Top 10 Free Wi-Fi Hacking Tools.

             Earlier days users uses Dial-Up connection for Internet. Then came Ethernet, advances to Fast Ethernet and now moving on to Gigabit Ethernet. Now a revolutionary Wireless Wi-Fi has been in use. Wi-Fi is one of the major attack vector through which an attacker can try to compromise the network.

             Inorder to secure yourself you should think from an attacker point of view. Top 10 Wireless Connection Hacking tools has been listed which can be used by Hackers, Administrators. The below is the list of tools used for Cracking Wi-Fi connection.

1. Aircrack : Famous Hack tool that can hack 802.11 a/b/g
WEP and WAP. 

2. Cain and Abel : Hack tool that can hack by intercepting
traffic and by crypt-analysis method.

3. inSSIDer : Awarded " Best Opensource Software in
Networking " now is a paid software at $19.99

4. WireShark : Famous Packet Sniffer tool used for auditing,
monitoring and also used by an attacker.

5. CoWPAtty : Automated Dictionary attack tool for WPA-PSK 

6. Airjack : 802.11 Packet Injector used to check MiTM ( Man in The Middle ) attack.

7. WepAttack  : Open Source for breaking WEP Keys.

8. OmniPeek : Network Analyser and Packet Capture used for Trouble Shooting.

9. CommView : Captured packets can be decoded by user-defined WEP or WPA Keys.

10 . CloudCracker : Used to crack WAP Passwords using
Dictionary of 300 million words.

               This tools has been listed here ONLY TO TEST YOUR HOME NETWORK and NOT FOR ATTACK PURPOSE. The usage of these tools may even put the users behind bars if not in proper way. THE AUTHOR IS NOT RESPONSIBLE FOR ANY DAMAGE OCCURRED BY RUNNING THESE TOOLS. 

P.S : The post is to create awareness and not to be misused. 

Facebook vulnerability allow anyone to delete anyone's photo album.

                  Facebook is the revolutionary social networking site with billions of users globally. Facebook allows the users to upload photos and create their own album. Recently a new vulnerability has been discovered in Facebook that allows anyone to delete anyone's photo album.

                 An Indian Security Researcher Laxman discovered the vulnerability and this resides in Facebook Graph API mechanism. According to Facebook developers it is not possible to delete an album using Graph API but the Indian proved it wrong. He not only deleted his own album but also others.

                 Facebook Graph API requires an access token to read or write user data. He discovered that his own " access token " generated for mobile version of Facebook could be exploited to remove any photo albums posted by any user.

                  The attacker needs to send a HTTP-based Graph API request with victim's photo album ID and attacker's access token generated for 'Facebook for android' app. The sample request is as

Request :
DELETE /<victim's_photo_album_id> HTTP/1.1
Host : graph.facebook.com
Content-Length : 245
access_token=<Your(Attacker)_Facebook_for_Android_Access_Token>

                   He explained this vulnerability to Facebook and under Facebook Bug Bounty Program he was awarded with $12,500 USD for this vulnerability discovery.

P.S : The post is to create awareness and not to be misused.

WhatsSpy to track any WhatsApp Account.

             WhatsApp is used by almost all the smartphone owners and there are options available in WhatsApp to preserve their privacy policies. Recently a tool developed by a person tracks all the WhatsApp users even when they turned all the tracking options to off.

               WhatsApp allows their users to maintain their privacy by altering options such as 

1. Edit Last Seen.
2. Profile Picture
3. Status.

               But the tool by Maikel.pro claims that it can evade any privacy option and track the user on the following things

1. Online / Offline status.
2. Profile Pictures.
3. Privacy Settings.
4. Status Messages.

                This tool is provided with a simple GUI to view the timeline of the user or even compare it to another tracked user. The tool is named as #WhatsSpy. #WhatsSpy can virtually track any user. The Requirements for the running of the tool are

1. Secondary WhatsApp Account
2. Rooted or Jailbroken Android or Apple phone ( ROOTING
    / JAILBREAKING IS NOT RECOMMENDED )
3. Server / RPi that runs 24/7.
4. Nginx or Apache with PHP with PDO 
5. Postgresql.

                 Users who are interested upon agreeing to the above requirements can follow the link to install and start using the Application.

                 WARNING : The project is launched under license ( CC-BY-NC ) and if anyone violates the law is liable to his / her own work / damage done. The author of the post is not responsible for any damage occurred by running the tool.

P.S : The post is to create awareness and not to be misused.

Facebook Privacy Policy tracks even when the user is not on Facebook.

                Facebook is the famous social networking site that has billions of users globally. Recently Facebook revised their privacy policy that let them track the users even when they are not on Facebook.

                Facebook has revised their privacy policy last November 
( 2014 ) and it came to effect from the previous Friday. According to the policy Facebook can track you even after you have left Facebook site to surf other pages.

                The new policy allows it to gather data about the user from Internet in addition to the normal data when the user post something or add friends to your network. Facebook can also pass this information with its subsidiaries like WhatsApp and Instagram.

                The interesting fact is that all the users already agreed to this new privacy policy by logging into their accounts from previous Friday 
( 30.01.15 ). Facebook management says that the new policy will help them tabulate data advert to the users and avoid serving unwanted information to the user.

                 There is an option for privacy likers, they can opt out for some parts of the new policy by customizing privacy settings. If the user wants to opt out of Facebook tracking your use when the user is not on Facebook, the user can opt out by visiting individual pages listed in the privacy settings page for respective countries. It is as shown

                 Facebook also says that users can do so even from their mobiles and also from tablet screens and the settings will be treated as same across the board.

P.S : The post is to create awareness and not to create any negative impact.