Difference between revisions of "Beberapa Tip Hacking"

From OnnoWiki
Jump to navigation Jump to search
 
(130 intermediate revisions by 6 users not shown)
Line 1: Line 1:
* [http://b13du9.wordpress.com/2008/11/05/menjalankan-exploit-source-code-buat-pemula/ Menjalankan Exploit Source Code untuk Pemula] dari LiveCD Backtrack.
+
* [[Metoda serangan jaringan komputer secara umum]]
 +
* [[Menjalankan Exploit Source Code untuk Pemula dari LiveCD Backtrack]]
 
* [http://www.jasakom.com/index.php?categoryid=28&p2_articleid=796 Membuat Script Indonesia Jaya Tembus Password]
 
* [http://www.jasakom.com/index.php?categoryid=28&p2_articleid=796 Membuat Script Indonesia Jaya Tembus Password]
 
* [[Wireless Hacking]]
 
* [[Wireless Hacking]]
* [http://www.ilmuhacking.com/basic-concept/mengenal-serangan-man-in-the-middle-mitm/ Man In the Middle Attack]]
+
* [[Mengenal Serangan Man-in-The-Middle MITM]]
 +
* [[Buffer Overflow]]
 +
* [http://seng1t.blogspot.com/2009/09/copy-pentest-backtrack.html Copy Pentest Backtrack]
 +
* http://hendrasiahaan.wordpress.com/2010/03/24/11-kelemahan-yang-kerap-tidak-disadari-admin-jaringan/
 +
* http://artikel.xcode.or.id/mengirim-ratusan-wall-facebook-dengan-cepat/
 +
* [[TuxCut]]
 +
* [[Mengirimkan e-mail menggunakan telnet, tanpa bantuan software apapun]]
 +
* [[Damn Vulnerable Web App DVWA]]
  
