Henrique Schunck: maio 2020

sexta-feira, 22 de maio de 2020

Brazil's Biggest Cosmetic Brand Natura Exposes Personal Details Of Its Users

Brazil's biggest cosmetics company Natura accidentally left hundreds of gigabytes of its customers' personal and payment-related information publicly accessible online that could have been accessed by anyone without authentication. SafetyDetective researcher Anurag Sen last month discovered two unprotected Amazon-hosted servers—with 272GB and 1.3TB in size—belonging to Natura that consisted of

via The Hacker NewsMore articles

quinta-feira, 21 de maio de 2020

Ransomware.OSX.KeRanger Samples

Research: New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer by Claud Xiao

Sample credit: Claud Xiao

File information

d1ac55a4e610380f0ab239fcc1c5f5a42722e8ee1554cba8074bbae4a5f6dbe1
1d6297e2427f1d00a5b355d6d50809cb
Transmission-2.90.dmg

e3ad733cea9eba29e86610050c1a15592e6c77820927b9edeb77310975393574
56b1d956112b0b7bd3e44f20cf1f2c19
Transmission

31b6adb633cff2a0f34cefd2a218097f3a9a8176c9363cc70fe41fe02af810b9
14a4df1df622562b3bf5bc9a94e6a783
General.rtf

d7d765b1ddd235a57a2d13bd065f293a7469594c7e13ea7700e55501206a09b5
24a8f01cfdc4228b4fc9bb87fedf6eb7
Transmission2.90.dmg

ddc3dbee2a8ea9d8ed93f0843400653a89350612f2914868485476a847c6484a
3151d9a085d14508fa9f10d48afc7016
Transmission

6061a554f5997a43c91f49f8aaf40c80a3f547fc6187bee57cd5573641fcf153
861c3da2bbce6c09eda2709c8994f34c
General.rtf

Download

Download. Email me if you need the password (New link)

Related word

Group Instant Messaging: Why Blaming Developers Is Not Fair But Enhancing The Protocols Would Be Appropriate

After presenting our work at Real World Crypto 2018 [1] and seeing the enormous press coverage, we want to get two things straight: 1. Most described weaknesses are only exploitable by the malicious server or by knowing a large secret number and thereby the protocols are still very secure (what we wrote in the paper but some newspapers did not adopt) and 2. we see ways to enhance the WhatsApp protocol without breaking its features.

We are of course very happy that our research reached so many people and even though IT security and cryptography are often hard to understand for outsiders, Andy Greenberg [2], Patrick Beuth [3] and other journalists [4,5,6,7,8] wrote articles that were understandable on the one hand and very accurate and precise on the other hand. In contrast to this, we also saw some inaccurate articles [9,10] that fanned fear and greatly diverged in their description from what we wrote in our paper. We expected this from the boulevard press in Germany and therefore asked them to stick to the facts when they were contacting us. But none of the worst two articles' [9,10] authors contacted us in advance. Since our aim was never to blame any application or protocol but rather we wanted to encourage the developers to enhance the protocols, it contradicts our aim that WhatsApp and Signal are partially declared attackable by "anyone" "easily" [9,10].

Against this background, we understand Moxie's vexation about certain headlines that were on the Internet in the last days [11]. However, we believe that the ones who understand the weaknesses, comprehend that only the malicious server can detectably make use of them (in WhatsApp) or the secret group ID needs to be obtained from a member (in Signal). As such, we want to make clear that our paper does not primarily focus on the description of weaknesses but presents a new approach for analyzing and evaluating the security of group instant messaging protocols. Further we propose measures to enhance the analyzed protocols. The description of the protocols' weaknesses is only one part of the evaluation of our analysis approach and thereby of the investigation of real world protocols. This is the scientific contribution of our paper. The practical contribution of the analyzed messengers, which is the communication confidentiality for billion users (in most cases), is great and should be noted. Therefore we believe that being Signal, WhatsApp, or Threema by applying encryption to all messages and consequently risking research with negative results is much better than being a messenger that does not encrypt group messages end-to-end at all. We do not want to blame messengers that are far less secure (read Moxie's post [11] if you are interested).

