Learn ethical hacking with these ebooks for free

Hacking means indexing the weakness in the computer system or network or cracking the system to gain access.Example: Jack and Tom leave in one hostel, Tom locked his laptop and leaves in the room, If I am Tom’s laptop without his permission and unlocked his laptop is known has hacking.

Hacking is not all about cracking the password and stealing, anything. if you use any think without the owner permission is known as hacking.

All eBooks Download links : 

Black Belt Hacking & Complete Hacking Book
Hackers High School 13 Complete Hacking E-books
Penentration Testing With Backtrack 5
A Beginners Guide To Hacking Computer Systems
Black Book of Viruses and Hacking


Secrets of Super and Professional Hackers
Dangerours Google Hacking Database and Attacks
Internet Advanced Denial of Service (DDOS) Attack
Computer Hacking & Malware Attacks for Dummies
G-mail Advance Hacking Guides and Tutorials
Vulnerability Exploit & website Hacking for Dummies
Web App Hacking (Hackers Handbook)
Security Crypting Networks and Hacking
Botnets The Killer Web Applications Hacking
Hacking attacks and Examples Test
Network Hacking and Shadows Hacking Attacks
Gray Hat Hacking and Complete Guide to Hacking
Advance Hacking Exposed Tutorials
501 Website Hacking Secrets
Internet Security Technology and Hacking
CEH Certified Ethical Hacker Study Guide
Advanced SQL Injection Hacking and Guide
Web Hacking & Penetration testing
OWASP Hacking Tutorials and Web App Protection
CEH – Hacking Database Secrets and Exploit


Ethical Hacking Value and Penetration testing
Hack any Website, Complete Web App Hacking
Beginners Hackers and tutorials 
Ethical Hacking Complete E-book for Beginners
Backtrack : Advance Hacking tutorials
SQL Injection attacks and tutorials by Exploit DB
XSS + Vulnerability Exploitation & Website Hacking
Ultimate Guide to Social Enginnering attacks
White Hat Hacking complete guide to XSS Attacks 
Cross Site Scripting and Hacking Websites 
The Hackers Underground Handbook ( hack the system)
Blind SQL Injection tutorials and Hacking
Hacking Secrets Revealed
Hacking Website Database and owning systems
Reverse Engineering for Beginners 
Reverse Enginnering (The Real Hacking)
Computer Hacking
Hack your Friend using Backtrack
Reverse Enginnering Hacking and Cracking
Hack the System for beginners
Hacking into Computer Systems
Blind SQL Injection Discovery & Exploitation

WHATSAPP BUG DISCOVERER FROM MANIPUR AWARDED RS 3.47 LAKH, GETS MENTIONED IN FACEBOOK’S HALL OF FAME

WhatsApp has reportedly awarded $5,000 (Rs 3.47 lakh approx) to a 22-year-old civil engineer from Manipur. As per a PTI report, Zonel Sougaijam found a bug in WhatsApp that affected the privacy of a user and made a responsible disclosure about it to Facebook in March this year via the company’s bug bounty program. The social media platform’s Security team acknowledged the bug submission by Sougaijam on the very next day of the bug's submission and the flaw was apparently patched within 15-20 days. Alongside a bounty for discovering and responsibly reporting the bug to Facebook, Sougaijam also got his name ncluded in Facebook’s ‘Hall of Fame’ portal.

"During a voice call through WhatsApp, the bug used to allow the caller to upgrade it to a video call without the authorisation and knowledge of the receiver. The caller was then able to see what the other person was doing, violating the privacy of the receiver," Sougaijam told PTI in a statement. As per the report, Facebook sent an email to Sougaijam that states, "After reviewing this issue, we have decided to award you a bounty of $5,000." If the bug was not discovered and patched, it could’ve been a privacy nightmare for users.

Speaking of privacy, Facebook has confirmed that it will start displaying ads in WhatsApp Status from next year. Olivier Ponteville, the Head of Media at Be Connect Agency tweeted the announcement. It’s not really known how the ads will be regulated on WhatsApp since it uses end to end encryption and on what basis will the app users get to see ads. Currently, websites use cookies to keep track of users, understand what they are interested in and target ads based on that. However, since WhatsApp uses phone numbers for an account, along with end-to-end encryption, it’s currently unclear how ads will work. 

How to View Saved Passwords on Chrome for Android?

A Chrome Browser has always been the most used web browser of Google and it is very important to activate its password saving option. It is the best option unless and until you want to end up writing down all the usernames and passwords of all the websites that you ever log in to. Saving the passwords on Chrome is the simplest option to remember your password.

 

The tech giant Google has updated Chrome to Version 62 with a feature of password notification during every login. All the passwords can be stored in the Android devices very easily. One can even save the passwords of each web page this way so that you can remember it.
How to View Saved Passwords on Chrome for Android?
• First, you need to update Chrome. It is necessary to have the latest version.
• Go to Settings
• Tap the Password option
• All the saved credentials can easily be viewed in the Google Store. All the website can be seen that requires passwords.
• The websites will be displayed in alphabetical order.
• There one can see an eye icon where you can see the saved passwords. After clicking on the eye icon, you need to choose either PIN, pattern or fingerprint. It is essential to show that the person is the owner himself.
• The password, username and the site fields can be copied. It is important if we want to log in manually. It can be logged in from another computer or from a different browser, which does not have the saved passwords. The password can also be erased on Chrome so that it can’t be remembered anymore.
• After following these steps, Saved passwords can be seen on Android.
Thus, you can easily save passwords on Chrome for Android.

