DATAXPLOIT

If you do not know what exactly phishing means , I highly recommend you to read my post on basics of phishing

I could simply give you the fake page generators or already made fake web pages but I want you to manually create yourself.

First, I shoud tell you the basic methodology of making phishing page of any website. In a website where the users are supposed to enter/submit any data (data might be email,password or anything), there is a piece of code in html code called as action form. It looks like this

.
You can find this out by simply viewing the source of web page. Right click on webpage to do so. “something” here in the action field is name or path of the file where submitted data goes. So the idea of fake login page is simple. Just download the webpage on your computer, modify the action field to change the path where data goes according to yourself, upload this modified webpage on any web hosting site and you are done.

Read the rest of this entry »

With lots of curious readers asking me how to practice hacking and from where to start,

Damn Vulnerable Web App (DVWA) is great application to plunge yourself in.

DVWA is a PHP/MySQL web application that is damn vulnerable..literally.

Its main goals are to be light weight, easy to use and full of vulnerabilities

to exploit and it successfully achieves those . And frankly it can be used to

learn or teach the art of web application security.
The DVWA is bundled with the following type of vulnerabilities
Read the rest of this entry »