Finally we want note that applying security measures according to the ticket approach (as we call it in the paper [12]) to the invitation links would solve the issues that Facebook's security head mentioned in his reply [13] on our findings. To our knowledge, adding authenticity to group update messages would not affect invitation links: If no invitation link was generated for a group, group members should only accept joining users if they were added by an authentic group update message. As soon as a group invitation link was generated, all joining users would need to be accepted as new group members with the current design. However there are plenty ways how WhatsApp could use invitation links without endowing the server with the power to manage groups without the group admins' permission:
One approach would be generating the invitation links secretly and sharing them without the knowledge of the server. An invitation link could then contain a secret ticket for the group and the ID of the group. As soon as a user, who received the link, wants to join the group, she can request the server with the group ID to obtain all current group members. The secret ticket can now be sent to all existing group members encrypted such that the legitimate join can be verified.

Of course this would require engineering but the capability of WhatsApp, shipping drastic protocol updates, can be assumed since they applied end-to-end encryption in the first place.

[1] https://www.youtube.com/watch?v=i5i38WlHfds
[2] https://www.wired.com/story/whatsapp-security-flaws-encryption-group-chats/
[3] http://www.spiegel.de/netzwelt/apps/whatsapp-gruppenchats-schwachstelle-im-verschluesselungs-protokoll-a-1187338.html
[4] http://www.sueddeutsche.de/digital/it-sicherheit-wie-fremde-sich-in-whatsapp-gruppenchats-einladen-koennen-1.3821656
[5] https://techcrunch.com/2018/01/10/security-researchers-flag-invite-bug-in-whatsapp-group-chats/
[6] http://www.telegraph.co.uk/technology/2018/01/10/whatsapp-bug-raises-questions-group-message-privacy/
[7] http://www.handelsblatt.com/technik/it-internet/verschluesselung-umgangen-forscher-finden-sicherheitsluecke-bei-whatsapp/20836518.html
[8] https://www.heise.de/security/meldung/WhatsApp-und-Signal-Forscher-beschreiben-Schwaechen-verschluesselter-Gruppenchats-3942046.html
[9] https://www.theinquirer.net/inquirer/news/3024215/whatsapp-bug-lets-anyone-easily-infiltrate-private-group-chats
[10] http://www.dailymail.co.uk/sciencetech/article-5257713/WhatsApp-security-flaw-lets-spy-private-chats.html
[11] https://news.ycombinator.com/item?id=16117487
[12] https://eprint.iacr.org/2017/713.pdf
[13] https://twitter.com/alexstamos/status/951169036947107840

Further articles:
- Matthew Green's blog post: https://blog.cryptographyengineering.com/2018/01/10/attack-of-the-week-group-messaging-in-whatsapp-and-signal/
- Schneier on Security: https://www.schneier.com/blog/archives/2018/01/whatsapp_vulner.html
- Bild: http://www.bild.de/digital/smartphone-und-tablet/whatsapp/whatsapp-sicherheitsluecke-in-gruppenchats-54452080.bild.html
- Sun: https://www.thesun.co.uk/tech/5316110/new-whatsapp-bug-how-to-stay-safe/

Related word

Pointers Part 1: The Basics

So you're eager to learn about pointers but unfortunately you got stuck because they seemed to you terrible in nature? That's not true I know, but many of the people get confused when they arrive at the topic of pointers. Well pointers are the most important tools in C programming and are the one that can make you fly (unless you don't know how to ride over them). In this article we're going to learn basics of pointers.

Pointers are the varaibles that store addresses of other variables. Easy ain't it?

So lets start with the decleration of a pointer, pointer is decreleared as:

data_type *var_name;
e,g
int *pt;

well the astrisk(*) before the variable name is the thing that makes variable a pointer. So far so good now what?
Now lets say we want to store address of a variable in our pointer variable that seems pretty complex..!

