Top 10 Best Google Gravity Tricks 2018

Top 10 Best Google Gravity Tricks 2018

Google is the search engine where the people look up for the things. Yet apart from being only a search engine this website is highly functional and has a lot of functions dubbed inside it. And even the webmasters don't know about all the features as they are so vast that you need to explore lots of things to get to know about them all.  There are a number of gravity opposing tricks in the Google search page that you would like to enjoy. Well many of you guys must be new to this word as only 15% of Google users know this thing and for rest, I'm here to guide you up in this. Here in this article, we have written about the best google gravity tricks that you could ever find in this year. If you are interested to know about it then please read the main section of this post as it is given below. This was all the introduction part of this post and now after this line, we are going to skip to the main section. We recommend you to read till the end to get the fullest information from this page!

Top 10 Best Google Gravity Tricks 2018

Below I have mentioned some of the best tricks that I tried as I was getting bored and thought about exploring something new and then I searched Google Tricks on google and then I get to know that even these things are also possible on the Google. You can use so many different things to kill your boredom on Google. There I decided to note down these tricks and share the article with you so that you can also avail these. So follow the below guide to proceed.

#1 Google zero gravity level fall

Best Google Gravity Tricks 2018

This is the first trick that amazed me as when I get to know this thing can happen when I was really surprised as it was quite funny. It is a standout amongst the most astonishing google gravity trap. In this trap, the substance will appear like tumbling to a level surface. Every one of the substances like pictures, writings, and so on of your page will be upset. They will look somewhat bouncy and turned around that looks exceptionally energizing and stunning.

#2 Google Sphere

Best Google Gravity Tricks That You Need To Try

This is second best google gravity trap. In this trap, the substance rotates in a round way. Be that as it may, you will think that its little hard to deal with it since you need to chip away at turning writings.

#3 Google Loco

Best Google Gravity Tricks That You Need To Try

This google gravity trap is much like the google zero gravity. You will see the substance as falling in a seismic tremor,

#4 Zerg Rush

Best Google Gravity Tricks That You Need To Try

This is one of my most loved google gravity trap. In this deceive you will see somewhere in the range of zeros spreading in your page. to utilize this trap Open Google.com and hunt Zerg Rush through utilizing the search bar.

#5 Google submerged

Best Google Gravity Tricks 2018

This is of the most attractive google gravity trap. In this deceive you will see a domain of submerged. You will see the pursuit bar coasting in the water.

#6 Do a barrel roll

Best Google Gravity Tricks That You Need To Try

This is likewise an astounding google gravity trap. In this deceive, you will get an impact to your page with which, your page will turn in a solitary minute.

#7 Google Guitar

Best Google Gravity Tricks That You Need To Try

This is additionally a stunning google gravity trap. In this deceive, you can play guitar on the web index. You can play your coveted tunes with it. Google will give you notes to your tunes.

#8 Google zero gravity reversal

Best Google Gravity Tricks 2018

This is one of the coolest Google gravity trap. In this deceive, you will get a perfect representation of your site page. You will feel like you are on the opposite side of the screen.

#9 Google space

Best Google Gravity Tricks That You Need To Try

In this google gravity deceive you encounter a dream of the room. It implies that the substance of your page will appear like gliding noticeable all around with no gravitational power.

#10 Pacman

Best Google Gravity Tricks 2018 That You Need To Try

This is the standout amongst the most energizing google gravity trap. With this deceive, you can play Pacman game in this.

Finally, after reading this article, you have got to know about. We have tried to provide you this content in the simple and easy to read wordings and hope that you would have easily got about everything written up here. We believe that you might like this article and if it is what you think then please try to share it with others too. Your indulgence in our post is really valuable to us, so do not miss to write about your opinions and suggestions regarding this article through using the comments section below. At last but never the least thanks for reading this article!

Related word

• Hacking Google
• Hacker Kevin Mitnick
• Pentest Certification
• Pentest Bootcamp
• Hacking
• Pentest Security

CEH: Gathering Host And Network Information | Scanning

Scanning

It is important that the information-gathering stage be as complete as possible to identify the best location and targets to scan. After the completion of  footprinting and information gathering methodologies, scanning is performed.
During scanning, the hacker has vision to get information about network an hosts which are connected to that network that can help hackers to determine which type of exploit to use in hacking a system precisely. Information such as an IP addresses, operating system, services, and installed applications.

