Ravinder Zangra

I am an Ethical Hacker




ABOUT ME

Ravinder Zangra

Ravinder zangra is a self proclaimed Ethical Hacker ,a Cyber Security Expert and a Web Developer . Being an IT professional specializing in Cyber Security, His experience and expertise in Information Security has earned him several milestones in his career till now.

  • Faridabad, India.
  • +917838628684
  • mail@ravinderzangra.in
  • www.ravinderzangra.in
Me

My Professional Skills

Web Development 90%
Ethical Hacking 80%
Planning 75%
SEO 60%

Achievements

Member of UG community

Founder of Hashmode

Created 70+ unique designs

14+ Websites launched

Director at Appuxey Technologies

100+ Handshakes

0
completed project
0
Social tags
0
facebook followers
0
instagram followers

Portfolio

  • Top 5 Free Tools For Scanning Your Website Against Malware


    • Comodo’s Web Inspector

    Comodo utilizes its sophisticated Web Inspector tool to scan your site for the various types of malware and other threats. Though available free, the tool perfectly justifies its name as it is loaded with the in-depth capabilities to inspect various present and possible vulnerabilities that can put your website at risk.

    Web Inspector not only guarantees accurate online scanning for various types of malware but also furnishes the comprehensive report on phishing worms and other threats. That’s not all. Taking its capabilities further the tool also allows you to remove the malware and repair the hacked website by using malware removal and hacking repair features of the tool.

    Various types of threats that you can scan with the help of a web inspector include Malware downloads, blacklisting, Worms, phishing, Trojans, and Heuristic Viruses.

    • Quttera

    If you need an end to end scanning for your CMS based website then Quttera could be the ideal choice for you. It is fully capable of offering the uniform meticulous performance on a number of popular as well as new CMS platforms. If your site has already been targeted by the malware then too this tool can help your site by using its disinfectant capabilities.

    One more USP of the tool is that it also helps you with its detailed report including the comprehensive list of elements. It includes but not limited to:
    Malicious files details
    Identified external links
    Clean file details
    Blacklisting reporting
    Suspicious files.
    Quterra works on a number of CMS like Joomla, WordPress, Drupal, SharePoint, and Bulletin.

    • Sucuri

    Sucuri is another major name in the list that offers extensive malware scanning and removal facilities to the website owners without charging them. It is the premium quality of its malware features that make it a strong contender on this list. Whether you are running an e-commerce site on Magento or own a Wordpress blog, the Sucuri can be the best option for you to perform a free malware scanning test without compromising on the quality. After a thorough scanning, the Sucuri releases a detailed yet simple to understand report that includes injected spam reports, defacement's (change in the website’s external features), Malware presence etc.

    • MalCare

    If you are looking for a free yet reliable tool that can scan your website and offer an excellent, multifaceted scanning evaluating the diverse aspects of your site, then MalCare can be the best option for you. The tool’s capability can be estimated by the fact that as many as 20,000+ sites rely on MalCare to detect and uproot the malware. It is also loaded with required stamina to clean up the infected site with just a single click. To be precise as many as 100 different signals are used to detect various types of malware with varying degrees of complexity.

    • Siteguarding

    Siteguarding not only guards your site against any present or possible threats but also helps you scan various types of domain malware and website blacklisting instances. The tools work equally fine for various types of platforms including the popular CMS as Wordpress and Drupal. The premium features and capabilities of site guarding tools allow it to offer expert scanning and removal services.

    The tool is loaded with advanced qualities to scan your website for the presence and possibility of domain malware, blacklisting incidence or website defacement. Along with alarming you about the presence of harmful malware on your site the tool also empowers you with efficient and sharp features for eradicating the same. The tool’s capabilities are further multiplied by the high-grade site antivirus and a competent website firewall that safeguard your site against any possible intrusion in the future. The tool allows you to perform deep scanning of each page of your website and offers individual security solutions for the same. Thus we can say that it is the best solution for the websites that are looking for tailor-made security solutions for different pages of their site. The tool outpaces its closest competitors on several key aspects, for example, its smart features allow the tool to identify the new threats, vulnerabilities, and potential malware and immediately release a competent antivirus for the new threats and worms thanks to its dynamic capabilities.

  • LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files



    A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways.

    According to Trustwave SpiderLabs, that first spotted the .PNG/LokiBot messages, the spam campaigns delivering the trojan have been limited in scope, so far. “This represents an extension to the existing ways LokiBot is delivered via email,” said Phil Hay, senior research manager at Trustwave.

