kultura-timor-Leste

Husi kultura hau Aprende buat barak tamba husi kultura motiva hau sai ema hodi proteze hau nia rai doben timor-leste

Uma-Lisan

Tane hau nia kultura tane hau nia Lisan

Uma-Lisan

husi lisan hau brani protege hau nia kultura no hau nia rai

Teknologia

Koko Aprende no protege nomos atu sai mata-dalan ba teknologia iha Railaran

Aileba

Husi kiak hau sai ema

Penetration Testing

Penetration Testing
Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access.

If the focus is on computer resources, then examples of a successful penetration would be obtaining or subverting confidential documents, pricelists, databases and other protected information. The main thing that separates a penetration tester from an attacker is permission. The penetration tester will have permission from the owner of the computing resources that are being tested and will be responsible to provide a report. The goal of a penetration test is to increase the security of the computing resources being tested. In many cases, a penetration tester will be given user-level access and in those cases, the goal would be to elevate the status of the account or user other means to gain access to additional information that a user of that level should not have access to.

Some penetration testers are contracted to find one hole, but in many cases, they are expected to keep looking past the first hole so that additional vulnerabilities can be identified and fixed. It is important for the pen-tester to keep detailed notes about how the tests were done so that the results can be verified and so that any issues that were uncovered can be resolved. It’s important to understand that it is very unlikely that a pen-tester will find all the security issues. As an example, if a penetration test was done yesterday, the organization may pass the test. However, today is Microsoft’s “patch Tuesday” and now there’s a brand new vulnerability in some Exchange mail servers that were previously considered secure, and next month it will be something else. Maintaining a secure network requires constant vigilance.

Pen-Testing vs. Vulnerability Assessment
The main focus of this paper is penetration testing but there is often some confusion between penetration testing and vulnerability assessment. The two terms are related but penetration testing has more of an emphasis on gaining as much access as possible while vulnerability testing places the emphasis on identifying areas that are vulnerable to a computer attack. An automated vulnerability scanner will often identify possible vulnerabilities based on service banners or other network responses that are not in fact what they seem. A vulnerability assessor will stop just before compromising a system, whereas a penetration tester will go as far as they can within the scope of the contract.

It is important to keep in mind that you are dealing with a ‘Test.’ A penetration test is like any other test in the sense that it is a sampling of all possible systems and configurations. Unless the contractor is hired to test only a single system, they will be unable to identify and penetrate all possible systems using all possible vulnerabilities. As such, any Penetration Test is a sampling of the environment. Furthermore, most testers will go after the easiest targets first.

How Vulnerabilities Are Identified
Vulnerabilities need to be identified by both the penetration tester and the vulnerability scanner. The steps are similar for the security tester and an unauthorized attacker. The attacker may choose to proceed more slowly to avoid detection, but some penetration testers will also start slowly so that the target company can learn where their detection threshold is and make improvements. The first step in either a penetration test or a vulnerability scan is reconnaissance. This is where the tester attempts to learn as much as possible about the target network as possible. This normally starts with identifying publicly accessible services such as mail and web servers from their service banners. Many servers will report the Operating System they are running on, the version of software they are running, patches and modules that have been enabled, the current time, and perhaps even some internal information like an internal server name or IP address. Once the tester has an idea what software might be running on the target computers, that information needs to be verified. The tester really doesn’t KNOW what is running but he may have a pretty good idea.

The information that the tester has can be combined and then compared with known vulnerabilities, and then those vulnerabilities can be tested to see if the results support or contradict the prior information. In a stealthy penetration test, these first steps may be repeated for some time before the tester decides to launch a specific attack. In the case of a strict vulnerability assessment, the attack may never be launched so the owners of the target computer would never really know if this was an exploitable vulnerability or not.

Why Perform Penetration Testing?
Security breaches and service interruptions are costly Security breaches and any related interruptions in the performance of services or applications, can result in direct financial losses, threaten organizations’ reputations, erode customer loyalties, attract negative press, and trigger significant fines and penalties. A recent study conducted by the Ponemon Institute (2014 Cost of Data Breach Study: Global Analysis) reported the average cost of a data breach for the affected company is now $3.5 million. Costs associated with the Target data breach that occurred in 2013 reached $148 million by the second quarter of 2014.
It is impossible to safeguard all information, all the time Organizations have traditionally sought to prevent breaches by installing and maintaining layers of defensive security mechanisms, including user access controls, cryptography, IPS, IDS and firewalls. However, the continued adoption of new technologies, including some of these security systems, and the resulting complexity introduced, has made it even harder to find and eliminate all of an organizations’ vulnerabilities and protect against many types of potential security incidents.
New vulnerabilities are discovered each day, and attacks constantly evolve in terms of their technical and social sophistication, as well as in their overall automation. Penetration testing identifies and prioritizes security risks Penetration testing evaluates an organization’s ability to protect its networks, applications, endpoints and users from external or internal attempts to circumvent its security controls to gain unauthorized or privileged access to protected assets. Test results validate the risk posed by specific security vulnerabilities or flawed processes, enabling IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access
to critical systems and valuable information.

