Hackw0rm is an Ethical Hacking and Penetration Testing Blog. Founded and managed by Vivek Yadav. Hackw0rm shares latest Information Security guides and tutorials. We like to guide users in InfoSec fields and our mission is to share knowledge, inspiration and make internet more secure place.

Jun 19, 2015

5 Best Kali Linux Hacking Books

As you know Kali Linux is the most advance pentesting OS It is essential to learn to How to use it and learning from books is the best way to understand it, So here I've listed best Kali Linux Books to learn Pentesting & Hacking.


Top 5 Kali Linux Books for Hackers & Pentesters

Kali has hundreds of pentesting and forensics tools and there are countless ways to use them, It is important for a beginner to get a guide from book or an expert. Well in my opinion books are best because it describes points very well and you don't need to remember anything. All the below mentioned books are easily purchases-able with the attached links.

Basic Security Testing with Kali Linux

Basic Security Testing with Kali Linux - Kali PenTesting Books

Basic Security Testing with Kali Linux covers most of the basic and intermediate pentesting methods using Kali. I would recommend this book to a beginner because it covers security testing as well as hacking methods.

What you can learn from this Book?
  • Introduction to Kali Linux and Overview
  • Metasploit Tutorials
  • A section on Shodan (the "Hacker's Google")
  • Exploiting Windows and Linux Systems
  • Wireless (WiFi) Attacks
  • Social Engineering and Password  Attacks

You'll also learn how to discover vulnerability in system, which can be exploited by a malicious hacker. The book focuses more on How an attacker can find and exploit weakness in system and applications and that is the most important skill of a hacker.

Web Penetration Testing with Kali Linux

Web Penetration Testing-with Kali-Linux

As you know web is the major part of security and hacking, It is important to learn web penetration testing. Kali has tons of web pentesting tools pre-installed but using these tools in correct way isn't easy until you learn it from this book. Web Penetration Testing with Kali Linux is superb book for hackers interested in web hacking and pentesting.

Web pentesting is my favourite topic in hacking and this book guides reader with step-by-step tutorials not just with bunch of text paragraphs; It contains screenshots instructions which makes it easier to understand even for a layman.

Penetration Testing: A Hands-On Introduction to Hacking

Penetration Testing: A Hands-On Introduction to Hacking

Penetration Testing: Hands-on Intro to Hacking entirely focuses on penetration testing methods and techniques that every pentesters must know. Most of the tutorials are demonstrated in a virtual pentesting machine (An attacker's machine and a vulnerable target) using Kali linux. It has series of practical lessons with tools like Burp Suite, Nmap and Wireshark etc.
If you would like to become a penetration tester, this book is perfect for you
It also covers major part of network and web pentesting methods. That's not all you'll also learn writing your own exploits along with mobile hacking concepts. If you're interested in building penetration testing career this book is strongly suggested to you.

Mastering Kali Linux for Advanced Penetration Testing

Mastering Kali Linux for Advanced Penetration Testing

Mastering Kali Linux for Advanced Penetration Testing is the most advance Kali linux book I've ever came to read. It has vast topics of network security and penetration testing. Honestly this book has taught me lot about network exploits and most important how to use Kali linux as a pentesting machine.

After learning common security testing methods it takes you to exploitation and post-exploitation methods used by Hackers. It also focuses on bypassing physical security, social engineering, wireless networks, web services and attacking network direct end user.

The books follows a hacker methodology with all practical knowledge needed to test your security. If you're appearing for pentesting exams or wish to become professional penetration tester then undoubtedly this is the perfect book for you.

Kali Linux: Wireless Penetration Testing Beginner's Guide

Kali Linux: Wireless Penetration Testing Beginner's Guide

Network is a very important part of pentesting and as you know wireless networks like (WiFi, Routers, Cellular Networks and Mobile phones) and other radio frequency devices are almost everywhere it has become essential to learn how to pentest and secure it.

