Category Archives: (B) Basics

What is a Spamtrap ?

Nowadays, almost all email service providers can automatically detect spams emails in user accounts effectively and redirect those potential spam emails to spam folders without human intervention.

But, how are spam emails detected automatically by email service providers ?

How are spam emails detected automatically ?

Almost all email service providers use machine learning to detect these spam emails. Typically, this machine learning technique relies on some predefined rules. When an incoming email matches most of those rules, the email is marked as spam and redirected to spam folders automatically. Otherwise, the email is sent to inbox.

What is a Spamtrap 

To detect spam emails automatically, firstly one has to decide on rules of detecting spam emails, based upon which the software can detect potential spam emails.

To decide on those rules, firstly enough research is done on spam emails to detect the most common properties of spam emails. And, based on those properties, rules of detecting spam emails are set.

Once the rules are decided, the email service providers set those rules in the spam detection software. And, spam emails are automatically detected in user email accounts.

A Spamtrap is an email address which is used to collect spam emails, so that enough research can be done on them to detect spams.

We have learnt about Honeypots in Computer Security and how they are used to lure the attackers. Spamtraps are like honeypots for collecting spam emails. They are the email addresses that are meant to collect spams only.
How are Spamtraps used
Anti-spam systems are normally automated. They collect samples of spam emails and make rules based upon them.

So, Spamtraps, which are email addresses dedicated to receive spam emails only, are created. After collecting enough samples, the anti-spam system study them and make rules for detecting spams. And, everything is done in an automated way.

How do Spamtraps reach the spammers

After creating Spamtraps, they are published over the internet, so that when spammers collect email addresses from various websites using crawlers, the Spamtraps are collected by the crawlers.

As Anti-Spam Systems work in an automated fashion, any legitimate emails coming in the Spamtraps can be mistakenly taken as spams and that can affect the system.

So, to prevent receiving legitimate emails in Spamtraps, Spamtraps are published in a location hidden from view such that only an automated script can find them.

After harvesting the email-ids spammers start sending out spams in bulk. But, as spamtraps are hidden from normal views, Spamtraps collect spams only and they do not receive legitimate emails.
Vulnerabilities of using Spamtraps
There are a couple of vulnerabilities of using Spamtraps. To mention a few of them :
  • If spammers can detect a spamtrap, the spamtrap becomes tainted. Spammers may send malicious emails in the spamtrap to control the automated spam detection process.
  • Spammers can even send malicious emails to spamtraps with sender’s address modified to the spamtrap itself. And this can cause backscatter.
  • Sometimes, spammers put lots of legitimate email ids in the To and CC field of spams. So, if any of those legitimate email receivers reply to that spam email, the legitimate email address also can get considered as spam address by mistake.
  • If a Spamtrap becomes visible and someone sends legitimate email to the spamtrap by mistake, that email also will get considered as spam by mistake.

What is malvertising?

What is it?

Malvertising is the name we in the security industry give to criminally-controlled adverts which intentionally infect people and businesses. These can be any ad on any site – often ones which you use as part of your everyday Internet usage. It is a growing problem, as is evidenced by a recent USSenate report, and the establishment of bodies like Trust In Ads.

Whilst the technology being used in the background is very advanced, the way it presents to the person being infected is simple. To all intents and purposes, the advert looks the same as any other, but it has been placed by a criminal.

Without your knowledge a tiny piece of code hidden deep in the advert is making your computer go to criminal servers. These then catalogue details about your computer and its location, before choosing which piece of malware to send you. This doesn’t need a new browser window and you won’t know about it.

The first sign will often be when the malware is already installed and starts threatening money for menaces, logging your bank details or any number of despicable scams.

How do they get there?    

It’s common practice to outsource the advertising on websites to third-party specialists. These companies re-sell this space, and provide software which allows people to upload their own adverts, bidding a certain amount of money to ‘win’ the right for more people to see them.

This often provides a weak point, and cyber criminals have numerous clever ways of inserting their own malicious adverts into this self-service platform. Once loaded, all they have to do is set a price per advert, to compete with legitimate advertisers, and push it live.

Why is it a threat to me?

People nowadays are aware of practices that look or feel ‘wrong’ on the Internet, be it odd-looking links, requests to download strange programs or posts on social media which set the alarm bells ringing. The real danger with malvertising is that user judgement isn’t involved at all. People don’t have to click anything, visit a strange website or follow any links.