Pen test strategies


Targeted testing

Targeted testing is performed by the organization's IT team and the penetration testing team working
together. It's sometimes referred to as a "lights-turned-on" approach because everyone can see the test
being carried out.External testing This type of pen test targets a company's externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside attacker can get in and how far they can get in once they've gained access.
Internal testing This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much damage a disgruntled employee could
cause.

Blind testing
A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that's performing the test beforehand. Typically, they may only
be given the name of the company. Because this type of test can require a considerable amount of time
for reconnaissance, it can be expensive.
Double blind testing
Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one
or two people within the organization might be aware a test is being conducted. Double-blind tests
can be useful for testing an organization's security monitoring and incident identification as well as its
response procedures.Four distinct pen testing service offerings you can provide customers to ensure they have full coverage.

Vulnerability scanning
This is a straightforward opportunity and a mature offering. The biggest question you'll face is whether to resell a service offering (like that from Qualys) or to buy a tool and use it internally to scan your customer's networks and systems. Scanning is one of the requirements for nearly every regulation, so this is an easy step along the path to security assurance, since all of your regulated  customers need to scan.

Infrastructure pen testing
This offering involves a tool that uses live exploits, like Metasploit or Core Impact. You'll use live mmunition, so orchestrate these tests with the client to ensure the minimum amount of disruption. You should test all externally visible IP addresses -- that's what the bad guys out there can see and are likely trying to penetrate. You may also want to see what you can find if you attach to a conference room network, one of the softest parts of a customer's defenses.

Application pen testing
Trying to break into applications is probably the most important step nowadays, given that so many attacks directly target applications. You can use a Web application scanner (HP's WebInspect, IBM's AppScan), but you should also invest in some people that know how to exploit application logic errors. There's no substitute for a skilled application tester to determine what's broken in an application. Once the initial application is compromised, go directly after the database, where the valuable stuff is. If you can get into the database, the customer is owned. It's much better for you to figure this out than a malicious hacker.

User testing 
This is actually the most fun task for penetration testers. You get to see how gullible most users are. This type of testing can involve emailing fake messages to customer service reps, trying to talk your way into the facility (past security or the receptionist) or even dropping thumb drives in the parking lot to see who will plug them into their machines. Many folks are against social-engineering end users, but not me. Remember, malicious hackers don't have a set of rules. They use social engineering because it works. Don't let social engineering surprise your customer and catch them off-guard. 

PENETRATION TESTING TOOL
Reconnaissance Tools
Reconnaissance often begins with searches of internet databases including DNS registries, WHOIS databases, Google, on-line news sources, business postings, and many other on-line resources. The reconnaissance phase often includes print media as well, specifically electronically searchable archives that would be found at a college library or large public library.

Nmap
Nmap is a popular port scanning tool. Port scanning is typically a part of the reconnaissance phase of a penetration test or an attack. Sometimes attackers will limit their testing to a few ports while other times they will scan all available ports. To do a thorough job, a vulnerability scanner should scan all port and, in most cases, a penetration tester will scan all ports. An actual attacker may choose to not scan all ports if he finds a vulnerability that can be exploited because of the “noise” (excess traffic) a port scanner creates.

Another capability of nmap is its ability to determine the operating system of the target computer. Different networking implementations will respond differently to different network packets. Nmap maintains a type of database and will match the responses to make a guess at what type of operating system the target computer is running. This OS detection isn’t perfectly accurate but it can help the attacker tailor his attack strategy, especially when coupled with other pieces of information.

Nessus
Nessus is a popular vulnerability scanner that many security professionals use regularly. Nessus has a huge library of vulnerabilities and tests to identify them. In many cases, Nessus relies on the responses from the target computer without actually trying to exploit the system. Depending on the scope of a vulnerability assessment, the security tester may choose an exploitation tool to verify that reported vulnerabilities are exploitable. 
Nessus includes port scanning and OS detection, so sometimes a vulnerability assessment will just use Nessus and let Nessus call nmap or other scanners for these components of the test. For a stealthy scan, a security professional or an attacker may choose to run these tools separately to avoid detection.

Packet Manipulation and Password Cracking Tools
There are many other reconnaissance tools within the penetration tester arsenal, but two categories bear special mention here: packet manipulation tools and password cracking tools. The former category includes tools like hping that allows a penetration tester or attacker to create and send all types of specially crafted TCP/IP packets in order to test and exploit network-based security protections, such as firewalls and IDS/IPS. The password cracking category includes tools like John the Ripper or Cain and Able, which is used to detect and obtain weak password for multiple authentication mechanisms, such as the ones supported by most Unix and Windows operating systems.

Exploitation Tools
Exploitation tools are used to verify that an actual vulnerability exists by exploiting it. It’s one thing to have vulnerability testing software or banners indicate the possibility of an exploitable service, but quite another to exploit that vulnerability. Some of the tools in this category are used by both attackers and penetration testers. There are many more exploitation tools than the ones listed here. Many tools in this category are single-purpose tools that are designed to exploit one vulnerability on a particular hardware platform running a particular version of an exploitable system. The tools that we’ve highlighted here are unique in the fact that they have the ability to exploit multiple vulnerabilities on a variety of hardware and software platforms.