 +
==Pengetahuan Umum==
  
 +
* [[Dunia Bawah Tanah di Internet]]
 +
* [[Gerandongteam]]
 +
* http://tz.ucweb.com/3_2qxI8 - Workflow Pengintaian Serangan dari Hacker
 +
* http://tz.ucweb.com/3_2qxI9 - Perencanaan Pengujian Penetrasi Sasaran Jaringan
 +
* http://tz.ucweb.com/3_2qxIa - Teknik Scan Sasaran Serangan menggunakan Unicornscan
 +
 +
==Tools==
 +
 +
* http://backtrack.offensive-security.com/index.php/Tools - daftar tool hacking
 +
* http://exploit-id.com/ - Tempat Kumpulan Exploit Indonesia ..
 +
* [[Instalasi Aplikasi Backtrack di Ubuntu]]
 +
 +
==Serangan Ke Windows==
 +
 +
* [[Remote Desktop Tanpa Menyentuh Komputer yg Di remote]]
 +
* [[Keylogger canggih: Merekam ketukan keyboard target tanpa menyentuh komputernya]]
 +
* [[Masuk ke DOS di Windows melalui Jaringan]]
 +
* [[3 Tahap Membuka Password Windows dengan Ubuntu]]
 +
* http://www.ilmuhacking.com/web-security/menjaring-password-dengan-firefox-sniffer/
 +
* http://blog.cyber4rt.com/software/download-keylogger-terkecil-di-dunia - MRHPx Key Logger v1.8 (PUBLIC VERSION)
 +
* [[Meng-Hack Password Komputer XP/VISTA/WIN7]]
 +
 +
==Yahoo==
 +
 +
* [[hacking: password yahoo]]
 +
* [[hacking: password yahoo via email]]
 +
 +
==VoIP==
 +
 +
* [[VoIP: Wireshark Menyadap Pembicaraan VoIP]]
 +
 +
==Scanner==
 +
 +
* [[nmap]]
 +
* [[nmap: serang SQL]]
 +
* [[nmap: cek SQL Injection]]
 +
* [[nmap: cek username password network neighbourhood windows]]
 +
* [[Vega Vulnerability Scanner]]
 +
 +
==XSS Scanner==
 +
 +
* http://www.acunetix.com/cross-site-scripting/scanner.htm
 +
 +
==Web Security==
 +
 +
* [[hacking: web deface]]
 +
* [[hacking: 13 langkah deface web]]
 +
* [[hacking: openvas]]
 +
* [[w3af : audit web application security]]
 +
* [[Menangkal Serangan XSS]]
 +
* [http://blog.cyber4rt.com/security/menangkal-tekhnik-serangan-xss-pada-website-anda/ TEKHNIK MENANGKAL SERANGAN XSS]
 +
* [[MITM Attack on Mandiri Internet Banking using SSLStrip]]
 +
* http://www.ilmuhacking.com/web-security/memahami-cara-kerja-token-internet-banking/
 +
* http://www.ilmuhacking.com/cryptography/memecahkan-kriptografi-dengan-chosen-plaintext-attack/
 +
* http://www.ilmuhacking.com/web-security/membuat-web-dengan-otentikasi-berbasis-token/
 +
* http://www.ilmuhacking.com/web-security/berburu-direktori-dan-file-sensitif-dengan-dirbuster/
 +
* [[Sniffing SSL Traffic using oSpy]]
 +
* [http://www.ilmuhacking.com/cryptography/sniffing-ssl-traffic-using-ospy/ Sniffing SSL Traffic using oSpy]
 +
 +
* http://blog.cyber4rt.com/security/tekhnik-menangkal-serangan-sql-injection-pada-website-anda
 +
 +
===DDOS Apache===
 +
 +
* http://tanyarezaervani.wordpress.com/2011/09/02/artikel-khusus-menyerang-server-dengan-apache-killer/
 +
* http://tanyarezaervani.wordpress.com/2011/09/02/berita-185-apache-http-server-2-2-20-perbaiki-dos-vulnerability/
 +
* http://tanyarezaervani.wordpress.com/2011/09/02/koleksi-exploit-apache-killer/
 +
* http://tanyarezaervani.wordpress.com/2011/09/02/koleksi-exploit-2-alternatif-apache-killer/
 +
 +
===Web Attack===
 +
 +
* [[sqlmap: intro]]
 +
 +
==Sniffing==
 +
 +
* [[Instalasi Wireshark]]
 +
* http://awarmanf.wordpress.com/2010/04/29/tcpdump-dan-wireshark-untuk-sniffing-network/
 +
* http://workaround.org/using-tcpdump-and-wireshark
 +
* http://www.alexonlinux.com/tcpdump-for-dummies
 +
* http://acs.lbl.gov/~jason/tcpdump_advanced_filters.txt
 +
* http://blog.cyber4rt.com/video/facebook-sniffer-on-android/
 +
* [[Script untuk sniffing password dan data di lan/wlan menggunakan ettercap, sslstrip, urlsnarf]]
 +
 +
===Sniffing / Pentest VoIP===
 +
 +
* http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP
 +
 +
==Spoofing==
 +
 +
* [[DNS Spoofing Dengan Scapy]]
 +
 +
==SQL Injection==
 +
 +
===SQL Injection Tutorial===
 +
 +
* http://www.stmik-im.ac.id/userfiles/TEHNIK%20SQL%20INJECTION.pdf
 +
* http://www.sekuritionline.net/plugins/p2_news/printarticle.php?p2_articleid=7
 +
* http://www.binushacker.net/simple-sql-injection-tutorial.html
 +
* http://fairuz.web.id/kumpulan-google-dork-untuk-sql-injection-deface-website-lewat-google.html
 +
* http://blog.cyber4rt.com/hacking/tutorial-sql-injection-step-by-step-for-dummies
 +
* [[sqlmap: memperoleh password database sql]]
 +
* [[sqlmap: tutorial]]
 +
* [[sqlmap: contoh vurneable php code]]
 +
* https://www.owasp.org/index.php/Code_Injection
 +
* http://www.breakthesecurity.com/2010/12/hacking-website-using-sql-injection.html
 +
* http://pentestlab.org/setting-up-mutillidae-in-ubuntu-backtrack-backbox-etc-manual-sql-injection/
 +
 +
===SQL Injection Software===
 +
 +
* http://www.itsecteam.com/en/projects/project1.htm - Havij
 +
* http://www.itsecteam.com/en/projects/project1_page2.htm - Havij Download
 +
* http://linuxpoison.blogspot.com/2008/04/sql-injection-tool-sqlninja.html
 +
* http://sourceforge.net/projects/sqlninja/files/
 +
* http://sourceforge.net/projects/wapiti/
 +
* http://sourceforge.net/projects/spinj/
 +
* http://sourceforge.net/projects/paros/
 +
* http://sourceforge.net/projects/w3af/
 +
* http://sourceforge.net/projects/sqlmap/
 +
* http://sourceforge.net/projects/hexjector/
 +
* http://sourceforge.net/projects/joomscan/
 +
* [[SQLMap : Instalasi]]
 +
 +
===Belajar Menangani SQL Injection===
 +
 +
* Vulnerable Apps
 +
** [[Metasploitable]]
 +
** [[DVWA]]
 +
** [[BWaPP]]
 +
** [[Mutillidae]]
 +
** [[WebGOAT]]
 +
