foxsin tech: نوفمبر 2015

الاثنين، 30 نوفمبر 2015

A Row Bot that Loves Dirty Water

Row-bot/Robot Feeds on Rich Organic Matter in Dirty Water

Swimming in the sea or a pool of polluted water could be unsafe though aquatic organism like water boatman would need the nutrients in polluted water to feed on. Researchers at the Bristol Robotics Laboratory – BRL have been motivation by the water beetles and other swimming insects and have developed the Row-bot, a type or a robot which tends to thrive in dirty water.

The Row-bot imitates the way the water boatman move and the way which it tends to feed on rich organic matter in the dirty water in which it swims. The purpose of the Row-bot project is focused to develop an autonomous swimming robot which is capable of operating indefinitely in remote unstructured areas by huntingits energy from the environment. When it tends to get hungry, the Row-bot opens it soft robotic mouth and rows forward to fill its microbial fuel cell – MFC, stomach with nutrient rich dirty water.

Thereafter it tends to close its mouth and the nutrients are gradually digested. The MFC stomach utilises the bio-degradation of organic substanceto generate electricity using bio-inspired mechanisms. When it has been recharged its electrical energy stores, the Row-bot then rows off to another new area for another drink of dirty water.

Row-bot – Environmental Clean-up Operation of Contaminants

The Row-bot had been developed at the Bristol Robotics Laboratory in collaboration between the University of Bristol and UWE Bristol by PhD student, Hemma Philamore together with her PhD supervisors, Professor Jonathan Rossiter from the University of Bristol’s Department of Engineering Mathematics and Professor Ioannis Ieropoulos from the Bristol Bio-Energy Centre at the University of the West of England. Professor of Robotics at the University of Bristol and BRL, Jonathan Rossiter informed that the work shows a vital step in the progress of autonomous robots with the potential of long-term self-power. Several of the robots tend to need re-charging or refuelling and often need human assistance.

A PhD student, Hemma Philamore stated that they anticipate Row-bot to be used in environmental clean-up operations of contaminants like oil spills as well as harmful algal bloom and also in long term autonomous environmental monitoring of harmful environments, for instance those which were hit by natural as well as man-made disasters.

Combination of Two Systems – Bio-Inspired Energy Source/Bio-Inspired Actuation

The sample robot combines two systems namely a bio-inspired energy source and bio-inspired actuation. While the first subsystem portrays the power generations potential of the robot, the second duplicate system begins the refuelling process, moving the robot with an energy needed which is less than the energy that is generated by the first system.

This has been achieved by feeding of the chemical energy contained in its surrounding liquid to support microbial metabolism within the MFC.Imitating the water boatman’s mechanism of feeding that works on a broad beaklike mouth to sweep in the liquid as well as suspended particulate matter, the Row-bot tends to feed its MFC stomach on opening and closing the mouth life orifice at each end of the MFC by bending of a flexible acetate envelope structure.

On utilising both of these systems, the robot tends to be totally independent in the water with the provision of enough energy available in the liquid.

السبت، 28 نوفمبر 2015

ZARP A Network Attacking Tool

ZARP A Network Attacking Tool

Zarp is a network attack tool centered around the exploitation of local networks.

This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and applications. These tools open up the possibility for very complex attack scenarios on live networks quickly, cleanly, and quietly.

The long-term goal of zarp is to become the master command center of a network; to provide a modular, well-defined framework that provides a powerful overview and in-depth analysis of an entire network. This will come to light with the future inclusion of a web application front-end, which acts as the television screen, whereas the CLI interface will be the remote. This will provide network topology reports, host relationships, and more. zarp aims to be your window into the potential exploitability of a network and its hosts, not an exploitation platform itself; it is the manipulation of relationships and trust felt within local intranets. Look for zeb, the web-app frontend to zarp, sometime in the future.

Current version: 1.5 Current dev version: 1.6

Installation

zarp is intended to be as dependency-free as possible. When available, zarp has opted to use pure or native Python implementations over requiring or importing huge libraries. Even as such, zarp requires the following to run:

Linux
Python 2.7.x
Scapy (packaged with zarp)

It is also recommended that user's have the following installed for access to specific modules:

airmon-ng suite (for all your wireless cracking needs)
tcpdump
libmproxy (packaged with zarp)
paramiko (SSH service)
nfqueue-bindings (packet modifier)

The recommended installation process is to run:

git clone git://github.com/hatRiot/zarp.git

pip install -r requirements.txt

You can then run:

sudo python zarp.py --update

to update zarp. The update flag will not work if you download the tarball from the Git page.

Scapy comes packaged with Zarp and no installation is required. Wifite is used for wireless AP cracking; a specific version (ballast-dev branch) is required. This comes packaged with zarp. There are some dependencies required for Scapy, but most should be pretty easy to install or already be installed.

Tool Overview

Broad categories are (see wiki for more information on these):

Poisoners
Denial of Service
Sniffers
Scanners
Services
Parameter
Attacks

CLI Usage and Shortcuts

> help

zarp options:
    help            - This menu
    opts            - Dump zarp current settings
    exit            - Exit immediately
    bg          - Put zarp to background
    set [key] [value]   - Set key to value

zarp module options:
    [int] [value]       - Set option [int] to value [value]
    [int] o         - View options for setting
    run (r)         - Run the selected module
    info            - Display module information

Modules can be navigated to by nesting entries:

bryan@debdev:~/tools/zarp$ sudo ./zarp.py
[!] Loaded 34 modules.
     ____   __   ____ ____
    (__ ) / _\ ( _ \( _ '
     / _/ /    \ )   / ) __/
    (____)\_/\_/(__\_)(__) [Version: 0.1.5]

    [1] Poisoners       [5] Parameter
    [2] DoS Attacks     [6] Services
    [3] Sniffers        [7] Attacks
    [4] Scanners        [8] Sessions

0) Back
> 6 2

    +-----+----------------+----------------------------+------+----------+-
    |     | Option         | Value                      | Type | Required | 
    +-----+----------------+----------------------------+------+----------+-
    | [1] | Displayed MOTD | b4ll4stS3c FTP Server v1.4 | str  | False    | 
    +-----+----------------+----------------------------+------+----------+-
    | [2] | Listen port    | 21                         | int  | False    | 
    +-----+----------------+----------------------------+------+----------+-

0) Back
FTP Server >

Nested entries go as far as modules will. Note that right now it's 'dumb' in that, if you enter in a ton of numbers, it's going to continue dumping that out as module selection!