Rather, you go to a website you trust (like a news site or similar) and the adverts are secretly injecting criminal software onto your computer. This means infections can happen just by browsing the morning headlines, visiting your online dating profile or watching a video.

How do I stop it?

There are a few things which people can do to minimize the risk of being caught out by malvertising:

  • Those reminders to update things like browsers, flash, Java etc? Don’t ignore them.
  • Run a specialist anti-exploit technology (we provide one for free)
  • There are programs which block advertising that can help

Safe surfing and don’t get caught out!

How to protect yourself while on the Internet

Verify data is encrypted

Computer securityWhen sending confidential information over the Internet, such as usernames, passwords, or credit card numbers, only send it securely. To verify this, look for a small lock (Internet browser security lock) in the bottom right corner of yourbrowser window or next to the address bar (as shown below). If visible, this lock should also be in the locked position and not unlocked.

Internet Explorer 7.0 secure address bar
Internet Explorer secure address bar

We also suggest making sure the URL begins with https, as shown above.

While the lock is in the locked position, data is encrypted, which helps anyone from understanding the data if it’s intercepted. When no lock is visible or in the unlocked position, all information is plaintext and could be read if intercepted. If a web page is not secure, such as an online forum, use a password you wouldn’t use with protected sites, such as your online banking website.

Use a safe password

Websites that store confidential data, such as an online bank site, need to use strong passwords. Also, it is highly recommended that you use a different password for each website that requires a login. If you need help remembering your passwords, consider using a password manager.

When available always enable two-factor authentication

Two-factor authentication adds additional protection by requiring an additional step in verifying a login. Typically with two-factor authentication, after verifying your password, if the service does not recognize your computer, it sends your phone a text message with a verification code. If someone had your password but did not have your phone, even with a valid password, they cannot access your account.

Tip: Two-factor authentication should at the very least be enabled on your e-mail account. Most account passwords can be reset using the forgot password feature, which sends a new password or link to reset the password to the e-mail address on file. If anyone has access to your e-mail account, they could get the new password for your account.

E-mail is not encrypted

Never transmit confidential data over e-mail, such as passwords, credit card information, etc. E-mail is not encrypted and if intercepted by a third-party, it could be read.

Be aware of phishing scams

PhishingFamiliarized yourself with phishing scams and techniques, which are used to trick you into divulging your account information. Online banking sites, Paypal, eBay, Amazon, and other popular sites that require logins are popular targets.

Use caution when accepting or agreeing to prompts

When prompted to install any program or add-on, make sure to read and understand the agreement before clicking on the Ok button. If you do not understand the agreement or feel it is not necessary to install the program, cancel or close the window.

Additionally, when installing any program, watch for any check box that asks if it’s ok to install a third-party program, toolbar, etc. These are never required and often cause more issues than good. Leave these boxes unchecked.

Be cautious where you’re logging in from


Your place of work can install key loggers or use other methods of monitoring the computer while online. Someone who has access to this information could read these logs and gather usernames and passwords. Also, do not store any passwords in your browser if your computer is shared with other coworkers.

Wireless network

When on a wireless network, realize that all information being sent to and from your computer can be intercepted and read by someone nearby. Prevent this from happening by only logging onto a secure network using WEP or WPA (only use WEP if WPA is not available). If this is a home wireless network, make sure it is secure.

Friends house

Be concerned when logging into an account on a friend’s computer. A computer or network you are not familiar with could intentionally or unintentionally log usernames and passwords. Finally, when logging into any site on a friend’s computer, never save the password information on their browser.

Use an alternative browser

Chrome logoOlder versions of Internet Explorer are notoriously insecure. If you are using Internet Explorer as your browser, consider an alternative browser such as Google Chrome or Mozilla Firefox. If you are running Windows 10 and want to continue to use a Microsoft browser, consider using Microsoft Edge instead of Internet Explorer.

Be aware of those around you

While at work, school, library, or anywhere that has people around who could look at the monitor, be cautious of anyone shoulder surfing. Someone could watch you type in your password, which would give them access to your account.

If you need information displayed on the screen to remain private, consider a privacy filter for the display.

