How To Secure Your Facebook Account From Hackers

How-To-Secure-Your-Facebook-Account-From-Hackers-900x450

 

Steps To Secure Your Facebook Account From Hackers 2015 :-

There are many ways by which hackers can attacks on your account So below i have listed the various methods to secure your account.

#1 CREATE STRONG PASSWORD

Always create a strong password of your account .As there must not be a password which gets easily guessed by the hackers. As there is a hacking technique called dictionary attacks in these attacks compare your password with every  english word.So if you have password in simple english words than it will get easily tracked by the hackers so always use complex passwords like “tehhacks!@#$%“.

#2 CONFIRM YOUR MOBILE NUMBER

Confirm your mobile number in your facebook account.This will help you to reset your password when you lost it.And you will also get notification about the change of password in your mobile.

#3 ACTIVATE SECURE BROWSING

This the most impotant part of facebook account security for preventing unauthorized access to your account .You must activate this now.For that just go to Account Settings->Security-> Secure Browsing->Edit->Browse Facebook on a secure connection->Save Changes.

#4 EMAIL ADDRESS

  • Always keep your email id hidden from everyone for that go to my profile, and personal information, and let you id be visible to only you.
  • Also remove all your email addresses, and change the primary one as the one which is known to you only.
  • Now for additional safety, use the secure browsing and send an email when logged into from another browser option active in your account.

#5 ACTIVATE ‘LOGIN APPROVALS’

In Facebook login approvals is an extended security feature and it will require you to enter a security code each time you try to access your Facebook account from unrecognized devices. So to activate Login Approvals, go to Account Settings > Security, look for Login Approvals and click on the Edit button and tick the check box and a pop up will apperar click on set now option. Now follows the steps there and after some steps facebook will confirm a security code from your android device.

#6 SOCIAL ENGINEERING ATTACKS

This could involve any trick that could fool you into giving out your personal details and also from your security questions in general discussion to mails that could be a spam, or somebody from Facebook asking you to change your personal Facebook details to the one told by them to do. These all are spam mails Be aware of these mails.

Also to prevent yourself from being fooled in such tricks stay cautious all the time amd also  keep security question to which answers would remain confided to you only . Facebook will never ask you to change password so all the related mails can fool you and your facebook account can be in danger.

#7 DISCONNECT PREVIOUS ACTIVE SESSIONS

Facebook provides a very helpful feature to track active sessions.You can see that by going  Account Settings > Security page, look for ‘Active Sessions’ and click on Edit and kill all the activities from this. This will log out your facebook account from that devices which you have killed.

#8 DON’T ‘KEEP ME LOGGED IN’

When you are at login screen of facebook there you see a option Keep Me Logged In ,Don’t keep it check as this will remain your account login in that device and your account can be easily accessed by any other who is able to use the device .So also remind to don’t tick the option Kep Me Logged In.

#9 PHISHING ATTACKS

These are more common attacks by hackers to user. In this attack hacker send a link to user and the link will open the exactly same looking facebook page but only difference is that when you enter you facebook ID and password that will not go to facebook it will be sent to hacker . So don’t open such links.

#10 KEYLOGGERS

Keylogger is a virus that can be installed into your computer by a cracker, and keep a track of all the activities happening in there and it can be done remotely, and even more easily if the cracker has personal access to the computer. Also this keylogger will records all your keystrokes with screenshots.

#11 Incognito

When you are using the account in public such as in hotel or in café use private mode or Incognito as it will prevent any cookies or web history from getting stored. But if you do not find any option then delete all the cookies and web history when you log out.

#12 Use secure connection

Facebook account should be set to use the secure connection that is denoted by HTTP before the URL address and this can be set by going to settings>General> browser connection. You should always use VPN for login.

Advertisements

How To Recover Deleted Whatsapp Messages – 2015

How To Recover Deleted Whatsapp Messages – 2015

How-To-Recover-Deleted-Whatsapp-Messages-2015

How Can I Get All My Deleted WhatsApp Messages Back?