Kali Linux: Wireless Penetration Testing Beginner's Guide will teach you how to pentest wireless devices using Kali. It's a very informative book covering advance wireless hacking techniques along with encryption cracking skills. The best thing about this book is: It's a beginner's friendly.

*Books cover image credits to its respective publishers.

Jun 6, 2015

How to make Money being an InfoSec Professional

Have you ever wondered How professional Security Researchers and Hackers makes money? If not, then Here are Top methods for making money being an Information Security Professional, Although there are many ways but I've mentioned few legitimate ones.

Top Methods to make Money from InfoSec Skills

How to earn money Being an InfoSec Professional

Bug Bounty Programs

Bug Bounty Programs are very popular and best source of income for Security Researchers and Hackers, they are also known as Bug Bounty Hunters. What they do is simple, instead of exploiting a vulnerability they report it to security team and receive Bounty, Swags, Appreciation Certificate or getting honourable mention in security disclosure page (HOF).

Bug Bounty Programs

Giant sites like Google, Facebook and PayPal have huge bug bounties, but in most cases it actually depends upon depth and severity of vulnerability (If the bug is highly effective and critical you'll get huge bounties) In many cases researcher also gets a job offer.

It has become major source of income and believe me its a serious business, Although it requires good web pentesting skills and experience but if you're new, just read these security researcher's interviews it will help you a lot.

  • Bug Bounty Programs list

Not all Websites have Bug Bounty programs but there's a specific place where you can find and participate. Please follow Bug Bounty Program list by BugCrowd.

Teaching Ethical Hacking online

If you've years of experience and knowledge in hacking/security field then you can easily start your own online training academy and start making money by selling course videos as well as giving live lectures.

  • Become an Instructor on Udemy

Another best way to earn by teaching hacking online is to sell your video lectures on Udemy All you need to do is sign-up as an instructor, create your course package, set price and start selling it. Every time a students enrolls for your course you'll get paid.

Just make sure you do it in a good manner and your course must be beneficial, then only more students will engage. It also must be unique and simple to understand.

Freelance Ethical Hacker / Penetration Tester

I've seen many people living on online freelance jobs mostly from Designing, Development and Security field. It is easier and satisfactory, All you need is to setup a professional profile of yours and do advertisement, It is also called Personal Branding which is very important for a freelancer. Once you become popular you'll receive lots of freelance jobs.

Freelance Ethical Hacker and Penetration tester

  • Join Freelancer.com

Freelancer is the best place to find freelance jobs. It is totally free you can WORK and HIRE without any hesitation. Setup your profile with all attractive educational as well as professional skills and you'll find tons of hacking, pentesting and security jobs. You can apply for any of them and once you finish the job you'll get paid by the client.

It is very important to have a professional profile, skill as well as experience.

Blogging

You can also earn money by creating blogs on niche like Pentesting, Security and Ethical Hacking. Sharing your ideas, researches and ethical hack tutorials can get you good traffic and you can make money out of it using Adsense, Affiliate or writing sponsored posts.

It's a good method but not easy, one has to be very consistent. I Blog on these niches and it only works when you're very dedicated. One must know good online earning strategies as well as SEO.

  • Vlogging

Nobody can just solely depend upon Blogging. Vlogging (Video Blogging) along with Blogging is another great method to increase reputation as well as earning. The best way is to create YouTube channel and earn money from Google Adsense.

Working in Firm

This is the most common job for most of the InfoSec professionals. You can either work in a firm or an organization as security expert, ethical hacker or penetration tester and actually its the best but not so easy to get. One needs to crack an interview plus it also requires knowledge and experiences.

Ethical Hacker working in Firm

Working in a firm can help you to learn new things, gain experience and most important expand your knowledge and skills.

It is much like regular office job but getting these jobs might not be easier for a fresher because everybody demands an experienced person with professional information security skills. That's why it is necessary to get professional security certificates.

