Hack Window / Linux Password Within 3 Seconds

Hye, Hack Defence Readers! Present Time Windows is Mostly Using operating System. So Today we will Hack Window password (of any User)....if You Wanna Bypass, Hack Window Password Within 3 Seconds This article is only for you :)   Well This Tutorial is Education Purpose Only. Hack Defence will not be Responsible For any illegal Activity Done by You. Don't  Try it on other Computers. In This Article We will Use Kon-Boot For Hack Window Password.

What Is Kon-Boot And How it Works ?

Kon-Boot is software which allows you to bypass a Windows or Linux password by temporarily modifying the kernel. This is great for those times when you are working on a client’s pc but forgot to ask for the password. Kon-Boot is one of the simplest programs I have ever used, and it works very well. Simply burn the iso Image into CD Or You can make Bootable Pendrive. It will automatically load and then start the Windows boot process. When you get to the login screen click on any user and hit enter and you will log into the desktop, no matter how strong password was used.

The process does not change, modify, or delete the user password, it simply bypasses it by temporarily modifying the kernel. When you are done Eject the CD and reboot or shutdown. The user login will again require a password and won’t log in unless it’s provided. It’s that simple.

Tested Operating Systems :

• Microsoft Windows
• Windows Server 2008 Standard SP2 (v.275)
• Windows Vista Business SP0
• Windows Vista Ultimate SP1
• Windows Vista Ultimate SP0
• Windows Server 2003 Enterprise
• Windows XP
• Windows 7
• Window 8
• Window 10

Download Kon-Boot :

                                   Click Here To Download Kon-Boot ~ Hack Defence

Watchout Out Our Video Demonstration  : 

Thanks! for reading, if you have any kind of doubt feel free to comment and Share it for increase us. 
Don't Be Selfish, Share it :) Thank You!

Read More

How To Secure Facebook Account From Being Hacked

Now Days Facebook is one of the most Target Site of Hackers. Everyday i'm lishning new news " My Facebook Account is Hacked ", what i do ? How to Get Back or Recover my account password ? How can i Secure My Facebook account ? So for giving your all questions answer i have created this Article. Account Security is not a very tuff job if you Follow some Given Tips you can secure your account from getting Hacked :)

[#] Create a Strong Password :

                                                   Are you thinking why i suggest  you to Create or use Strong password Answer is simple "Attackers can Unable to Crack your password by Gussing or from many type of attacks like Brut-force, Dictionary attack, Rainbow attack etc. 

   

What makes a password strong (or weak) ?

• A strong password  is  mix of letters, numbers, and symbols. 
• Is at least eight characters long.
• Does not contain your user name, real name, or company name, Phone number.
• Does not contain a complete word.
• Is significantly different from previous passwords.
• Contains characters from each of the following four categories:

Character category	Examples
Uppercase letters	A, B, C
Lowercase letters	a, b, c
Numbers	0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces	` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? /

Check your Password Strength : Click Me

How to Change your password : Settings > General > Password.

[#] Check The URL before Log In  :

                                                      Always Check your address or URL bar Before input your information  in page that connection should be https and exact url of website. becoz some dirty mind create phishing page (exact replica) The worst part – they install some scripts or malicious codes behind the fake login page and host the page in their web server. When you login to Facebook from a fake login page, your username as well as password is sent to the attacker.

                       Log in only at www.facebook.com and not from any other link or website, unless you are accessing via Facebook App. 

[#] Do not Click on Suspicious Links :

                                                               Think Before Clicking on any Link, Never Click on any Suspicious link even they are come from your Friends or a Company you know. if one of your friend click on a spam link they could accidentally  send you and tag you in Spammy Post. you shold not download things(ex. a .exe File) if u are not sure what they are.

[#] Verify Your Phone Number and Turn On Text Messaging  :  

                                                                                                Confirming/Verify  your mobile number is one of many ways to enhance your account security on Facebook. This way, even when you lose or forget your password, Facebook will be able to send you a new one via SMS. or you will Get Notification if anyone Login or trying to log in your account.

To add your mobile number, go to Account Settings > Mobile and click on Add a Phone.