    LokiBot is a prolific trojan designed to covertly siphon information from compromised endpoints. The malware is known for being simple and effective and for its adoption of diverse attachment types. The malware is a commodity in underground markets, with versions selling for as little as $300.



    Trustwave researchers said the spam message delivering the payload LokiBot has three distinct characteristics. First, the attachment used in the spam campaign has a .zipx extension, meaning it is a compressed archive. These types of compressed files are notorious for harboring malware and are flagged by email security gateways as dangerous.

    In an attempt to avoid detection, hackers behind the malspam trick email security gateway scanners by obfuscating the archive, using the file signature of a .PNG (portable network graphics) format. Attackers use the .PNG file structure, complete with a .PNG “header” and “IEND”. That way when the malicious file (RFQ -5600005870.zipx) is scanned it is identified as a .PNG image, even though it has a .zipx extension. The actual archive code – harboring LokiBot – is appended to the end of the .PNG file signature.
    Click Attachment Launch LokiBot


    As slick as the obfuscation is, getting infected takes effort.

    To get infected a victim must first click on the message attachment (RFQ -5600005870.zipx). Doing so might, or might not, launch the right archive decompressor application – depending on client side applications installed on targeted computers. According to researchers, the WinRAR utility is one of the only file decompressing utilities that reliably open and decompress this .zipx archive. Other utilities, such as 7-Zip and WinZip, fail to open the specific file – likely because of the extraneous data packed inside the file signature.

    Now, after the 500 KB .zipx archive is extracted by WinRAR to a 13.5 MB payload, the user must double-click the unpacked RFQ -5600005870.exe file.

    “This first stage function [of the .exe] is to decrypt the main payload into the memory and execute it using a common technique called Process Hollowing, where a new process is created in a suspended state, its memory is unmapped and the malicious code replaces it,” researchers wrote.

    Post-Exploitation

    The Lokibot command-and-control tools are written in the PHP (Hypertext Preprocessor) programing language and almost always uses the file name “fre.php”, researchers said. “So, fre.php could be blocked at the gateway,” they said. The bot control panel source has been leaked to GitHub and uses the same fre.php file name, they added.

    Trustwave said the malspam samples it found were blocked at its email gateway. “Two of the multiple layers had detected it as either spam or potentially malicious. But I can’t speak for other gateways,” Hay said.

    “The wider point is that, because it is hidden in a real PNG file, it may not be recognized as a Zip archive, and therefore gateways may simply ignore it,” according to researchers.

  • Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely


    Beware! If you are using UC Browser on your smartphones, you should consider uninstalling it immediately.

    Why? Because the China-made UC Browser contains a "questionable" ability that could be exploited by remote attackers to automatically download and execute code on your Android devices.

    Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than 500 million users worldwide.

    According to a new report published today by Dr. Web firm, since at least 2016, UC Browser for Android has a "hidden" feature that allows the company to anytime download new libraries and modules from its servers and install them on users' mobile devices.

    Pushing Malicious UC Browser Plug-ins Using MiTM Attack


    What's worrisome? It turns out that the reported feature downloads new plugins from the company server over insecure HTTP protocol instead of encrypted HTTPS protocol, thus allowing remote attackers to perform man-in-the-middle (MiTM) attacks and push malicious modules to targeted devices.



    "Since UC Browser works with unsigned plug-ins, it will launch malicious modules without any verification," the researchers say.

    "Thus, to perform an MITM attack, cybercriminals will only need to hook the server response from http://puds.ucweb.com/upgrade/index.xhtml?dataver=pb, replace the link to the downloadable plug-in and the values of attributes to be verified, i.e., MD5 of the archive, its size, and the plug-in size. As a result, the browser will access a malicious server to download and launch a Trojan module."


    In a PoC video shared by Dr. Web, researchers demonstrated how they were able to replace a plugin to view PDF documents with a malicious code using an MiTM attack, forcing the UC Browser into compiling a new text message, instead of opening the file.


    "Thus, MITM attacks can help cybercriminals use UC Browser to spread malicious plug-ins that perform a wide variety of actions," researchers explain.

    "For example, they can display phishing messages to steal usernames, passwords, bank card details, and other personal data. Additionally, trojan modules will be able to access protected browser files and steal passwords stored in the program directory."


    UC Browser Violates Google Play Store Policies
    Since the ability allows UCWeb to download and execute arbitrary code on users’ devices without reinstalling a full new version of UC Browser app, it also violates the Play Store policy by bypassing Google servers.


    "This violates Google's rules for software distributed in its app store. The current policy states that applications downloaded from Google Play cannot change their own code or download any software components from third-party sources," the researchers say.