Update Internet browser plugins

Often many attackers find security vulnerabilities through browser plugins, such as Adobe Flash. Make sure all installed Internet plug-ins are up-to-date.

Common Ports Knowledge :- Hackers Guide

Port 20 FTP data (File Transfer Protocol)
Port 21 FTP (File Transfer Protocol)
Port 22 SSH
Port 23 Telnet
Port 25 SMTP (Simple Mail Transfer Protocol)
Port 53 DNS (Domain Name Service)
Port 68 DHCP (Dynamic host Configuration Protocol)
Port 79 Finger
Port 80 HTTP
Port 110 POP3 (Post Office Protocol, version 3)
Port 137 NetBIOS-ns
Port 138 NetBIOS-dgm
Port 139 NetBIOS
Port 143 IMAP (Internet Message Access Protocol)
Port 161 SNMP (Simple Network Management Protocol)
Port 194 IRC (Internet Relay Chat)
Port 220 IMAP3 (Internet Message Access Protocol 3)
Port 389 LDAP
Port 443 SSL (Secure Socket Layer)
Port 445 SMB (NetBIOS over TCP)


Rate US Review US If You Like Our Work – Thanks 


Why Learning Programming Is Necessary For Becoming Great HACKER ?

Programming is the fundamental hacking skill!


Mastering a programming language allows you to be self-dependent and gives you the knowledge of working of programs to exploit them easily. Even though exploit development is mainly done in the assembly language in debuggers, learning the functioning of a program could be very useful.

It’ll help you to write your own exploits in C/C++ and ditch the frameworks like Metasploit. Learning programming also gives you the power to create your own custom malware, making it difficult for an antivirus software to detect.

Most of the hacking tools are freely available and open source. So, if you’ve mastered the art of programming, using hacking tools and making them better is an easy task.

So, before you start with the basics of hacking, learn to code and create a solid foundation.Programming is the basic skill that a hacker should possess and master. If you don’t know any programming languages, start by learning a basic language like Python or Java. These powerful and well-documented languages could be learned easily.

Web Hackin

Now if you are interested in webhacking subject, subject then I would recommend you to learn the following languages:

1. HTML – Start with Html if you don’t know it

2. Javascript – Next learn javascript, which will help you understanding the fundamentals of cross site scripting which will be explained later in this book.

3. SQL Databases – You should learn to work with databases, which will help you to understand the fundamentals of SQL Injection attacks which will be also explained later in this book when we come to the Web Application hacking chapter.

4. PHP – Learning PHP should be your one of your first priorities if you want to understand the mechanisms behind the web hacking attacks. I would recommend you to learn it as soon as possible.

Recommended Sources: 

5. W3schools – W3schools has wide variety of e-learning courses including languages like PHP, HTML, Javascripts etc, If you have zero knowledge of programming languages try starting with HTML and javascript.

Exploit Writing 

Exploit writing is a very difficult segment in hacking as it requires pure programming knowledge, which is why I will not recommend you to start with exploit writing, Exploits are/can be coded in almost any programming language e.g C/C++, Python, Perl etc, but more than 50% of the exploits you will find on the web will be coded in C/C++ languages because they were present before any one of other languages. Languages such as C and C++ are considered as programming languages where as languages such as ruby, perl and python are considered more as scripting languages.

I would recommend you to start with C languages and then to C++, C/C++ have lots of similarities, so if you could get a good grasp on any one of them you can learn the other one easily.


Talking about scripting languages, I would recommend you to start with Ruby, Ruby is one of my most favorite programming language as it’s purely objected oriented which means that everything you work on is an object. Ruby is really useful when it comes to exploit writing, Ruby is used for coding meterpreter scripts and what could be more better that the Metasploit framework itself was coded in ruby language.


Python is also a very useful programming language, it can also be used for exploit writing, If you go for python first then make sure that you learn Python socket programming as it will help you a lot in the exploit creation process.


Talking about PERL, it’s also used widely for exploit writing, you will find lots of exploits out there written in PERL, but the problem is that perl is really difficult compared to other languages such as ruby and python, so I would recommend you to learn it at the very end.

Reverse Engineering

Reverse engineering is an act of tampering softwares, applications to make them work out way, If you are interested in reverse engineering and software cracking stuffs then you would surely need to learn Assembly language.

