How to Clone Any Website Using HTTrack ?

Let's start

Welcome back, my hacker novitiates!

Recently, I demonstrated a hack where you could redirect traffic intended for one site, such as bankofamerica.com, to your fake website. Of course, to really make this work, you would need to make a replicate of the site you were spoofing, or better yet, you could simply make a copy of the original site and host it on your own server!

HTTrack is just the tool for doing that.

HTTrack takes any website and makes a copy to your hard drive. This can be useful for searching for data on the website offline such as email addresses, information useful for social engineering, hidden password files (believe me, I have found a few), intellectual property, or maybe replicating a login page for a Evil Twin site to capture login credentials.

Unfortunately, HTTrack is not included in Kali, so we will need to download and install it. Fortunately, though, it is included in the Kali repository, so all we need to do is open the software repository and download and install it.

Download & Install HTTrack

From Kali, we need to navigate to "System Tools" and then "Add/Remove Software,"

That will open a screen. Notice the window in the upper left-hand corner next to the "Find" button. Enter "httrack" there and it will find the packages you need to install HTTrack.

You can also install it by typing the following in a terminal.

kali > apt-get install httrack

Use HTTrack

Now that we have installed HTTrack, let's start by looking at the help file for HTTrack. When you downloaded and installed HTTrack, it placed it in the /usr/bin directory, so it should be accessible from any directory in Kali as /usr/bin is in the PATH variable. Let's type:

kali > httrack --help

The basic syntax is the following, where -O stands for "output." This switch tells HTTrack where to send the website to.

kali > httrack <the URL of the site> [any options] URL Filter -O <location to send copy to>

Using HTTrack is fairly simple. We need only point it at the website we want to copy and then direct the output (-O) to a directory on our hard drive where we want to store the website. One caution here, though. Some sites are HUGE. If you tried to copy Facebook to your hard drive, I can guarantee you that you do not have enough drive space, so start small.

Test HTTrack

Let's try to make a copy of a site to our hard drive.

kali > httrack http://www.webscantest.com -O /tmp/webscantest

we successfully made a copy of all the pages of this site on our hard drive.

Explore the Site Copy

Now that we have captured and copied the entire site to our hard drive, let's take a look at it.

We can open the IceWeasel browser (or any browser) and view the contents of our copied site to the location on our hard drive. Since we copied the web site to /tmp/webscantest, we simply point our browser there and can view all the content of the website! If we point it to /tmp/webscantest/www.webscantest.com/login.html, we can see that we have an exact copy of the login page!

Conclusion

If you are trying to find information about a particular company for social engineering or trying to spoof a website or login, HTTrack is an excellent tool for both tasks. Many of you have been asking about how to create a clone website for dnsspoof or grab credentials for an Evil Twin, now you have the tool to do so!

Written by: @ismaelwick

How to create bitcoin wallet?

Let's start

Bitcoin:

• Please always remember to use reliable services only when it comes to transactions. There are several well proven providers like Blockchain you can use to create a Bitcoin wallet. We recommend you use the blockchain wallet due to its ease of use, simplicity and popularity.

Please go to https://www.blockchain.com/wallet#/signup and press “Create Wallet”

• You will be asked for an email address that will be used to verify your identity each time you try to open your wallet (optional) and a password. It’s important to use a password as strong as you can think of with more than 10 characters, low and uppercase letters, numbers and symbols.

• When finished, you will be asked to write and store a phrase that will be used to get access to your wallet if you forget your password. This is important because there is no way to recover it if you lose your password.

• Once created and verified through the confirmation email, you are set to open it and start operating with bitcoins. To do it you have to introduce the identifier included in the mail and the password.

Top 10 Android Apps That Turn Your Phone into a Hacking Device.

Let's start

Generally many people already make their decision (who is interested in cyber security and ethical hacking) that they don't have laptop/pc.
So they can not do any thing before have laptop.

So plese change your decision because there is top 10  android apps that can turn your android device into hacking device and now you can start learning.

1.SpoofApp

SpoofApp is a Caller ID Spoofing, Voice Changing and Call Recording mobile app for your iPhone, BlackBerry and Android phone. It’s a decent mobile app to help protect your privacy on the phone. However, it has been banned from the Play Store for allegedly being in conflict with The Truth in Caller ID Act of 2009.

2.Andosid

The DOS tool for Android Phones allows security professionals to simulate a DOS attack (an http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.

3.Faceniff

Allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks.

4.Nmap

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a “map” of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyses the responses.

5.Anti-Android Network Toolkit

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety.

6.SSHDroid

SSHDroid is a SSH server implementation for Android. This application will let you connect to your device from a PC and execute commands (like “terminal” and “adb shell”) or edit files (through SFTP, WinSCP, Cyberduck, etc).

7.WiFi Analyser

Turns your android phone into a Wi-Fi analyser. Shows the Wi-Fi channels around you. Helps you to find a less crowded channel for your wireless router.

8. Network Discovery

Discover hosts and scan their ports in your Wifi network. A great tool for testing your network security.

9.ConnectBot

ConnectBot is a powerful open-source Secure Shell (SSH) client. It can manage simultaneous SSH sessions, create secure tunnels, and copy/paste between other applications. This client allows you to connect to Secure Shell servers that typically run on UNIX-based servers.

10.dSploit

Android network analysis and penetration suite offering the most complete and advanced professional toolkit to perform network security assesments on a mobile device.

What is the best way to use Tor network safely?

Let's start

Now let's first discuss what is tor network actually?

What is Tor ?

"Tor is short for The Onion Router (thus the logo) and was initially a worldwide network of servers developed with the U.S. Navy that enabled people to browse the internet anonymously. Now, it's a non-profit organization whose main purpose is the research and development of online privacy tools. "

What Tor is good for?

"If you want to be anonymous—say, if you live under a dictatorship, you're a journalist in an oppressive country, or a hacker looking to stay hidden from the government—Tor is one of the easiest ways to anonymize your traffic, and it's free. It's far from perfect, though (we'll get to that in a moment).On a more general level, Tor is useful for anyone who wants to keep their internet activities out of the hands of advertisers, ISPs, and web sites. That includes people getting around censorship restrictions in their country, police officers looking to hide their IP address, or anyone else who doesn't want their browsing habits linked to them.

Tor's technology isn't just about browsing anonymously. It can also host web sites through its hidden services that are only accessible by other Tor users. It's on one of these hidden service sites that something like The Silk Road exists to traffic drugs."

The best way to use Tor Safety Is " Tails "

What's the difference Between Tails and Tor browser?

  Tails 

Tails is an operating system built on Linux it uses only Tor to send its Internet traffic, and it has almost all the tools you need for dark web use pre-installed and ready. It has PDP software has electron which is a Bitcoin wallet it has pgp encryption for emails it has Tor has everything you need to be completely anonymous on the dark web and it can be ran from a USB or DVD and can be used on almost any computer.

Tor Browser 

Tor Browser is a web browser based on Mozilla Firefox and configured to protect your anonymity. Given the popularity of Firefox, you might have used it before and its user interface is like any other modern web browser.

How to install Tails ?

You can follow the steps from the official website 

Click here

Good Tips 

• Dont use it on Carding !

• Do not use VPN or Proxy to connect Tor Network

• Don't trust any files from unknown website

I hope this article would be helpful for more do follow our page.

If you want to write your own content/topic pls comment below post or email us