The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe Linux Challenges Linux Walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.

Linux Challenges

Learn by completing linux challenges
This rooms purpose is to learn or improve your Linux skills.


There will be challenges that will involve you using the following commands and techniques:

• Using commands such as: ls, grep, cd, tail, head, curl, strings, tmux, find, locate, diff, tar, xxd Understanding cronjobs, MOTD's and system mounts
• SSH'ing to other users accounts using a password and private key
• Locating files on the system hidden in different directories
• Encoding methods (base64, hex)
• MySQL database interaction
• Using SCP to download a file 
• Understanding Linux system paths and system variables
• Understanding file permissions
• Using RDP for a GUI

[Task 3] Linux Functionality

 

 

 

 

 

 

Video Tutorial :- SooN..

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe OWASP Top-10 Security Misconfiguration Walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.

XSS Playground Lite

Cross-site scripting, also known as XSS is a security vulnerability typically found in web applications. It’s a type of injection which can allow an attacker to execute malicious scripts and have it execute on a victim’s machine.

A web application is vulnerable to XSS if it uses unsanitized user input. XSS is possible in Javascript, VBScript, Flash and CSS. There are three main types of cross-site scripting: TryHackMe OWASP Top 10 XSS Playground Lite Walkthrough

• Stored XSS - the most dangerous type of XSS. This is where a malicious string originates from the website’s database. This often happens when a website allows user input that is not sanitised (remove the "bad parts" of a users input) when inserted into the database.

• Reflected XSS - the malicious payload is part of the victims request to the website. The website includes this payload in response back to the user. To summarise, an attacker needs to trick a victim into clicking a URL to execute their malicious payload.

• DOM-Based XSS - DOM stands for Document Object Model and is a programming interface for HTML and XML documents. It represents the page so that programs can change the document structure, style and content. A web page is a document and this document can be either displayed in the browser window or as the HTML source.

XSS Payloads

Remember, cross-site scripting is a vulnerability that can be exploited to execute malicious Javascript on a victim’s machine. Check out some common payloads types used:


Popup's (<script>alert(“Hello World”)</script>) - Creates a Hello World message popup on a users browser.

Writing HTML (document.write) - Override the website's HTML to add your own (essentially defacing the entire page).

XSS Keylogger (http://www.xss-payloads.com/payloads/scripts/simplekeylogger.js.html) - You can log all keystrokes of a user, capturing their password and other sensitive information they type into the webpage.

Port scanning (http://www.xss-payloads.com/payloads/scripts/portscanapi.js.html) - A mini local port scanner (more information on this is covered in the TryHackMe XSS room).


XSS-Payloads.com (http://www.xss-payloads.com/) is a website that has XSS related Payloads, Tools, Documentation and more. You can download XSS payloads that take snapshots from a webcam or even get a more capable port and network scanner.

XSS Challenge

The VM attached to this task showcases DOM-Based, Reflected and Stored XSS. Deploy the machine and exploit each type!



#1 Deploy the VM

Ans :- No Answer Needed ( Only Deploy the Machine )




#2 Go to http://10.10.21.184/reflected and craft a reflected XSS payload that will cause a popup saying "Hello".


Payload  <script>alert(“Hello World”)</script>








Ans :-  ThereIsMore....



#3 On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.


Payload <script>alert(window.location.hostname)</script>






Ans :- ReflectiveXss....




#4 Now navigate to http://10.10.21.184/stored and make an account. Then add a comment and see if you can insert some of your own HTML.


Payload <script>alert(<!-- I am a hacker-->)</script>







Ans :- HTML_T....




#5 On the same page, create an alert popup box appear on the page with your document cookies.


Payload <script>alert(document.cookie);</script>






Ans :- W3LL_D0N3....



#6 Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.



Payload <script>document.querySelector('alert').textContent = 'I am a Hacker'</script>

OR

<script>document.querySelector('#thm-title').textContent = 'I am a hacker'</script>


OR


<script>document.querySelector('XSS Playground Lite').textContent = 'I am a hacker'</script>






Ans websites_can_b.....