Let's do it:

int number = 100;
int *pt = &num;

Is it really complex..?
what we are doing here is that we are first declaring and initializing a integer variable (number) with value of 100 and then we declare and initialize a pointer variable (pt) with the address of number variable. Now pt (pointer variable) contains the address of number (integer varaible). So what? Now we can use this pointer variable to change the value of number variable. Is this some kind of Magic? Maybe. Lets' do it:

*pt = 200;

what we have done here is that we De-referencing the pt variable with the asterisk (*) and then assigned it the value of 200 now the number variable contains 200. Isn't it a magic? De-referencing is used for accessing the value of the variable towards which our pointer is pointing simple. So lets write a full program of what we have learned so far.

/*Pointer Basics: Creating and Using Pointers*/
#include<stdio.h>
int main(void){
int number = 100;
int *pt = &number;
printf("Value of 'number' is: %d", number);
printf("Address of 'number' is: %p", pt);
*pt = 200;
printf("New value of 'number' is: %d", number);
return 0;
}

What this whole program did was it created a integer variable and a pointer to integer variable and then printed out the value and address of the 'number' variable and after that we De-referenced the pointer variable so that we can access the value to which our pointer variable is pointing and changed the old 100 value with new 200 value and at last we printed that out. Easy isn't it?
But do you know that you can get the address of a variable even by using ampersand (&) operator? Lemme show you how. I'll declare and initialize a variable 'var' and then print it to screen using ampersand (&) operator:

int var = 10;
printf("Address of 'var' is %p\n", &var);

the last statement here will print out the address of 'var' not value so that means it is equal to this statement:

int *pt = &var;
printf("Address of 'var' is %p\n", pt);

here we first assigned the address of 'var' to pointer variable 'pt' and then printed out the address of 'var' using the pointer variable (pt).
So lets write another program that will wrap up this part of 'Pointer Basics':

/*Pointer Basics Part 1: Program 2*/
#include<stdio.h>
int main(void){
   int var = 10;
   int *pt = &var;
   printf("The Value of 'var' is: %d\n", var);
   printf("De-referencing: *pt = %d\n", *pt);
   printf("Ampersand: The Address of 'var' is %p\n", &var);
   printf("pt = %p\n", pt);
   return 0;
}

So that's the end of first part watch out for the next part in which we'll tighten our grip on pointers and get ready for some Advanced '*po(inter)-fo'.

How To Run Online Kali Linux Free And Any Devices

goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material.

What this tool does, is enumerate S3 bucket names using common patterns I have identified during my time bug hunting and pentesting. Permutations are supported on a root domain name using a custom wordlist. I highly recommend the one packaged within AltDNS.

The following information about every bucket found to exist will be returned:

List Permission
Write Permission
Region the Bucket exists in
If the bucket has all access disabled

Installation

go get -u github.com/glen-mac/goGetBucket

Usage
goGetBucket -m ~/tools/altdns/words.txt -d <domain> -o <output> -i <wordlist>

Usage of ./goGetBucket:
  -d string
        Supplied domain name (used with mutation flag)
  -f string
        Path to a testfile (default "/tmp/test.file")
  -i string
        Path to input wordlist to enumerate
  -k string
        Keyword list (used with mutation flag)
  -m string
        Path to mutation wordlist (requires domain flag)
  -o string
        Path to output file to store log
  -t int
        Number of concurrent threads (default 100)

Throughout my use of the tool, I have produced the best results when I feed in a list (-i) of subdomains for a root domain I am interested in. E.G:

www.domain.com
mail.domain.com
dev.domain.com

The test file (-f) is a file that the script will attempt to store in the bucket to test write permissions. So maybe store your contact information and a warning message if this is performed during a bounty?
The keyword list (-k) is concatenated with the root domain name (-d) and the domain without the TLD to permutate using the supplied permuation wordlist (-m).
Be sure not to increase the threads too high (-t) - as the AWS has API rate limiting that will kick in and start giving an undesired return code.