    "These rules were applied to prevent the distribution of modular trojans that download and launch malicious plugins."
    This dangerous feature has been found in both UC Browser as well as UC Browser Mini, with all version affected including the latest version of the browsers released to this date.

    Dr. Web responsibly reported their findings to the developer of both UC Browser and UC Browser Mini, but they refused even to provide a comment on the matter. It then reported the issue to Google.

    At the time of writing, UC Browser and UC Browser Mini are "still available and can download new components, bypassing Google Play servers," researchers say.

    Such a feature can be abused in supply chain attack scenarios where company's server get compromised, allowing attackers to push malicious updates to a large number of users at once—just like we recently saw in ASUS supply chain attack that compromised over 1 million computers.

    So, users are left with just one choice to make... get rid of it until the company patches the issue.

    Update: A spokesperson for UCWeb provides The Hacker News a statement saying, "As per concerns raised by Dr Web, UC has updated the UC Browser app on Google Play. UC is an International company and stands by its commitment to create a product that helps millions of users access benefits of mobile internet."


    Source:TheHackerNews

  • Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs



    EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately stop using its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices.

    That's because both web browser apps created by Xiaomi are vulnerable to a critical vulnerability which has not yet been patched even after being privately reported to the company, a researcher told The Hacker News.

    The vulnerability, identified as CVE-2019-10875 and discovered by security researcher Arif Khan, is a browser address bar spoofing issue that originates because of a logical flaw in the browser's interface, allowing a malicious website to control URLs displayed in the address bar.

    According to the advisory, affected browsers are not properly handling the "q" query parameter in the URLs, thus fail to display the portion of an https URL before the ?q= substring in the address bar.


    Since the address bar of a web browser is the most reliable and essential security indicator, the flaw can be used to easily trick Xiaomi users into thinking they are visiting a trusted website when actually being served with a phishing or malicious content, as shown in the video demonstration below.

    The phishing attacks today are more sophisticated and increasingly more difficult to spot, and this URL spoofing vulnerability takes it to another level, allowing one to bypass basic indicators like URL and SSL, which are the first things a user checks to determine if a site is fake.

    "Android users are highly advised to use modern web browsers that are not affected by this vulnerability, such as Chrome or Firefox." 
    Source:TheHackerNews

  • The Best 5 IT Certifications to Pursue a Career in Cyber Security

    As the IT sector is booming, cyber threats are also increasing in numbers. The demand of cyber security professionals has increased with the rise in cyber-attacks. Companies are looking for individuals with abilities to block known cyber-attacks and mitigate zero day vulnerabilities. Certifications are one way to prove the skills required in the highly challenging cyber security field. Organizations like EC-Council, ISACA, (ISC)2, GIAC, CompTIA, and SANS offer a variety of cyber-security certifications that can lead individuals to a dream cyber-security job. Following are some of the top level cyber-security certifications that one must consider while pursuing career in cyber-security field.

    • Certified Ethical Hacker (CEH)


    CEH is a vendor neutral certification offered by EC-Council. The certification suits mostly to the individuals who want to build a career in the penetration testing field. CEH certification requires decent network security knowledge to pass the CEH exam. The certification covers more than 270 attacks technologies. An individual must have at least two years of working experience in the information security related field to take the CEH exam. CEH (Practical) is an alternate certification option for those who can’t take CEH certification exam because of no prior working experience in the field.

    • Licensed Penetration Tester (Master) | LPT (Master)


    LPT (Master) is another EC-Council’s certification designed for experienced cyber-security engineers, consultants, and penetration testers with vast knowledge of cyber-security concepts. Individuals having Certified Ethical Hacker (CEH) and EC-Council Certified Security Analyst (ECSA) program knowledge can take the LPT (Master) exam. Only individuals with deep cyber-security knowledge and expertise in ethical hacking lifecycle are considered the best candidates for LPT (Master) certification exam.

    • Certified Information Security Manager (CISM)


    CISM certification is offered by Information Systems Audit and Control Association (ISACA). The certification is designed for the experienced individuals managing enterprise level applications and developing information security systems. Professionals with at least five years of working experience in the information security field are eligible to take the CISM exam.

    • Certified Information Systems Security Professional (CISSP)


    CISSP certification is offered by Information Systems Security Certification Consortium (ISC)2. This certification is designed for the IT professionals (decision makers) who want to prove their experience and expertise in managing and developing organizational level standards, procedures, and policies. Individuals having minimum of five years working experience in at least two Common Body of Knowledge (CBK) domains is eligible for the CISSP certification. (ISC)2 has eight CBK domains namely Security and Risk Management, Identity and Access Management, Asset Security, Software Development Security, Security Assessment and Testing, Communications and Network Security, Security Architecture and Engineering, and Security Operations. Professionals having four years of working experience with a college degree or proven credentials are also eligible for the CISSP exam.