Scanning is the methodology used to detect the system that are alive and respond on the network or not. Ethical hackers use these type of scanning to identify the IP address of target system. Scanning is also used to determine the availability of the system whether it is connected to the network or not.

Types Of Scanning 

Network Scanning	Identifies IP addresses on a given network or subnet
Port Scanning	Determines open, close, filtered and unfiltered ports and services
Vulnerability Scanner	Detect the vulnerability on the target system

Port Scanning ​

Port scanning is the process of identifying open and available TCP/IP ports on a system. Port-scanning tools enable a hacker to learn about the services available on a given system. Each service or application on a machine is associated with a well-known port number. Port Numbers are divided into three ranges:

• Well-Known Ports: 0-1023
• Registered Ports: 1024-49151
• Dynamic Ports: 49152-6553

Network Scanning

Network scanning is performed for the detection of active hosts on a network either you wanna attack them or as a network administrator. Network-scanning tools attempt to identify all the live or responding hosts on the network and their corresponding IP addresses. Hosts are identified by their individual IP addresses.

Vulnerability Scanning

This methodology is used to detect vulnerabilities of computer systems on a network. A vulnerability scanner typically identifies the operating system and version number, including applications that are installed. After that the scanner will try to detect vulnerabilities and weakness in the operating system. During the later attack phase, a hacker can exploit those weaknesses in order to gain access to the system. Moreover, the vulnerability scanner can be detected as well, because the scanner must interact over the network with target machine.

The CEH Scanning Methodology

As a CEH, you should understand the methodology about scanning presented in the figure below. Because this is the actual need of hackers to perform further attacks after the information about network and hosts which are connected to the network. It detects the vulnerabilities in the system bu which hackers can be accessible to that system by exploitation of that vulnerabilities.

Continue reading

• Pentest Guide
• Hacking
• Hacking Gif
• Hacker Videos
• Hacking Apps
• Hacker Website
• Hacking Forums
• Pentest Vs Red Team
• Hacking Site
• Basic Pentest 1 Walkthrough
• Hacking To The Gate
• Pentest Windows 7

PortWitness - Tool For Checking Whether A Domain Or Its Multiple Sub-Domains Are Up And Running

PortWitness is a bash tool designed to find out active domain and subdomains of websites using port scanning. It helps penetration testers and bug hunters collect and gather information about active subdomains for the domain they are targeting.PortWitness enumerates subdomains using Sublist3r and uses Nmap alongwith nslookup to check for active sites.Active domain or sub-domains are finally stored in an output file.Using that Output file a user can directly start testing those sites.

Sublist3r has also been integrated with this module.It's very effective and accurate when it comes to find out which sub-domains are active using Nmap and nslookup.

This tool also helps a user in getting the ip addresses of all sub-domains and stores then in a text file , these ip's can be used for further scanning of the target.

Installation

git clone https://github.com/viperbluff/PortWitness.git

BASH
This tool has been created using bash scripting so all you require is a linux machine.

Usage

bash portwitness.sh url

Download PortWitness

Related posts

• Pentest Kit
• Pentesting Tools
• Hacking Books
• Pentest Tools Free
• Hacking Process
• Pentest Methodology
• Hacking Games Online
• Hacker Anonymous
• Pentest Questions
• Hacking Images
• Hacker Software

$$$ Bug Bounty $$$

What is Bug Bounty ?

A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for discovering and reporting software bugs. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy.




Many software vendors and websites run bug bounty programs, paying out cash rewards to software security researchers and white hat hackers who report software vulnerabilities that have the potential to be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Typically, payment amounts are commensurate with the size of the organization, the difficulty in hacking the system and how much impact on users a bug might have.


Mozilla paid out a $3,000 flat rate bounty for bugs that fit its criteria, while Facebook has given out as much as $20,000 for a single bug report. Google paid Chrome operating system bug reporters a combined $700,000 in 2012 and Microsoft paid UK researcher James Forshaw $100,000 for an attack vulnerability in Windows 8.1.  In 2016, Apple announced rewards that max out at $200,000 for a flaw in the iOS secure boot firmware components and up to $50,000 for execution of arbitrary code with kernel privileges or unauthorized iCloud access.


While the use of ethical hackers to find bugs can be very effective, such programs can also be controversial. To limit potential risk, some organizations are offering closed bug bounty programs that require an invitation. Apple, for example, has limited bug bounty participation to few dozen researchers.

