Encode your secret messages in Your Facebook Pics

Facebook is a place where you can share pictures of cute animals and fun activities. Now there’s a browser extension that lets you encode those images with secret, hard-to-detect messages.  With the extension, anyone — you, your sister, a terrorist — could share messages hidden in JPEG images uploaded to Facebook without the prying eyes of the company, the government or anyone else noticing or figuring out what the messages say. The only way to unlock them is through a password you create.

The goal of this research was to demonstrate that JPEG steganography can be performed on social media where it has previously been impossible,” Campbell-Moore tells Danger Room. He says he spent about two months spread out over the last year working on the extension as a research project for the university.

The extension is only available for the Google Chrome browser — Campbell-Moore cites its developer tools and popularity — and the messages are restricted to 140 characters. Less certain is what Facebook thinks; a spokesman declined to comment. But it’s still the first time anyone’s managed to figure out how to automate digital steganography — the practice of concealing messages inside computer files — through Facebook, the world’s biggest social media platform. Unlike cryptography, which uses ciphertext to encrypt messages, steganographic messages are simply hidden where no one would think to look.

How to do 
1.Go the link  secret book chrome store

2.Click add to chrome

Quickstart

Refresh Facebook. Press ctrl+alt+a while on Facebook to encode a message. Press ctrl+alt+a while looking at a photo to decode a message.

Creating a new secret message

If you've just installed Secretbook then please refresh Facebook before trying to use this extension.

1. Securely share a password with the friend you wish to communicate secretly with.
2. While on Facebook press ctrl+alt+a to activate the secret system.
3. Use the dialogue to create an image. Upload this new image to any album on Facebook or post it on your friend's wall.
   • Note that sending secret messages via messaging is not yet implemented
4. Attempt to receive the message from the image you just uploaded in case an error occurred!
5. Optional: Mention your friend in a comment or the description to ensure they know to check it for a message.

Your friend can now use the password you shared to decode the message.

Receiving a secret message

1. While looking at an image on Facebook press ctrl+alt+a to activate the secret system.
2. Enter your shared password to receive the secret message.

Secretbook has to be subtle. It uses Google Chrome’s web extension platform, since Facebook’s in-house apps publicly list their users — which would defeat the purpose of a secrecy tool. Since the extension runs through a web browser without a server connection, the users can’t be detected by network analysis. It’s also hard for Facebook to block or remove permissions, as the extension doesn’t rely on a Facebook API key.

Read more »

NOKIA CHEAT CODES

1 Imagine ur cell battery is very low, u r expecting an important call and u don't have a charger.

Nokia instrument comes with a reserve battery. To activate, key is "*3370#"

Ur cell will restart with this reserve and ur instrument will show a 50% incerase in battery.

This reserve will get charged when u charge ur cell next time.

*3370# Activate Enhanced Full Rate Codec (EFR)-Your phone uses the best sound quality but talk time is reduced by approx. 5%
#3370# Deactivate Enhanced Full Rate Codec( EFR)


*#4720# Activate Half Rate Codec - Your phone uses a lower quality sound
but you should gain approx 30% more Talk Time
*#4720# Deactivate Half Rate Codec

2 *#0000# Displays your phones software version,

1st Line :S oftware Version,
2nd Line : Software Release Date,
3rd Line : Compression Type
3 *#9999# Phones software v ersion if *#0000# does not work

4 *#06# For checking the International Mobile Equipment Identity (IMEI Number)

5 #pw+1234567890+1# Provider Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

6 #pw+1234567890+2# Network Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

7 #pw+1234567890+3# Country Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

8 #pw+1234567890+4# SIM Card Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)

9 *#147# (vodafone) this lets you know who called you last *#1471# Last call (Only vodofone)

10 *#21# Allows you to check the number that "All Calls" are diverted To 

11 *#2640# Displays security code in use


12 *#30# Lets you see the private number

13 *#43# Allows you to check the "Call Waiting" status of your phone.