# To Recover Recent Chat Messages

You can recover almost everything which is below 7 days old in WhatsApp. In fact, it is amazingly simple. All you have to uninstall WhatsApp and install it again. A backup is automatically created by WhatsApp daily at 4 am. The application stores that data in your phone’s external memory i.e. your SD card. When you reinstall WhatsApp, it will prompt you to restore your messages back. All you have to tap ‘Restore’ button and get all your messages back.

# To Recover Messages Older than 7 Days

It is quite more complex to recover older messages in this application. But it is still possible to get them back. You can do it in two ways – first is manual method and next one is using a third party software.

Manual Recovery

  • Go to the ‘Databases’ folder of your memory card – go through Memory Card > WhatsApp Databases. In this folder, you will find different chat files named something like “msgstore-date format.db.crypt“. The date format must be YYYY-MM-DD.
  • First of all, you have to rename that msgstore file. Give it name “Old” or something which is related to filename.
  • Then review all the files located below. These files must be named in different dates. Choose your desired files and get the one deleted by you by mistake and then rename it back with older file name.
  • Get back to main screen. Delete and reinstall the application. When installed, it will prompt you to restore files, tap the option and your desired file will be restored and saved as “msgstore.db.crypt”.
  • Remember that your recent chat history shall be removed when you restore the older file. You cannot merge the recent chat messages with recovered, earlier chat files. You have to repeat the process again to get your recent messages back and it will again delete old one and place a new file.

How to Run Multiple Whatsapp Account on Your Android Phone

how to run multiple whatsapp accounts

WhatsApp is one of the most popular messenger app that also lets you share pictures, videos, music files and so on. By now, everyone of us have WhatsApp in our smartphones. I prefer WhatsApp among other messaging apps due to its simplicity and instant messaging service.

Although each and everything is quite handy in WhatsApp, but “What’s the most disturbing part that you came across?” For me it is:

If you run dual SIM in your Android smartphones, you might be willing to enjoy two separate WhatsApp account for your two different telephone numbers on your smartphone. Isn’t it?

However, this is where WhatsApp puts limitations on its users. WhatsApp users can not use more than one WhatsApp account on their mobile devices.

However, you are probably wondering:”How do I find an excellent solution for this problem that actually works?

Today, I am introducing you two different Android apps — OGWhatsApp and SwitchMe — that allows users to run multiple WhatsApp accounts on a single smartphone.

METHOD 1: USING OGWhatsApp
OGWhatsApp is an Android app that allows you to use two separate WhatsApp accounts on your single Android device without any need to root your Android device.

While running your normal WhatsApp account on your smartphone, you can follow some simple steps (below) in order to run a different WhatsApp account on the OGWhatsApp.

Follow these simple steps to go:

Step 1: Take a complete backup of your WhatsApp data and restore it.
Step 2: Delete all the WhatsApp data by going to Settings>apps>WhatsApp>Clear Data.
Step 3: Rename the /sdcard/WhatsApp directory to /sdcard/OGWhatsApp. You can use any file manager for Android to do this task, or from Windows.
Step 4: Uninstall your original WhatsApp app from your Android device.
Step 5: Now install OGWhatsApp in your Android smartphone.
Step 6: Once installed, remember to verify your old number that was previously registered with the original WhatsApp to OGWhatsApp. That is it.
Step 7: Now re-install the official WhatsApp for your other number from the play store.

This is crazy:

Enjoy two separate WhatsApp accounts for both telephone numbers on your single Android device without even rooting your Android device.

METHOD 2: USE SWITCHME TO RUN MULTIPLE ACCOUNTS

SwitchMe-multiple-accounts

SwitchMe is another Android app that allows you to have two separate WhatsApp accounts on a single Android device, but this app requires your Android smartphone be rooted.

Here’s the deal:

Switchme multiple account app allows you to log in and out of multiple user spaces however it needs root access to do this. However, users cannot access the other profile from their current profile because each account within the multiple profiles will have its settings, applications, and data.