Start Learning Programming Languages If You Want To Become Real / Good / Great /  – Hacker 

Thank You

Rate US Review US If You Like Our Work


Parents’ Guide: 10 Basic Signs of Cyberbullying

Cyberbullying is a more urgent problem than many parents can imagine. Think about it – around half of teenagers have been cyberbullied on the Internet and only one in ten of them tells an adult about it. Right this moment your kid can get mean messages on the phone, read inappropriate comments under their Facebook picture, receive online threats, etc.

Cyberbullying may have a strong influence on teenagers leading sometimes to unexpected and hurtful consequences. Not to let that happen, parents need to be attentive to their kids and to notice any basic signs of cyberbullying. Even if your kids don’t tell you about this problem directly, they can give it up in many different ways. So, if you notice any of the following things in your kid, you better have a serious conversation.

1. Constant checking of their devices. If you notice that your kid has been online much more often lately, it may be a sign. Cyberbullied kids usually fail to resist checking whether there are any new comments or messages about them online. It is also possible that they start playing a lot of videogames and sit in different online chats just to escape the problem. Of course, many kids today spend an excessive amount of time online and it doesn’t always mean something, but it is definitely worth checking.


Pumpic2. Change of interests. If you notice that your kids are not interested in the things the used to like, it may also be a sign. Kids can see their previous hobbies meaningless and feel apathy towards everything. It also concerns friends and relatives. If your child doesn’t spend as much time with you or their friends as before, you should get alarmed.


3. Unusual emotions after visiting the web. If you see that your kid is angry, upset or on the verge of tears after going online, something if definitely wrong.



Pumpic4. Bad school performance. Many kids who have been cyberbullied by other kids from school, start skipping classes not to see their offenders. Thus, their grades often drop because they are stressed out and cannot focus on their studying.




5. Nervousness. Kids are often nervous for many reasons. There can be a test tomorrow, a new crush, a fight with best friend, etc. However, if you see your kid nervous after checking their phone and this state is more frequent than usual, it is time to start a conversation.



6. Secrets. Does your child shut the laptop every time you enter the room? Do they refuse telling or showing what they do there? Well, it may be nothing, but if they seem too scared that you see their screen, you better do something about it.


Pumpic7. Physical reaction. Of course, cyberbullying is nonphysical and all the harassment happens online or over the phone. However, the consequences many be quite physical because of all the stress and fear. It can be frequent headaches, sleeping troubles, etc.



8. Weight changes. Loss or gain of weight can actually be a sign of cyberbullying, too. If you see such changes, you better seriously talk to your kid.





9. Derpession. If you see that your kids are too gloomy and depressed all the time, you cannot ignore it.




10. Any other life changes. If you notice that any things are different in your kids’ life, it may be connected to cyberbullying. Of course, there can be many different reasons for that, but it wouldn’t hurt to ask.


Cyberbullying is a rising problem that should be dealt with, first of all, by parents. If it goes on for too long, kids can get emotionally traumatized and carry the consequences of that for a very long time. If you notice that your child acts in an unusual way, you should always try to figure out what’s wrong. The best way to do it is to have trustful and honest relationships with your kids so that they feel safe to share their problems with you.

SFTP versus FTPS – What is the best protocol for secure FTP?

An increasing number of our customers are looking to move away from standard FTP for transferring data, so we are often asked which secure FTP protocol we recommend. In the next few paragraphs, I will explain what options are available and their main differences.

The two mainstream protocols available for Secure FTP transfers are named SFTP (FTP over SSH) and FTPS (FTP over SSL). Both SFTP and FTPS offer a high level of protection since they implement strong algorithms such as AES and Triple DES to encrypt any data transferred. Both options also support a wide variety of functionality with a broad command set for transferring and working with files. So the most notable differences between SFTP and FTPS is how connections are authenticated and managed.

With SFTP (FTP over SSH), a connection can be authenticated using a couple different techniques.  For basic authentication, you (or your trading partner) may just require a user id and password to connect to the SFTP server. Its important to note that any user ids and passwords supplied over the SFTP connection will be encrypted, which is a big advantage over standard FTP.