14 *#61# Allows you to check the number that "On No Reply" calls are diverted to

15 *#62# Allows you to check the number that "Divert If Unrea chable(no service)" calls are diverted to

16 *#67# Allows you to check the number that "On Busy Calls" are diverted to

17 *#67705646#R emoves operator logo on 3310 & 3330

18 *#73# Reset phone timers and game scores

19 *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature "SIM Clock Stop Allowed", it
means you will get the best standby time possible

20 *#7760# Manufactures code

21 *#7780# Restore factory settings

22 *#8110# Software version for the nokia 8110

23 *#92702689# (to rember *#WAR0ANTY#)

Displays -
1.Serial Number,
2.Date Made
3.Purchase Date,
4.Date of last repair (0000 for no repairs),
5.Transfer User Data.
To exit this mode -you need to switch your phone off then on again

24 *#94870345123456789# Deactivate the PWM-Mem

25 **21*number# Turn on "All Calls" diverting to the phone number entered

26 **61*number# Turn on "No Reply" diverting to the phone number entered

27 **67*number# Turn on "On Busy" diverting to the phone number entered

Each command is prefixed with either one or two * or # characters as follows:
** Register and Activate
* Activate
## De-Register (and Deactivate)
# Deactivate
*# Check Status
© Call button



Once each command has been entered, if it is a network command (as opposed to a local handset command) it must be transmitted to the network by pressing the YES (receiver) key which acts as an enter key - this is represented here with the © character. Always enter numbers in full international format +CountryAreaNumber ( e.g. +447712345678).

Command Description Command String
Security
Change call barring code **03*OldCode*NewCode*NewCode#©
Change call barring code **03*330*OldCode*NewCode*NewCode#©
Change PIN code **04*OldPIN*NewPIN*NewPIN#©
Change PIN2 code **042*OldPIN2*NewPIN2*NewPIN2#©
Unlock PIN code (when PIN is entered wrong 3 times) **05*PUK*NewPIN*NewPIN#©
Unlock PIN2 code (when PIN2 is entered wrong 3 times) **052*PUK2*NewPIN2*NewPIN2#©
Display IMEI *#06#
Call Forwarding (Diversions)
De-register all call diversions ##002#©
Set all configured call diversions to number and activate **004*number#©
De-register all configured call diversions (no answer, not reachable, busy) ##004#©
Unconditionally divert all calls to number and activate **21*number#©
Activate unconditionally divert all calls *21#©
De-register unconditionally divert all calls ##21#©
Deactivate unconditionally divert all calls #21#©
Check status of unconditionally divert all calls *#21#©
Divert on no answer to number and activate **61*number#©
Activate divert on no answer *61#©
De-register divert on no answer ##61#©
Deactivate divert on no answer #61#©
Check status of divert on no answer *#61#©
Divert on not reachable to number and activate **62*number#©
Activate divert on not reachable *62#©
De-register divert on not reachable ##62#©
Deactivate divert on not reachable #62#©
Check status of divert on not reachable *#62#©
Divert on busy to number and activate /td> **67*number#©<
Activate divert on busy *67#©
De-register divert on busy ##67#©
Deactivate divert on busy #67#©
Check status of divert on busy *#67#©
Change number of seconds of ringing for the given service before diverting a call (such as on no answer). Seconds must be a value from 5 to 30. De-registering the same divert will also delete this change! **service*number**seconds#© (Service numbers, see below)
Call barring
Activate barr all outgoing calls (see Security to set code) **33*code#©
Deactivate barr all outgoing calls #33*code#©
Check status of barr all outgoing calls *#33#©
Activate barr all calls **330*code#©
Deactivate barr all calls #330*code#©
Check status of barr all calls /td> *#330*code#©<
Activate barr all outgoing international calls **331*code#©
Deactivate barr all outgoing international calls #331*code#©
Check status of barr all outgoing international calls *#331#©
Activate barr all outgoing international calls except to home country **332*code#©
Deactivate barr all outgoing international calls except to home country #332*code#©
Check status of barr all outgoing international calls except to home country *#332#©
Activate barr all outgoing calls **333*code#©
Deactivate barr all outgoing calls #333*code#©
Check status of barr all outgoing calls *#333#©
Activate barr all incoming calls **35*code#©
Deactivate barr all incoming calls #35*code#©
Check status of barr all incoming calls *#35#©
Activate barr all incoming calls when roaming **351*code#©
Deactivate barr all incoming calls when roaming #351*code#©
Check status of barr all incoming calls when roaming *#351#©
Activate barr all incoming calls **353*code#©
Deactivate barr all incoming calls #353*code#©
Check status of barr all incoming calls *#353#©
Call waiting
Activate call waiting *43*#©
Deactivate call waiting #43##©
Check status of call waiting *#43#©
Calling Line Identification
The following only works if CLIP and CLIR are enabled (ask your service provider)
CLIP: Presentation of the number of the incoming call
Activate CLIP **30#©
Deactivate CLIP ##30#©
Check status of CLIP *#30#©
CLIR: Presentation of one's own number to the to the called party
Activate CLIR **31#©
Activate CLIR for the actual call *31#number©
Deactivate CLIR ##31#©
Deactivate CLIR for the actual call #31#number©
Check status of CLIR *#31#©
COLP: Presentation of the actual number reached (if number called was diverted to another number
Activate COLP *76#©
Deactivate COLP #76#©
Check status of COLP *#76#©
COLR: Presentation of the original number called by the calling party (if the call was diverted to this cellphone)
Activate COLR *77#©
Deactivate COLR #77#©
Check status of COLR *#77#©