Video Tutorial :-

 

 

 

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe OWASP Top-10 Security Misconfiguration Walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.

Security Misconfiguration

Security Misconfigurations are distinct from the other Top 10 vulnerabilities, because they occur when security could have been configured properly but was not. TryHackMe OWASP Top10 Security Misconfiguration Walkthrough
Hack into the webapp, and find the flag!

Security misconfigurations include:


• Poorly configured permissions on cloud services, like S3 buckets

• Having unnecessary features enabled, like services, pages, accounts or
privileges

• Default accounts with unchanged passwords

• Error messages that are overly detailed and allow an attacker to find out more about the system

• Not using HTTP security headers, or revealing too much detail in the Server: HTTP header Task 20 Day 6



This vulnerability can often lead to more vulnerabilities, such as default credentials giving you access to sensitive data, XXE or command injection on admin pages.

 

Default Passwords

Specifically, this VM focusses on default passwords. These are a specific example of a security misconfiguration. You could, and should, change any default passwords but people often don't.


It's particularly common in embedded and Internet of Things devices, and much of the time the owners don't change these passwords.


It's easy to imagine the risk of default credentials from an attacker's point of view. Being able to gain access to admin dashboards, services designed for system administrators or manufacturers, or even network infrastructure could be incredibly useful in attacking a business. From data exposure to easy RCE, the effects of default credentials can be severe.


In October 2016, Dyn (a DNS provider) was taken offline by one of the most memorable DDoS attacks of the past 10 years. The flood of traffic came mostly from Internet of Things and networking devices like routers and modems, infected by the Mirai malware.


How did the malware take over the systems? Default passwords. The malware had a list of 63 username/password pairs, and attempted to log in to exposed telnet services.


The DDoS attack was notable because it took many large websites and services offline. Amazon, Twitter, Netflix, GitHub, Xbox Live, PlayStation Network, and many more services went offline for several hours in 3 waves of DDoS attacks on Dyn.

How to Solve ?

First of all, after deploying this room, you will get a IP Address, that IP Address has to be opened in the browser, where you will see the login page, you will have to enter the default username and password in that login page only then you will find the flag.



• Technique :- Google Dorking


• Then, open the new tab of browser and search :


site:github.com pensivenotes and hit enter.








• Open NinjaJc01 (James) · GitHub


• and scroll down and select & open a NinjaJc01/PensiveNotes





• Now, you have to open the file in README.md and after scrolling down you will get the default username and password.









• Login with this default username and password you will get the flag.








#2 Hack into the webapp, and find the flag!

Ans :- In the picture above




Video Tutorial :- 



  

 

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryhackMe OWASP Top 10 Sensitive Data Exposure  walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.












When a webapp accidentally divulges sensitive data, we refer to it as "Sensitive Data Exposure". This is often data directly linked to customers (e.g. names, dates-of-birth, financial information, etc), but could also be more technical information, such as usernames and passwords. At more complex levels this often involves techniques such as a "Man in The Middle Attack", whereby the attacker would force user connections through a device which they control, then take advantage of weak encryption on any transmitted data to gain access to the intercepted information (if the data is even encrypted in the first place...). Of course, many examples are much simpler, and vulnerabilities can be found in web apps which can be exploited without any advanced networking knowledge. Indeed, in some cases, the sensitive data can be found directly on the webserver itself...



The web application in this box contains one such vulnerability. Deploy the machine, then read through the supporting material in the following tasks as the box boots up.



Sometimes backup are left on the server by ignorant developers and sometimes this backup contain sensitive information like credentials that can lead to compromising of a server let’s take a look from the server’s webpage below






Go to login page http://<IP address>/login and then visit view page source






#1 What is the name of the mentioned directory?

Ans :- /assets



Navigating to /assets we get a database file called webapp.db









#2 Navigate to the directory you found in question one. What file stands out as being likely to contain sensitive data?
TryhackMe OWASP Top 10 Sensitive Data Exposure  walkthrough



Ans :- webapp.db



I downloaded the database file to my system and Let’s open the databases and see what it contains using the command :


sqlite3 webapp.db






And we see the database has two tables sessions and users






So here, we have found a table named Users, so we will access this table with the help of SQL command.