Writing a Book

Writing and publishing a book on ethical hacking or security is one of the best method to earn money as well as fame in InfoSec world. Don't expect to become popular author in first attempt, It definitely requires lot of knowledge, experiences and little investment too. But instead of writing a paper-book you can start with self-published eBook.

Alternate Methods
Speaking at Security Conferences, Conducting Seminars, Webinars and Ethical Hacking Workshops etc... are alternate methods to make money from InfoSec skills.

Apr 2, 2015

8 Must Have Pentesting Browser Plugins

While testing web apps, We always need pentesting browser add-ons because its quick and light. In the following post I've mentioned few essential browser add-ons for hackers and web penetration testers. As you know Mozilla Firefox is the only browser used by hackers widely because it provides wider flexibility and so I too recommend everybody to use it.

Top 10 Essential Firefox Add-ons for Hackers and Pentesters

Top 8 Web Pentesting Plugins

Tamper Data : Tamper Data is one of the most useful add-ons for pentesters, It is used to view and modify HTTP/HTTPS headers and post parameters as well as trace HTTP response or requests. It can also be used for testing web app security by modifying POST parameters and much more.

Hack Bar : Hack Bar is another widely used add-on because it has numerous security audit and light penetration testing tools. It's quick, light and easy to use for XSS, SQL encoding/decoding as well as Hexing and Splitting. Hack Bar comes with an inbuilt feature of encoding and decoding common encryption like MD5, SH1, Base64 etc.

User Agent Switcher : This is most useful tool when you're testing for multiple browser vulnerabilities, Yes it can switch user agent. The User Agent Switcher extension adds a menu and a toolbar button to switch the user agent of a browser. It can help you changing the User Agent to IE, Search Robots, I-Phone (I-OS), or you can also create your own User Agent.

Cookie Manager+ : Cookie manager can help you to view, edit, create and inject cookies etc. It also shows extra information about cookies, allows edit multiple cookies at once as well as backup/restore.

HTTP-Fox : HTTP-Fox monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers. It aims to bring the functionality known from tools like HTTP watch or IE Inspector to the Firefox browser.

Live HTTP Headers :  It is another great alternative to Tamper Data but with huge difference for e.g viewing HTTP headers of a page while browsing. It is mostly used to Inject payloads and fetch server response information very quickly.

Passive Recon : PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information. One of the most wanted information gathering tool.

XSS Me : Cross-Site Scripting (XSS) is a common flaw found in today's web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the exploit-me tool used to test for XSS flaws.

If you think the list misses some essential browser add-ons, So please do let me know via comment and I'll gladly mention it in post. Thank you.

Mar 11, 2015

An Interview with Rafay Baloch - A Famous Ethical Hacker

Hi, Today I interviewed one of the world top ethical hacker Rafay Baloch, A very passionate security geek and a pentester. Let's see how he began his hacking career and became world famous security researcher. He also have a little advice for your hacking career.


Who is Rafay Baloch?

Rafay Baloch is a Pakistani security researcher, founder of popular ethical hacking blog RHA and the author of Ethical Hacking and Penetration Testing Guide paper-book. He is also recognized as one of the top ethical hacker, Rafay has received countless bug bounties from tech giants like Facebook, Google, PayPal etc... His most famous finding is remote code execution in PayPal worth $10,000 USD. That's not all, He is also listed in many security disclosure page AKA HOFs. Rafay is one of the most popular and influenced personality in information security field.

How did you get fascinated towards Ethical Hacking?

7 years back, I downloaded a tool which claimed to hack an Orkut account and as of that time orkut was at it's top famous list among social networks; the tool which I was curious about turned to be a virus which was designed to steal information. Weird things started to happen to my computer, eventually after lots of googling i figured it out and managed to clean the infection successfully.

This however  made me curious how could had been the little program actually work beyond the curtains. This alone was my starting point, and from that morning on-wards i dedicated my every step of career information security.