Read more »

Remove the mask of passwords in any browser

If we use autofill settings there is a chance to forgot the password , your browser will always block the password box from passersby seeing it by using asterisks. To remove the mask and reveal your password, you just need to do a few things.

Follow the steps:

1. Right-click the password box and select "Inspect Element."This brings up the developer console

2.. On the line that starts with "input type=password" 

3. Right click and select Edit HTML

4. change the word "password" to "text" ( type="password"  to type="text")

http://w2s.us/xghrg3

Read more »

Check your Android Device is vulnerable ? How to Make it Secure

Now we heard that a serious security vulnerability was recently discovered that could wipe everything off of some Samsung phones. Although Samsung issued a patch for the Galaxy S III, it turns out it's not just Samsung devices that are affected. Here's how to find out if your Android device is vulnerable.

 Essentially, some phones support special dial codes called USSDs (e.g., dialing *#06# to display the phone's IMEI number). Through malicious links in a website, SMS, NFC beam or QR code, hackers can perform a factory reset on your phone, lock the SIM card, and more—without warning.





Steps to find the your Android device is vulnerable , and make it  secure by using an patch

1 . Go to the link  http://dylanreeve.com/phone.php on your phones browser
2.If your phone is vulnerable , you'll immediately see your phone's IMEI number pop up.

If you are vulnerable, you should look for the latest updates for your device.Usually you can go to Settings > About Phone > System Update to check for available updates 

Some browsers (most notably Opera) appear to offer some security by not handling the iframe injection code immediately.

Two apps have also been developed to protect against the vulnerability: Auto-reset blocker andTelStop.

Finally, as always, avoid clicking on any unknown links.

Read more »

FREE ANTIVIRUS SOFTWARES FOR ANDROID SMARTPHONES

DOWNLOAD IT FREE OF COST AND MAKE SECURE OF YOUR ANDROID SMARTPHONES

McAfee Antivirus & Security

avast! Mobile Security

Norton Antivirus & Security

NQ Mobile Security & Antivirus

AVG Antivirus Free

Lookout Security & Antivirus

Dr.Web Anti-virus

Sophos Security & Anti-Virus

Zoner AntiVirus Free

Webroot Security & Antivirus

Antivirus & Mobile Security

APK Anti-Virus Bodyguard

MYAndroid Protection Antivirus

Antivirus for Android

EICAR Anti-virus Test

Security & Antivirus Premier

Snap Secure + Mobile Antivirus

G Data AntiVirus Free

AegisLab Antivirus Free

Kaspersky Mobile Security

MT Antivirus

Web Antivirus

Mobile Security Personal Ed.

VIRUSfighter Android FREE

Read more »

Ten facts about the London Olympics Making Technology fit

1. Over 4 billion of us are expected to tune in to watch our favourite athletes perform on TV – over two thirds of the world's population
2. The Technology Operations Centre unveiled this week is the technology ‘Mission Control’ for London 2012 – it oversees the results, IT security, power and telecommunications for all 94 Olympic venues.
3. The Technology Operations Centre will be staffed by 450 people working 24/7 under one roof to keep all 94 Olympic competition and non-competition venues running smoothly.

4. 200,000 hours - or 23.5 years’ - worth of testing will be carried out on the IT systems before the games start, to simulate and prepare for every possible scenario. To put that in perspective, that’s the equivalent of 8,333 days’ work.
5. For the first time ever, commentators will have touch-screen Commentator Information System technology for every single Olympic Games sports - delivering real-time results high speed. Ten more sports have been added to the system compared to Beijing 2008. London 2012 will also be the first Summer Paralympic Games to use this Commentator Information System, with five sports added to the system

6. If the British summer is playing up, we could take a tip from the Chinese – who shot weather rockets into the sky to stop rain clouds soaking the audience and spoiling the party at the Opening Ceremony!
7. London 2012 will be a greener, more sustainable Olympic Games. A special plant will supply electricity, heat and chilled water to the London 2012 Olympic Park using technology which produces 33 % lower CO2 emissions than from the electricity grid.
8. The Technology Operations Centre at London 2012 will also be able to process 30 % more results data than Beijing 2008 to meet the rapidly increasing demands of fans for information anytime and everywhere.
9. You can leave the cash at home! London 2012 offers people the chance to attend without cash but still pay, by using ‘contactless’ cards which will be swiped over a reader like an Oyster card to make payments. More than 5,000 retailers so far have signed up
10. With 8.5 billion PCs, smart phones and tablets predicted to be connected to the internet by 2012, the London games are set to be the biggest ever online.