** [[UltimateLAMP]]
 +
 +
* http://pentestlab.org/10-vulnerable-web-applications-you-can-play-with/
 +
* http://dasunhegoda.com/php-security-fail-vulnerable/466/
 +
* http://dasunhegoda.com/php-security-fail-vulnerable-2/490/
 +
* http://www.breakthesecurity.com/2011/12/set-up-your-own-lab-for-practacing-sql.html
 +
* http://www.dvwa.co.uk/
 +
* [[SQLMap: Instalasi DVWA]]
 +
 +
** http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson7/
 +
** https://pentestlab.wordpress.com/2012/11/24/owning-the-database-with-sqlmap/
 +
** http://www.betterhacker.com/2011/10/owning-dvwa-sqli-with-sqlmap.html
 +
** http://www.latesthackingnews.com/2014/09/03/blind-sql-injection-dvwa-using-sqlmap/
 +
** http://www.null-reference.com/linux/sqlmap-with-dvwa-damn-vunerable-web-app/
 +
** http://blog.spiderlabs.com/2013/12/sqlmap-tricks-for-advanced-sql-injection.html
 +
** [[SQLMap: Contoh SQL Injection ke DVWA]]
 +
** [[SQLMap: Contoh cara remote hack database]]
 +
 +
==Cellular / Mobile Hacking==
 +
 +
* http://www.neopwn.com
 +
* http://www.neopwn.com/software.php
 +
 +
 +
==Penyadapan==
 +
 +
* [[Penyadapan VoIP]]
 +
* [[xplico]]
 +
 +
==Wordlist==
 +
 +
* http://indobacktrack.or.id/content.php?302-Membuat-Wordlist-Dengan-TWOFI-di-Backtrack
 +
 +
==SQLmap==
 +
 +
* http://c-i-a-m-i-s.net/exploit/sql-map-os-shell.asp
 +
* https://github.com/sqlmapproject/sqlmap/wiki/Presentations
 +
* https://github.com/sqlmapproject/sqlmap/wiki/Introduction
 +
* https://delicious.com/inquis/sqlinjection
 +
* http://egodox.blogspot.com/2013/04/hack-website-using-sqlmap-sql-injection.html
 +
* http://www.binarytides.com/sqlmap-hacking-tutorial/
 +
* http://hackonadime.blogspot.com/2011/07/sqlmap-introduction-sql-injection.html
 +
 +
==Stealth==
 +
 +
* [[Stealth: Teknik Siluman]]
 +
* [[Stealth: Penyiapan Infrastruktur untuk Latihan Serangan]]
 +
 +
==Forum==
 +
 +
* http://indobacktrack.or.id/forum/
 +
* http://forum.binushacker.net/
 +
* http://forum.hacker-cisadane.org/
 +
 +
==Buku & Tutorial==
 +
 +
* [http://www.jasakom.com/index.php?categoryid=15 Buku Jasakom]
 +
* http://www.offensive-security.com/backtrack-tutorials.php
 +
* http://pustaka.xcode.or.id
 +
 +
==Echo ezine==
 +
 +
===echo|zine issue #20 ( Pebruari 2009 )===
 +
 +
# [http://ezine.echo.or.id/ezine20/e20_0x01.txt Introduction .................................................. y3dips]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x02.txt Pseudo-random .............................................. anonymous]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x03.txt Interview with Onno W Purbo......................................az001]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x04.txt What`s goin on echo forum  ............................anonymous-co-ed]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x05.txt Intercepting Library Call ............................ mulyadi santosa]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x06.txt Caesar Shift Cipher............................................... Rey]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x07.txt ARPWall; Konsep dan Pembuktian  ............................... y3dips]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x08.txt Encryption: Algoritma Combo .................................... jackD]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x09.txt Prophile on Jck.mrshl ................-----................. echostaff]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x0a.txt Enkripsi dan Dekripsi dengan Fungsi Mcrypt di PHP............ monqichi]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x0b.txt Salty Py; Password Salt Bruteforcer  .. sheran gunasekera & selwin ong]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x0c.txt Anti-Forensic; Seek and Destroy .............................jck.mrshl]
 +
# [http://ezine.echo.or.id/ezine20/e20_0x0d.txt Hacker LogBook....................................lirva 32; x-diamond1]
 +
 +
===echo|zine issue #19 ( Agustus 2008 )===
 +
 +
# [http://ezine.echo.or.id/ezine19/e19.001.txt Introduction .................................................. y3dips]
 +
# [http://ezine.echo.or.id/ezine19/e19.002.txt Pseudo-random .............................................. anonymous]
 +
# [http://ezine.echo.or.id/ezine19/e19.003.txt idsecconf ................................................. echo|staff]
 +
# [http://ezine.echo.or.id/ezine19/e19.004.txt Digital Signature secara gampangnya ......................... mamasexy]
 +
# [http://ezine.echo.or.id/ezine19/e19.005.txt cryptography : Simple a-symetric algorithm................. x-diamond1]
 +
# [http://ezine.echo.or.id/ezine19/e19.006a.txt Prophile on CyberTank .................................... echo|staff]
 +
# [http://ezine.echo.or.id/ezine19/e19.006b.txt Prophile on lirva32 ...................................... echo|staff]
 +
# [http://ezine.echo.or.id/ezine19/e19.007.txt Whats Goin On Echo Forum ....................................... az001]
 +
# [http://ezine.echo.or.id/ezine19/e19.008.txt Bailiwicked DNS Attack (Cache Poisoning) .................... Cyberheb]
 +
# [http://ezine.echo.or.id/ezine19/e19.009.txt Scapy: obrak-abrik paket data ................................. y3dips]
 +
# [http://ezine.echo.or.id/ezine19/e19.010.txt Hacker LogBook ........................................ various artist]
  