[#]  Verify Your E-mail and Add Secondary E-mail also : 

                                                                                         Verify Your E-mail address and also add another (Secondary) e-mail in your account, by the way if you forget your First email password + Facebook account password you can Easily  recover your Account using Secondary e-mail.

To add your e-mail , go to Account Settings > General > Email.

[#] Turn On Your Login Alerts : 

                                                    Turn on your login alert whenever anyone login from your account you will get notification on your mobile Number  and  E-mail .

To Turn On Login Alert, go to Account Settings > Security> Login Alerts.

                                                     

[#] Add Three Trusted Contacts :   

                                                      Trusted  Contacts are Friends that can Securely help you if you ever Have trouble in accessing your Facebook account. you can reach out to if ever need help getting into your Facebook account (ex. you forget your password and Can't get into your E-mail, Number to reset it )  after you setup 3 or 5 Trusted contact Next time if   you cant get into your account your Trusted Contacts can access Special, one time  Security Code From Facebook via URL . you can then call to your friends to get the security code  and use those code to access your Facebook account. Choose 3-5 Friends and Confirm your Choice :)

To Add Trusted Contacts, go to Account Settings > Security > Trusted Contacts.

[#] Always check your Active Sessions Or  Where You Are Logged in : 

                                                                                                             If you notice any unfamiliar location or device, it means your Facebook Account is at risk. Just click on End Activity and dont forget to change your password after that.

To Check Where you're Login, go to Account Settings > Security > Where You're Logged in.

Some Other Tip : 

• Don’t send your password via message becoz if your Friend account get hacked you will Surly in Trouble.
• Never Store Private information like as Credit, Debit card Details, Passwords, Commercial information on your Message Box.
• Don't Share your Password with anyone.
• Don't Forget to LogOut From your Facebook Account After use.
• Update your browser & Antivirus to its latest version to ensure your browser’s security is up to date so it would detect and alert you with a warning when you are navigating to a suspected phishing site.

Wanna Know How Facebook Hacking Can Be Done Read our Previous Article : 

Hack Facebook Account With Phishing

Thanks For Reading our Post Stay Tuned with us :) 

Please Give your valuable Feedback to increase us and  Feel Free to Comment & ask any kind of Doubts. 

Read More

Create Penetration Testing Lab : DVWA

Welcome! Enthusiasts Friends, In this article i'm gonna tech you how to create DVWA Web App Penetration Testing Lab. DVWA (Damn Vulnerable Web App) is a Virtual Lab to practices Some Web app Vulnerability, Main convenience is to Create Virtual Lab, You will Hack....Without Going Jail :) 

What is DVWA Lab ?

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a Virtual environment.

How To Install DVWA Lab ?

1. Download DVWA (Damn Vulnerable Web App) Lab and Extract this .zip File.
2. Download XAMPP for Windows.
3. Install XAMPP Server on Windows.
4. Go to Directory Where Xampp Install [ C:\xampp\htdocs ] & Make htdocs folder empty.
5. Copy Extracted DVWA Files to htdocs Folder.
6. Run Xampp Control panel and  Start  [Apache] and [My SQL].

Now Just open your Favorite Browser and Enter 127.0.0.1 and Hit Enter. you will See DVWA Folder in your Browser Click on it  and you will Redirect to DVWA Login Page.

 Enter 

                             UserName : admin 

                              Password :  password  and Hit Login.

you will Sucessfully Logined :) Now you can Practice Following Vulnerability  in Lab.

1. Brute Force.
2. Command Execution.
3. CSRF (Cross Site Request Forgery ).
4. File Inclusion.
5. Login Page Bypass SQL Injection.
6. SQL Injection.
7. SQL Injection (Blind).
8. File Upload.
9. XSS (Cross Site Scripting) Reflected.
10. XSS (Cross Site Scripting) Stored.

If you Still Not able to Install XAMPP Server and DVWA Lab Follow below video tutorial.

Subscribe us and Stay tuned  with us, All DVWA Vulnerability Exploitation is Coming Soon. 