    • GIAC Security Essentials (GSEC)


    GSEC is an entry level certification offered by Global Information Assurance Certification (GIAC) entity. GSEC certification is designed for individuals who possess information security knowledge as well as technical expertise to handle the basic security tasks. GSEC certification proves the knowledge and skills of the certification holders in various cyber-security disciplines including access control and password management, active defense, contingency plan, cryptography, incidents security and response, IT risk management, Windows security, Linux security, network security, networking and protocols, security policies, threat hunting, and wireless network security. There is no prerequisite to take the GSEC exam.

  • Get the Ultimate 2018 Hacker Bundle – Pay What You Want

    Due to the growing number of threats in the computer world, ethical hackers have become the most important player for not only governments but also private companies and IT firms in order to safeguard their systems and networks from hackers trying to infiltrate them.

    By 2020, employment in all information technology occupations is expected to increase by 22 percent, where demand for ethical hackers and IT security engineers will be the strongest. So, it's high time that you should start preparing yourself in the field of ethical hacking.

    Although there are many popular and best online courses available in the market, you can't learn everything from a single book or a course.

     Good news, we bring an amazing deal of this month for our readers, known as The Ultimate White Hat Hacker 2018 Bundle online hacking bundle, where you can get hacking courses for as little as you want to pay and if you beat the average price you will receive the fully upgraded hacking bundle!

    You will get at least 4 hacking courses for less than the average price you pay (as little as $1), and all 8 online courses for the average price (which is $12.11 at the time of writing).

    Here's the brief of all 8 courses which is included in this Pay What You Want deal and requires a minimum of the average price:

    1. Learn Hacking Windows 10 Using Metasploit From Scratch
    Hack Windows Like a Pro, Secure It Like an Expert, and Detect the Hacker

    This online course helps you learn how black hat hackers hack Windows using advanced techniques while improving your knowledge on how to analyze and secure Windows and combat hackers.

    2. Hack People, Systems, and Mobile Devices
    Learn Advanced Social Engineering Techniques to Crack Mobile Devices

    This course helps you learn ethical hacking techniques and methodology used in penetration systems to better protect yourself and those around you.

    3. Web Application Penetration Testing Professional: WAPTP v3.1
    Attack Web Apps with the Latest Professional Tools & Tricks

    This online course helps you build towards mapping an application for insecurities, and understanding how to identify and mitigate threats, with WAPTP v3.1 which is a highly practical and hands-on training for web application penetration testing.

    4. From Zero to Hero in Web, Network, and WiFi Hacking
    Learn Basic to Advanced Web, Network, and WiFi Hacking

     This online course helps you learn the essential elements of WiFi hacking so you can start applying them to a career in ethical hacking.

    5. Ethical Hacking Using Kali Linux From A to Z
    Discover the Power of Kali Linux, One of the Most Popular Ethical Hacking Tools

    This course introduces you to the latest ethical hacking tools and techniques with the popular Kali Linux, using a testing lab for practicing different types of attacks.

    6. Learn Website Hacking and Penetration Testing From Scratch
    Learn How to Hack Sites Like A Black Hat Hacker and How to Protect Them Like A White Hat Hacker

    This course helps you gain a complex understanding of websites, and then learn how to exploit them to carry out a number of powerful cyber attacks and test the security of websites and apps, and fix vulnerabilities.

    7. Cyber Security Volume II: Network Security
    Discuss Network Security, Firewalls, and Learn the Best Password Managers On the Market

    This course helps you learn network hacking techniques and vulnerability scanning to discover security issues and risks across an entire network, learning skills for which big companies are willing to pay top dollar.

    8. Ethical Hacking for Beginners
    Hack Your Way to a Secure and Threat-Free Environment Using Best-in-Class Tools and Technique.

    This course helps you learn ethical hacking and identify threats and vulnerabilities to secure your IT environment.

  • Facebook Password Stealing Apps Found on Android Play Store

    Even after many efforts made by Google last year, malicious apps always somehow manage to make their ways into Google app store.

    Security researchers have now discovered a new piece of malware, dubbed GhostTeam, in at least 56 applications on Google Play Store that is designed to steal Facebook login credentials and aggressively display pop-up advertisements to users.