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress

Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites that are still running a vulnerable version of the plugin.


The vulnerable plugin in question is Social Warfare which is a popular and widely deployed WordPress plugin with more than 900,000 downloads. It is used to add social share buttons to a WordPress website or blog.

Late last month, maintainers of Social Warfare for WordPress released an updated version 3.5.3 of their plugin to patch two security vulnerabilities—stored cross-site scripting (XSS) and remote code execution (RCE)—both tracked by a single identifier, i.e., CVE-2019-9978.

Hackers can exploit these vulnerabilities to run arbitrary PHP code and take complete control over websites and servers without authentication, and then use the compromised sites to perform digital coin mining or host malicious exploit code.

However, the same day when Social Warfare released the patched version of its plugin, an unnamed security researcher published a full disclosure and a proof-of-concept for the stored Cross-Site Scripting (XSS) vulnerability.

Soon after the full disclosure and PoC release, attackers started attempting to exploit the vulnerability, but fortunately, it was only limited to the injected JavaScript redirect activity, with researchers finding no in-the-wild attempts to exploit the RCE vulnerability.

Now, Palo Alto Network Unit 42 researchers found several exploits taking advantage of these vulnerabilities in the wild, including an exploit for the RCE vulnerability which allows the attacker to control the affected website and an exploit for the XSS vulnerability which redirects victims to an ads site.

Though both flaws originated because of improper input handling, using a wrong, insufficient function eventually made it possible for remote attackers to exploit them without requiring any authentication.

"The root cause of each of these two vulnerabilities is the same: the misuse of the is_admin() function in WordPress," the researchers say in a blog post. "Is_admin only checks if the requested page is part of admin interface and won't prevent any unauthorized visit."

At the time of writing, more than 37,000 WordPress websites out of 42,000 active sites, including education, finance, and news sites (some Alexa's top ranking websites), are still using an outdated, vulnerable version of the Social Warfare plugin, leaving hundreds of millions of their visitors at the risk of hacking through various other vectors.

Since it is likely the attackers will continue to exploit the vulnerabilities to target WordPress users, website administrators are highly recommended to update the Social Warfare plugin to 3.5.3 or newer version as soon as possible.

New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches

Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner.


Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy violations, it seems to be just first installment of what Facebook has to pay for continuously ignoring users' privacy.

This week, Facebook has been hit with three new separate investigations from various governmental authorities—both in the United States and abroad—over the company's mishandling of its users' data.

New York Attorney General to Investigate Facebook Email Collection Scandal

New York Attorney General is opening an investigation into Facebook's unauthorized collection of the email contacts of more than 1.5 million users during site registration without their permission.

Earlier this month, Facebook was caught practicing the worst ever user-verification mechanism by asking users new to its social network platform for their email account passwords to verify their identity.

However, just last week it turned out that the social network "unintentionally" uploaded email contacts from up to 1.5 million new users on its servers, without their consent or knowledge, Facebook admitted while saying the data was reportedly used to "build Facebook's web of social connections and recommend friends to add."

According to the New York Attorney General Letitia James, the harvested email addresses may have exposed hundreds of millions of Facebook users to targeted advertisements.

"Facebook has repeatedly demonstrated a lack of respect for consumer information while at the same time profiting from mining that data," James said in a statement, adding that now it's time that the social media company should "held accountable for how it handles consumers' personal information."

In response to the news, a Facebook spokesperson told The NY Times that the company is "in touch with the New York State attorney general's office and are responding to their questions on this matter."

Ireland Investigating into Facebook Over Plaintext Passwords Scandal

The Irish Data Protection Commission had begun an investigation into a separate Facebook's privacy bunder exposed last month when the social network revealed that it left hundreds of millions of passwords of Facebook, Facebook Lite and Instagram users exposed in plain text on company servers.

At the time, it was reported that the incident exposed "tens of thousands" passwords of Instagram users in plaintext, while just last week it was revealed that the actual number of affected Instagram users were not in hundreds of thousands but millions.

The exposed passwords were potentially dated back to 2012 and were accessible to up to 2,000 Facebook employees.

In a statement on Thursday, the Irish Data Protection Commissioner said it has launched "a statutory inquiry in relation to this issue to determine whether Facebook has complied with its obligations under relevant provisions" of the European Union's General Data Protection Regulation (GDPR) designed to protect people's data.

Canada to Sue Facebook Over Cambridge Analytica Scandal

Canadian regulators are also suing Facebook for allegedly violating the country's privacy laws following their investigation into the March 2018's Cambridge Analytica scandal and its impact on Canadians.

A joint report published Thursday from Canadian privacy commissioner Daniel Therrien and his British Columbia counterpart said lax security practices at the company allowed personal information of hundreds of thousands of Canadians to be used for political purposes.

The watchdogs started investigating Facebook last year after it was revealed that a UK political consultancy Cambridge Analytica harvested data from about 87 million users and then used it for political gain without their knowledge or permission.

The report said Facebook committed a "major breach of trust" and "abdicated its responsibility for personal information under its control, effectively shifting that responsibility to users and apps."

The United States FTC is also investigating Facebook over the Cambridge Analytica scandal, and the company has already kept aside $5 billion from its revenue in anticipation of the settlement with the commission.