Follow these simple steps to go:

Step 1: Root your Android device.
Step 2: Make sure that you have WhatsApp app installed on your smartphone.
Step 3: Install SwitchMe Multiple accounts on your smartphone.
Step 4: Run SwitchMe Multiple accounts, it will ask for Superuser request that you need to grant.
Step 5: Now create a user profile with your name in SwitchMe app. This profile will be an administrator account containing all the current apps and settings, and will also reflect your WhatsApp profile that is already installed on your smartphone.
Step 6: Now create another profile using a different name by tapping on the Create Profile button in SwitchMe app, and then choose the Switch option by selecting this account.
Step 7: Now your smartphone will restart automatically and once it is ready to use, install official WhatsApp again from Google Play Store and register it for the different phone number. That is it.

Congratulations!

Now you can easily use multiple WhatsApp accounts on your single Android smartphone. The Free version of SwitchMe Multiple accounts app allows you to use only two user account.

So, I have made available solutions for both users who want to use multiple WhatsApp accounts on their smartphone without rooting their Android device and with rooting their Android device respectively.

 

Hack Facebook Account From Android 2015

Hack-Facebook-Account-From-Android-2015-900x450

 

Here is facebook hacking tricks 2015 – How To Hack Facebook Account From Android Device 2015 : I Know Many of you were waiting for this Post about How to hack Facebook account using your android device. This tutorial is easier and you will get almost 95% success if you and your victim are on same network. I am writing this tutorial to make people aware so please make sure that you are not using this tutorial in any illegal way.

This tutorial is just for educational purpose.

There’s an app Out here Called Faceniff. FACENIFF is basically an Android application that lets users sniff and intercept web session profiles over Wi-Fi networks, stealing other users’ credentials through which you can attack your victim’s Facebook, Twitter and much more accounts in a minute.

Note :- The Tutorial Only Works if you and your Victim are On Same WiFi Network

# How to Hack Facebook Account From Android 2015 :-

 

Follow The Given Steps Below :-

  1. At First Download Faceniff from HERE.
  2. Connect to the working network connection and open the FaceNiff app.
  3. Now click the red button and it will then turn green when the sniffer is on.It is like Firesheep for android devices.
    Firesheep is a Firefox add-on that allowed unscrupulous users to do the same thing. FaceNiff has a leg up on Firesheep though, since the app runs on Android phones, doesn’t require any real customization to run, and even supports WPA encrypted wireless networks, as long as you’re already on the network.
  4. Press the enter button and It would show a list of all the accounts which are connected to the network and you could hi jack into that all accounts.
  5. Click on the account which you wish to hack and you will automatically logged in the account in which you wish you to. grin emoticon
  6. Now you can do whatever you want with the hacked account.

Note :- The App Only Work On Rooted Android Devices

 

# Tips to protect yourself against this App :-

  1. The fix for most people is to enable HTTPS for every service where it’s available.
  2. You can protect your internet connection when you use public Wi-Fi at a coffee shop or airport with a VPN, either to your office or school or a free service like Hotspot Shield or Hamachi.
  3. Alternatively, you can just not connect to public wireless networks and tether to your phone or use your wireless carrier’s connectivity options instead.

 

Top 10 Best WhatsApp Tricks and Tips That Every WhatsApp user Must Know

https://i2.wp.com/tricksforums.com/wp-content/uploads/2014/07/whatsapp-tips-tricks.jpg

1. Hide Last Seen on WhatsApp

 

Last seen timestamp on WhatsApp give us an idea when the person was online. This feature really very annoying because it reveals weather you are online or not and in initial day’s there is no option to hide this. But after acquirement of WhatsApp by Facebook, WhatsApp allows you to hide your last seen. To hide last seen on WhatsApp go to Settings > Account > Privacy > Last Seen > Select Nobody.

2. Recover Deleted WhatsApp Massage

Sometimes accidentally delete massages on WhatsApp and then regret for it. But now you can recover your deleted massages on WhatsApp without using any additional recovery software. By default WhatsApp store your all conversation and activities on your SD card and this is helpful if you want your deleted massages. To get back your deleted massage on WhatsApp

  • Go to SD Card > WhatsApp > Database > and you will see two files named msgstore-yyyy-mm-dd.1.db.crypt (yyyy-mm-dd are the year, month and date respectively) and msgstore.db.crypt
  • Now rename msgstore.db.crypt to backup-magstore.db.crypt
  • Now go to settings > Application > Manage Application > WhatsApp and click on Clear Data which removes all data.
  • Now open WhatsApp and it will ask you to restore your backup data, then just click on restore and you are all done.