SSH keys can also be used to authenticate SFTP connections in addition to, or instead of, passwords. With key-based authentication, you will first need to generate a SSH private key and public key beforehand. If you need to connect to a trading partner’s SFTP server, you would send your SSH public key to them, which they will load onto their server and associate with your account. When you connect to their SFTP server, your client software will transmit your public key to the server for authentication. If the keys match, along with any user/password supplied, then the authentication will succeed.

With FTPS (FTP over SSL), a connection is authenticated using a user id, password and certificate(s).  Like SFTP, the users and passwords for FTPS connections will also be encrypted. When connecting to a trading partner’s FTPS server, your FTPS client will first check if the server’s certificate is trusted. The certificate is considered trusted if either the certificate was signed off by a known certificate authority (CA), like Verisign, or if the certificate was self-signed (by your partner) and you have a copy of their public certificate in your trusted key store.

Your partner may also require that you supply a certificate when you connect to them.  Your certificate may be signed off by a 3rd party CA or your partner may allow you to just self-sign your certificate, as long as you send them the public portion of your certificate beforehand (which they will load in their trusted key store).

In regards to how easy each of the secure FTP protocols are to implement, SFTP is the clear winner since it is very firewall friendly. SFTP only needs a single port number (default of 22) to be opened through the firewall.  This port will be used for all SFTP communications, including the initial authentication, any commands issued, as well as any data transferred.

On the other hand, FTPS can be very difficult to patch through a tightly secured firewall since FTPS uses multiple port numbers. The initial port number (default of 21) is used for authentication and passing any commands.  However, every time a file transfer request (get, put) or directory listing request is made, another port number needs to be opened.  You and your trading partners will therefore have to open a range of ports in your firewalls to allow for FTPS connections, which can be a security risk for your network.

In summary, SFTP and FTPS are both very secure with strong authentication options.  However since SFTP is much easier to port through firewalls, and we are seeing an increasing percentage of trading partners adopting SFTP, I believe SFTP is the clear winner for your secure FTP needs.

How does HTTPS work ?

Nowadays, many servers are relying on HTTPS. Along with secure transactions, many web servers are using HTTPS for browsing also.
This raises a question in our mind. Why HTTPS and how is HTTPS more secure than HTTP?

What is HTTPS 

When we type URL in the browser, an HTTP request goes to the server and the server responds with appropriate HTML page. Now, HTML is a stateless protocol. This means, everytime the browser wants some data from the server, a new connection is established to the server and the client waits. The server sends response and closes the connection.
If we think about security, HTTP is an unsecure protocol. When data travels between the client and the server, it is unencrypted and as a result, not safe from Man In The Middle Attack. And so, HTTPS was developed.
This HTTPS uses SSL/TLS for security.
So, what does it mean?
That means, all data transferred between the server and client gets encrypted first. First, a TLS connection is established between the server and client and a key is negotiated between them. And then, all data is encrypted with the key and sent over.

How does HTTPS work

So, how does HTTPS work actually?
When a URL is typed in the browser, the server is connected. When a server supports HTTPS, it generates a public-private key pair and keeps the keys with itself. So, whenever a connection is requested to the server, it sends the public key of the key-pair to the client.

The client receives the public key of the server and verifies the authenticuty of the server’s public key with a Certificate Authority. This step is done so that someone malicious cannot forge the public key of the server and send its public key instead.

After the public key is verified, it is time for the server and the client to negotiate a symmetric key using which they can encrypt the data and send over. Using symmeteric key along with encrypting it with the public key of the server ensures more security.
Here, the server and client uses Diffie-Hellman Key Exchange Algorithm to make sure a symmetric key is negotiated between the server and client, yet the key itself is never communicated directly between them. Instead, some mathematical formula is used between them to derive the key.
Once the symmetric key is derived, next the job is simple. Whenever any data communicates between the server and the client, the data is encrypted first with the symmetric key and then with the public key of the server and then communicates between them.

How secure is HTTPS

So, here comes the immediate next question, how secure is HTTPS?
It is pretty secure. Even if somene malicious intercepts the connection or performs Man In The Middle Attack, he will not be able to decipher the packets.
So, if you search something in Google, the attacker will probably know that you are having some activity in Google Search, but he won’t be able to decipher what you are searching there.
So, this was just an informational blog. Stay safe, stay secure!!


