echo "0xHat Security"

Hello Everyone, Today I am going to share with you some basic methods of XSS attack. XSS or Cross Site Scripting is a vulnerability found in web application. It is method by which malicious script is injected into the the websites .These type of attacks is made by injecting some code written in client side scripting code like Javascript or VBscript .And once the code is executed in the browser side it can be used to perform attacks like generating popups , cookie stealing and as well as website defacement. XSS can be divided into 3 different category  Non Persistent  Persistent DOM Based In this tutorial I am going to discuss mainly on Non Persistent XSS attacks. The other techniques will be presented in separate tutorial. CAUTION "This tutorial should be used for educational purpose only. I won't be responsible if you misuse this techniques and get yourself in trouble.Performing such attacks without the permission of the owner can lead to serious trou

C++ Code Hacking 1: Pointer Exploitation                   Today I am going to show you how you can access the values of private member variables directly inside main() without the use of any member function.                   We know that we can access private member variables with the help of public member functions only. It is impossible to access it directly inside main() through objects.But I am going to prove you wrong . Note: This is the final code        Output: Password Extracted !!!                                          Now I will explain what I exactly did here. We know we can access public member variables directly. So I extracted the memory address of of the public variable 'id'. Now because all variable are stored in memory in a continuous manner it is possible to get the address of other variable by knowing the address of one variable.Here I knew the address of the variable  'id'. So I managed to get the password vari

Hello Friends.                       Today I am going to show you how to develop a word list and use brute force the login authentication to access certain directory in web server. Basic Things Required 1.Java SDK and JRE [this will be required to develop the word list. ] 2.Any IDE like BlueJ or NetBeans or Eclipse . You can use notepad but you need to compile that manually.It is not necessary you need to create word list using Java only.You can use any programming language you feel comfortable.  3.Brutus or THC Hydra [Brute Force tools] CAUTION "This tutorial should be used for educational purpose only. I won't be responsible if you misuse this techniques and get yourself in trouble.Sometimes (rarely although) performing Brute Force attacks can lead do DOS attacks. To prevent this sometimes system admin keeps tracks of the incoming connections . If they find that too many requests are being sent from a particular IP then they block that IP for sometime, sometimes e

                      Hey Friends I am back with a new tutorials on how to hack a web server using LFI attack or Local File Inclusion Attack.                      LFI is an attack by which a attacker can access files in directory by including them in the web pages . This happens due to flaws in coding and careless ways of coding.Here I will demonstrate how you can hack a website and get root level access to a server                      Now some word of caution. You should never perform such activity without the permission of the site owner. This is completely illegal. I am showing you this demo for educational purpose only. I won't be be responsible if you get in trouble after misusing these techniques.  Here I will be showing a demo on a training website of enigmagroup for demo purpose only. What do u need to know ? Linux Directory Architecture. About the location of passwd files and its encryption files. Techniques of file traversal in Linux ( use forward slash /). Wo

Hey Friends, Today I am going to share with you some cool ways how you bypass and  access blocked sites. Few important thing you should keep in mind while executing these methods. 1.Never send any secured information . Example your ATM or credit card number. 2.Keep a check on the open ports of your computer.It may happen that you can be a victim of DDOS (Distributed Denial of Service Attack) attack . 1.Modify host file  Modifying host file allows you bypass local DNS filtering. Open command prompt and write this in the terminal          ping  anyblockedsite.com  Now Go to windows/system32/drivers/etc folder Open host file with any text editor like notepad and add a line like this from the output 10.0.2.16  kiit.ac.in Save the file. This has only some disadvantage. This is good if the page is a single page. If u need to do for a whole site then u need to map other ip address also. Other disadvantage is that technique cannot be used if the administrator is us

LAPTOPS? NAH.. BUY ME AN ULTRABOOK!!! Remember those good old days when laptops were huge, bulky and non-performers? It was unthinkable that a laptop can replace a desktop. But as time passed laptops became lighter, faster and smarter  Gradually laptops came into the mainstream. They started performing. Now the new buzzword in the market is "ULTRABOOK", a new form of laptops. As the name suggest it is ultra, ultralight, ultra-thin and ultra performing. Ultrabook is defined by Intel. Ultrabooks are designed to be ultrathin(less than 2.1 cm), ultra lightweight(less than 1.5kg), but without compromising on performance and battery life.They use low-power Intel processors with integrated graphics and unibody chassis to fit larger batteries into smaller cases. In 2011, Intel set aside a $300 million fund to be spent over the next three to four years in areas related to Ultrabooks. Intel announced the Ultrabook concept at Computex in 2011. The Ultrabook would be a thin (

Tired of using same Linux distribution ? Want some change ? Well Today I am going to share with you some cool Linux Distribution that you will surely like. 1. Tiny Core Linux An extremely small distribution. It's size is around 11 MB only. A Linux distribution that can work on even old machines.Support GUI and easy to use. 2. Ubuntu Studio This distribution is perfect for you if you are looking for a distribution that offers a huge multimedia support.A good collection of audio,video,graphic software comes inbuilt with this distribution. Must try I will say ! Contributor: Dibyendu ( http://www.facebook.com/dibyendu.sikdar.1 )