#3 Use the supporting material to access the sensitive data. What is the password hash of the admin user?


Ans :- 6eea9b7ef19179a06954edd0f6c05ceb



Now we will decrypt this hash and before doing this we need to know in what format this hash file is? like MD5, SHA256, BCRYPT etc


Type the following command and check hash password :






Hash Format :- MD5


Now we will decrypt this Facebook file and get the password



#4 Crack the hash.
What is the admin's plaintext password?






Ans :- qwertyuiop




#5 Login as the admin. What is the flag?


username :- admin ( go to question #3 )
password :- qwertyuiop



Ans Flag :- In video





Video Tutorial :-  




        

 

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe Advent of cyber Day 9 Task 14 walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.










This post is Walkthrough of OS Command Injection. Demonstrate OS Command Injection and explain how to prevent it on your servers. So I thought this would be helpful for beginners. TryHackMe OWASP Injection Room walkthrough

Task 3# Blind Command Injection

1) Ping the box with 10 packets. What is this command (without IP address)?

ANS: -ping -c 10



2.Try to redirect output to a file on the web server. What alert message do you see appear?

ANS: error



3.Enter “root” into the input and review the alert. What type of alert do you get?

ANS: success







4.Enter “www-data” into the input and review the alert. What type of alert do you get?

ANS: success



5.Enter your name into the input and review the alert. What type of alert do you get?

ANS: error

Task 4# Active Command Injection

1) What strange text file is in the website root directory?

Enter ls command in textbox






ANS: drpepper.txt



2.How many non-root/non-service/non-daemon users are there?






 
ANS: 0




3.What user is this app running as?

Enter whoami command in textbox






ANS: www-data


4.What is the user's shell set as?


perl -e '@x=getpwuid($<); print $x[8]'






ANS: /usr/sbin/nologin




5.What version of Ubuntu is running?

Enter cat /etc/os-release






ANS: 18.04.4



6.Print out the MOTD. What favorite beverage is shown?


Type and enter cat /etc/update-motd.d/00-header







ANS: Dr pepper


 
Now, read flag.txt you will get flag.



Video Tutorial :-


 

    

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

What are some secret tips and tricks to search on Google?

Hello guys,There are more than 3.6 million searches on Google every minute. But even today, there are many people who do not know the secrets of searching on Google. Today I am going to tell you some such secrets which can save you from wasting a lot of time. No matter what you search, you will find thousands of sites that are of no use to you. So what can we do in such a way, how to search the topic that we want and only those topics will come in search on Google. So let's start with some tricks that can make you smart search.


If you have to do some search and you want to get information about what you have searched on Google. So you have to put + in front of your search and put your main keyword in front of it.
For example: - how to create blog + blogger


That is, you will only be shown how to create a blog on Blogger, other than this, Google will not give you any other information.



How to manage time + student


That is, how to manage time for students, Google will give you information about this only for students.





In the same way, you can also ask by adding the sign of minus. Minus sign means things that you do not want to know about, then Google will not show you what is written next to your (minus-) sign.


For example: -


Benefits of wordpress blog-blogger


That is, Google will now give you only and only information related to wordpress, in which Blogger will not have any name.


The third trick is that when you want to contact a training center, you can search in Google in this way ("Share Market Traning Center" + Email) Now this will give you the email contacts of all those Share Market Traning Center. Apart from these, Google will not give you any other information. This can save you a lot of time. You have to do this thing when you are looking for a job or want to get a contact. If you want the right information about any one thing. Suppose there is a book or a video, then you search it in Google ("Book Name"), then you will see the same on the first page in front of you, which you would like nothing else. . What are some secret tips and tricks to search on Google?



