Lunes, Abril 22, 2019

How to inspect if you downloaded a apps is a phishing application. Here's how to do it.

Requirement:

1. Apk editor pro apk

2. Brain.apk (common sense)


Okay let's start the tutorial

Step:
1. Download and install the apk editor pro apk. 

2. Download the apps you want to install but first do not install yet. 

3. Open your apk editor pro apps and click "Select an Apk File" option and search the apps then              click   "Full Edit" option. 

4. At the down portion of the apk editor you will see three option there STRING FILES             MANIFEST

5. Click Files option then click DEX-SMALI and wait it till it succeed.

6. Now go to Smali Folder and look for xmainactivity.xml

7.Now you can inspect the apps if its remod with phishing method or not.

Thats it and i hope you enjoy my simple tutorial on how to know if a apps is a phishing application. Enjoy and be vigilant at all time.
Good Day Everyone ! ! ! !

Ngayon pag-uusapan natin naman ang mostly nagiging problema ng karamihan ngayon lalo na sa kanilang mga social account.

Lets start with this following question. Bakit nga ba nahahack ang isang account? And papano natin maiiwasan na mahack ang ating account.?

Mga posibleng dahilan kung bakit nahahack ang isang social account.

1. Phishing attack
2. Keylogger / Keylogging
3. Ransomware


What is Phishing?

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.
An attack can have devastating results. For individuals, this includes unauthorized purchases, the stealing of funds, or identify theft.

Ang phishing can be form into application or  link like game links, porn link which is when you click or ask to log in that's the way that the hacker can fully gain access to your information and changed it.


What is Keylogger?

A keylogger is a function which records or keystrokes on a computer. Taken at this basic level, a keylogger looks absolutely harmless. In the hands of a hacker or a cyber criminal, a keylogger is a potent tool to steal away your information. We'll talk about how a keylogger works, how cybercriminals install it on your computer, and what you can do to avoid being a victim. You'll know what is a keylogger when we're done.


What is Ransomware?

Ransomware is a form of malicious software (or malware) that, once it's taken over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment.

Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cyber criminals in Bitcoin.


Papanu natin maiiwasan yan mga ganyan?

1. For social account user specially facebook iwasan natin magclick ng link like game link or porn 
    link kasi onces na naclick mo at naglog in ka dyan palang makukuha ng hacker ang impormasyon
    mo.

2. Siguraduhin nyo din  na may recovery information ang mga social account nyo. Pwede link sa 
    mga gmail account or yahoo account or recovery number mo.

3. For Facebook user use Two Factor Authentication na nasa setting ni Facebook. Medyo hassle nga
    lang sya pero hindi naman basta basta mafufull access ang inyong facebook account.

4. For phishing application naman later on ipopost ko naman kung papanu machecheck or 
    malalaman nyo kung ang isang application is vulnerable sa phishing method.

So papanu hanggang dito na lang muna at sana may natutunan kayo sa lahat ng nasulat ko dito. 



Hanggang sa muli. Tandaan think before you click πŸ˜‰πŸ˜‰




  










Biyernes, Abril 12, 2019

Step by Step on how to use Http Injector

Requirement:

1.) Http Injector application (download it on Google Playstore)
2.) Ehi or Files that you will use it in Http Injector Apps
3.) And lastly dapat meron ka din nito - brain.apk (common sense πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚)

Step:

1.) Let's say nakapag-install kana ng Http Injector Apps sa celphone mo. Punta ka ngayon sa mga
     group or kung saan man na pwede ka makadl ng ehi files.

2.) Click mo yun binigay na link ng gumawa ng ehi. Takenote lang dapat kung ano yun sim mo dl
     mo lang yun pwede sa sim mo or pwede sa nakapromo sayo.

3.) After mo na makadl ng ehi or files. Open mo na si Http Injector Apps.

4.) After that punta ka sa bandang kaliwa sa taas ni Injector tapos hanapin mo yun parang papel na
     icon then click mo and piliin mo si Import Config.

5.) Then saka mo hanapin yun dinownload mo na files o ehi. Usually makikita mo yan it's either sa
    external or internal download folder ng cp mo or depende din sa kung ano set up ng cp mo kapag
   kapag ikaw ay nagdodownload.

6.) Then after mo na makita si Ehi iclick mo sya and wait mo na magsuccess import config sya. Pero
   in some case minsan nag-eerror sya so i would suggess na try mo sya iclear cached data si Http
   Injector Apps then restart cp and saka mo i-try ulit na iimport yun ehi.

7.) After na magsuccess import config sya check mo naman yun dalawang box na sina "DNS" at "Start SSH" then saka mo iclick na si "START"

8.) After that punta ka naman kay Log Menu ni Injector para makita mo kung ano nangyayari sa
   ginawa mo kanina. Pag may nakita ka na parang ulan lang sa taas ng cp mo ibig sabihin nun
   nagttry palang sya kumonek pero pag may ulap at parang susi na lumabas na sa taas ng cp mo ibig
   sabihin naman nun ay konektado kana kay injector.




Biyernes, Marso 22, 2019

Hello Everyone!!


Gusto mo ba malaman kung sino sino ang chinachat ng iyong gf/bf/asawa sa facebook or kahit na anong social website? Itong tutorial na ibibigay ko ay pwede makatulong sa inyo.

Warning: Itong tutorial na ito ay hindi ko ginawa para may makasakit ng kapwa tao o kung anu pa man. Hindi ko na responsibilad kung ano man at saan man nyo ito balak gamitin.