Usage Examples

List of modules accessible from the command line:

bryan@debdev:~/tools/zarp$ sudo ./zarp.py --help
[!] Loaded 34 modules.
     ____   __   ____ ____
    (__ ) / _\ ( _ \( _ '
     / _/ /    \ )   / ) __/
    (____)\_/\_/(__\_)(__) [Version: 0.1.5]

usage: zarp.py [-h] [-q FILTER] [--update] [--wap] [--ftp] [--http] [--smb]
               [--ssh] [--telnet] [-w] [-s] [--service-scan]

optional arguments:
-h, --help      show this help message and exit
-q FILTER       Generic network sniff
--update        Update Zarp

Services:
--wap           Wireless access point
--ftp           FTP server
--http          HTTP Server
--smb           SMB Service
--ssh           SSH Server
--telnet        Telnet server

Scanners:
-w              Wireless AP Scan
-s              Network scanner
--service-scan Service scanner
bryan@debdev:~/tools/zarp$

Main menu when launched with the command line GUI:

bryan@devbox:~/zarp$ sudo ./zarp.py
[!] Loaded 33 modules.
     ____   __   ____ ____
    (__ ) / _\ ( _ \( _ '
     / _/ /    \ )   / ) __/
    (____)\_/\_/(__\_)(__)
        [Version 0.1.4]
    [1] Poisoners       [5] Parameter
    [2] DoS Attacks     [6] Services
    [3] Sniffers        [7] Attacks
    [4] Scanners        [8] Sessions

0) Back
>

Navigating a module is pretty simple, and there are really only a few commands to know. When in the context of a module, the command 'info' can be used to dump a help or informational string:

ARP Spoof > info
---------------------------------------------------------
The heart and soul of zarp. This module exploits the ARP
protocol to redirect all traffic through the attacker's
chosen system.

http://en.wikipedia.org/wiki/ARP_poison
    +-----+------------------------------------+-------+------+----------+-
    |     | Option                             | Value | Type | Required |
    +-----+------------------------------------+-------+------+----------+-
    | [1] | Interval to send respoofed packets | 2     | int | False    |
    +-----+------------------------------------+-------+------+----------+-
    | [2] | Address to spoof from target       | None | ip   | True     |
    +-----+------------------------------------+-------+------+----------+-
    | [3] | Target to poison                   | None | ip   | True     |
    +-----+------------------------------------+-------+------+----------+-
0) Back
ARP Spoof >

To set an option, give it the option number followed by the value:

ARP Spoof > 2 192.168.1.219

If an option supports a choice list, give it the option number followed by the lowercase letter o:

HTTP Sniffer > 2 o
[!] Options: ['Site Only', 'Request String', 'Request and Payload', 'Session IDs', 'Custom Regex']
    +-----+-----------------------------+--------------+-------+----------+-
    |     | Option                      | Value        | Type | Required |
    +-----+-----------------------------+--------------+-------+----------+-
    | [1] | Regex for level 5 verbosity | None         | regex | False    |
    +-----+-----------------------------+--------------+-------+----------+-
    | [2] | Output verbosity            | 1            | int   | False    |
    +-----+-----------------------------+--------------+-------+----------+-
    | [3] | Address to sniff from       | 192.168.1.97 | ip    | False    |
    +-----+-----------------------------+--------------+-------+----------+-0) Back
HTTP Sniffer >

Modules, once all required options are set, can be run by specifying a lowercase '''r'''.

Download

الجمعة، 27 نوفمبر 2015

YouTube Translation Tools Aim to Globalise Content

YouTubes – Set of Tools to Translate Titles/Description of Videos

In an attempt of expanding its global reach, YouTube had recentlyannounced a set of latest tools in order to translate the titles and the descriptions of its massive trove of videos in multiple languages. YouTube has estimated that over 80% of its videos are viewed outside the United States and over 60% of YouTube channels’ views are from outside the country of its origin.

However, according to Vladimir Vuskovic, product manager for YouTube Globalisation, numerous videos that may have been significant to viewers have not been viewed since the search process has been limited to a single language.

Vuskovic state that YouTube, with its new tools, provides the potential for titles as well as description of the videos on its site to be displayed in multiple languages that helps with the discovery of content. YouTube has been offering three new services and those who tend to make videos could translate their titles and description together with the subtitles for videos which contain them into 76 languages inclusive of French, Spanish and Mandarin. Besides this vendors who provide translation services to Google Play developers could do the translation which according to YouTube includes translation into 57 languages.

Translation Through Crowdsourcing

YouTube has stated that it would permit viewers to do the translating through crowdsourcing wherein it would screen various answers in determining the precise translation. It informed that it potentially enabled translation into any language. Video Partnerships Manager at Vice, Jordan DeBor states that the new features have the capabilities to change fundamentally the way Vice tends to distribute its YouTube content on a global scale.

By eliminating the language barrier YouTube offers the opportunity of building new audience in local markets expanding from its existing ones’. With the support of more than 20,000 volunteer translators, TED, an important YouTube partner has experimented with crowd-sourced translations through thousands of video in over hundred languages.

They had joined the new translation tools pilot a few months back and have combined translated caption with translated titles with description for video in 11 languages for the first time.This gave rise to major growth in localized watch-time and the channel’s localized watch-time increased from 20% to 35% generally and in some cases up to 60%.

Options Important for Emerging Artists/Brands

Kristin Windbigler, Director of TED’s Open Translation Project mentioned that for over five years they have been working to remove the barrier of language from TED’s mission in extending ideas all over the world. YouTube, as one of the most important partners has pushed the boundaries in making the videos accessible as well as discoverable for viewers across the globe.

According to the company, the website Vice, in a test, translated videos in Spanish and Portuguese and observed viewing time had increase over 100%. TED director of global distribution, Deron Triff, stated that the company uploaded around 60,000 translated videos on YouTube on a single day in June, with provision of access to viewers speaking Farsi, Turkish, Russian and Vietnamese beside various other languages.

Triff has mentioned that for small associations like TED, YouTube develops an on-ramp for them to the parts of the world where they would be unable to set up relationships. A social media specialist at Digipendent Media, Daniel Aguayo mentioned that the option seems important for emerging artists as well as brands though a major steps also towards growing YouTube’s general audience.

Anonymous Hacks ISIS Website

Anonymous Hacks ISIS Website.

Since the Paris attack earlier this month. Hacktivist group Anonymous have already declared Cyber War on ISIS.

“Too Much ISIS. Enhance your calm. Too many people are into this ISIS-stuff. Please gaze upon this lovely ad so we can upgrade our infrastructure to give you ISIS content you all so desperately crave.”

ISIS; we will hunt you, Take down your sites, Accounts, Emails, and expose you...From now on, no safe place for you online...You will be treated like a virus, and we are the cure,' warn on the same post on Pastebin, before warning hackers that some accounts may be put back up by Twitter.

