Skip to main content

Posts

How To Enable DNS over HTTPS

  DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. On the basis of privacy and security, whether or not a superior protocol exists among the two is a matter of controversial debate, while others argue the merits of either depend on the specific use case. Benefits DoH improves privacy by hiding domain name lookups from someone lurking on public WiFi, your ISP, or anyone else on your local network. DoH, when enabled, ensures that your ISP cannot collect and sell personal information related to your br...

Fix HTTPS issue in browser - Burp Suite

If you get message "Software is Preventing Firefox From Safely Connecting to This Site. Most likely a safe site, but a secure connection could not be established. This issue is caused by The original certificate provided by the web server is untrusted., which is either software on your computer or your network." lets see the tutorial. 1. With Burp suite running, visit http://burp in your browser and click the "CA Certificate" link to download and save your Burp CA certificate. Remember where you save the Burp CA certificate.

Tinfoleak - Twitter Open Source Intelligence Tool

tinfoleak is an open-source tool within the OSINT (Open Source Intelligence) that automates the extraction of information on Twitter and facilitates subsequent analysis for the generation of intelligence. Taking a user identifier, geographic coordinates or keywords, tinfoleak analyzes the Twitter timeline to extract great volumes of data and show useful and structured information to the intelligence analyst. tinfoleak is included in several Linux Distros: Kali, CAINE, BlackArch and Buscador. It is currently the most comprehensive open-source tool for intelligence analysis on Twitter.

The Five Eyes - Intelligence Alliance

 The Five Eyes intelligence alliance is a secretive coalition and surveillance arrangement of countries internationally which include the United States National Security Agency (NSA), Canada’s Communications Security Establishment Canada (CSEC), the United Kingdom’s Government Communications Headquarters (GCHQ), New Zealand’s Government Communications Security Bureau (GCSB) and the Australian Signals Directorate (ASD). A series of bilateral agreements were developed in the beginning of 1946 by an alliance of five English-speaking countries over a period of time and became to known as the UKUSA agreement. This agreement established the Five Eyes alliance to share intelligence especially signals intelligence (SIGINT). These five English-speaking countries for almost 70 years have been involved in the global surveillance spying on the communications all over the world and build an infrastructure to master the internet for surveillance.

All About Crypter

What is a Crypter? A Crypter is a software encryption which encrypts your viruses, keyloggers, RATS or any other hacking tool from becoming detected by Antiviruses. A Crypter makes Antiviruses pretty much useless. This is because when encrypting any malware tool, the Crypter uses various encryption methods to bypass Antiviruses from analysing the output. What does Scantime and Runtime mean? Scantime is a method used to bypass Antiviruses from analysing your encrypted files, while real time protection is enabled.Runtime is used to bypass Antiviruses when the encrypted file is executed. The Runtime method then decrypts the encryption in the memory. Generally all Crypters use the Scantime and Runtime method. What is the Stub? The Stub is packed with junk or undetected code to help your encrypted file stay fully undetected for some time or maybe even weeks. When the stub eventually becomes detected, the file becomes detected by antiviruses when executed on the machine.

The Anti-Security Movement

Para maniak underground di Indonesia mungkin pernah ada yang mendengar tentang istilah Anti-Security Movement, atau pr0j3ct m4yh3m, dsb. Sebagian tahu mengenai masalah ini, namun sebagian lain belum tahu kejelasan nya dan penasaran tentang ‘apa itu project mayhem dan anti-sec movement?’. Berikut ini akan diberikan penjelasan singkat dari stryfe mengenai hal tersebut, penjelasan (they called it, speech) tersebut di record oleh salah seorang anggota underground juga pada site nya, versi asli bisa ditemukan disini . Dan sebagai informasi, stryfe merupakan salah satu anggota kelompok underground pendukung pr0j3ct m4yh3m.

Viper - Time to do malware research right

Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research. Think of it as a Metasploit for malware researchers: it provides a terminal interface that you can use to store, search and analyze arbitraty files with and a framework to easily create plugins of any sort. Viper is written in Python and it requires Python 2.7 to function properly. In this documentation we will use Debian GNU/Linux based distributions, such as Ubuntu, as a reference platform. The following installation instructions should apply similarly to other distributions and possibly to Mac OS X as well, although it has not been properly tested