Where did you learn so many things?

We have seen that you talk about different technologies such as Mobile app security, browser security, Radio frequency etc. How did you learn them and have you done any course?

I have dedicated almost seven years into this field and I am still learning more and more every single day. Learning never stops. The most essential thing you would need to have for learning is patience and dedication; these combined lead to heights of excellence. I haven't done any courses especially in terms of information security.

I have self-explored most of the things and i am still doing it with my learning passion. With regards to the learning part, I was lucky to get great mentors such as David Vieria, Giuseppe, Alex and File Descriptor to name a few. A list of Great friends such as Prakhar, Deepankar who helped me with my learning.

Who is your inspiration?

It's very hard to name a single person who has been my inspiration, initially i was really fascinated by Matrix movie from my childhood and then the story of Kevin Mitnick really inspired me. Also, as mentioned before i was fond of breaking things from my childhood which i never knew would transform into my career.

Which is your most favorite quote that motivates you?
Fame is a vapor, popularity an accident, riches takes wings, one thing endures is your character.
Tell us about your latest paper-book Ethical Hacking and Penetration Testing Guide

The book was published in 2014, It is completely dedicated towards beginners, the idea behind the book is that offense is the best defense. I have received mixed reviews. While people have really liked the contents of the book, however there have been people who have complained about the Grammar specifically and have criticized the editor. Also, I had a slight conflict with editor pertaining to the price of the book and he refused to lower it down. I might write another book, but I am not sure i am ready for it yet. BUT WHO KNOWS, what's next.

How do you imagine Hacking in next 10 years?

Rafay, If we look back in 90's or even beginning of 20's Hacking was little rare and very complicated indeed, perhaps it's because it was the dawn of computer and technologies but these days hacking is very popular because of Internet and anyone can learn basics of web hacking and social engineering for free of-course. In fact there are lots of automated scanners using it anybody can find flaws.

The reason why hacking was difficult to learn in 90's (Though targets were easy) was due to the fact that there were lack of automated tools to be utilized by script kiddies, As time passed by a lot of windows based GUI tools were developed which made it easier for script kiddies to utilize and hack targets. The simplicity or complexity of hacking techniques depend upon the fact that how strong your target is. There is absolutely nothing that can stop a motivated attacker, and the security of the target depends upon the number of attack vectors that you know.

With regards to the future, I see a lot of attacks against Internet of things, as you must be aware of the fact that we are moving towards smart world, where our day to day appliances are now connecting to the internet such as Smart TV, Refrigerator, peace maker to name a few, whenever you connect something to the internet, you give it a medium of communication which is sufficient for it to make it exploitable.

In future, we would be looking at a lot of attacks on Internet of things. Apart from that we have witnessed massive number of people shifting to Bitcoin mining, this means we would also witness a lot of attacks against Bitcoins especially more and more Botnets would rise.

What was your recent research on Android browsers?

My recent research was related to analyzing the security model of mobile browsers, I tested all the mobile browsers in android for security issues and found that most of them are affected with UXSS and various spoofing issues. As a matter of fact, I have just reported two more zero days to Google Security team which would be released as soon as they are fixed.

You're very inactive in bug bounty programs, Why is that?

If we look back a year ago, you were one of the most active and famous bug bounty hunter but all of sudden you've almost stopped participating in any bounty programs, have you found something even more interesting and challenging than bug bounties?

Well, that's true, the reason being is that I lost interest, money was never a problem alhamdullilah, but i felt like i was not learning anything new with it, So I moved towards security research especially with Android.

I think security research is more challenging than bug bounty, we as security researchers invent techniques which pentesters use in their pentests. So there is a huge difference between both.

What is your advice to beginners in Hacking

My advice to beginners is first of all is to be ethical and not to compromise your integrity, A hammer could be used to build something and it could be used to destroy something. My personal integrity is to bring positive change in this world. Secondly, With regards to learning, I would recommend everyone to focus more on web application security instead of networks and other layers due to the fact that the attacks have moved towards web applications and there is a huge playground and potential for bug bounties.