Requirement:

1. Computer
2. Internet Connection (syempre need natin yan)
3. Internet Browser like Google Chrome.

Ps: Hindi ko pa sya nattry sa ibang internet browser kung meron sya


Step:

1. Open mo si Google Chrome mo then dun sa may taas nya sa bandang kanan click mo yun tatlong        tuldok dun.

2. Then hanapin mo naman si More tools Menu then click mo then click mo si Extension Menu.

3. Tapos click mo naman si tatlong linya sa taas ni google chrome then hanapin mo sa baba si
    Open Chrome Web Store then saka mo i-click sya.

4. Then click on Search box then type "Keylogger" then click search and then hintayin mo lang              lumabas yun mga result nya.
   
5. Tapos click mo naman yun Add to Chrome ni  "Fea Keylogger" and then click Add Extension and wait mo sya na mag add kay goggle chrome browser.

Question #1:

Papanu po ba gamitin yun?

Answer:

Double click mo lang yun icon nya na nasa taas para mapunta ka sa application ni Fea Keylogger.



Question #2:

Papanu naman po kapag gusto ko sya i-hide si Fea Keylogger sa Goggle Chrome Menu.


Answer:

Right Click mo si icon ni FL then click mo yun "Hide from Goggle Chrome Menu" tapos pag gusto mo i-open si FL click mo lang yun tatlong dot ni goggle chrome at dun mo sya makikita sa pinakataas.

This keylogger is a physical so meaning hindi sya remote keylogger so from that you need to pa rin na personal i-open sya dun sa mismong computer kung saan nyo sya inilagay.


Okay thats it. Sana makatulong itong tutorial sa inyo. Again i will not encourage na gawin ito kasi para sa akin kung mahal mo talaga yun isang tao dapat may tiwala ka sa kanya ☺☺



Lunes, Marso 18, 2019

How to Create a HPI Config

Here I post the tutorial on how to make and use a Http injector for PC/Laptop step by step

Requirement:

1. Http Injector Installer for PC/Laptop
https://www.datafilehost.com/d/d32d5476
Password: a-dev1412
2. Ssh account which you will need for creating a .HPI file
3. Working URL for your .HPI file
4. Brain.apk (your Knowledge) πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚


Step:
1. Install the application in your PC/Laptop

2. After you install the apps. Open mo na si Http Injector ( gamit na tayo ng sarili natin language para maintindihan ng lahat) πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚

3. Tapos punta kana kay Tool Menu ni Http Injector then click mo si Payload Generator

4. Ilagay mo sa Host/Domain yun gusto mo na Working URL like m.google.com
(in a post pic I use my working URL)

5. Then sa Method Section piliin mo si Connect

6. Then sa Injection Section piliin mo si Normal Injection

7. Sa Header (optional) naman check Online-Host, Forward-Host, Forwarded-Host, Keep Alive and Use-Agent

8. Sa Payload (optional) naman check Dual-Connect

9. Pag tapos mo na sila lagyan click mo yun green na bilog na may check

10. Then punta na kayo sa SSH menu then ilagay nyo yun ginawa nyo SSH Account

11. Pag okay na lahat click the START

12. To save your File go to Inject Menu then click Export Config then check Lock All then input your note for your file then click the green with check sign




















How to Create a Ehi

Sa mga gusto matuto ng paggawa sarili nilang ehi ito
para sa inyo simpleng tutorial.

Requirement:
1. SSh Account - like tcpvpn,fastssh or any ssh site just do google searching lang
2. Alive remote proxy or rp and port.
3. active url payload
4. And lastly you always need this >> brain.apk(patience πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚)

Okay let start na...

Step.1 Punta kayo sa SSH Site like tcpvpn,fastssh or any ssh
site and create your own ssh account.

Step.2 After nyo makacreate ng account take down nyo yun
account info nyo kasi yan ang gagamitin nyo sa
paggawa ng ehi.

Step.3 For the ssh site like tcpvpn and fastssh dito nyo naman
makukuha yun rp at port nyo sa squidproxy.org

Step.4 Hanapin mo yun find box then ilagay mo yun server ng
ginawa mo na account then click find and wait for a
while

Step.5 After lumabas yun mga squid/remote proxy ng server
mo isulat/isave mo din yan.

Step.6 Yan may ssh account na tayo so url payload naman kelangan natin so i link this

http://pinoytechsaga.blogspot.com/…/list-of-free-sites-for-…

Dyan pwede kayo makahanap ng payload na nararapat sa gagawin nyo ehi.



Step.7 Ngayon meron na tayo ng mga kailangan natin open mo na si Injector mo.

Step.8 Punta ka ngayon dun sa taas yun may tatlong tuldok ni
injector then click clear data.

Step.9 Then punta ka naman sa taas ulit ni injector at hanapin
mo si tatlong linya then click mo then piliin mo si Payload Generator.

Step.10 Now this is my own example of set-up. You can do on
your own set-up depende sa timpla gusto nyo.

Normal
URL/Host: m.google.com (my own example only)
Request Method : Connect Injection Method: Normal
Online-Host
Forward-Host
Keep-Alive
Reverse proxy
Dual Connect

Note: if you want to put more than one payload on your set-up simple put this sign ( ; ) on between the end of website and check the ROTATE BOX also

m.google.com;www.google.com (my example only)

Step.11 After that click mo na si GENERATE PAYLOAD

Step.12 Then punta kana man kay proxy setting at ilagay mo yun nakuha mo na rp at port kay squidproxy.

Step.13 Then after that punta ka ulit dun sa tatlong guhit sa
taas ni injector then click mo si SSH Setting

Step.14 Ilagay mo naman yun ginawa mo kanina na SSH
account and after that click back kana.

Step.15 Check mo na si DNS AND START SSH then click
start na.

Step,16 Go to log menu na para macheck mo if kung ano
nangyayari sa ginawa mo. If connected na then Wow congrats clap clapπŸ‘πŸ‘πŸ‘πŸ‘πŸ‘πŸ‘ nagawa mo din beshie