Read more »

InSecure ANDROID Smartphones

SharkLaser writes

"Fake antivirus scams have plagued Windows and Mac OS X during the last couple of years. Now it seems like such scams have spread to Android. Fake antivirus scams on Android work the same as they do on PC's — a user with an Android phone downloads an application or visits a website that says that the user's device is infected with malware. It will then show a fake scan of the system and return hard-coded 'positives' and gives the option the option to buy antivirus software that will 'remove' the malware on the affected system. Android, which is based on Linux, has been plagued with malware earlier too. According to McAfee, almost all new mobile malware now targets Android. Android app stores, including the official one from Google, has also been hosting hundreds of trojan applications that send premium rate SMSes on behalf of unsuspecting users.



Early on in development, the core Android development team recognized that a robust security model was required to enable a vigorous ecosystem of applications and devices built on and around the Android platform and supported by cloud services. As a result, through its entire development lifecycle, Android has been subjected to a professional security program. The Android team has had the opportunity to observe how other mobile, desktop, and server platforms prevented and reacted to security issues and built a security program to address weak points observed in other offerings.
The key components of the Android Security Program include:

• Design Review: The Android security process begins early in the development lifecycle with the creation of a rich and configurable security model and design. Each major feature of the platform is reviewed by engineering and security resources, with appropriate security controls integrated into the architecture of the system.
• Penetration Testing and Code Review: During the development of the platform, Android-created and open-source components are subject to vigorous security reviews. These reviews are performed by the Android Security Team, Google’s Information Security Engineering team, and independent security consultants. The goal of these reviews is to identify weaknesses and possible vulnerabilities well before the platform is open-sourced, and to simulate the types of analysis that will be performed by external security experts upon release.
• Open Source and Community Review: The Android Open Source Project enables broad security review by any interested party. Android also uses open source technologies that have undergone significant external security review, such as the Linux kernel. Google Play provides a forum for users and companies to provide information about specific applications directly to users.
• Incident Response: Even with all of these precautions, security issues may occur after shipping, which is why the Android project has created a comprehensive security response process. A full-time Android security team constantly monitors Android-specific and the general security community for discussion of potential vulnerabilities. Upon the discovery of legitimate issues, the Android team has a response process that enables the rapid mitigation of vulnerabilities to ensure that potential risk to all Android users is minimized. These cloud-supported responses can include updating the Android platform (over-the-air updates), removing applications from Google Play, and removing applications from devices in the field.
  
  
  
  

  How Users Understand Third-Party Applications

  Android strives to make it clear to users when they are interacting with third-party applications and inform the user of the capabilities those applications have. Prior to installation of any application, the user is shown a clear message about the different permissions the application is requesting. After install, the user is not prompted again to confirm any permissions.
  There are many reasons to show permissions immediately prior to installation time. This is when user is actively reviewing information about the application, developer, and functionality to determine whether it matches their needs and expectations. It is also important that they have not yet established a mental or financial commitment to the app, and can easily compare the application to other alternative applications.
  Some other platforms use a different approach to user notification, requesting permission at the start of each session or while applications are in use. The vision of Android is to have users switching seamlessly between applications at will. Providing confirmations each time would slow down the user and prevent Android from delivering a great user experience. Having the user review permissions at install time gives the user the option to not install the application if they feel uncomfortable.
  Also, many user interface studies have shown that over-prompting the user causes the user to start saying "OK" to any dialog that is shown. One of Android's security goals is to effectively convey important security information to the user, which cannot be done using dialogs that the user will be trained to ignore. By presenting the important information once, and only when it is important, the user is more likely to think about what they are agreeing to.
  
  Some platforms choose not to show any information at all about application functionality. That approach prevents users from easily understanding and discussing application capabilities. While it is not possible for all users to always make fully informed decisions, the Android permissions model makes information about applications easily accessible to a wide range of users. For example, unexpected permissions requests can prompt more sophisticated users to ask critical questions about application functionality and share their concerns in places such as Google Play where they are visible to all users.
  