Earlier the group released 20,000 ISIS Twitter accounts Hacked!

According to Dailymail
Anonymous have also announced their newest addition to their anti-ISIS campaign is the so-called Rickroll, a classic trolling joke, which links followers to Rick Astley's 1980 hit song Never Gonna Give You Up.

The group said it would start posting Rickroll links in the #SupportISIS hashtag, which could be used by would-be jihadists who want to learn more about the terror group.

Anonymous Threatens Cloudflare For Protecting ISIS Propaganda Websites.

الخميس، 26 نوفمبر 2015

New Linux Ransomware Website Demand $999 With Bitcoin

New Linux Ransomware Website Demand $999 With Bitcoin

Security firms DrWeb and BitDefender have identified three different versions of the Linux server ransomware.

    Linux.Encoder.0
    Linux.Encoder.1
    Linux.Encoder.2

Malwarebytes identified a conceivable new variation, first spotting it on Nov. 21, that started at first requesting a $50 bitcoin ransom however then it demands reach upto $999.

Author also left the message in Russian said
"If your site is in a zone of Russia and the CIS, we are willing to apologize and decrypt files for free. Also, just drop us an email".

الأربعاء، 25 نوفمبر 2015

The Computer That Knows what you are Thinking

Emotion Reading Computers

We as humans have the advantage of masking our innermost feelings whenever the need arises. However, there could be a change now since the computers have been enhanced with not only at recognising faces but also in comprehending what could an individual be thinking in fact. Daniel McDuff has been working ona project where he has been creating emotion reading computers, at the Massachusetts Institute.

This could ultimately lead to machines which may have emotional intelligence or even everyday objects that have the potential to empathise with our moods, like a mirror that knows how one may be feeling about the way you look, a fridge which could offer food that may match one’s state of mind or a car which may recognises when they are stressed.

The method adopted by Dr McDuff has been progressing through a basic webcam which tends to detect a range of different facial movement from frowning to smiling. It then translates into seven of the most normally recognised emotional states namely, sadness, amusement, surprise, fear, joy, disgust and contempt.

The computer learns from a large database of four million video from volunteers as well as paid-for market researchers, in different emotional states and the procedures are regularly updated as well as tested against real world situations

Integrate Voice Analysis& Other Means of Physical Well being

The next step is to integrate the voice analysis and other means of physical wellbeing like the heart rate and the hand gestures. So far the data has revealed that there are huge differences in emotional responses among men and women and in the various age groups and demographics.

Dr McDuff informed BBC that there are significant differences in various countries in the way people tend to express themselves. He further added that `in collectivist cultures where the family group seems more important, people are expressive in small groups while in more individualistic cultures namely Western Europe, the stress is on building relationships with strangers and people get more positive around people who they are less familiar with’.

Besides this, he also observed that when people tend to mask their real feelings, the computer is capable in recognizing subtle difference. He states that if they are frustrated, they will often smile, however, that smile would be different from the smile when one is genuinely amused.

For Online Education

Another field which the system could be utilised is for the purpose of online education where it could provide advice to tutors on how students seem to be managing and understanding the work. The system which Dr McDuff together with his team has been researching had been tested with the BBC’s audience measurement group offering perceptions to the response to different shows.

He revealed that among those tested was a prime time comedy show which went down differently with the different demographics, ethnicities and ages. He now intends to use the technology for mental health in partnership with Affectiva, a MIT by-product for which he is the research director.

He states that it could be scary to imagine that someone could measure one’s emotions without the person realising it and hence it could be important to think about the social impact of such technology. It is essential that everyone actively decides to share their data.

Affective computing seems to be a growing area and companies like Creative Virtual are creating tools for customer service technology which enables a computer to tell the difference between a customer who seems to be upset and the one who is not.

Study-Words can Deceive, But Tone of Voice Cannot

Computer System Can Predict – Improved/Worsened Relationship

New Computer system can now predict if you and your spouse would be having an improved or worsened relationship centred on the tone of voice which one may use while speaking to each other with an accuracy of almost 79%. The system, in fact had done a better job of predicting marital success of couples with serious matrimonial issues than description of the therapy sessions that were provided by relationship experts which were reported in a study on September 6, 2015, in Proceedings of Interspeech.

Hundreds of conversations from more than one hundred couples have been recorded by researchers that were taken at the time of marriage therapy session over two years and later tracked their marital status for five years.

Led by Shrikanth Narayanan and Panayiotis Georgiou of the USC Viterbi School of Engineering, an interdisciplinary team, together with doctoral student Md Nasir and collaborator Brian Baucom of University of Utah, created a system which broke the recordings into acoustic features utilising speech-processing technique. These comprised of pitch, intensity, `jitter’ as well as shimmer besides several other things like tracking warbles in the voice which could specify moments of high emotion.

Voice Acoustic Features

Nasir mentioned that `what one says is not the only that tends to matter, it is very essential how it is said. The study confirms that it holds for a relationship of couple also’. The voice acoustic features takentogether provided the team’s program, a substitute for the subject’s communicative state and the changes to the state over the course of an individual therapy as well as across therapy sessions.

Significantly, the features were not scrutinized in isolation but the effect of one partner on the other and longitudinally over various therapy sessions was considered. Narayanan commented that it was not around studying the emotions but it was about studying the effect of what the partners says on one’s emotions.

Georgiou stated that looking at one instance on the behaviour of a couple limits their observational power. But observing at numerous points of time and looking at both individuals as well as the dynamics of dyad could be helpful in identifying courses of their relationship. At times it could for the best or at times they could be heading towards deterioration of relationship.

Behavioural Codes – Positive - Acceptance/Negative – Blame

Controlling of such method is to aid in identifying how domain experts could advise couples in a better manner in improving relationships, according to Georgiou. Baucom on his part commented that psychological practitioners as well as researchers have known for long that the way partners tend to talk and discuss issues has important implication with regards to the health of their relationships.

But the absence of efficient and reliable tools for measuring important elements in those conversations seems to be a major impediment in their widespread clinical use. The findings signified a main step forward in making objective measurement of behaviour practical as well as feasible for couple therapists. Once it was modified, the program was later tested against behavioural analysis made by human experts who had studied the couples, behavioural codes namely, the positive qualities such as acceptance or negative qualities like blame.

Moreover the team also observed that studying voice directly instead of the expert created behavioural codes provided a much accurate sight on the future of the couple. Thereafter utilising behavioural signal procedure, a framework to understand human behavioural computationally, the team intends to use language, for instance spoken words and nonverbal information like body language in cultivating the prediction of how effective would the treatment be.