3. Create a Fake WhatsApp Conversation

 

Have you ever seen your friend upload a picture of a conversation between some superstars and your friend where they make fun of each other? But this is not a real conversation its fake one and now you can create a fake conversation on WhatsApp to prank your friends. To create fake conversation on WhatsApp you need to download an app named Whatsaid. With the help of this app you will be able to create a fake conversation with anyone by adding their images and assigning names.
This app is removed from Google Play, so here is the new download link
Please use this trick only for fun, don’t use it to hurt anyone.

3. Change your Friend’s Profile Picture on WhatsApp

The title of this trick like crazy. Yes! It’s only for fun and with this trick you are not able to change your friends profile picture globally, you can change it only for you to prank your friend. To change your Friend’s Profile Picture on WhatsApp ….

 
  • First of all choose a picture that you want to set for your friend’s profile.
  • Resize that image to 561×561 pixel by using paint or Photoshop or any online photo editor.
  • Rename that image with your friend’s mobile number.
  • Now save the image in SD Card > WhatsApp > Profile Picture.
  • Disable data connection so whatsapp will not automatically update the profile picture.
  • Now show it to your friend and I’m damn sure he/she will panic instantly.

Protect your WhatsApp with Password

By default WhatsApp does not have any login details and that’s why it can be access by anyone. But in whatsapp we do personal massage and don’t want to reveal with others and that’s why there are many application come to the internet to protect your whatsapp with a password.
To protect your WhatsApp with password just download WhatsApp Lock and install it in your android device.
This app allows user to set a Numeric Password and Pattern lock for WhatsApp. So that any other person cannot access your WhatsApp.

Stop Automatic Media Downloading

In the earlier version of WhatsApp all the media files such as images, audio and videos were downloaded automatically and this may kill your mobile’s data and battery life as well. But with latest update whatsapp added an option to stop auto downloading media content. To stop Automatic Media Downloading

  • Go to Settings > Chat Settings > Media Auto-Download
  • Now change it as per your needs.

Change Mobile Number on WhatsApp without Losing anything

 

Generally most of Whatsapp users do, to change their mobile number they uninstall whatsapp and re-install it again with a new number. But if you follow this way then you will lose your all previous massage.
So instead of this way, to change your mobile number Go to Setting > Account > Change Number.
Now enter your both old and new phone number and hit done. It will send you a verification code on that number and verify it.

Hide two images as one on WhatsApp

Want to send two images as one? That means if you sent one beautiful image to your friend but once he/she click on that image then it will change to another image. Yes! This can be done with the help of an app called Migapp tricks App for Android and Fhumb App for iPhone.
By using this app you will be able to hide one image into another. This app is only available for Android and iOS devices.

Migrate or Transfer WhatsApp Conversation from one Phone to another

Bought a new smart phone and want to transfer all WhatsApp conversation from old phone to new phone? Here are the simple steps to transfer all whatsapp conversation to your new Smartphone

  • Go to from your old phone File Manager > WhatsApp > Data bases.
  • Copy and transfer all backup to your PC.
  • Install WhatsApp in your new phone and place the copied files at the same location.
  • Restart WhatsApp and you are done. Now you can see your all old conversation.

Know your Friend’s WhatsApp Conversation

Want to know your friend’s whatsapp conversation? Then just hold your friend’s phone and follow the steps below

  • Go to SD Card > WhatsApp > Database > and you will see two files named msgstore-yyyy-mm-dd.1.db.crypt (yyyy-mm-dd are the year, month and date respectively) and msgstore.db.crypt
  • Now copy the 1st file to your PC.
  • Now visit Recover Massages and upload the file to view your friend’s WhatsApp conversation.

Conclusion

These are the Top 10 best WhatsApp tricks and tips that you must try with your WhatsApp. But it’s not the end we will update more whatsapp trick as soon as possible, until then try these amazing whatsapp tricks and leave a comment with your experience.
If you like these tricks then share it with your friends and help them to know these tips & Tricks of WhatsApp.