Read more »

ElcomSoft:one-touch WiFi cracking system

It's been a few years since we checked in with Elcomsoft's Wireless Security Auditor WiFi cracking software. As you'd expect, things have become easier, much easier. Elcomsoft now has an all-in-one solution that will locate wireless networks, intercept data packets, and crack WAP/WPA2 PSK passwords from any modern laptop with a discrete ATI AMD or NVIDIA graphics card. Here's the quote IT nerds will surely we love:

Today, ElcomSoft is integrating a wireless sniffer into Elcomsoft Wireless Security Auditor. The integrated sniffer turns Elcomsoft Wireless Security Auditor into a one-button, all-in-one solution ready to be used by corporate security officers without specific experience in information security.

Call us crazy, but if you're a C-level security officer with no specific information security experience then maybe you shouldn't be sniffing people's data packets. Then again, we're sure ElcomSoft will happily sell their $1,199 pro software or $399 standard edition to any hacker willing to pay, white hat or not.


ElcomSoft Releases an All-in-One Wi-Fi Cracking Solution


MOSCOW, September 23, 2010 -- ElcomSoft Co. Ltd. upgrades Wireless Security Auditor, a wireless key recovery solution for Wi-Fi networks, to being a true all-in-one wireless cracking solution. Elcomsoft Wireless Security Auditor can automatically locate wireless networks, intercept data packets, and crack WPA/WPA2 PSK passwords. Adding the support of AirPCap family Wi-Fi adapters, ElcomSoft Wi-Fi password recovery tool turns any modern laptop with discrete graphics into a mobile wireless security audit system, and provides mobile forensic and law enforcement units with access to protected wireless networks.

Background

The original version of Elcomsoft Wireless Security Auditor enabled network administrators to perform timed attacks on their wireless networks in order to determine how secure exactly their networks were. In order to operate, it required ready-made dumps or wireless traffic. The dumps could be made with a third-party "sniffer" running under Linux or Windows. The requirement to use a third-party product limited the capabilities and ease of use of Elcomsoft Wireless Security Auditor.

Integrated Wi-Fi Sniffer

Today, ElcomSoft is integrating a wireless sniffer into Elcomsoft Wireless Security Auditor. The integrated sniffer turns Elcomsoft Wireless Security Auditor into a one-button, all-in-one solution ready to be used by corporate security officers without specific experience in information security.

The integrated sniffer is utterly convenient. Displaying all available wireless networks complete with channel numbers, MAC-addresses, SSID, speed, load and encryption parameters, the sniffer connects to a selected Wi-Fi network, and logs wireless traffic complete with "handshake" packets required to starts the password recovery attack.

Laptop-Based Wireless Security Audit

The new built-in sniffer requires the use of a dedicated Wi-Fi adapter, and supports AirPcap family of hot-pluggable wireless USB adapters. By supporting AirPcap wireless USB adapters and including the new sniffer in the package, ElcomSoft makes it possible to turn any modern laptop (*) into a high-end wireless security audit system.

(*) Laptops with ATI or NVIDIA discrete graphics are recommended to enable ElcomSoft GPU acceleration.

About Elcomsoft Wireless Security Auditor

Elcomsoft Wireless Security Auditor helps system administrators and corporate security officers to audit wireless network security. The suite attempts to recover the original plain-text password protecting Wi-Fi communications via WPA/WPA2 PSK protocols for a certain time period, ensuring or disclaiming network resistibility against the most advanced attacks.

Considering the increased security requirements found in WPA/WPA2 protected networks, Elcomsoft Wireless Security Auditor employs the highest-performance dictionary-attack with advanced mutations to allow carrying out a password audit within a limited timeframe.

The wireless cracking tool employs ElcomSoft GPU acceleration technologies, using the massively parallel GPU units of modern ATI and NVIDIA graphic accelerators to perform computational-intensive calculations. By employing GPU acceleration, Elcomsoft Wireless Security Auditor becomes one of the fastest and most cost-efficient Wi-Fi password recovery and wireless security audit tools on the market.

About AirPcap Product Family

Manufactured by CACE Technologies Inc., the AirPcap family of hot-pluggable wireless USB adapters is the first open, affordable and easy-to-deploy Windows-based packet capture solution for Wi-Fi networks. Supporting 802.11 a/b/g/n protocols, AirPcap captures full 802.11 data complete with management and control frames. The use of an AirPcap adapter provides developers with wireless traffic collection and in-depth analysis capabilities.