Yahoo Stops Some Users Accessing Emails in Ad-Blockers Row

Yahoo – Stopped Users from Accessing Emails, Using Ad-Blocking Software

Yahoo has confirmed that it has stopped some of it customers from accessing their email if they tend to be using ad-blocking software in their browser. Some of the users in the US had reported that Yahoo mail had been displaying message requesting them to disable their ad-blocker prior to accessing their inbox.

A Yahoo spokesperson has commented that `at Yahoo, they are constantly developing and testing new product experiences. Members from an ad-blocking forum had informed that they had managed to evade the limit already. It is said that ad-blocking has turned out to be controversial and the technology companies have responded in various ways.

Apple had updated its mobile operating system iOS, in September to enable third party ad-blocker to be installed though they did not remove Apple’s own ads that serve up in apps. On the other hand Google introduced a paid subscription version of YouTube enabling viewers to remove ads for a monthly fee, on the video streaming site.

Ad-blocking advocates state that disabling advertisements could increase the battery life of smartphone as well as reduce the usage of mobile data. It could also avert users from being tracked by advertisers online as well as protect devices from malware which could be served up when an advertising network tends to get compromised.

Test – A New Product Experience

Yahoo had acknowledged adverts on its homepage in 2014 that it had been infected with malware for four days. However, the company presently tends to rely on advertising to earn revenue from its Yahoo Mail service that is available for use, free of cost.

Yahoo has not disclosed how long the test would be running or if it would ultimately roll out the new feature to its Yahoo Mail users. It was observed that they were unable to access Yahoo Mail through Google Chrome or Mozilla Firefox when the browser had installed the ad-blocking extension. As per BBC, Yahoo states that it is progressing the testing which is a new product experience focused for users in the U.S.

Though it is unknown how many users tend to get affected by this test, Yahoo has informed that this test will be running for a small number of Yahoo Mail users in the USA. Few users of USA had reported that a message in Yahoo Mail has asked them to turn off their ad blocker in order to access their inbox.

Users Barred from Viewing the Site

A member on an ad-blocking forum had informed that they have found a way of bypassing the restriction of Yahoo and in September, internet users trying to access the Washington Post’s website on using the software noticed that they were barred from viewing the site and were navigated to a subscription page and requested to enter their email address in order to unlock the content they intended to read.

This is about a significant discussion regarding customer choice; controls and the level of ads which customers tend to receive. This change was met with contempt by the users most of whom were keen to stop utilising the service and accepting its services however does not mean that users need to agree to the statement – Yahoo may include advertisements and these advertisements seems necessary for Yahoo to deliver the Yahoo Services.

You Can Now Use Android Apps without Downloading Them

Google – Use Apps without Download

Google is experimenting with tech that enables you to use apps without downloading them. It was Google’s plan of keeping its crown with regards to mobile search. Earlier searching for the Web would be sitting in front of a desktop computer and editing words in the search box at Google.com.

But now, with the enhancement in technology, individual open a smartphones app, instead of going to Google. However Google intends to change it and the Mountain View, California, company desires to extend its search dominance to smartphones by offering an option of using apps without the need of downloading them to your phone.

Should a user search for a product for instance hotel room by utilising Google’s app on a smartphone powered by the company’s Android software, it displays the search results from across the web as usual. However there would also be some details from apps like Hotel Tonight, the San Francisco-based app for booking last minute rooms. If the button is tapped, Google displays the app and the user could book a room, even though the same is not installed on their phone.

Streaming Video to Phone via Internet

For those who have been waiting for a long length of time between tapping `install’ and then able to open an app on the phone, it seems thrilling. The trick is that the company has been streaming a video to your phone via the Internet while the apps run in a computer several miles away.Presently Google is only capable of doing that with nine apps namely Hotel Tonight, Daily Horoscope, My Horoscope, New York Subway, Weather, Visual Anatomy Free, Useful Knots, restaurant finder Gormey and national parks guide Chimani. Lead engineer for Google’s mobile search and app indexing team, Rajan Patel commented that they feel like it is their role to ensure they have answers, in mobile often which are in apps.

This move for consumers would mean cutting out time and the trouble it involves in downloading an app and then installing it on the phone. One could utilise an app without the need of it occupying space on the device.For Google it could be revolution of making mobile app less applicable, keeping the search giant at the top for smartphone users. Though Google’s desktop search engine seems to be the most successful in the world, it is not as unattainable on Smartphones.

Deep Linking Technology

However, this is not the only option Google is making attempts in trying to enhance mobilesearch. Google, in April had altered the way of organizing all websites, ranking those which show better on smartphones and the company had been working in making information from within the apps much more searchable on Google. This technology is known as deep linking.

The company had also informed that it has now over 100 billion links to information from apps. Due to the technology which it had acquired last year from a start-up known as Agawi, Google also has the capability of streaming these apps. Google is not actually giving access to the app, technically.

According to a spokeswoman, it seems like one is in the program, though the company is in fact streaming you a high-resolution video which can be tapped and scrolled just as a normal app. The difference between an installed app and the Google version is that a banner runs through the bottom of the screen which says `App streamed by Google.

Google has mentioned that the new app feature would ultimately come to Apple’s iPhones though has refrained to say when it would come up.

الثلاثاء، 24 نوفمبر 2015

The World's Most Powerful Supercomputer

Tianhe-2 Supercomputer of China – World’s Most Powerful System

According to a biannual Top500 list of supercomputers, Tianhe-2 supercomputer of China has maintained its place as the most powerful system in the world for the sixth consecutive time. The Top500 list is considered to be one of the most authoritative rankings of the world’s supercomputers and has been compiled on the basis of the performance of the machines on the Linpack benchmark by experts from Germany and the US.

Tiahne-2 also known as the Milky Way-2 having a performance of 33.86 petaflops per second –Pflop/s had been invented by China’s National University of Defence Technology and organized at the National Supercomputer Centre in Guangzhou. It has held the title since June 2013.

According to the official media report, the Chinese system is said to be around twice as fast as the next on the list, Titan of the US Department of Energy that has a performance of 17.59 Pflop/s. In the latest edition of the closely watched list, no changes have come up regarding the ranking of the world’s top 5 supercomputers since June 2013.

China – Great Leap to 109 Systems

As per professor of the University of Tennessee and editor of the report, Jack Dongarra stated in an email to state-run Xinhua news agency that the top five computers are very expensive and powerful and it would take another year before a new system tends to enter the top five.From July 2015’s list some of the substantial changes to this list is the sharp decline in the number of systems in the US now at 201. It has been reported that in July, this is down from 231 and seems to be the lowest number of systems that have been connected in the US since the list had begun in 1993.