A worm is a program that has the ability to spread from one computer to another on its own using email, shared folders, and weak passwords. Worms typically propagate through the use of removable media, through a network, or via e-mail. Regardless of how the particular program self-replicates, as long as it is able to infect another computer it is classified as a worm. The vast majority of worms are malicious in intent and are being used for DDOS attacks and to steal private information. In the past, there have been some attempts of authors creating worm of good intent. These worms typically would attempt to download a patch onto the computer so they are no longer vulnerable to a particular exploit. Though the intent was good, the worm is still malware as it is performing unauthorized activity on your computer.

Well known worms are:

  • Conficker / Downadup
  • Sasser
  • Blaster


Trojan Horses are programs that disguise themselves as harmless and beneficial programs but instead have a hidden purpose that you are unaware of. Examples of the types of actions that a Trojan may perform are:

  1. Delete files and data
  2. Lock you out of your computer
  3. Install backdoors so remote users can access your computer remotely.
  4. Execute commands on your computer
  5. Encrypt all of your data and then blackmail you in order to receive the key to decrypt them.
  6. Download and install other malware
  7. Log the keystrokes you make on the computer.
  8. Steal passwords that you enter into certain types of sites.
  9. Restart your computer
  10. Turn off programs such as firewalls and anti-malware programs.
  11. Take screen shots of what is running on your computer.
  12. Take screen shots using attached web cams.
  13. Apply security patches to your computer.
  14. Make annoying sounds on your computer.
  15. Display images on your computer
  16. Eject your CD Tray.
  17. Print documents on your printer.

As you can see from the above examples, not all of them are harmful, but they are all unwanted. Examples of how Trojans masquerade as beneficial programs are:

Fake Video Codecs
These Trojans masquerade as video codecs that you need to install in order to view certain, typically porn related, videos on the Internet. Once installed, these trojans will install a variety of malware including rogue anti-spyware programs.
Warez Key Generators and Cracks
Using programs on the Internet that state they provide serial numbers or cracks so that you can use protected and copyrighted software is not only illegal, but typically foolish. Most of these software are in fact Trojans that install backdoors, keyloggers, worms, and other malware. So, you may be saving a few dollars by not buying the software, but in the long run it may hurt much more when someone steals your information and performs identity theft.
Games and Game Updates
It is not uncommon for a malware writer to create a very sophisticated game that may actually be fun, but in reality is a shell to hide malware that it will install on your computer. For example, in 2001 a game was being distributed via email called Whack-a-mole that was a game where you tried to whack a mole that pops up out of the ground. What the unsuspecting player did not know is that when they played the game it installed a Trojan that allowed a hacker to get into your computer remotely and access all of your documents and files.
Screen Savers
Let’s face it, the screen savers that come with Windows are not the most awe inspiring. Due to this, it is not uncommon for people to search for screen savers on the Internet and install them on their computer. Unfortunately without the proper safeguards, this screen saver may actually be a Trojan Horse that while showing little dogs playing on your screen, is actually deleting all of your files.

Trojans are scary, and as you can see from the descriptions above, it can be very hard to determine what is a legitimate program and what is a Trojan hiding in disguise. We are not, though, saying that you should stay away from downloading interesting programs on the Internet, downloading new screen savers, installing audio or video codecs so you can view the latest formats, or just enjoying the Web to its fullest. We are saying that you should do so with caution and education. This includes, in no particular order:

  1. Do not run programs from people you do not know.
  2. Even if you do know the person, before using the program you should first scan it using your antivirus software or online tools such as VirusTotal or Jotti because not all of your friends are as smart as you.
  3. Make sure you have an Anti-Virus program, an Anti-Spyware program, and a Firewall running on your computer.
  4. Don’t look at porn on the web as the vast majority of these sites contain something you don’t want to catch. Sorry!
  5. Dont use illegal cracks or key generators. The majority is not what you think they are.
  6. Use sites like SiteAdvisor to determine if a site you are downloading or installing from is legitimate or a known malware distributor.
  7. Do not open e-mail attachments that end with .exe, .bat, .pif, or .com as these are almost always bad.
  8. Read the license agreement for any programs you install. Many free downloads are offered with spyware and other programs that you DO NOT want on your computer. Reading the agreement may help you to spot them.

Enjoy your computer and the Internet, just be safe doing so!