Read more

1. Pentest Free
2. Hacker Tools
3. Pentest Wifi
4. Pentest Network
5. Hacking
6. Pentest+ Vs Oscp
7. Hacker Wifi Password
8. Pentest Ubuntu
9. Pentest
10. Pentest Xss
11. Pentest Dns
12. Pentest Tools Github
13. Hackintosh
14. Pentest Practice
15. Pentester Academy
16. Hacking Quotes
17. Hacking Online Games
18. Hacking Images

Web-fu - The Ultimate Web Hacking Chrome Extension

Web-fu Is a web hacking tool focused on discovering and exploiting web vulnerabilitites.

 BROWSER INTEGRATION 

This tool has many advantages, as a browser-embedded webhacking tool, is very useful for scanning browser-authenticated applications, if browser can authenticate and access to the web application, the tool also can. Note that some other tools do not support neither certificate authentication nor web vpn accesses.
The integration with chrome, provides a more comfortable and agile way of web-hacking, and you have all the application data loaded on the hacking tool, you don't need to copy the url, cookies, etc. to the tool, just right click and hack.
The browser rendering engine is also used in this tool, to draw the html of the responses.


 FALSES POSITIVES 

When I coded this tool, I was obsessed with false positives, which is the main problem in all detection tools.  I have implemented a gauss algorithm, to reduce the faslse positives automatically which works very very well, and save a lot of time to the pentester.


 VIDEO 

 Here is a video, with some of the web-fu functionalitites:

 VISUAL FEATURES 

This tool has a visual crawler. Normal crawlers doesn't parse the ajvascript, this tool does. The visual crawler loads each link of the web site, rendering the html and executing all the javascript as a normal load, then the links are processed from he DOM and clicked.
A visual form cracker, is also available, althow is experimental and only works on some kind of forms.


 SCANNING FEATURES

The web-fu's portscanner, has a database of a common web ports, like 80,81,8080 and so on.
The cracker module, can bruteforce web directories to find new attack vectors, and can fuzz get and post parameters for discovering vulns, and also crack passwords. There are 9 preloaded wordlists, and you can also load a custom wordlist. Prefilters, falsepositive reductor and render will be helpful. The scanners support SSL, if the website can be loaded in the chrome, can be scanned by web-fu.


ENCODERS & DECODERS

The supported encoders and decoders are: base64, urlescape and urlencode


OTHER FEATURES

A web notepad is available, saving the information on the browser localStorage, there is one notepad per site. A cookie editor is also very useful for pentesting. The inteceptor, is like a web proxy but from the inside of the browser, you can intercept a request There is also a session locker and a exploit web search.


CHROME STORE 
Here is the link to the chrome store, the prize is about one euro, very cheap if you compare with other scanners: Web-Fu on Chrome Store


 With webfu, you will do the best web site pentest and vulnerability assessment.

Continue reading

• Hacking Bluetooth
• Hacking Language
• Pentest Vs Ceh
• Hacking Site
• Hacker Box
• Pentest Android App
• Hacking Browser
• Hacking Online Games
• Pentest Practice Sites
• Pentest Environment
• Hacking Jacket
• Pentest Linux
• Rapid7 Pentest
• Pentest Distro
• Pentest Lab Setup
• Hacking Simulator

How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

More articles

1. What Hacking Is
2. Pentest Questions
3. Pentest With Kali Linux
4. Pentest Tools
5. Hacker Code
6. Pentest Aws
7. Pentest Tools Github
8. Pentest Training
9. Hacking Process
10. Pentestmonkey Cheat Sheet
11. Hacking Wifi
12. Pentestgeek
13. Pentest Nmap
14. Pentest Services
15. Hacker Forum
16. Pentest Example Report
17. Pentest+ Vs Ceh
18. Pentest Lab Setup
19. Hacker Computer
20. How To Pentest A Website With Kali

CEH Practical: Information-Gathering Methodology

 

Information gathering can be broken into seven logical steps. Footprinting is performed during the first two steps of unearthing initial information and locating the network range.