In comparison, China had made a great leap to 109 systems. Dongarra had stated that China received a big enhancement from Sugon, Lenovo and Inspur. The large number of submissions had come from Sugon. As per the Top500 statement, Sugon had outdone IBM in the system category with 49 systems and Lenovo that had acquired IBM’s x86 server business last year had 25 systems in the list, up from three systems on the list of July 2015. Besides this, some systems which were earlier listed as IBM have now been labelled as IBM/Lenovo and Lenovo/IBM.

China Carving Bigger Share as Manufacturer

The third vendor from China, Inspur, now has about 15 systems on the list. The statement mentioned that China is carving out a bigger share as a manufacturer of great performance computer together with manifold Chinese manufacturers being very active in this arena.

Overall HP tends to lead the list with 156 systems followed by Cray with 69 systems with China’s Sugan with 49 systems. However, US intend to ultimately lead the world in supercomputer. Last fall IBM, had indicated that it would develop two new supercomputers named Summit and Sierra, for the Energy Department which would be still more powerful than China’s Tianhe-2 supercomputer but the same would not be ready till 2017.

President Obama had signed an executive order calling for the U.S. in July to develop the world’s most powerful supercomputer under the National Strategic Computing Initiative. The Energy Department as well as the National Science Foundation would be leading the push. There seems to be no deadline for the supercomputer’s completion though initiative members are expected to give yearly updates on its progress for the next five years.

Microsoft Presses Pause on Tool for Porting Android Apps to Windows 10

Microsoft to Introduce Project Astoria Tool

Microsoft intends to introduce a tool in bringing about apps that were initially written for Android to its own Windows 10. Project Astoria, the tool, had been created to inspire programmers who wrote apps for devices, driven by Google’s mobile software to bring these apps to Microsoft’s latest operating system. Windows is the foundation software for most of the PCs.

However Microsoft had been struggling to extend it to phone as well as tablets where the software of Apple and Google tends to dominate. As for Microsoft, it seems that the progress on the tool is not going as planned and the company has refrained from commenting if Astoria has been cancelled or that it would still be released.

According to Microsoft spokeswomen it was said that they are committed in offering developers several options in bringing their apps to the Windows Platform and the Astoria bridge is not yet ready. But other tools tend to provide great options for the developers. It is important for Microsoft that Windows 10 is successful after its predecessor. Windows 8 was extensively rejected.

Astoria – Deliver Set of Patterns/Concrete Setup

A deep and broad selection of Windows 10 app could be essential for success in order that users could fulfil their requirements for communication, work and entertainment and Microsoft could extend Window’s financial success.

The earlier smartphone software of Microsoft had fought to obtain traction partially owing to an absence of apps when compared to Apple’s iOS as well as Google’s Android. Astoria was intended to be the principal part of the plan in drawing important app developers to Windows. Project Astoria tends to deliver a set of patterns and a concrete setup in creating and consuming data services by utilising web technologies.

Data has been increasingly available in the web and the production of new data driven applications like mashups evidently specifies that the availability of standalone data independent of user interface is altering the way systems tend to be built as well as the way data can be leveraged.

The future of Astoria could be doubtful, but Microsoft has released two of its related tools, namely `Islandwood’, which enables developers to bring apps for Apple’s iOS software to Windows 10 and `Westminister’, that does the same for apps created for the Web.

An Emulator/Softer Layer

The company has mentioned that Microsoft also intends to release a similar tool, to bring the older-style Windows app to Windows 10. According to the Windows Central blogs it is said that some clues hinted at fading interest for Astoria and the project’s forum died down in September with the questions of developers remaining unanswered by Microsoft.

Moreover, Microsoft uncovered Astoria out of latest test versions of Windows 10 for the mobile devices. In Microsoft’s world, programmers could write their apps for Windows 10 in the first place, directly. The foremost issue of Astoria is that it is efficiently an emulator, a softer layer which enables programs written for one software basis run on another. However emulation means that an app’s styling does not seem to fit well in the new environment or take benefit of its features.

Microsoft had stated that `developers could write apps which run on all Windows 10 devices and take advantage of native Windows features and that they are grateful to the feedback for the development community and are looking forward to support them as they tend to develop apps for Windows 10’.

Snapdragon 820 will Change Smartphones in 2016

Qualcomm’s New Snapdragon 820 – Fastest Performance Chip

Qualcommhas been leading the smartphone processor manufacturer for several years and the company has played an important role in altering the façade of the industry. Recently Qualcomm had launched the new Snapdragon 820 and its high end smartphone processor is evidently the fastest performance chip ever developed. After a full year of instabilities for the company, this new sort of processor has all new designs in delivering the performance leap which Android enthusiast would prefer.

Though the Snapdragon 810 was initially capable, the 820 have benefits which could ease some of the anxieties that any enthusiast has. Foremost is that the chip has a new custom architecture and abandons the `off-the-shelf’ cores of the 810. Moreover, it has adequate power saving and task off-loading features which Qualcomm tends to extend battery life as well as performance.

The processor of Qualcomm’s new 64-bit Kryo cores on-board, which is a custom-design is said to be holistically integrated with the rest of the SoC in order to give the best in heterogeneous computing.Besides this the Kryo cores tends to reach clock-speeds of 2.2 GHz and the CPU offers twice the peak performance of the Snapdragon 810 with twice the battery efficiency also, according to Qualcomm.

Hexagon Digital Signal Processor – Offload Tasks/Less Power

The latest CPU is being developed based on the latest 14nm FinFET process and should prove to be advantageous over larger process size such as those in most of the 2015 flagship chipsets. Qualcomm is ensuring that the Snapdragon 820 is capable of handling tasks professionally through intelligent task distribution and their new Symphony System Manager certifies that you can run the right task on the appropriate processor.

However, though some SoCs limit such system management to only CPU cores. Symphony could handle the complete SoC in different alignments to locate the competent variation of load allocation. According to Qualcomm, specialized cores are selected to get the task done as fast as possible. With their updated Hexagon 680 DSP in place, together with battery savings it could be more encouraging that earlier. The Hexagon Digital Signal Processor tends to offload tasks which could be done quickly on this processing unit, consuming less power than the CPU.

New Image Technology – Enhanced Adaptive Brightness/Reduced Noise

It will be assigned with sensor processing tasks and as a low power island just like the other devices provided earlier. With a sensor assisted processor together with their new image processing technology it would bring about efficiency in the field of smartphone practise which could be quite substantial drainers. Regarding the image technology, the Snapdragon 820 claims the capability of intelligently categorizing objects in images, or images in various classifications based on the context.

Its Spectra Image Sensor Processor – 14-bit dual-ISP, attached with Snapdragon Scene Detect, tends to achieve deep learning technology in improvement as it learns with more data. Qualcomm states that their technology could provide enhanced adaptive brightness together with reduced noise.