Metasploit Version 2.5
Metasploit is a relatively new addition to the penetration tester’s tool belt. It provides attack libraries attack payloads that can be put together in a modular manner. The main purpose of Metasploit is to get to a command prompt on the target computer. Once a security tester has gotten to a command-line, it is quite possible that the target computer will be under his total control in a short time. The currently released version of Metasploit Framework as of June, 2006 is version 2.5. Version 3.0 is expected out shortly.This is a tool that attackers would use to take over, or own, a computer. Once an attacker can gain this level of access to a computer, they would often install code that would allow them to get back onto the computer more easily in the future. In some cases, a penetration tester would also install tools on the computer, but often they would simply document the access and what data was available and move on to other testing. This would depend on the defined scope of the testing. The security professional also would want to be careful about causing data loss or server instability that may result in lost productivity. A malicious attacker may be more cavalier about using the computer without regard to lost productivity, though a highly skilled attacker targeting a specific company may be very careful not to damage the system so that they can avoid detection.

SecurityForest Exploitation Framework 
Although still technically in Beta version, the SecurityForest Exploitation Framework is another open-source tool that can be leveraged by penetration testers. This framework leverages a collection of exploit code known as the ExploitTree, and the Exploitation Framework is a front-end GUI that allows testers to launch exploit code through a Web browser (similar to Metasploit’s Web interface). The Framework is very similar to Metasploit, in fact, with a few key differences. ExploitTree has a remarkable number of exploits included, but the vast majority of these are in pre-compiled format (most likely in a C file) or exist as Perl executables.
They are also not natively integrated into the Framework. This framework is not nearly as extensible as some other tools; it primarily functions as a GUI to launch attacks from.

CORE IMPACT (version 5.1)
CORE IMPACT is a commercial penetration testing tool that combines a healthy dose of reconnaissance with exploitation and reporting into one point and click penetration testing tool. The main purpose of CORE
IMPACT is to identify possible vulnerabilities in a program, exploit those vulnerabilities without causing system outages, and clearly document every step along the way so that the entire procedure can be verified by another party. The CORE IMPACT penetration testing tool makes is easy for a network administrator or penetration tester to run tests against a network or host without having a whole suite of security testing utilities. Overall, we found the program to do a good job of scanning the network for vulnerabilities, successfully exploiting them, and reporting on the results. One really slick feature of CORE IMPACT is the ability to install an agent on a compromised computer and then launch additional attacks from that computer. This proved useful in an actual penetration testing assignment by allowing the tester to compromise one machine and from there run automated scans inside the network looking for additional machines. Those scans weren’t quite as good as actually being on-site, but it did allow us to discover internal hosts from outside the network. For most systems, CORE IMPACT will work well, but as Core Security Technologies states in their documentation, it isn’t meant to be a replacement for an experienced penetration tester. One of the areas we ran into some trouble on was when a single IP address had different ports mapped to different servers with different operating systems. Sometimes CORE IMPACT would identify a host as having a given operating system and then refuse to launch a vulnerability against a service that did not match that operating system. In one tested network, a single public IP address was in use by three different computers: an Exchange server, an IIS web server, and a Linux computer running SSH. The OS had been identified as being in the Linux family so an attack against IIS vulnerability wasn’t an option. We were able to work around this by re-scanning the machine using only the ports that mapped to the Windows system. As a commercial vendor, Core Security Technologies does a lot of testing of their exploit code to ensure that it will not adversely affect the target hosts. In testing CORE IMPACT, we found that it was rare for it to crash systems. There was one case where an unpatched Windows 2003 server rebooted a few times in different testing scenarios. Later, the same test was used to exploit the system and gain access to a command prompt. Other than this one test against an unpatched Windows 2003 server, we did not crash any systems. The reporting feature of CORE IMPACT is quite good. It includes an executive report, a report that lists vulnerabilities and all the machines affected by those vulnerabilities, a detailed report of all hosts and an exhaustive report of every test that was run, when it ran, how long it ran and detailed results of the running.
This last report is one that you don’t need very often but if you do need it, it has all the details do duplicate a test. Keeping accurate notes is one of the most difficult and time consuming tasks for a pen-tester because often many tests are attempted with small variations to the test. CORE IMPACT makes it easy to go back and find any steps that weren’t properly recorded. 
Continue Reading

WINDOWS HACKING TRICKS

WINDOWS HACKING TRICKS

Windows hacking is the practice of modifying Windows Operating System to accomplish a goal outside of the creator’s original purpose. People who engage in hacking activities are often called hackers. Since the word “hack” has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills. Windows hacking is most common among teenagers and young adults, although there are many older hackers as well.

REGISTRY EDITOR RELATED HACKING
What is Windows Registry? (Registry Editor)
Windows Registry is a database used to store information that is necessary to configure the system for
one or more users, applications and hardware devices and it keeps record of the settings of all the Software installed in Computer including Operating System. 