Footprinting

Footprinting is defined as the process of establishing a scenario or creating a map of an organization's network and systems. Information gathering is also known as footprinting an organization. Footprinting is an important part of reconnaissance process which is typically used for collecting possible information about a targeted computer system or network. Active and Passive both could be Footprinting. The example of passive footprinting is assessment of a company's website, whereas attempting to gain access to sensitive information through social engineering is an example of active information gathering. Basically footprinting is the beginning step of hacker to get hacked someone because having information about targeted computer system is the main aspect of hacking. If you have an information about individual you wanna hack so you can easily hacked that individual. The basic purpose of information gathering is at least decide what type of attacks will be more suitable for the target. Here are some of the pieces of information to be gathered about a target
during footprinting:

• Domain name
• Network blocks
• Network services and applications
• System architecture
• Intrusion detection system
• Authentication mechanisms
• Specific IP addresses
• Access control mechanisms
• Phone numbers
• Contact addresses

Once this information is assemble, it can give a hacker better perception into the organization, where important information is stored, and how it can be accessed.

Footprinting Tools 

Footprinting can be done using hacking tools, either applications or websites, which allow the hacker to locate information passively. By using these footprinting tools, a hacker can gain some basic information on, or "footprint," the target. By first footprinting the target, a hacker can eliminate tools that will not work against the target systems or network. For example, if a graphics design firm uses all Macintosh computers, then all hacking software that targets Windows systems can be eliminated. Footprinting not only speeds up the hacking process by eliminating certain tool sets but also minimizes the chance of detection as fewer hacking attempts can be made by using the right tool for the job. Some of the common tools used for footprinting and information gathering are as follows:

• Domain name lookup
• Whois
• NSlookup
• Sam Spade

Before we discuss these tools, keep in mind that open source information can also yield a wealth of information about a target, such as phone numbers and addresses. Performing Whois requests, searching domain name system (DNS) tables, and using other lookup web tools are forms of open source footprinting. Most of this information is fairly easy to get and legal to obtain.

Footprinting a Target 

Footprinting is part of the preparatory pre-attack phase and involves accumulating data regarding a target's environment and architecture, usually for the purpose of finding ways to intrude into that environment. Footprinting can reveal system vulnerabilities and identify the ease with which they can be exploited. This is the easiest way for hackers to gather information about computer systems and the companies they belong to. The purpose of this preparatory phase is to learn as much as you can about a system, its remote access capabilities, its ports and services, and any specific aspects of its security.

DNS Enumeration

DNS enumeration is the process of locating all the DNS servers and their corresponding records for an organization. A company may have both internal and external DNS servers that can yield information such as usernames, computer names, and IP addresses of potential target systems.

NSlookup and DNSstuff

One powerful tool you should be familiar with is NSlookup (see Figure 2.2). This tool queries DNS servers for record information. It's included in Unix, Linux, and Windows operating systems. Hacking tools such as Sam Spade also include NSlookup tools. Building on the information gathered from Whois, you can use NSlookup to find additional IP addresses for servers and other hosts. Using the authoritative name server information from Whois ( AUTH1.NS.NYI.NET ), you can discover the IP address of the mail server.

Syntax

nslookup www.sitename.com

nslookup www.usociety4.com

Performing DNS Lookup

This search reveals all the alias records for www.google.com and the IP address of the web server. You can even discover all the name servers and associated IP addresses.

Understanding Whois and ARIN Lookups

Whois evolved from the Unix operating system, but it can now be found in many operating systems as well as in hacking toolkits and on the Internet. This tool identifies who has registered domain names used for email or websites. A uniform resource locator (URL), such as www.Microsoft.com , contains the domain name ( Microsoft.com ) and a hostname or alias ( www ).
The Internet Corporation for Assigned Names and Numbers (ICANN) requires registration of domain names to ensure that only a single company uses a specific domain name. The Whois tool queries the registration database to retrieve contact information about the individual or organization that holds a domain registration.

Using Whois

• Go to the DNSStuff.com website and scroll down to the free tools at the bottom of the page.
• Enter your target company URL in the WHOIS Lookup field and click the WHOIS button.
• Examine the results and determine the following:
  
  • Registered address
  • Technical and DNS contacts
  • Contact email
  • Contact phone number
  • Expiration date

• Visit the company website and see if the contact information from WHOIS matches up to any contact names, addresses, and email addresses listed on the website.

• If so, use Google to search on the employee names or email addresses. You can learn the email naming convention used by the organization, and whether there is any information that should not be publicly available.

Syntax

whois sitename.com
whois usociety4.com

Continue reading

1. Pentest Vs Ethical Hacking
2. Hacker Forum
3. Pentest Reporting Tool
4. Hacking The Art Of Exploitation
5. Hacker On Computer
6. Pentest Azure
7. Pentest Active Directory
8. Pentest+ Vs Oscp