Besides this, one may also perceive drops in HDR as well as motion artifacts. Overall, the Snapdragon 820 seems to be a fanciful chip and is claimed that it passes the thermal requirements from OEMs. As they have smartly called their new design `Kyro’ – wherein `Cyro’ is defined as involving cold, they not only need to live up to their promises but also to the name.

Three Entrepreneurial Strategies That Can Facilitate Professional Success

One of the most deeply satisfying experiences an individual can have is the sense of maintaining both personal and professional success. Being an entrepreneur is an effective way to attain this type of experience because it allows you to generate wealth and build a business in a manner that is conducive to your personal values and preferences. However, many entrepreneurs find that they are unable to get their business ventures off the ground due to a lack of information or resources. Nevertheless, using some or all of the following strategies can help you attain the professional success you're looking for:

1. Get Into Multi-Level Marketing.

Multi-level marketing is an entrepreneurial strategy that you can employ to attain professional success. The basic business schema involves you selling one or several products and services. You will generate income based on your sales. Additionally, you'll recruit business partners who will also sell the company's products and services. You'll receive a percentage of their sales. As you start looking for the ideal multi-level marketing company to work with, consider the professionals of ACN Inc. This company has extensive industry experience and a passion for helping people realize their professional dreams.

2. Networking.

If you're serious about being successful as an entrepreneur, networking is a must. To ensure that you optimize your sphere of influence and enhance your conversion rates, you need to constantly be coming in contact with new people. There are numerous networking events you can attend to realize this objective, some of which include career fairs, conferences, and lectures.

3. Investing.

Another strategy that you should consider as you seek to realize your entrepreneurial vision is investing. Investing is a great way to generate passive income, and you can use the money you create to support your budding business. Many people don't take time to look into investment opportunities because they aren't familiar with this facet of finance. Yet by simply hiring a reputable investor, you can attain the information and professional assistance necessary to make sound, perpetually profitable investing decisions.

Conclusion

When you're ready to attain a high level of entrepreneurial success, it's important to find and implement proven business principles that will help you attain the great results you want. To really get your company moving forward, consider implementing one or all three of the helpful business strategies you see outlined above. After a while, you'll likely find that your entrepreneurial dreams start coming true!

الاثنين، 23 نوفمبر 2015

Windows Reverse Engineering Command Line Tool To Dump Malware Memory

Windows Reverse Engineering Command Line Tool To Dump Malware Memory !

Windows Tool For Dumping Malware PE Files From Memory Back To Disk For Analysis.

Process Dump
Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. This is a common task for malware researchers who need to dump unpacked or injected code back to disk for analysis with static analysis tools such as IDA.

Process Dump works for 32 and 64 operating systems, uses an aggressive import reconstruction approach, and allows for dumping of regions without PE headers - in these cases PE headers and import tables will automatically be generated. Process Dump supports creation and use of a clean-hash database, so that dumping of clean files such as kernel32.dll can be skipped.

Example Usage
Dump all modules from all processes (ignoring known clean modules):

pd64.exe -system
Dump all modules from a specific process identifier:

pd64.exe -pid 0x18A
Dump all modules by process name:

pd64.exe -p .chrome.
Build clean-hash database. These hashes will be used to exclude modules from dumping with the above commands:

pd64.exe -db gen
Dump code from a specific address in PID 0x1a3:

pd64.exe -pid 0x1a3 -a 0xffb4000 Generates two files (32 and 64 bit) that can be loaded for analysis in IDA with generated PE headers and generated import table: notepad_exe_x64_hidden_FFB40000.exe notepad_exe_x86_hidden_FFB40000.exe

read more

Download

Chrome for Android vulnerability Discovered by Researcher

Chinese Researcher Discovered Susceptibilities in Android Operating System

Google, over the past few months had been busy crushing security susceptibilities in its prevalent Android mobile operating system, though several tends to remain undiscovered and some could be easily misused. Guang Gong, a Chinese researcher from Qihoo 360, demonstrated at MobilPwn2Own at the PacSec conference in Tokyo on how an Android device running the latest version of the operating system could be hijacked by exploiting JavaScript v8 vulnerability through Chrome browser.

Gong observed JavaScript v8 susceptibility in Chrome for Android enabled him to install a random application on the affected device, a BMX Bike game in this case, without the need of user interaction. Dragos Ruiu, PacSec organizer had explained in a Google+ post. V8 is Google’s open source JavaScript engine and V8 is written in C++, used in Google Chrome which is the open source browser from Google.

Google security engineer on site had received the bug. Spotpedia had informed that `a Google engineer instantly got in touch with Gong after his presentation and rumours were on that the Chrome team had already got it fixed. Gong had commented on 9to5Google that the exploit was created by someone whose job was to find vulnerabilities and not a hacker with malicious intentions.

Vulnerability in JavaScript Engine in Chrome

As long as Chrome is utilised in navigating to a malicious site an attacker has set up, the device could be infected.This was demonstrated on a Google Project Fi Nexus 6 operating the latest Android 6.0 Marshmallow build with all applications updated. The vulnerability was also demonstrated by the researcher which could provide an attacker with total control of the device and success of the exploitation does not need chaining in multiple susceptibilities.

Ruiu informs that this particular shot exploit had been exposed after three months of work, though the exact details on the security flaw had not been publicly known. The exploit had been tested on other devices too and worked on all of them, according to Ruiu.Considering that the vulnerability is in the JavaScript engine in Chrome, it is said to affect the entire Android version with the new version of the browser which is installed. Ruiu had announced through Twitter that the details on the vulnerability had been handed over to Chrome engineer at the conference.

Series of Critical Android Vulnerabilities Observed

However, unfortunately for Gong, his presentation at the conference did not gain him an immediate reward for his efforts though probably Google would reward him for the discovery of the vulnerability, since the company has a bug bounty program set up for Chrome and Chrome OS. According to The Register, Ruiu would fly Gong to the CanSecWest security conference next year.

Google would most probably handle this vulnerability soon, even though the details on the exploit have not been made public so far. A series of critical Android vulnerabilities have been discovered by security researchers this year comprising of the Stagefright flaw which has affected almost a billion devices and a Stagefright2issue alleged to have affected devices running all Android version, began with the initial release.

Zano Mini-Drone Project Shut Down by Torquing

Zano Mini-Drone Shut Down

The Zano mini-drone project, one of Europe’s most successful Kickstarter has been shut down by the company. Torquing Group had released a report to supporters of the project stating that it had decided to pursue a `creditors’ voluntary liquidation. The said project is said to be in distress inspite of raising over £2m. According to a message sent by Torquing, the creditors would be contacted by abankruptcyexpert.