To open Registry Editor: Start > All Programs > Accessories > Run > regedit

Registry Editor Window
Windows Registry contains Five Hives and hives contain Keys and Sub keys and their respective Values.

HKEY_CLASSES_ROOT: The information that is stored here makes sure that the correct program  opens when you open a file by using Windows Explorer.

HKEY_CURRENT_USER: Contains the configuration information for the user who is currently
logged on. The user’s folders, screen colors, and Control Panel settings are stored here.
HKEY_LOCAL_MACHINE: Contains configuration information particular to the computer (for any
user).

HKEY_USERS: Contains all the actively loaded user profiles on the computer.
HKEY_CURRENT_USER is a subkey of HKEY_USERS.

HKEY_CURRENT_CONFIG: Contains information about the hardware profile that is used by the
local computer at system startup.

Types of Keys
Binary Value (REG_BINARY): Raw binary data. Most hardware component information is stored
as binary data and is displayed in Registry Editor in hexadecimal format DWORD Value (REG_DWORD) :Data represented by a number that is 4 bytes long (a 32-bit integer). Can also contain binary, hexadecimal, or decimal format Expandable String Value (REG_EXPAND_SZ) :A variable-length data string. This data type includes variables that are resolved when a program or service uses the data
String Value (REG_SZ): A fixed-length text string Multi-String Value (REG_MULTI_SZ) :Values that contain lists or multiple values in a form that people can read are generally this type.

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your
operating system. We cannot guarantee that problems resulting from modifications to the registry can
be solved. Use the information provided at your own risk.

Back up the registry
Before you make changes to a registry key or subkey, we recommend that you export, or make a
backup copy, of the key or sub key. You can save the backup copy to a location you specify, such as a
folder on your hard disk or a removable storage device. If you make changes that you want to undo,
you can import the backupcopy.

1. Open the Registry Editor by clicking the Start button, typing regedit into the search box, and then pressing Enter.
2. Locate and click the key or subkey that you want to back up.
3. Click the File menu, and then click Export.
4. In the Save in box, select the location where you want to save the backup copy to, and then type a name for the backup file in the Filenamebox.
5. Click Save.

Tips:
You must be logged on as an administrator to perform these steps. If you aren't logged in as
an administrator, you can only change settings that apply to your user account.
Although you can back up more than just the registry key or subkey that you are modifying,
doing so adds to the size of the backup file.

Ultra-speed Shutdown of Windows 7

Follow the following steps to shutdown your Computer with ultra-speed

1. Open the Registry Editor by clicking the Start button, typing regedit into the search box, and then pressing Enter.
2. In left pane of Registry Editor, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
3. In the right pane, right click on WaitToKillServiceTimeout and click on Modify.
4. Type in a number between 2000-20000 (2-20 seconds) and click on OK.
NOTE: The default time is 12000 (12 seconds).
5. Close regedit.
6. After rebooting (restart) Windows the new settings will take effect. The time to wait for
terminating services will be faster and shutdown won’t drag on forever.

NOTE: If you have problems with programs from your computer shutting down too quickly, then
repeat the above steps and increase the time (Step 5) a bit.

Change the log-on screen of Windows 7
1. Press Windows Logo key + R to open Run, type regedit and press Enter.
2. Go to:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authentication\
    LogonUI\Background
3. Double-click the OEMBackground DWORD key and Set value of the key to 1.
4. Select a background image for logon screen with size less than 256 KB and Rename that
    image as BackgroundDefault.
5. Copy that image, Open My Computer and go to
   C:\Windows\system32\oobe\info\backgrounds folder
6. Paste it and select Copy and Replace.
   Tips: Cut and paste the original log-on Screen image in a folder for further use.
7. Reboot, and now your logon image would have changed.

Disable or Enable USB Ports/USB drive/Pen-Drive in Windows 7
It’s really very easy to enable and disable a USB port of your Laptop and desktop computer. Many
companies disabled their employee’s laptop to prevent data threat. Also many schools, colleges and universities block the USB ports of their computer. So, here is the easy way to enable USB ports, access it and disable it back.

1. Open the Registry Editor by clicking the Start button, typing regedit into the search box,
    and then pressing Enter.
2. In left pane of Registry Editor, go to
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
3. Right Click Start and Click Modify on right pane of Registry Editor.


4. Do one of the following: To enable USB ports: change the value from 4 to 3 To disable USB ports: change the Value from 3 to 4 
5. After rebooting (restart) Windows the new settings will take effect. The time to wait for terminating services will be faster and shutdown won’t drag on forever.

How to Display Legal Notice on Start up of your Windows
If your PC has multiple users then you can display legal notice to every user before they login to your PC. This legal notice will be displayed at every startup just before the Desktop is loaded. Using this you can tell your friends about the do’s and don’ts in your computer when they login in your absence. To do this:
1. Click on Start button and type regedit and press Enter
2. Navigate to the following key in the registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
3. On the right side pane look for legalnoticecaption, double click on it and enter the desired  Legal Notice Caption.
4. Next below this look for legalnoticetext and enter the desired Legal Notice Text. The legal notice text can be up to a page in its size so that it can include a set of do’s and don’ts for your computer.
5. After you does this just restart your computer and upon the next startup you can see the legal notice information for your computer.

