chapter will demonstrate different methods of assault against satellites and
potential dangers identified with damage operations and to interruption for digital
surveillance. It tries to clarify the significance of satellite hacking and to give data about
the primary vulnerabilities of this classification of frameworks.

These figures are great, particularly on the off chance that it is viewed as the worldwide
financial emergency that has demolished other industry divisions. More than 50 nations
work no less than one satellite.

Satellites assume a huge part in correspondence, early cautioning frameworks,

worldwide telecom, meteorology, route, observation, remote detecting, and
reconnaissance. Satellite administrations cover essentially every division, from portable
cell correspondence to telemedicine, so any obstruction with them could have a genuine
impact. Satellites are a key resource for any nation and are considered as "basic
foundation," in this way they are significant as special focuses for a conceivable digital
assault.
56 | P a g e Hacking
About Principal Threats

In a late presentation titled "Satellite hacking," a prominent IT security master recorded

the accompanying main 10 dangers:

Following following over web information and programming

Listening listening with the correct hardware, frequencies, and areas
Cooperating conventions and verification utilized, radio transmissions require
official permit!
Utilizing assume control over a feathered creature or a TT&C [use payloads,
make pictures, and transmit something (DVB or radio)]
Filtering/assaulting mysterious verification of idea in 2010 by Leonardo Nve
Egea, checking, DoS, and caricaturing conceivable
Breaking old innovations utilized (X.25, GRE)
Sticking sticking understood frequencies for satellites
Mispositioning/Control transponder parodying, coordinate ordering, charge
answer, inclusion after affirmation however before execution
Barbecuing initiating every single sun powered board when presented to sun,
cheating vitality framework

Hijacking is the unapproved utilization of a satellite for transmission, or seizing control

of a flag, for example, communicate, and supplanting it with another. The information
transmitted could be gained (listening stealthily) by aggressors who could likewise alter
it in travel (satirizing). The expression "Control" alludes to the ability of a programmer
to pick up the control of part or the majority of the satellite engineering (ground station,
transport, and payload); especially intriguing is the programmer's capacity to move the
satellite in circle. Satellite seizing is the illicit utilization of the satellite to transmit the
57 | P a g e Hacking
assailant's flag, which could abrogate or adjust honest to goodness transmitted
information. Assaults against Internet information associations and media
communicates are exceptionally normal.
58 | P a g e Hacking
CHAPTER FOURTEEN
DEFENSE AGAIN HACKING
Wherever you're sitting right now, pause for a minute to take note of the associated
gadgets around you. In your pocket or tote, you most likely have an electronic key
coxcomb and maybe a rechargeable tram card implanted with RFID. You likely have a
cell phone, which is associated with a Wi-Fi organize furthermore has voice message
benefit. You may wear a Nike FuelBand, or a Fitbit, or potentially even another match
of Google Glass. Perhaps you can detect a movement light or an orange roadway sign
out of your window. An electrical extension is likely not very far away.

These gadgets share one thing in like manner: They can be hacked.

As we envoy the coming Internet of Things, it's anything but difficult to overlook that
our regularly extending tech play area is for the most part unsupervised. There is no
play area educator to blow a shriek when another child takes control of your Bluetooth
headset. There is no Norton antivirus programming for your carport entryway opener.

On the off chance that you can connect it to or interface it to a system, your gadget
regardless of what it iscan be outfit by another person. What's more, that somebody
doesn't need to be a Chinese superhacker to do some genuine harm with it, either
deliberately or unintentionally. It can be your Uncle Roger, who doesn't have his new
iPhone made sense of and is cluelessly killing your lights on and by means of your
Belkin WeMo.
59 | P a g e Hacking
After the yearly Black Hat Internet security tradition a couple of months back in Las
Vegas, I solicited a gathering from my companionsa Navy designer, an expert
programmer, and a specialistto help me concoct a speedy rundown of gadgets that
will be powerless amid the following couple of years as the Internet of Things gets to be
distinctly boundless. Here's our (inadequate) list. (Sections with a * are those we've
taken a stab at hacking at home, for the sake of entertainment.):

Obvious

The cloud (services, storage, software)

ATMs at banks
Printers
Smart-watches
smart-phones
computers
tablets and phablets
home computer locks
GPS devices
Wi-Fi routers
Webcams
thumb and portable USB drives

Less Obvious

SD cards
Cameras
smart alarm clocks
60 | P a g e Hacking
coffee makers
key fobs
light switches
moisture sensors

The proliferation of this innovation makes a consistent need to keep gadgets redesigned
and secure. Maybe the most helpless question in any American house is the link box,
since it is so infrequently overhauled.