The message states that on exploring all options known and after seeking professional advice, they have made the difficult decision to pursue a creditor’s voluntary liquidation. They have been greatly disappointed with the result of the Zano project and would like to take the opportunity of thanking all who supported them during the difficult period, particularly the loyal employees, whose commitment had exceeded all expectations.

Thousands of individuals who had invested in the project through Kickstarter would not be receiving the device for which they had paid to support.According to a comment left on a Zano forum, Ivan Reedman, chief executive of Torquing had resigned recently owing to personal health issues and conflicting differences. This was followed by another hitch in June when Torquing had missed a deadline in distributing drones to supporters waiting for the product.

Europe’s Most Successful Kickstarter Campaign Collapse

Zano drones were in production already and were created to be controlled through a smartphone app. Moreover, the device would also be capable of following users as they moved around outdoors but the function was not working completely when BBC had visited Torquing in August.

One of the supporters had informed BBC that he had invested around £164 in November 2014, in Zano and till a few weeks ago they had been receiving emails stating that the first 7,000 Zanos were almost ready to be dispatched.

He further commented that it was unfortunate to see Europe’s most successful Kickstarter campaign collapse so dramatically, especially when it was nearing shipping. Sandro Ruch another supporter informed that he had invested a couple of hundred dollars and was disappointed with Torquing’s communication with supporters of the project in recent months. He informed BBC that it was the main thing and the main point which was upsetting was that it was a question of investor expectation management.

Social Networks – New Met with Dismay by Supporters

The news was met with dismay by the supporters on social networks and one supporter had written on the Zano Facebook page that he wanted his money back. User on the Kickstarter page for the project had added that being furious seems to be an understatement.

It was expected to arrive in June and it is now almost six months later that the decision has come up. In one of the statement, Kickstarter had stated that creators on Kickstarter have a remarkable track record though there are no guarantees that a project would work out.

If a developer is unable to complete a project as pledged, their contract with supporters need them to bring the project to the best possible conclusion as mentioned in the Terms of Use. Torquing refrained from responding to request for their comment.

السبت، 21 نوفمبر 2015

Anonymous Warns About Next ISIS Attack Including WWE Event

Anonymous Warns About Next ISIS Attack Including WWE Survivor Series Event.

Which scheduled to take place in Atlanta Sunday at 7:30 pm EST.

According to International Business Times, Anonymous said it had passed proof to the MI5 intelligence agency in the U.K., the CIA and FBI in the U.S., and the Australian government but that it has no plans to release the proof publicly. "If we share the proof [publicly], everyone will start calling it fake because screenshots can be edited and accounts can be deleted. We have purposely not shared account links publicly because they would be shut down immediately and then no one would believe the proof."

OpParisIntelTeam posted in pastebin,

"There is no more need to share this link, if the authorities do their job well (which we hope they will). To prevent more "fear" from being spread we have therefore removed all our tweets except for this one. Today we trust you for once, authorities.

Because the authorities didn't pay attention we took to the web and warned civilians, who helped us reach the authorities AND Daesh. Daesh now knows that we are after them and that we know their threats and possible plans, we wish the authorities good luck in catching and preventing their actions."

Whereas @YourAnonNews declined and posted a tweet about it,

We did not spread any rumors about possible future ISIS attacks, and frankly, we do not know where the rumors come from.
— Anonymous (@YourAnonNews) November 21, 2015

Albeit on the grounds that they're professedly not associated with Anonymous doesn't inexorably make their intel false. Nor does it make it genuine.

J. Britt Johnson, the FBI Special Agent in Charge at the Atlanta office, said in the statement

"The FBI is aware of reports of an alleged threat that includes an Atlanta, Georgia venue and event. While we take all threats seriously, we do not have specific or credible information of an attack at this time. We have, however, made the proper notifications as we continue to work closely with our law enforcement and private sector partners to keep our community safe."

The WWE provided the following statement to Channel 2 Action News: 'WWE Survivor Series is currently scheduled as planned while we investigate the matter with federal, state and local authorities.'

Anonymous have declared war on ISIS last week. Anonymous Threatens Cloudflare For Protecting ISIS Propaganda Websites.

Network Mapper Nmap 7 Version Released

Network Mapper Nmap 7 Version Released

Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for network inventory, managing service upgrade schedules, monitoring host or service uptime, and many other tasks.

Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

Top 7 Changes in Nmap 7

1. Major Nmap Scripting Engine (NSE) Expansion
As the Nmap core has matured, more and more new functionality is developed as part of our NSE subsystem instead. In fact, we've added 171 new scripts and 20 libraries since Nmap 6. Exmaples include firewall-bypass, supermicro-ipmi-conf, oracle-brute-stealth, and ssl-heartbleed. And NSE is now powerful enough that scripts can take on core functions such as host discovery (dns-ip6-arpa-scan), version scanning (ike-version, snmp-info, etc.), and RPC grinding (rpc-grind). There's even a proposal to implement port scanning in NSE. [More Details]

2. Mature IPv6 support
IPv6 scanning improvements were a big item in the Nmap 6 release, but Nmap 7 outdoes them all with full IPv6 support for CIDR-style address ranges, Idle Scan, parallel reverse-DNS, and more NSE script coverage. [More Details]

3. Infrastructure Upgrades
We may be an 18-year-old project, but that doesn't mean we'll stick with old, crumbling infrastructure! The Nmap Project continues to adopt the latest technologies to enhance the development process and serve a growing user base. For example, we converted all of Nmap.Org to SSL to reduce the risk of trojan binaries and reduce snooping in general. We've also been using the Git version control system as a larger part of our workflow and have an official Github mirror of the Nmap Subversion source repository and we encourage code submissions to be made as Github pull requests. We also created an official bug tracker which is also hosted on Github. Tracking bugs and enhancement requests this way has already reduced the number which fall through the cracks. [More Details]

4. Faster Scans
Nmap has continually pushed the speed boundaries of synchronous network scanning for 18 years, and this release is no exception. New Nsock engines give a performance boost to Windows and BSD systems, target reordering prevents a nasty edge case on multihomed systems, and NSE tweaks lead to much faster -sV scans. [More Details]

5. SSL/TLS scanning solution of choice
Transport Layer Security (TLS) and its predecessor, SSL, are the security underpinning of the web, so when big vulnerabilities like Heartbleed, POODLE, and FREAK come calling, Nmap answers with vulnerability detection NSE scripts. The ssl-enum-ciphers script has been entirely revamped to perform fast analysis of TLS deployment problems, and version scanning probes have been tweaked to quickly detect the newest TLS handshake versions. [More Details]

6. Ncat Enhanced
We are excited and proud to announce that Ncat has been adopted by the Red Hat/Fedora family of distributions as the default package to provide the "netcat" and "nc" commands! This cooperation has resulted in a lot of squashed bugs and enhanced compatibility with Netcat's options. Also very exciting is the addition of an embedded Lua interpreter for creating simple, cross-platform daemons and traffic filters.