Faster Thumbnail Previews

The taskbar shows thumbnail previews of opened windows when you hover the mouse over the program icon. By default, it takes a little time for the preview to appear. Make the previews appear faster with this registry tweak:

1. Open the Registry Editor by clicking the Start button, typing regedit into the search   box, and then pressing Enter.

2. Navigate to HKEY_CURRENT_USER\Control Panel\Mouse.
3. On the right, open the MouseHoverTime key and reduce its value from the default 400 to around 150. (Be careful, as decreasing the key further may cause problems.)
4. After rebooting (restart) Windows the new settings will take effect.

Disable Right-Click
This trick removes the context menu that would normally appear when the user right clicks on the desktop or in the Explorer right results pane.
1. Open the Registry Editor by clicking the Start button, typing regedit into the search box, and then pressing Enter.
2. Browse to this key in the registry:
HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3. Change the value of NoViewContextMenu to 1.
4. Now close the registry editor and restart your computer after any changes to go into effect.
Tips: If NoViewContextMenudoesn't exist then you can create it. Right click in the right-hand pane; select New, then DWORD (32-bit) Value for 32 bit on Windows 7.

How to Disable or Enable Folder Options in Windows 7

Disable Folder Options in Windows 7
1. Click the Start button, and type regedit in the search box.
2. Browse the list as
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

3. Create a new 32-bit DWORD value.

4. Name it NoFolderOptions.

 5. Double click on it to set its value data to 1.
 Enable Folder Options in Windows 7

Double click on the value named No Folder  Options to set its value data to 0.  Clean up the “Open With” Menu in Explorer Have you ever accidently opened an mp3 with Notepad, or a zip file with Word? If so, you’re also likely irritated that these programs now show up in the Open with menu in Windows Explorer every  time you select one of those files. Whenever you open a file type with a particular program, Windows will add an entry for it to the Open with menu. Usually this is helpful, but it can also clutter up the menu with wrong entries. On our computer, we have tried to open a PDF file with Word and Notepad, neither which can actually view the PDF itself. Let’s remove these entries. To do this, we need to remove the registry entries for these programs.

1. Enter regedit in your Start menu search or in the Run command to open the Registry editor.
Tips: Backup your registry first just in case, so you can roll-back any changes you make if you accidently delete the wrong value.
2. Now, browse to the following key:
HKEY_CURRENT_USER \Software \Microsoft \Windows \CurrentVersion \ Explorer
\FileExts\

3. Now, you will see a list of all the file extensions that are registered on your computer.

4. Browse to the file extension you wish to edit, click the white triangle beside it to see the subfolders, and select OpenWithList. In our test, we want to change the programs associated with PDF files, so we select the OpenWithList folder under .pdf.
5. Notice the names of the programs under the Data column on the right. Right-click the value for the program you don’t want to see in the Open With menu and select Delete.
6. Click Yes at the prompt to confirm that you want to delete this value.
7. Repeat these steps with all the programs you want to remove from this file type’s Open with menu. You can go ahead and remove entries from other file types as well if you wish.
8. Restart the computer and check out the Open with menu in Explorer again. Now it will be much more streamlined and will only show the programs you want to see.


Add Recycle Bin to My Computer in Windows 7 

To add the Recycle Bin on My Computer, follow the steps:

1. Open up regedit.exe through the start menu search or run box
2. Go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\3. Now right-click and create a New Key
4. Name the key with the following text as shown in the below figure:
{645FF040-5081-101B-9F08-00AA002F954E}
5. Close the Registry Editor and Open My Computer. Add Control Panel to My Computer in Windows 7
To add the Control Panel on My Computer, follow the steps:
1. Open up regedit.exe through the start menu search or run box
2. Go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\3. Now right-click and create a New Key

4. Name the key with the following text as shown in the below figure

{26EE0668-A00A-44D7-9371-BEB064C98683}
Or
{21EC2020-3AEA-1069-A2DD-08002B30309D}
Tips:
Category View
{26EE0668-A00A-44D7-9371-BEB064C98683}
Icon View
{21EC2020-3AEA-1069-A2DD-08002B30309D}


Close the Registry Editor and Open My Computer.