About ElcomSoft Co. Ltd.

Founded in 1990, ElcomSoft Co. Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, ElcomSoft has been providing support to businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. ElcomSoft and its officers are members of the Russian Cryptology Association. ElcomSoft is a Microsoft Certified Partner and an Intel Software Partner.

Elcomsoft Wireless Security Auditor supports Windows NT4, 2000, XP, Vista, and Windows 7, as well as Windows 2003 and 2008 Server. Elcomsoft Wireless Security Auditor Pro is available to North American customers for $1199. The Standard edition is available for $399. Local pricing varies. For more information visit http://www.elcomsoft.com/ewsa.html

AirPcap is a copyright of CACE Technologies Inc.

ElcomSoft Co. Ltd.

http://www.elcomsoft.com/

SOURCE Elcomsoft Co.Ltd.

Read more »

To Learn How To Hack Like A Pro

Whether you’re a college student, a middle-aged networking guru or a wife and mother fascinated by the world of online games – everyone occasionally comes across a situation where some form of hacking would make life a whole lot easier.

Maybe you’ve lost the license that came with your legitimate software package that you paid for. Maybe you want to make a backup copy of your favorite DVD movie, but there’s copy-protection encoded onto the disk. Or maybe you’re just stuck on a popular online game and you want to know if there are any hacks available to level up in the game without the required effort.

Whatever your specific needs or situation – I’m not here to judge. In the field of computers and Internet technologies, just about everything is written in one programming language or another. No programmer is perfect – they all make mistakes. There are back doors, secret codes and vulnerabilities in just about any application you come across. Because of that, if you learn how to hack on your own, or just following the efforts of active hacking communities can provide you with tremendous eye-opening insight into the inner-workings of even your most “trusted” software applications.

Where You Can Go To Learn How To Hack Like a Pro

One thing that’s obvious when you visit the websites where professional hackers hang out – there’s so much about programming that even the most seasoned professional programmers don’t know. Professional hackers are an exceptional, amazing and terrible breed of individuals all packaged into one. While I write this, I realize that I am also describing over half of our readership – you know who you are! These folks take programming to an extreme that’s simply astounding when you see it in action.

While many of us write applications using all of the standard techniques that you learn in programming classes in college, these folks take programming into a realm where there are no rules. They can test all aspects of an application until they find a chink in the armor, and then exploit those vulnerabilities.

As we explore the world of hacking, it should be noted that there are two major forms of hacking – we’ll call it “white hat” and “black hat.” The “white hat” hackers call themselves “ethical hackers,” in that they find vulnerabilities and exploits only to make the programming and application communities more secure for everyone. However, there’s a whole othercommunity of hackers who find vulnerabilities to do nothing more than exploit them as much as humanly possible. Now that you know what sort of community you may be entering, let’s get on with the list of top sites where you can learn how to hack.

#1 – CyberXtreme: Hacking and Warez

CyberXtreme is an impressive forum with a significant hacking section, but also entire sections on technology, graphics and even a tech support area. Here you’ll find cracks, secret codes, free download packages (some containing cracked software which may be illegal to download in your area, so be careful). The forum is very protective of its content, so you’ll have to register with a valid email address before you can even get a glimpse of the content that’s on the forums.

#2 – EvilZone Hacking Forums

While the name, EvilZone, isn’t exactly the most inviting – it is easily one of the largest forum communities that you’ll find on the subject of hacking. With over 6,500 members and over 100,000 posts (and counting), this community likely has the skills and knowledge to answer any programming question you could possibly have. Just be careful about coming across as a “noob” – these guys don’t handle newcomers with kid gloves, so be careful.

#3 – Hack a Day

While I certainly don’t want to offer a nod to any blogs that may be considered competition, you really have to give credit where credit is due when it comes to a particular niche like hacking – and Hack a Day definitely offers an amazing library of information for anyone looking for specific categories like cellphones, GPS or digital cameras. You’ll find all hacks organized by category in the right column.

#4 – Hack In The Box

If any site could be classified as the most comprehensive site to learn how to hack, this would be it. Hack In The Box is more about security and ethical hacking than anything else – and that’s more than obvious reviewing the classes and conferences listed on the main page.

#5 – Hack This Site!

As always, saving the best for last – I’d like to introduce Hack This Site! This website is one of the coolest, free programmer training sites where you can learn how to hack accepting one of the challenges.

Read more »