Download goGetBucket

quarta-feira, 20 de maio de 2020

WHY WE DO HACKING?

Purpose of Hacking?
. Just for fun
.Show-off
.Steal important information
.Damaging the system
.Hampering Privacy
.Money Extortion
.System Security Testing
.To break policy compliance etc

Related word

TOP 10 HACKING MOVIES YOU SHOULD WATCH

Technology and hacking gave a new horizon to the science fiction movies. As hacking is getting common and every online thing is at risk whether it's 10% or 90%, not a system is 100% secure over the internet. Every day new security holes are getting discovered. So, now most of the sci-fi movies have the tech and hack stuff to grow awareness in everybody's mind about the online privacy and risk to their information. Here I am sharing top 10 hacking movies that worth a watch.

TOP 10 HACKING MOVIES

Here I have listed top 10 hacking movies that you should watch.

1. HACKERS (1995)

In Hackers, Angelina Jolie and Jonny Lee Miller portray two youthful and hip hackers. Miller portrays a hacker who got caught as a very young child at an age of 11 years after crashing thousands of computers and has been sentenced to zero computer access until his 18th birthday.

2. LIVE FREE OR DIE HARD (2007)

Live Free or Die Hard (also known as Die Hard 4 and released as Die Hard 4.0 outside North America) is a 2007 American action film, and the fourth in the Die Hard film series depicts a scenario where a hacker played by Timothy Olyphant (of Justified fame) takes down nearly the entire U.S. infrastructure in an attempt to transfer trillions of dollars from the Federal Reserve to his account. This movie gives a complete idea of how actually these blackhat hackers operate.

3. EAGLE EYE (2008)

In this movie, two people get a call from an unknown number by a woman. They get a task on the phone that if they don't follow the phone call they would die. This movie displays supercomputer hack on all networks and military networks. This is just an amazing movie on how artificial intelligence computer hacks our real life for bad motives.

4. ALGORITHM (2014)

The film 'Algorithm' tracks the travails of Will, who is the freelance computer hacker who hacks into a top-secret government contractor agency and downloads all their recently developed programs." You can see the full movie below

5. WARGAMES (1983)

The film features David Lightman (Broderick), a young high school student hacker who accidentally hacks into a military supercomputer and starts the countdown to World War III.

6. THE MATRIX (1999)

This is one of the greatest science fiction movies. In this movie, reality, as perceived by most humans, is actually a simulated reality called "the Matrix", created by machines to subdue the human population, while their bodies' heat and electrical activity are used as an energy source.

A character named "Neo", who is a computer Hacker, learns this truth and is drawn into a rebellion against the machines, which involves other people who have been freed from the "dream world". The Matrix franchise is a trilogy movie series.

7. TAKEDOWN (2000)

This movie is based on famous computer U.S. hacker Kevin David Mitnick. Based upon the book and written by his nemesis, Tsutomu Shimomura, the story tends to glorify Shimomura. Mitnick operated in the 1980s and '90s and eventually went to prison for a couple of years. Now, he is a highly paid IT security consultant, speaker, and writer.

8. BLACKHAT (2015)

Blackhat is newly released movie by Chris Hemsworth. In this movie, hackers hack the Chinese nuclear power plant to start a nuclear reaction. Simultaneously, they also hack the stock exchange and steal millions of dollars from the bank. This movie shows how a black hat hackers threaten governments.

9. THE ITALIAN JOB (2003)

Although the MINI Coopers are really the stars of The Italian Job (a remake of the 1969 film of the same name), Seth Green plays Lyle, a hacker among a group of elite thieves, who is able to manipulate traffic signals, among other devices, that make this grand theft possible.