    Discovered independently by two cybersecurity firms, Trend Micro and Avast, the malicious apps disguise as various utility (such as the flashlight, QR code scanner, and compass), performance-boosting (like file-transfer and cleaner), entertainment, lifestyle and video downloader apps.

     Like most malware apps, these Android apps themselves don’t contain any malicious code, which is why they managed to end up on Google's official Play Store.

    Once installed, it first confirms if the device is not an emulator or a virtual environment and then accordingly downloads the malware payload, which prompts the victim to approve device administrator permissions to gain persistence on the device.

  • 15-Year-Old Schoolboy Posed as CIA Chief to Hack Highly Sensitive Information

    A notorious pro-Palestinian hacking group behind a series of embarrassing hacks against United States intelligence officials and leaked the personal details of 20,000 FBI agents, 9,000 Department of Homeland Security officers, and some number of DoJ staffers in 2015.

    Believe or not, the leader of this hacking group was just 15-years-old when he used "social engineering" to impersonate CIA director and unauthorisedly access highly sensitive information from his Leicestershire home, revealed during a court hearing on Tuesday.

    Kane Gamble, now 18-year-old, the British teenager hacker targeted then CIA director John Brennan, Director of National Intelligence James Clapper, Secretary of Homeland Security Jeh Johnson, FBI deputy director Mark Giuliano, as well as other senior FBI figures.

  • Intel warns customers not to use its faulty Meltdown and Spectre patches – here’s why


    Intel is warning customers, computer makers and cloud providers to avoid installing its Spectre and Meltdown patches — designed to address two high-profile security flaws in its chips — after it found the patches were not behaving as expected.
    Intel disclosed that the patches were causing devices to reboot unexpectedly among other “unpredictable” behavior. The company has advised users to stop updating their systems until they deploy a better fix. The updates include security measures to protect devices and users against the critical Meltdown and Spectre vulnerabilities that came to light earlier this year.
    “We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior,” executive vice president Navin Shenoy said in a statement on the chipmaker’s website.
    The company said it has identified the root cause of the “reboot issue” affecting its Haswell and Broadwell processors that first popped up earlier this month, and is working towards deploying a solution that patches the exploits without causing any other unexpected issues.
    It did not name other processor families such as Ivy Bridge, Skylake, Kaby Lake and Coffee Lake in this guidance. However, they were included in a list of hardware that also exhibit “reboots and other predictable system behaviour”.
    “I apologise for any disruption this change in guidance may cause. I assure you we are working around the clock to ensure we are addressing these issues,” Shenoy said.
    In recent weeks, technology giants have scrambled to address and issue fixes for the critical Meltdown and Spectre design flaws after researchers found the critical flaws exist in Intel, ARM and AMD chips built in the past two decades. From computers and smartphones to servers and tablets, these vulnerabilities affect nearly every modern processor and device that uses these chips and could allow attackers to access almost any data stored on the device.
    Intel’s decision to pause its updates comes amid criticism from security and technical experts over tech companies’ approach to dealing with and patching Spectre and Meltdown.
    Earlier this month, Microsoft also suspended its patches for computers with AMD chips after users reported seeing the dreaded “Blue Screen of Death” and were unable to reboot their device after installing the updates.
    Over the past few weeks, Intel customers have also reported that the patches deployed have been slowing down computer performance. The company said the patches could slow down its newer chips by 6% or less, but older processors could experience a more significant slowdown.
    This week, Linux creator Linus Torvalds blasted the Meltdown and Spectre patches issued by Intel as “complete and utter garbage”.
    In a message posted to the Linux kernel mailing list on Sunday, Torvalds — who is known for his fiery rhetoric — wrote: Is Intel really planning on making this shit architectural? Has anybody talked to them and told them they are f*cking insane? Please, any Intel engineers here – talk to your managers.
    “They do literally insane things,” he continued. “They do things that do not make
    sense. That makes all your arguments questionable and suspicious. The patches do things that are not sane… So somebody isn’t telling the truth here. Somebody is pushing complete garbage for unclear reasons. Sorry for having to point that out.”

    • SAY HELLO TO ME

    EMAIL

    mail@ravinderzangra.in

    LOCATION

    Faridabad,India

    MOBILE

    7838628684

    USER

    RAVINDER ZANGRA

    Copyright © 2019 RAVINDER ZANGRA .
    All Rights Reserved.
    Powered by Hashmode
             Made With
    Copyright © 2017 Official Website of Ravinder Zangra.. Blog Templates Designed By Portfolio Blogger Template.
    Made With Benton Sans.