EvilZone

I think I fall right in the middle, at home I like to be alone playing PS3 or exploring the web, at work I'm quite the opposite, I've very talkative and outgoing but sometimes when I'm not in the right mood, I tend to be the opposite. So the best option I have is Ambivert.

yeah no doubt...i agree

To explain evilzone is a subject matter that no one can describe. We are a large forum, however like with most only few post. Even with my long time "away" there is still the same people that are the most active. People register for the goods but are in fear of being called out for their skiddy like nature. This is not HF, in my heart always home. This is not your average forum but a home to those that have none. In each rendition of EZ there has always been a small group that is closer than the rest but share for all including the leechers. EZ is one of a kind

truer words have never been spoken. I completely agree....

hey whats u guys,

I ran across this this morning and it was very interesting article, anyway near the bottom of the article has something to do with find plaintest FROM HASHES...including your mysql5....

check it out. read through

http://thehackernews.com/2014/01/cryptography-hacks-hash-encryption.html#


 

This article just came about about 3 days ago, talking about Microsoft getting breached, supposedly via a spear phishing campaign, compromising the email accounts and social media accounts of Microsoft employees.

Article: http://securityaffairs.co/wordpress/21622/cyber-crime/spear-phishing-against-microsoft.html

My questions is regarding modern day phishing techniques. From my understanding, two/four years ago it was totally possible to do the standard:

1) copy web page
2) write credential grabbing php
3) upload to free web host
4) craft email
5) breach (capture credentials)

This sounds vague but I hope you guys get the point. The old ways of making phishing email is what im referring to, I think there is a post somewhere on here regarding what I was talking about.

But in 2013-2014, that isnt gonna fly obviously. Your more than likely to land a nice spot in the spam or junk box. My questions is what are some modern techniques in crafting these emails that are working these days?

Ive been reading that people would compromise a website/server, redirect victim to compromised server, and feed drive-by attacks to passerbys. And then there are stored xss (fairly rare now) breaches and CSRF attacks,etc. But without sounding to eager, but what are the BH tactics. As a penetration tester, I need to replicate and simulate a BH attack in ways. And phishing emails are crucial in attacks, but not dated attacks. My job currently audit website security. But I wanna expand to replicating APT attacks and leveraging user ignorance on my engagements. Just alot of the public info is dated....

im not sure what your asking. mac addresses as well as internal IP addresses can be changed on your system.

1) are you trying to change/camouflage the mac/ip address of your own box? or the router itself?
 
I dont understand what you  mean in questions 2 and 3.

if you dont mind me asking, to what purpose are you attempting to hide your mac addresses and ip address?

hey guys,

I have been getting deep into webapp pentesting lately, also been using burp suite to do most of my work. But recently I have been looking alot at these automated scanners like nikto, acunetix, arachni, and w3af, and have been wondering if its even worth my time.

I feel like those automated scanners would send too much traffic in pentest, and not even be worth it . Part of me thinks i should just continue to use burp suite and do it "manually" (to an extent).

anyways just wondering if i could get some advice and if any of these are worth looking into.

thanks