10. UNTRACEABLE (2008)

This film involves a serial killer who rigs contraptions that kill his victims based on the number of hits received by a website KillWithMe.com that features a live streaming video of the victim. Millions of people log on, hastening the victims' deaths.

There may be more exciting hacking movies but I found these top 10 hacking movies that you should watch for once.

You can also find out the top 5 most dangerous hackers in the real world living.

More info

terça-feira, 19 de maio de 2020

WiFiJammer: Amazing Wi-Fi Tool

The name sounds exciting but really does it jam WiFi networks? Yes, it is able to do the thing which it's name suggests. So today I'm going to show you how to annoy your friend by cutting him/her short of the WiFi service.

Requirements:

A computer/laptop with WiFi capable of monitoring (monitor mode).
A Linux OS (I'm using Arch Linux with BlackArch Repos)
And the most obvious thing wifijammer (If you're having BlackArch then you already have it).

How does it work? You maybe thinking!, it's quite simple it sends the deauth packets from the client to the AP (Access Point) after spoofing its (client's) mac-address which makes AP think that it's the connected client who wants to disconnect and Voila!

Well to jam all WiFi networks in your range its quite easy just type:

sudo wifijammer

but wait a minute this may not be a good idea. You may jam all the networks around you, is it really what you want to do? I don't think so and I guess it's illegal.

We just want to play a prank on our friend isn't it? So we want to attack just his/her AP. To do that just type:

sudo wifijammer -a <<AP-MAC-ADDRESS>>

here -a flag specifies that we want to jam a particular AP and after it we must provide the MAC-ADDRESS of that particular AP that we want to jam.

Now how in the world am I going to know what is the MAC-ADDRESS of my friend's AP without disturbing the other people around me?

It's easy just use the Hackers all time favorite tool airodump-ng. Type in the following commands:

sudo airmon-ng

sudo airodump-ng

airmon-ng will put your device in monitor mode and airodump-ng will list all the wifi networks around you with their BSSID, MAC-ADDRESS, and CHANNELS. Now look for your friend's BSSID and grab his/her MAC-ADDRESS and plug that in the above mentioned command. Wooohooo! now you are jamming just your friend's wifi network.

Maybe that's not what you want, maybe you want to jam all the people on a particular channel well wifijammer can help you even with that just type:

sudo wifijammer -c <<CHANNEL-NUMBER>>

with -c we specify to wifijammer that we only want to deauth clients on a specified channel. Again you can see with airodump-ng who is on which channel.

wifijammer has got many other flags you can check out all flags using this command that you always knew:

sudo wifijammer -h

Hope you enjoyed it, good bye and have fun :)

Continue reading

Linux Stack Protection By Default

Modern gcc compiler (v9.2.0) protects the stack by default and you will notice it because instead of SIGSEGV on stack overflow you will get a SIGABRT, but it also generates coredumps.

In this case the compiler adds the variable local_10. This variable helds a canary value that is checked at the end of the function.
The memset overflows the four bytes stack variable and modifies the canary value.

The 64bits canary 0x5429851ebaf95800 can't be predicted, but in specific situations is not re-generated and can be bruteforced or in other situations can be leaked from memory for example using a format string vulnerability or an arbitrary read wihout overflowing the stack.

If the canary doesn't match, the libc function __stack_chck_fail is called and terminates the prorgam with a SIGABORT which generates a coredump, in the case of archlinux managed by systemd and are stored on "/var/lib/systemd/coredump/"

❯❯❯ ./test
*** stack smashing detected ***: terminated
fish: './test' terminated by signal SIGABRT (Abort)

❯❯❯ sudo lz4 -d core.test.1000.c611b7caa58a4fa3bcf403e6eac95bb0.1121.1574354610000000.lz4
[sudo] password for xxxx:
Decoding file core.test.1000.c611b7caa58a4fa3bcf403e6eac95bb0.1121.1574354610000000
core.test.1000.c611b : decoded 249856 bytes

❯❯❯ sudo gdb /home/xxxx/test core.test.1000.c611b7caa58a4fa3bcf403e6eac95bb0.1121.1574354610000000 -q

We specify the binary and the core file as a gdb parameters. We can see only one LWP (light weight process) or linux thread, so in this case is quicker to check. First of all lets see the back trace, because in this case the execution don't terminate in the segfaulted return.