Listen to this trick, if you have to search for something that you are missing a little bit, then how will you search in Google. Take for example a song. Suppose this is a song (broken with a dream, some dream is heard, heard, heard, heard, heard, no one has been there), now you have forgotten something from it, you will search it this way. tips and tricks 2020



For example: -


"No one can break through a sieve when there is no one"


Remember, you have to put * in the middle 'instead of what you have forgotten, the right result will come in front of you.



Now the next trick is when you want to know about one site or read the articles of that site, how will you search if no one else does. Suppose you have to read the article of Navbharat Times only, else if not, search it like this in Google.
For example: -



site: name of that site



After this, you will only get to see the results of Navbharat Times and the rest will not be seen. Now if you want to see similar site like that site then you will search in Google.


For example: -


Related: flipkart


You will come across other sites like flipkart. If you like the answer, then make an appeal because one of your comments gives us inspiration to write a better answer.


Thank you.

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe Advent of cyber Day 9 Task 14 walkthrough


While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.

TryHackMe Vulnversity Walkthrough

Learn about active recon, web app attacks and privilege escalation.


This is our first room on TryHackMe and we’re gonna follow along with the OSCP preparation series. Let’s get started with our first machine. TryHackMe Vulnversity Walkthrough



Specifications

• Room: Vulnversity
• Target OS: Linux
• Difficulty: Easy
• Info: Learn about active recon, web app attacks and privilege escalation.
• Services: SSH (22), FTP (21), SMB (139, 445), Squid (3128), HTTP (3333)

Contents

• Getting user
• Getting root

Reconnaissance

Ports Scanning

As always, the first step consists of the reconnaissance phase as port scanning.



Task 2-2: Number of open port

Using the following nmap command, a total of 6 open ports can be detected.


$ nmap 10.10.39.202 -Pn

OR

$ nmap -Pn -p-10000 -A -v <MACHINE IP>




    -Pn: Just scan for open ports
    -p-10000: Scan first 10000 ports
    -A: Enable OS detection, execute in-build script
    -v: Verbose mode (Displaying all the scanning processes and results)







Answer :- 6






Task 2-3: Squid proxy version


By using the nmap scanner, I am able to identify the version.


$ nmap 10.10.39.202 -Pn -sV


    -Pn: Just scan for open ports
    -sV Just scan version
   






Answer :- 3.5.12



Task 2-4: The meaning of -p-400 flag



By referring to the task 2-2, the flag means scanning the first 400 ports.


Answer :- 400




Task 2-5: What will not be resolved by -n flag

Referring to the nmap documentation, the DNS will not be resolved by using -n flag.


Answer: DNS




Task 2-6: OS detection


By using the nmap scanner, I am able to identify the OS of the machine.


$ nmap 10.10.39.202 -Pn -sV -O


OR


$ nmap 10.10.39.202 -sC -sV -Pn -O

   -O for OS Detection
   -sC for Default NSE Script








Answer :- Ubuntu



Task 2-7: Port that run by the web server.


Web servers are not always run on the port 80, that is why we miss it out sometime. The webserver is located on port 3333.



$ nmap 10.10.39.202 -sC -sV -Pn







Answer: 3333

[Task 3] Locating directories using GoBuster

Using a fast directory discovery tool called GoBuster you will locate a directory that you can use to upload a shell to.


The tasks in the challenge room want you to use Gobuster to enumerate the target website directories, which is fine, but just be aware that there are other tools that do similar types of directory scanning. See below for a brief breakdown of the more popular ones but understand they they all do the same thing - automate the time consuming task of finding various directories on a website.



$ gobuster dir -e -u http://10.10.164.121:3333 -w /usr/share/wordlists/dirb/common.txt



dir: uses directory/file brute forcing mode

-e: expanded mode, print full URLs

-u: the target URL or domain

-w: path to word list




Keep in mind that the size of your word list matters! A smaller word list will finish faster but may miss potentially interesting directories while a larger one may find more but could potentially take way longer to finish. Kali comes preinstalled with a bunch and you should play around with them to find the best ones for the situation you are in.






Answer :- /internal/




Remaining Question :- SooN




Video Tutorial :-


    

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.






I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)