Thank you :) 

Read More

Penetration Testing

Hi, Hack Defence™ Readers, Before Starting Something new we Have Some  Question's  in our mind. In this  articles we will Discuss about what is Penetration Testing ? why we need it ? Types of Penetration Testing ? Tools used in Penetration Testing ?  Penetration Testing Standards ? Penetration tester Certificates ? So this article crucial demonstrate about web Application Testing. if you novi in This Field Must Follow This Article.

What is Penetration Testing ?

Penetration Testing  often called pen-testing, Security testing it is a way of testing or attacking your and Client system to find Security weakness. in a same way a hacker would to identify Security holes. of course you do this actually without harming your system or network. it's Purpose is to Secure our important data from outsiders like hackers who can have unauthorized access to system.   

                                                      A Security test is a method of evaluating Security of computer system, network, web application, methodically validating and verifying the effectiveness of application security controls. application security test focuses only on evaluating the security of a web application. The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. a person carrying out a Penetration test is called a Penetration tester or pentester.

 Need of Penetration Testing ?

• Finical data must be Secure when transferring between different systems.
• Many clients are asking for PenTesting Because its part of SDLC (Software Development Life Cycle )
• To Secure user data from unauthorized client.
• To Test Security Controls (Firewall,dlp) that they are working.
• To Find Security vulnerability and evaluate system security configuration.

 Types of Penetration Testing ?

1. Manual Penetration Test.
2. Using Automated tools.

Manual Penetration Testing :

                                       It’s difficult to find all vulnerabilities using automated tools. There are some vulnerabilities which can be identified by manual  Penetration Test

 only. Penetration testers can perform better attacks on application based on their skills and knowledge of system being penetrated. The methods like social engineering can be done by humans only. Manual checking includes design, business logic as well as code verification.

Using Automated tools:

Many automated tools are available on internet like as acuntix, Netspark, WebCruiser Web Vulnerability Scanner| Nmap : Network Security Vulnerability Scanner and many more. you can download Scanners free or paid version from particular site. using automated tools you can find all common  Vulnerability. automated tools used pairs of payload and test for security miss-configuration. these tools can quickly evaluate the security of systems,networks and applications against a wide variety of threats.

Click Here To Visit our  DVWA Lab Penetration Testing Training .

Penetration Testing Standards ?

1. PCI & DSS : Payment Card Industry & Data Security Standards.
2. OWASP : Open Web Application Security Project.
3. ISO : International Organization for Standardization.
4. OSSTMM : The Open Source  Security Testing  Methodology Manual .  

Professional Penetration Tester Certificates ?

1. HDCPT - Hack Defence™ Certified Penetration Tester. 
2. LPT - Licensed Penetration Tester.
3. PTP - Penetration Testing Professional.
4. CISSP - Certified Information System Security Professional.
5. WAPT - Web Application Pentesting Training.
6. VAPT - Vulnerability Assignment Pentesting Training.

Have a Look on our video tutorials click Here  

Thank you for Reading our Article :) please Give your valuable Feedback to increase us and  Feel Free to Comment & ask any kind of Doubts. 

Read More

The Web Application Hacker's Handbook Finding and Exploiting Security Flaws Guide : E-Book

Hi Guys, i Got a Very Useful Book For  who are  Really passionate to Learn Basic to Advance of web App Penetrating Testing. Really it's an amazing. this E-book  is a practical guide to finding and exploiting security flaws in web applications.it Contains all Common Vulnerability.   

  Highlights include:

• Comprehensive and deep coverage of all kinds of attacks.
• Practical focus that spells out the detailed steps involved in detecting and exploiting each kind of vulnerability.
• Numerous real-world examples, screen shots and code extracts.
• Online Labs  where you can play with most of the book examples, on a subscription basis.
• Advanced techniques including how to disassemble client-side components, automate custom attacks, and find vulnerabilities in source code.
• A detailed, proven methodology for performing an end-to-end attack.

Click Here to Download.

Click Here to Buy From Amazon.
Create Penetration Testing Lab : DVWA

Book Details : 

Title: The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws.
Authors: Dafydd Stuttard & Marcus Pinto.

Chapter's : 21 
Pages: 912

Size : 14.6 MB

please Give your valuable Feedback to increase us and  Feel Free to Comment & ask any kind of Doubts. 

Read More