We can see on frame 5 the address were it would had returned to main if it wouldn't aborted.

Happy Idea: we can use this stack canary aborts to detect stack overflows. In Debian with prevous versions it will be exploitable depending on the compilation flags used.
And note that the canary is located as the last variable in the stack so the previous variables can be overwritten without problems.

Continue reading

segunda-feira, 18 de maio de 2020

HOW TO BECOME A CERTIFIED ETHICAL HACKER

7 Tips to become a hacker?

It is very important for a hacker to learn different types of programming language such as C,C++,Python,Java,PHP etc and it is also necessary to learn hardware and networking for a good hacker because these skill are very useful to become a successful hacker.

1-Programming Language are essential to becoming a good hacker

2-Networking skills is important to becoming an effective hacker.

3-SQL language are essential to becoming an effective hacker

4-Internet surfing is also essential for becoming a hacker for gathering information.

5-Cryptography is essential to becoming a certified hacker from which a hacker can share his/her readable data to other person in a nonreadable form with the help of Cryptography.

6-Penetration testing is also important for a hacker.

7-experiment a lot is also very useful to becoming a ethical hacker.

Follow me on insta_anoymous_adi

How phishing works

Phishing attacks typically rely on social networking techniques applied to email or other electronic communication methods, including direct messages sent over social networks, SMS text messages and other instant messaging modes.

Phishers may use social engineering and other public sources of information, including social networks like LinkedIn, Facebook and Twitter, to gather background information about the victim's personal and work history, his interests, and his activities.

Hacking by PHP

As PHP is server side scripting language so first of all you have need to install a local server (WAMP, XAMPP or LAMPP) over your system. Because if there is no any server running on your system then you can't even run your PHP script. So if you wanna do a programming with PHP this is the first step to download and install a server from the Internet. You can easily download and install servers by watching my videos. Just visit my YouTube channel and watch there.

The code:

https://bitbucket.org/sha0coder/gdb_automatization/

More articles

domingo, 17 de maio de 2020

15 Hidden Android Features You Should Know

While Android has matured by leaps and bounds, it's still going through the refinement phase. Over time, Google has both added and removed many popular features in Android. Sometimes the features are completely removed. However, in many cases, they make it to the Settings page or they are buried under different hidden places inside Android. That's why we have come up with this article where we unearth 15 hidden Android features that are quite interesting and helpful. So, let's go ahead and explore some unique Android features which are available on our Android devices.

Hidden Android Features

Here, we have mentioned several hidden Android features ranging from privacy, security, ease of use and more. Further, we have also added some obscure Android features which were released recently but might have gone under the radar. Now with that said, here are the hidden Android features that you should know and use often.

1. Block Spam Calls

The one feature that I turn on whenever I set up a new Android device is: filter spam calls. It saves me from unwanted calls by telemarketers, fraudsters and spammers. If you use a stock Android device, you must have the Phone app by Google installed as your default dialer. To enable spam call blocking, open the Phone app and tap on the three-dot menu on the top-right corner and open Settings. After that, open "Caller ID and spam" and enable both the toggles. Now, whenever you will receive a call by spammers, the screen won't light up or make any sound. It's almost like DND with Total Silence turned on.

1. Block Spam Calls hidden android features

If you are worried that you will miss important calls then fret not. I have been using this feature for a long time and I can vouch that it works flawlessly. While there are other apps like Truecaller with similar features, you should be wary against handing your data to third-party apps, especially given its shady past record.