LOCAL GROUP POLICIES RELATED HACKING
Want to know: What happened in your absences on your PC?
1. Press Windows logo key + R to open Run
2. Type eventvwr.msc and press Enter. Then Event Viewer window will open. (Events are stored in three log files: Application, Security, and System. These logs can be reviewed and archived. For our purposes we want the System log. )

3. Click on Windows Log and then double-click on System in the left-hand column for a list of events.

4. Name the key with the following text as shown in the below figure
{26EE0668-A00A-44D7-9371-BEB064C98683}
Or
{21EC2020-3AEA-1069-A2DD-08002B30309D}
Tips:
Category View
{26EE0668-A00A-44D7-9371-BEB064C98683}
Icon View
{21EC2020-3AEA-1069-A2DD-08002B30309D}

5. Close the Registry Editor and Open My Computer.

LOCAL GROUP POLICIES RELATED HACKING Want to know: What happened in your absences on your PC?
1. Press Windows logo key + R to open Run
2. Type eventvwr.msc and press Enter. Then Event Viewer window will open. (Events are
stored in three log files: Application, Security, and System. These logs can be reviewed and archived. For our purposes we want the System log. )

3. Click on Windows Log and then double-click on System in the left-hand column for a list of events.

4. Look for a date and time when you weren’t home and your computer should have been off. Double click on the eg: Information and it will show u the detail. Tips: You can also use this log to see how long someone was on the computer. Just look at the time the computer was turned on and off for that day. How to Disable Shutdown, Restart, Sleep and Hibernate Someday, you might want to make a computer could not be turned off easily. For example because you are running a program that needs a long time to wait (download a big file, rendering a video, etc.) and you have to leave the room. To prevent anyone else to turn off the computer, then one way is to disable the function of Shutdown, Restart, Sleep or Hibernate menu. 

Follow these easy steps to disable Shutdown, Restart, Sleep and Hibernate:
1. Click Start button, type gpedit.msc in the Start menu’s search box and then press Enter. Local Group Policy editor window will open.
2. Go to User Configuration > Administrative Templates > Start Menu And Taskbar
3. In the right pane, find the Remove and Prevent Access to the shutdown, Restart, Sleep, and Hibernate. Then double click on it. 
4. Select Enable, and then click OK.
Tips: To make it back in to the normal function, just follow all the steps above, except for the last one; you need to change back the option from Enable to Disable. When being in a state of disable, in fact we can still shutdown the computer. The way is by typing the below instructions in the search (Windows 7) and press Enter. shutdown /s (for shutdown)
shutdown /r (to restart)

How to Disable Access to the Registry in Windows 7 
If you don’t know what you’re doing in the Registry, you can mess up your computer pretty good. This  trick helps you to prevent users from accessing the Registry and making any changes to it. To do this using Local Group Policy Editor:
Tips: This method uses Group Policy Editor which is not available in Home versions of Windows.
1. Type gpedit.msc into the Search box in the Start menu
2. When Group Policy Editor opens, navigate to User Configuration \ Administrative
Templates then select System. Under Setting in the right panel double-click on Prevent access to registry editing tools.
3. Select the radio button next to Enabled, click OK, then close out of Group Policy Editor.
4. Now if a user tries to access the Registry, Then he will get the following message advising they cannot access it.

Prevent access to the command prompt This trick helps you to prevent users from accessing the Command prompt.

1. Type gpedit.msc into the Search box in the Start menu
2. When Group Policy Editor opens, navigate to User Configuration \ Administrative
Templates then select System. Under Setting in the right panel double-click on Prevent access to the command prompt.

3. Select the radio button next to Enabled, click OK, and then close out of Group Policy Editor.


How to show or hide Control Panel items in Windows 7 
One of the common lock down’s that administrator apply to Remote Desktop Services Servers is to remove all but the essential control panel items. The .cpl (e.g. timedate.cpl) file name of the control panel item you wanted to show or hide however this has changed in Windows 7 and you now need to use the Canonical Name when hiding or showing specific items. Below I will explain the new way of configuring control panel items for Windows 7 and show you the affect that this has on the control panel.

Before you begin I recommend that you take a look at the below table which lists all the Canonical names for the control panel items for Windows 7. You will need to know what Canonical names of the item you want to restrict or allow. 

Windows 7 Control Panel Canonical Names
The following canonical names are defined for Control Panel items in Windows 7. Not all Control Panel items are available on all varieties of Windows and some Control Panel items might appear only when appropriate hardware is detected.
  

To hide Control Panel items in Windows 7, do the followings:
1. Type gpedit.msc into the Search box in the Start menu
2. W h e n Group Policy Editor opens, navigate to User
Configuration\Policies\Administrative Templates\Control Panel. Under Setting in the right panel double-click on Hide specified Control Panel items.


3. Select the radio button next to Enabled, Click Show button.

4. Then Show Content dialog-box will appear. Type the required Canonical names and click OK.
For example: If i want to hide Action Center, then I will type Microsoft.ActionCenter in the Value field.
5. Click OK, and then close out of Group Policy Editor. 
Note: In this example we are only going to hide the control panel items we want to see (white list)
however if you use the Show specified Control Panel items policy setting you can black list only the  items you don’t want listed.
How to Disable Control Panel in Windows 7
If you have a shared computer that your family and friends can access, you might not want them to
mess around in the Control Panel, and fortunately with a simple tweak you can disable it.
1. Type gpedit.msc into the Search box in the Start menu
2. Whe n Group Policy Editor opens, navigate to User Configuration \ Administrative Templates then select Control Panel in the left Column. In the right column doubleclick on Prohibit access to the Control Panel.