If you are into Blackbox testing, before you even start your first test, you should interact with the application and see how it works and start identifying all the inputs and start manipulating them against well known bugs. To be a better penetration tester, you need to be good at finding logical bugs, which you can only find given that you understand how the application really works.

What are your future plans Rafay?

I do have a lot of plans, however they are still in hypothesis phase part of them include writing another book, launching my own security startup and researching on new dimensions in security.

What are your thoughts about Hackw0rm blog?

I am a regular reader of your blog and I feel like that you are going in correct direction. The author is very hard working and is always looking for ways to improve himself. The only suggestion at this point i could give you is to be consistent with the post frequency and have someone to proof read your posts.

I appreciate your time Rafay would you like to say anything else?

My pleasure, thank you very much. The last message I would like to give is never to get demotivated by your failures, turn your weaknesses into your strength and follow your passion.

You can ask Rafay anything related to Hacking and Security, I'm sure he will definitely reply to your comment and do let me know your valuable feedback about this interview with Rafay Baloch; You can also follow him on Facebook and Twitter.

Feb 16, 2015

Top 5 Ethical Hacking and Pentesting Books of 2015

I prefer reading books and I always encourages my readers to read paper-books, blogs and whitepapers before enrolling for any hacking course. Learning from a book and doing it practically is beneficial and easy method.

Top 5 Ethical Hacking and Pentesting Books of 2015

5 Best Hacking and Pentesting Books

Books listed below are very helpful to anyone interested in Ethical Hacking, Penetration Testing and Security. The top 5 Ethical Hacking books list is suggested by an expert security researchers and hackers. All listed book are easily purchase-able from the attached links.

The Hacker Playbook : Practical guide to Penetration Testing

The Hacker Playbook (Practical guide to Penetration Testing)

The Hacker Playbook written by a security professional and CEO of Secure Planet. - A very informative book for beginners in Penetration Testing with practical guides, hands on examples and helpful advice from the top of the field. The Hacker Playbook is for those who have huge interest in Hacking and Penetration Testing.

Please go for latest version The Hacker Playbook 2 recently published.

Ethical Hacking and Penetration Testing Guide

Ethical Hacking and Penetration Testing Guide By Rafay Baloch

Ethical Hacking and Penetration Testing Guide written by a Pakistani prodigy hacker and security researcher Rafay Baloch. I personally recommend this book to every beginners in hacking, A step-by-step guide that empowers you on how to prevent threats associated with hacking. Readers will acquire knowledge on how to interpret hacking tools and will learn to perform pentesting with tools like fender Rootkit, Netcat, Fast Track Autopwn, Metasploit, Nessus, Nmap, Google Reconnaissance and Backtrack Linux.

Web Application Hacker's Handbook (Finding & Exploiting Security Flaws)

Web Application Hacker's Handbook (Finding & Exploiting Security Flaws)

Web Application Hacker's Handbook guide its reader in finding and exploiting web apps security flaws. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. The book consists of 912 pages of guide and techniques on Web app hacking, security and pentesting. I highly recommend it to beginners in web app ethical hacking.

Black Hat Python: Python Programming for Hackers and Pentesters

Black Hat Python (Python Programming for Hackers and Pentesters)

Black Hat Python is one of the best and most wanted book because whenever it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen? In this book, you'll explore the darker side of Python's capabilities - writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and much more.

Hacking Exposed Web Applications

Hacking Exposed Web Applications

Hacking Exposed Web Appstions is a very informative real web app hacking book which explores full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster. You can learn lot of advance web app hacking and pentesting techniques including the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, and XML injection techniques etc.

All books listed above is very informative based on its topic, but from all of them I highly suggest everyone to go for Ethical Hacking and Pentesting Guide and Black Hat Python.