Common methods to hack a website

Gone are the days when website hacking was a sophisticated art. Today any body can access through the Internet and start hacking your website. All that is needed is doing a search on google with keywords like “how to hack website”, “hack into a website”, “Hacking a website” etc. The following article is not an effort to teach you website hacking, but it has more to do with raising awareness on some common website hacking methods.

SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.
When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you’ve entered against the relevant table in the database. If your input matches table/row data, you’re granted access (in the case of a login screen). If not, you’re knocked back out.

In its simplest form, this is how the SQL Injection works. It’s impossible to explain this without reverting to code for just a moment. Don’t worry, it will all be over soon.
Suppose we enter the following string in a User name field:

‘ OR 1=1 double-dash-txt.png
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users WHERE username = ‘USRTEXT
AND password = ‘PASSTEXT
…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.
So entering `OR 1=1 — as your username, could result in the following actually being run:
SELECT * FROM users WHERE username = ‘‘ OR 1=1 — ‘AND password = ‘’
Two things you need to know about this:
[‘] closes the [user-name] text field.
double-dash-txt.png‘ is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE user name = ” OR 1=1
1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.
Let’s hope you got the gist of that, and move briskly on.
Brilliant! I’m gonna go hack me a Bank!
Slow down, cowboy. This half-cooked method won’t beat the systems they have in place up at Citibank,
evidently

But the process does serve to illustrate just what SQL Injection is all about — injecting code to manipulate a routine via a form, or indeed via the URL. In terms of login bypass via Injection, the hoary old ‘ OR 1=1 is just one option. If a hacker thinks a site is vulnerable, there are cheat-sheets all over the web for login strings which can gain access to weak systems. Here are a couple more common strings which are used to dupe SQL validation routines:
username field examples:

  • admin’—
  • ‘) or (‘a’=’a
  • ”) or (“a”=”a
  • hi” or “a”=”a

… and so on.

Cross site scripting ( XSS ):

Cross-site scripting or XSS is a threat to a website’s security. It is the most common and popular hacking a websiteto gain access information from a user on a website. There are hackers with malicious objectives that utilize this to attack certain websites on the Internet. But mostly good hackers do this to find security holes for websites and help them find solutions. Cross-site scripting is a security loophole on a website that is hard to detect and stop, making the site vulnerable to attacks from malicious hackers. This security threat leaves the site and its users open to identity theft, financial theft and data theft. It would be advantageous for website owners to understand how cross-site scripting works and how it can affect them and their users so they could place the necessary security systems to block cross-site scripting on their website.

Denial of service ( Ddos attack ):

A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking

Cookie Poisoning:

Well, for a starters i can begin with saying that Cookie Poisoning is alot like SQL Injection

Both have ‘OR’1’=’1 or maybe ‘1’=’1′

But in cookie poisoning you begin with alerting your cookies

Javascript:alert(document.cookie)

Then you will perharps see “username=JohnDoe” and “password=iloveJaneDoe”

in this case the cookie poisoning could be:

Javascript:void(document.cookie=”username=’OR’1’=’1″); void(document.cookie=”password=’OR’1’=’1″);

It is also many versions of this kind… like for example

‘1’=’1′

‘OR’1’=’1

‘OR’1’=’1’OR’

and so on…

You may have to try 13 things before you get it completely right…

Android Phone Hacking

Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone
This is Just Android Spying (Monitoring) not Android Hacking, Android Device Can be hacked by Exploitation.
 
Visit this link for step by step tutorial : http://www.spyapp.net/how-to-install.html

Email Spoofing and Email Bombing

=> Email Spoofing Using Websites : There are numberless websites that provide free service to send fake emails. But the problem is that they attach the advertisments along with your email.  But the best twoneo, I have found that do not attach the advertisments.

www.emkei.cz      {have some advance options}

=> Email Bombing :  http://home.deds.nl/~rikdekoning/phpmailer.html

Like Us on Facebook and Get all The Tricks Daily

Click Here: http://facebook.com/phoenix.infosec

How to Find Vulnerable Webcams Across the Globe Using Shodan

Welcome back, my fledgling hackers!