3. Select the radio button next to Enabled, click OK, and then close out of Group Policy Editor.
4. After the Control Panel is disabled, you’ll notice it’s no longer listed in the Start Menu. 5. If the user tries to type Control Panel into the Search box in the Start menu, they will get the following message indicating it’s restricted.
Disable Windows Hotkeys
1. Click Start button, type gpedit.msc in the Start menu’s search box and then press Enter. Local Group Policy editor window will open.
2. Navigate to User Configuration > Administrative Templates > Windows Components and then select Windows Explorer in the left column of the LocalGroup Policy editor.

3. Double-click Turn off Windows+X Hotkeys in the Settings section of the Group Policy editor.

4. Select Enable and then click OK to save the changes.SHORTCUTS RELATED HACKING
One Click Shutdown / Restart / LogOff / Sleep / Hibernate – (Creating a Shortcut) Windows operating System has come with a remote shutdown tool to shut down and restart Windows.  You can control this tool through the command line, but a much faster alternative is to create a shortcut.

1. Right-click your Windows 7 desktop and select New>Shortcut
2. Type shutdown.exe -s -t 00 in the location field
3. Click Next, give a name to the shortcut, e.g. Shut Down Computer, and click Finish.

4. Double-click the shortcut to instantly shut down the system. (For Single Click Follow the below tips) 
Tips: To Customize the Shortcut icon – Right-click on the shortcut > Click Properties > Click
Change Icon> Choose an icon > Click OK> Click OK  You can pin this shortcut from the desktop to the taskbar by right-click on the shortcut and click Pin to Taskbar.
To Type the Following code in the location field of  Create Shortcut dialog-box Shutdown shutdown.exe -s -t 00 Restart shutdown.exe -r -t 00
Logoff shutdown.exe -l  Hibernate rundll32.exe PowrProf.dll,SetSuspendState Sleep rundll32.exe powrprof.dll,SetSuspendState 0,1,0 

How to pin My Computer to Windows 7 taskbar directly Windows 7 has come out with lots of new and  xciting features. You may have noticed that, we can’t open My Computer directly from Windows 7  askbar. If we drag & drop My computer to taskbar, it  gets pinned to windows explorer rather than creating a new place for itself. Windows explorer opens libraries which irritates me and quite a lot of users. So, let’s pin My 
Computer to Windows 7 taskbar.
1. Right click on Desktop, and select New>Shortcut
2. In location of the item enter the following string exactly as given below:
%SystemRoot%\explorer.exe /E,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}


3. Click Next and give a name to shortcut. For example, My Computer. Click Finish.

4. A new shortcut of My Computer placed on desktop. It has the same icon like that of Windows explorer. You can change its icon if you wish. 
After change the icon My Computer
5. To pin the shortcut to Windows 7 Taskbar, just right click on it and select Pin to Taskbar.

6. Your direct shortcut to My Computer is pinned on taskbar now. Lock your computer in single click
You can lock your computer using the Windows logo key + L keyboard shortcut. Here’s another way to do it with a single mouse click. 1. Right-click on your desktop and select New>Shortcut.
2. In Type the location of the item field, type rundll32.exe user32.dll,LockWorkStation.
3. Click Next, name the shortcut Quick Lock, and Finish.
4. If you wish, you can make it look pretty by giving it a lock or keys icon: Right-click, selectProperties, click ChangeIcon, enter shell32.dll, and select any icon you wish. Click OK. 
5. Drag this shortcut and pin it to the taskbar, after which you can delete the desktop shortcut. Safety Remove Hardware from desktop  1. Right Click on your desktop and Click on New and Click on Shortcut from the list.
2. Type the below code in the location field as shown in below figure rundll32.exe shell32.dll,Control_RunDLL hotplug.dll
3. Now click on Next
4. Now give a desired Name for your Shortcut and Click on Finish.

5. Now you have created a shortcut for Safety Remove Hardware on your desktop!!! Now whenever you want to eject your hardware device like pen drive, and then just double click on it and you can remove your Hardware device safely. 
NOTEPAD RELATED HACKING
Dancing Keyboard Led Light Trick 
1. Open Notepad and type below codes into it. Set wshShell =wscript.CreateObject("WScript.Shell")
do  wscript.sleep 100  wshshell.sendkeys "{CAPSLOCK}" wshshell.sendkeys "{NUMLOCK}"
wshshell.sendkeys "{SCROLLLOCK}" loop
2. Click File (from the Menu bar)and Save as the notepad file as anything.vbs (.vbs is must)
3. Open your save file and see your keyboard led blinking like disco lights.

Tips: How to stop this?
1. First open Task Manager by pressing Ctrl +Alt +Delete
2. Then go to Processes tab.
3. Select wscript.exe
4. Click on End Process.
Make your computer talk what you type!

This is very good and interesting javascript trick which let your computer speaks whatever you type. There is no requirement of any software. Just follow below simple steps. 1. Open Notepad and type below codes into it.  Dim message, sapi
message=InputBox("What do you want me to say?","TALKING COMPUTER") Set sapi=CreateObject("sapi.spvoice") sapi.Speak message  
2. Click File (from the Menu bar)and Save as the notepad file as anything.vbs
3. Open that save file.
4. Type anything and click ok to make your computer talk whatever you typed.