2. Verification Code Autofill

Many of us have allowed SMS permission to multiple apps for seamless OTP verification. However, this can lead to serious breach as apps can read all your text messages and also build credit profile without your consent. To crack down on this behavior, Google has brought a new API called the SMS Retriever. It allows apps to capture a one-time code without asking for SMS permission. In case, the app developer has not implemented this API, Google will act as a bridge and provide the verification code. That is awesome, right? So to enable this feature, navigate to Settings -> Google -> Verification Code Autofill and enable the toggle. Make sure you have also enabled the Autofill service by Google.

2. Verification Code Autofill

3. Force Dark Mode on all Apps

While the dark mode is slowly becoming the norm, there are still apps like Facebook and WhatsApp which are yet to embrace the dark side. If you want to force dark mode on a range of apps then there is a hidden Android setting that lets you do it. However, you must be on the latest Android 10 build. To enable dark mode for all the apps, navigate to Settings -> About Phone and tap on the Build Number for seven times continuously. A toast notification will show up prompting "Developer Options have been enabled". Now go back, and search for "Override force-dark" in the Settings page. Tap on the first result and then enable the toggle. Just to be sure, restart your device and check if dark mode is working on all apps.

3. Force Dark Mode on all Apps

4. Focus Mode

Google has brought a new feature called Focus Mode to Digital Wellbeing with the launch of Android 10. While Digital Wellbeing is great at limiting the screen time of various apps, Focus Mode allows you to block certain apps completely so you can focus on what you are doing. To configure Focus Mode, follow Settings -> Digital Wellbeing -> Focus Mode. Here, you can select apps that you find distracting and can enable Focus Mode straight from the Quick Settings panel.

4. Focus Mode hidden android features

5. Share WiFi with QR Code

I know the feeling when someone asks you to share your WiFi's password and you can't seem to remember it. If you use a strong password with multiple hashes and characters then it becomes even more tedious to type it out. In such cases, a QR code can help you seamlessly connect to WiFi networks. Thankfully, Android 10 has this not-so-hidden feature under the WiFi Settings page. Open it and you will find the QR code scanner besides the "Add Network" section. Now, scan the QR code and you will be connected in no time.

6. Randomize MAC Address

MAC address is a unique identifier assigned to WiFi-enabled devices including smartphones. Most devices come with a static MAC which can be exploited and used for tracking user movement. So having a random MAC address reduces the chance of tracking and strengthens your privacy. If you are running Android 10 then you can randomize the MAC address from the WiFi Settings page. Tap on the WiFi that you are connected to and open "Privacy". Here, make sure "Use randomized MAC" is your default pick.

6. Randomize MAC Address

7. Force Apps to Resize in Split Mode

Android has some unique features like Split Mode which make it quite distinct from iOS. It lets you run two apps at once so you can effortlessly multitask between them. However, not all apps support Split Mode and that's where this hidden Android feature comes into play. With this feature, you can force any app to resize in split mode, irrespective of the app compatibility. So to enable this feature, open Settings and search for "resizable". Open the first result and enable "Force activities to be resizable". Now, restart your device and you can enjoy any app in the Split mode.

7. Force Apps to Resize in Split Mode

8. Default USB Configuration

If you are someone who regularly connects Android devices to PC then this sneaky feature is going to help you a lot. Android 10 now allows you to choose your default USB configuration. If you transfer files regularly then simply choose the desired settings and you are good to go. To configure USB, open Settings and search for "Default USB" and tap on the first result. Here, choose "File transfer" or any other settings based on your preference.

8. Default USB Configuration (2) hidden android features

9. Private DNS

While Private DNS was launched with Android Pie, it still remains one of the least talked features of Android. It allows you to encrypt your DNS query so no one can read it, not even your internet service provider. You can find the Private DNS feature in the "Network and Internet" settings page. Here, open "Private DNS" and choose Automatic for Google's DNS or you can also select some other DNS providers as well. I would recommend you to go with Cloudflare's DNS.

