How To Find The Wordpress Version Of A Website/Blog

When ever a hacker tries to attack a CMS(Content managing system) the first thing which he usually does is that he tries to find out the version number of that CMS, So he could go and search on Exploit databases for possible exploits, In a wordpress blog by default you can easily find out some one's version number by just viewing the source of that particular blog.

Skype App For Android Gets Update For Security Flaw

Last week when I started Skype app in my android phone, It denied logging in & come up with a security message that said “Skype android app is facing security Bug , So backup your data ASAP.” So, I started digging in to the issue and found out that this unsecured app was their from October 2010 in the Android marketplace. 

Network Security Scanners For Administrators

There are more and more applications for network administrators on the market, both commercial and free, which serve to verify the system security. Today's administrator has to be highly motivated and extremely patient, as he has to become familiar with a large amount of new software to help him in his difficult work.
There has been a flood of network monitors, network configurators, and other programs to improve network function, or that relieve the administrator of at least part of his responsibilities. However, it is the administrator's duty to deal with the network.

Sqlmap 0.9 Available For Download Now

Sqlmap is a very popular tool used which automates the method of discovering a Sql injection flaw in a web application and exploitation part as well. Sqlmap team has just released the newest version of Sqlmap, Sql map comes in with lots of changes including a fully re-written SQL Injection flaw detecting engine.


Here are some of the newset features in Sqlmap 0.9:

  • Rewritten SQL injection detection engine (Bernardo and Miroslav).
  • Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
  • Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
  • Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
  • Implemented support for Firebird (Bernardo and Miroslav).
  • Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
  • Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
  • Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
  • Added support to fetch unicode data (Bernardo and Miroslav).
  • Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
  • Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
  • Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
  • Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.
You can download Sqlmap 0.9 here

    How To Find Lost Microsoft Office 2010 Product Key

    In my previous post Free Microsoft office 2010 Product key I posted free Microsoft office product key download, However if you are one who have already installed Microsoft office 2010 and have lost the product key for any reason and looking to recover Microsoft Office 2010 Product key then you are in the right place.

    RafayHackingArticles Finally On A Custom Domain Now !

    Well it has been almost 2 years since I have started rafayhackingarticles and for 2 years it has happened to me countless times that i have thought of moving to a custom domain(.com,.net,.org) but every time i tried to do it there was some thing which always holding me back and one of the major things which was holding me back was my SEO Standing I was afraid that I might loose my traffic, but yesterday one of my friend David suggested me to move to custom domain as blogspot is Google's property and google can delete it any time they want and Google is very less likely to delete blogs on custom domains.

    So i said to my self that "Some day will never come" So I acted immediately and registered, Now some of you might ask questions that whyI did not go for a .com domain, The answer is that it was not available.

    Learn How To Hack - Ethical Hacking and security tips

    Yesterday when I was searching godaddy for domains my first priority was to go after a .com domain but since it was not available .net was the second best option.

    What Topics Will I cover?

    1. Hacking And Security Related News.

    2. Ethical Hacking Techniques.

    3. Computer Tricks.

    4. Windows hacks.

    5. Security flaws.

    And much more.

    Advice for those on blogspot:

    During my experience of more than 2 years with blogging the biggest mistake i made was that I blogged on a blogspot domain(And never will), If are still on blogspot I suggest you to move to custom domain, Their are countless advantages of a custom domain over a sub domain, If you are looking forward to make serious money from blog i suggest you to move to custom domain.

    Cain And Abel 4.9.40 Is Available For Download

    Cain and abel is a very popular windows password recovery program, It allows you to recover almost all kinds of passwords, It also supports wide variety of password cracking methods such as a brute force attack, Dictionary attack, Rainbow Tables, Cryptanalysis attack etc, Cain is mostly used for the purpose of sniffing and also used to carry out wide variety of Man In the middle attacks.

    How To Sniff VOIP Session Using Cain

    According to wikipedia:

    Voice over Internet Protocol (Voice over IP, VoIP) is one of a family of internet technologies, communication protocols, and transmission technologies for delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms frequently encountered and often used synonymously with VoIP are IP telephony, Internet telephony, voice over broadband (VoBB), broadband telephony, and broadband phone.

    Learn Website Hacking And Security With DVWA Tools

    Lots of readers often ask me How can I be good at website hacking and web application security, The thing is that even if you have an idea of how some popular website application attack work but still you need a safe environment to practice what you have learned because you are not allowed to access any website even for testing purposes unless and until you are not authorized to do that, This is where Damn vulnerable web app(DVWA) comes into play
    Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

    Join In!

    RHA © 2013. All Rights Reserved.