I have already introduced you to Shodan, the world’s most dangerous search engine. As you remember, Shodan indexes the information from the banners it pulls from web-enabled devices. These include routers, switches, webcams, traffic lights, SCADA systems, and even home security systems.

In my last post, I showed you how to find specific routers at a specific location, at a specific IP. In this tutorial, we will look to find webcams that are either unprotected or will allow us to log in with the default credentials, so come along a ride in voyeurism via the World Wide Web!

Step 1: Log in to Shodan

First, we need to log in to shodanhq.com. Although you can use Shodan without logging in, Shodan restricts some of its capabilities to only logged-in users.

Image via wonderhowto.com

Step 2: Search for Webcams

There are many ways to find web cams on Shodan. Usually, using the name of the manufacturer of the webcam is a good start. Remember, Shodan indexes the information in the banner, not the content. This means that if the manufacturer puts their name in the banner, we can search by it. If it doesn’t, then the search will be fruitless.

One of my favorites is webcamxp, and when we type this into the Shodan search engine, it pulls up links to hundreds, if not thousands, of web-enabled webcams around the world!

Here is one from a rooftop in the Norway.

Here’s another from a small shop in South Korea.

Image via wonderhowto.comAlthough this can be fun and interesting to peek in—unbeknownst to these people around the world—we probably want to be more specific in our search for webcams.

Step 3: Default Webcam Username & Passwords

Although some of these webcams are unprotected, many of them will require authentication. The first step is to try the default username and password. I have compiled a short list of the default username and passwords of some of the most widely used webcams below.

  • ACTi: admin/123456 or Admin/123456
  • Axis (traditional): root/pass,
  • Axis (new): requires password creation during first login
  • Cisco: No default password, requires creation during first login
  • Grandstream: admin/admin
  • IQinVision: root/system
  • Mobotix: admin/meinsm
  • Panasonic: admin/12345
  • Samsung Electronics: root/root or admin/4321
  • Samsung Techwin (old): admin/1111111
  • Samsung Techwin (new): admin/4321
  • Sony: admin/admin
  • TRENDnet: admin/admin
  • Toshiba: root/ikwd
  • Vivotek: root/<blank>
  • WebcamXP: admin/ <blank>

There is no guarantee that these will work, but many inattentive and lazy administrators and individuals simply leave the default settings, and in those cases, these username and passwords will give you access to confidential and private webcams around the world!

Step 4: Search for Webcams by Geography

Now that we know how to find webcams and potentially log-in using the default username and passwords, let’s get more specific and try to find webcams in a specific location. If we were interested in webcams by the manufacturer WebcamXP in Australia, we could find them by typing:

  • webcamxp country:AU

This will pull up a list of every WebcamXP in Australia that is web-enabled in Shodan’s index as shown below.

Step 5: Narrow Your Search to a City

To be even more specific, we can narrow our search down to an individual city. Let’s see what we can find in Sydney, Australia. We can find those webcams by typing:

  • webcamxp city:sydney

This search yields the results below.

When we click on one of these links, we find ourselves in someone’s backyard in Sydney, Australia!

Step 6: Find Webcams by Longitude & Latitude

Shodan even enables us to be very specific in searching for web-enabled devices. In some cases, we can specify the longitude and latitude of the devices we want to find.

In this case, we will be looking for WebcamXP cameras at the longitude and latitude (-37.81, 144.96) of the city of Melbourne, Australia. When we search, we get a list of every WebcamXP at those coordinates on the globe. We must use the keyword geo followed by the longitude and latitude.

  • webcamxp geo: -37.81,144.96

When we get that specific, Shodan only finds four (4) WebcamXP cameras as shown below.

When we click on one, we can find that once again we have a private webcam view of someone’s camera in their backyard in Melbourne, Australia.

I hope this short demonstration of the power Shodan gets your imagination stimulated for inventive ways you can find private webcams anywhere on the globe! Don’t limit yourself to WebcamXP, but instead try each of the webcam manufacturers at a specific location and who knows what you will find!