9. Private DNS

10. Device Theming

Device theming has finally arrived on Android, but it's still hidden under the developer options. You can change the accent color, font and icon shape from a handful of options. To find the desired settings page, open Settings and search for "theming". Tap on the top result and customize your Android device as you prefer.

10. Device Theming

11. Show Taps While Screen Recording

With the release of Android Oreo, Google removed the ability to show taps while screen recording for security reasons. However, the settings to configure taps is still available and hidden under the developer options. Just open the Settings page and search for "taps". Open the first result and enable the toggle. Now, you can record your screen with taps and that's really convenient.

11. Show Taps While Screen Recording hidden android features

12. Capitalize Words Quickly

If you want to capitalize words quickly then Gboard has this nifty feature which is super helpful and I simply love it. Just select the words and tap the "Shift" button twice to capitalize a chunk of words at once. You can also make it lowercase by similarly double tapping the shift button. And if you just want to keep the initials capital then tap the shift button once. That's pretty great, right? So go ahead and type hassle-free with Gboard.

Capitalize Words Quickly

13. Uninstall Multiple Apps

One of the best hidden Android features is that you can uninstall multiple apps at once. It works on older versions of Android as well so that is great. All you have to do is open the Google Play Store and tap on the hamburger menu and select "My apps and games". Here, switch to the "Installed" section and then tap on "Storage". After that, simply select apps that you want to uninstall and hit that "Free Up" button. Voila, multiple apps just got uninstalled in just one tap.

13. Uninstall Multiple Apps

14. Clear Site Storage Using Chrome

Chrome is notorious for accumulating a large amount of data in background which makes the performance worse and also takes up crucial storage space. If you want to check what websites are eating up your memory space then a hidden Chrome setting can help you with that. Open Chrome on your Android device and head over to its Settings page. Now, navigate to Site Settings and open Storage. Here, you will find all the websites with their storage space. Open any website and tap on the "Delete" icon to finally free up your internal storage from unnecessary cached data.

14. Clear Site Storage Using Chrome

15. Street View Layer in Google Maps

Street View is an immersive way to explore places and find new landmarks, hotels, restaurants from anywhere around the world. Now, the Street View Layer has been added to Google Maps and it works pretty well. To check if Street View is available in your region, open Google Maps and tap on the "layer" icon on the top-right corner. Now, tap on "Street View" icon and then zoom out to find blue lines on the map. Finally, tap on the blue lines and Street View will show up for that place. That's cool, right? So go ahead and check out Street View to find some hidden gems around the world.

15. Street View Layer in Google Maps hidden android features

Note: The blue lines show up wherever street view is available.

@EVERYTHING NT

sexta-feira, 22 de maio de 2020

quinta-feira, 21 de maio de 2020

Related word

Related word

More articles

Read more

Read more

quarta-feira, 20 de maio de 2020

Related word

TOP 10 HACKING MOVIES

1. HACKERS (1995)

2. LIVE FREE OR DIE HARD (2007)

3. EAGLE EYE (2008)

4. ALGORITHM (2014)

5. WARGAMES (1983)

6. THE MATRIX (1999)

7. TAKEDOWN (2000)

8. BLACKHAT (2015)

9. THE ITALIAN JOB (2003)

10. UNTRACEABLE (2008)

terça-feira, 19 de maio de 2020

Requirements:

Continue reading

segunda-feira, 18 de maio de 2020

Related links

How phishing works

Hacking by PHP

domingo, 17 de maio de 2020

Hidden Android Features

1. Block Spam Calls

2. Verification Code Autofill

3. Force Dark Mode on all Apps

4. Focus Mode

5. Share WiFi with QR Code

6. Randomize MAC Address

7. Force Apps to Resize in Split Mode

8. Default USB Configuration

9. Private DNS

10. Device Theming

11. Show Taps While Screen Recording

12. Capitalize Words Quickly

13. Uninstall Multiple Apps

14. Clear Site Storage Using Chrome

15. Street View Layer in Google Maps

Related posts

Você é meu visitante:

Páginas