  
Line 10: Line 239:
  
 
* http://www.echo.or.id
 
* http://www.echo.or.id
 +
* http://ezine.echo.or.id/ezine-index.html
 
* http://www.jasakom.com
 
* http://www.jasakom.com
* http://www.remote-exploit.org download ISO backtrack di sini.
+
* http://www.remote-exploit.org
 +
* http://blog.cyber4rt.com - It's all about 4rt, not how smart you are
 
* http://www.xnuxer.or.id
 
* http://www.xnuxer.or.id
 +
* http://www.hacker-cisadane.org
 
* http://www.ilmuhacking.com
 
* http://www.ilmuhacking.com
 +
* http://indobacktrack.or.id/forum/ - forum [[backtrack]]
 +
* http://www.backtrack-linux.org
 +
* http://indobacktrack.or.id/
 +
* http://id-backtrack.com/
 +
* http://www.chinapage.com/sunzi-e.html - SunTsu the Art of War
 +
* http://www.hackforums.net
 +
* http://www.exploit-db.com
 +
* http://devilzc0de.org/forum/
 +
* http://sumatrahacker.or.id
 +
* http://www.exploit-id.com/
 +
* http://balicoder.org/
  
 +
==Repository==
  
 +
* http://www.hacktoolrepository.com/
 +
 +
==[[Pentest LiveCD]]==
 +
 +
* [[Backtrack]]
 +
* [[GnackTrack]]
 +
* [[Ubuntu Pentest Edition]]
 +
* [[Samurai Pentest]]
 +
* [[BackBox]]
 +
* [[Kali Linux]]
  
 
==Pranala Menarik==
 
==Pranala Menarik==
  
 
* [[Linux Howto]]
 
* [[Linux Howto]]
 +
* [[Hacking: Komunitas Underground]]
 +
* [[Hacking: Orek-Orekan Demo Hacking]]
 +
* [[Hacking: Catatan Hack HP Android]]
 +
 +
 +
[[Category: hacking]]

Latest revision as of 11:28, 27 May 2018

Pengetahuan Umum

Tools

Serangan Ke Windows

Yahoo

VoIP

Scanner

XSS Scanner

Web Security

DDOS Apache

Web Attack

Sniffing

Sniffing / Pentest VoIP

Spoofing

SQL Injection

SQL Injection Tutorial

SQL Injection Software

Belajar Menangani SQL Injection

Cellular / Mobile Hacking


Penyadapan

Wordlist

SQLmap

Stealth

Forum

Buku & Tutorial

Echo ezine

echo|zine issue #20 ( Pebruari 2009 )

  1. Introduction .................................................. y3dips
  2. Pseudo-random .............................................. anonymous
  3. Interview with Onno W Purbo......................................az001
  4. What`s goin on echo forum ............................anonymous-co-ed
  5. Intercepting Library Call ............................ mulyadi santosa
  6. Caesar Shift Cipher............................................... Rey
  7. ARPWall; Konsep dan Pembuktian ............................... y3dips
  8. Encryption: Algoritma Combo .................................... jackD
  9. Prophile on Jck.mrshl ................-----................. echostaff
  10. Enkripsi dan Dekripsi dengan Fungsi Mcrypt di PHP............ monqichi
  11. Salty Py; Password Salt Bruteforcer .. sheran gunasekera & selwin ong
  12. Anti-Forensic; Seek and Destroy .............................jck.mrshl
  13. Hacker LogBook....................................lirva 32; x-diamond1

echo|zine issue #19 ( Agustus 2008 )

  1. Introduction .................................................. y3dips
  2. Pseudo-random .............................................. anonymous
  3. idsecconf ................................................. echo|staff
  4. Digital Signature secara gampangnya ......................... mamasexy
  5. cryptography : Simple a-symetric algorithm................. x-diamond1
  6. Prophile on CyberTank .................................... echo|staff
  7. Prophile on lirva32 ...................................... echo|staff
  8. Whats Goin On Echo Forum ....................................... az001
  9. Bailiwicked DNS Attack (Cache Poisoning) .................... Cyberheb
  10. Scapy: obrak-abrik paket data ................................. y3dips
  11. Hacker LogBook ........................................ various artist


Referensi Menarik

Repository

Pentest LiveCD

Pranala Menarik