7. Extreme Portability
Nmap is proudly cross-platform and runs on all sorts of esoteric and archaic systems. But our binary distributions have to be kept up-to-date with the latest popular operating systems. Nmap 7 runs cleanly on Windows 10 all the way back to Windows Vista. By popular request, we even built it to run on Windows XP, though we suggest those users upgrade their systems. Mac OS X is supported from 10.8 Mountain Lion through 10.11 El Capitan. Plus, we updated support for Solaris and AIX. And Linux users—you have it easy.

Also see- > NMap Cheatsheet

Download NMAP

الجمعة، 20 نوفمبر 2015

Using AdBlock? Yahoo Could Block You From Using Its Services

Using AdBlock? Yahoo Could Block You From Using Its Services.

Yahoo Mail is purportedly dashing out people who use ad blockers.

According to post on AdBlock Plus , user reported that they can't access Yahoo Mail in Chrome or Firefox.

They get error message,

“Uh oh… We are unable to display Yahoo Mail. Please disable Ad Blocker to continue using Yahoo Mail.”

Adblock Plus is the most popular adblocker available for Firefox, Chrome, Opera, Safari, Android and Internet Explorer. Block all annoying ads all over the web

According to PcWorld report,

Yahoo Mail’s blocking of ad blockers doesn’t appear to affect everyone, as we haven’t been able to duplicate it. However, changing the end of the Yahoo Mail URL to “reason=ADBLK_TRAP” does bring up the error message for us, even without AdBlock Plus installed. One possible explanation, then, is that Yahoo is just testing an ad block crackdown to see how users will respond.

Yahoo Advertising revenue is down in third quarter report.

HOC reported earlier, Malvertising Hits 10 Million In 10 Days You Might Be Under Attack While Surfing The Web

الخميس، 19 نوفمبر 2015

Anonymous Threatens Cloudflare for Protecting ISIS Propaganda Websites

Anonymous Threatens Cloudflare For Protecting ISIS Propaganda Websites.

CloudFlare is the cloud web hosting company and protecting against distributed denial of service (DDoS) attacks.

About CloudFlare
CloudFlare, Inc. is a U.S. company that provides a content delivery network and distributed domain name server services, sitting between the visitor and the CloudFlare user's hosting provider, acting as a reverse proxy for websites. Its network protects, speeds up, and improves availability for a website or mobile application with a change in DNS.

CloudFlare was created in 2009 by Matthew Prince, Lee Holloway, and Michelle Zatlyn

Once again, @CloudFlare have been found to be providing services to pro-#IslamicState websites. Shameful. #OpISIS #Daesh #Anonymous
— Anonymous (@GroupAnon) November 16, 2015

CloudFlare CEO Matthew Prince given interview to FOX Business Network, said that the company takes the allegations very seriously.

“Anonymous published a list of 40 sites that they alleged to be actual ISIS sites,” Prince told Liz Claman. “We ran that by law enforcement organizations and there was no request to take any of those sites off our network. In fact in some cases, they asked us specifically to keep those sites on our network.”

He added, “We were quite surprised, not only to not have any orders to take any of the sites offline, but to see that actually a lot of the sites that Anonymous had identified actually weren’t related to ISIS at all. Some were Chechnyan rebel sites, some were Kurdish sites, some were Palestinian sites.”

“What they’re [Anonymous] really good at is knocking sites offline, except if they are behind CloudFlare,” Prince said. “So why they have a beef to pick with us is because we’re really good at stopping denial-of-service attacks.”

Anonymous declared war against ISIS after Terrorist attack in Paris

الأربعاء، 18 نوفمبر 2015

How To Hack ISIS? Anonymous Publishes Full Hacking Guide

How To Hack ISIS? Anonymous Publishes Full Hacking Guide

Anonymous Publishes Guides To Identify and attack websites and social media accounts of ISIS online.

Hactivist group Anonymous claim to have taken down more than 5,500 Islamic State-affiliated Twitter accounts in response to the terror attacks on Paris.

The Hacktivist group Anonymous can guide you that how to get involved in the cyber war against ISIS. After announced cyber war ISIS calls Anonymous 'IDIOTS', but after the day Anonymous post the new Video.

HackersOnlineClub reported earlier that Anonymous declared war Against terrorist group ISIS. and start the campaign #OpParis which aim to identify ISIS accounts.

Here are three guides:
1. 'Noobguide' How to hack and join CYber War
2. 'Reporter': How to set up twitter Bot to investigate ISIS-affiliated social media accounts.
3. 'Searcher': To Find ISIS Websites.

We report that more than 5500 Twitter account of #ISIS are now #down! #OpParis #Anonymous #ExpectUs
— #OpParis (@opparisofficial) November 17, 2015

Meanwhile ISIS produced its own guide warning its supporters how to prevent being hacked by Anonymous. An ISIS-affiliated account of messaging app Telegram is alleged to have released a message instructing followers what to do to stop being hacked.

Webserver of Anonops was down today.

UPDATE: IRC is down for everyone who isn't using https://t.co/TWoVVXZ5BP
— #OpParis (@opparisofficial) November 18, 2015

Yes, anonops is being attacked. May or may not be IS related, but they're probably too busy fucking sheep to attack us. We're used to it now
— #OpParis (@opparisofficial) November 18, 2015

PEMcracker Tool To Crack Encrypted PEM Files

PEMcracker Tool To Crack Encrypted PEM Files

This tool is inspired by pemcrack by Robert Graham. The purpose is to attempt to recover the password for encrypted PEM files while utilizing all the CPU cores.

It still uses high level OpenSSL calls in order to guess the password. As an optimization, instead of continually checking against the PEM on disk, it is loaded into memory in each thread.

bwall@ragnarok:~$ ./pemcracker
pemcracker 0.1.0
pemcracker <path to pem> <word file>

pemcracker 0.1.0 by Brian Wallace (@botnet_hunter)

Usage Example

bwall@ragnarok:~/data/publicprojects/pemcracker$ ./pemcracker test.pem test.dict
Password is komodia for test.pem

Compiling

make

This is somewhat of a short side project, so my apologies for any issues. If there is desire for this project to be further developed, I will try to allocate time.

Alternatives

If you are looking for the fastest possible method of brute forcing PEM files, you may wish to try out John the Ripper. Its little known ssh2john allows for converting PEM files to a format that can be fed into ./john.

Download