Pin a drive to the taskbar
1. Open Notepad, and click on File (Menu bar) and Saveas.
Tips: You will need to leave notepad blank.
2. Navigate to your desktop. Under Save as type, change it to All Files (*.*), type in a name you want for this (ex: Drive C.exe) with the .exe file extension at the end, and click on the Save button. 
3. Close Notepad.
4. Right click on the saved .exe file on your desktop (ex: Drive C.exe), and click on Pin to
Taskbar.
5. Right click on the pinned .exe icon on the taskbar, right click on the .exe file (ex: Drive  C.exe) in the jump list, and click on Properties.
6. In the Start in field, make sure it's blank. In the Target field, change it to be the drive letter path (ex: C:\ ) that you want the pinned icon on the taskbar to open. Click on OK. (Just  Looks Like the below image)
7. Log off and log on, or restart the computer to have the icon on the taskbar to change to the correct drive icon afterwards. 
8. You can now drag the drive icon anywhere you like within the other pinned icons on the taskbar if you like. 
9. You can now delete the .exe file on your desktop (ex: Drive C.exe) if you like. Tips: To Unpin Drive from Taskbar: Right click on the pinned drive icon on the taskbar, and click on Unpin this program from taskbar.
Shut-down the computer after conveying a message  What this trick does is, after conveying a (any) message it shuts down the computer without any confirmation. In order to create the Shutdown file, follow the below mentioned steps: 
1. Open Notepad.
2. Type the following code in it: @echo off msg * Shutting Down.
shutdown -c “Hello the computer is shutting down! Bye” -s  
3. Click File (from Menu bar) and Select Save as.
4. Choose Desktop to save the file on desktop.
5. In the File name field type shutdownmsg.bat and click Save.
6. Double Click the batch file on desktop to execute the batch file.

Tips:
Make sure the file name has .bat extension. Use this carefully. The Computer shuts down the computer forcefully. Matrix Falling Code Effect
Inspired by the movie Matrix, this falling code trick is extremely popular on social networking websites. Type the code given below in Notepad and save the file as "Matrix.bat" or anything.bat
(File Extension must be .bat). Upon running the bat file, you will see the "Matrix falling code" effect.
@echo off
color 02
:matrix tricks
echo
%random%%random%%random%%random%%random%%random%%random%%random%
goto matrix tricks

Make Your Keyboard Type (Any) Message Continuously
This VBS trick can make keyboard type any message continuously. Open Notepad, type the code
given below and save the file as keyboard.vbs or anything.vbs (File Extension must be .vbs).
Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "This is a Virus. You have been infected." 
loop
Tips: If you will open the VBS file then you might need to restart your computer to stop this. Continuously eject CD/DVD drives
This VBS trick will create a code which will continuously eject all your connected Optical drives. If
you put them back in, it will pop them out again. Type the code given below in Notepad as eject.vbs
or anything.vbs (File Extension must be .vbs)
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
ifcolCDROMs.Count>= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop
Double click to open this file and you will be impressed by this awesome trick.
Notepad trick to use it as a Diary
1. Open Notepad.
2. Type .LOG
3. Save the file as LOG.txt
4. Write anything in it and it will be saved with the time when you edit it.
World Trade Center Notepad Trick
1. Open Notepad.
2. Type the flight number Q33N
3. Go to Format > Font and then Change the Font to Wingdings
4. Increase the Font Size to 72, Click OK.
MISCELLANEOUS RELATED HACKING

Increase Windows Boot Up Speed
Increase the speed of Startup
1. Press Windows logo key + R to open Run
2. Type msconfig and press Enter. The System Configuration window appears.
3. Go to Boot tab and change Timeout to 5 sec from 30. Then click OK.

Remove Unwanted Startup Programs
1. Press Windows logo key + R to open Run
2. Type msconfig and press Enter. The System Configuration window appears.
3. Go to Services or Startup tab.
4. Uncheck the programs that you are no longer want to run in the background. Then click OK.


Defragmentation of Hard Drive
1. Go to Start > All Programs > Accessories > System Tools > Disk Defragment
2. Select the Disk(s). If you want to select all disks, then hold Ctrl key and click the disks.
3. Click Analyze disks and after analyzing is over click on Defragment disks.

Delete Temporary & Recent files from your PC regularly

Delete Temporary files
1. Press Windows logo key + R to open Run
2. Type %temp% and press Enter. Now the folder of temporary files will be open.
3. Select all files by pressing Ctrl + A, press Delete and then Enter (You may press Shift +Delete to delete those files permanently) Tips: If a popup window (File In Use windows) opens, then Skip those items.

Delete Recent files
1. Press Windows logo key + R to open Run
2. Type recent and press Enter. Now the folder of recent files will be open.
3. Select all files by pressing Ctrl + A, press Delete and then Enter (You may press Shift + Delete to delete those files permanently)  Scan disk regularly for fix issues

1. Open My Computer and right click on C: drive.
2. Select Properties. A popup menu will be open. Then click on Tools tab.
3. Under Error-Checking Option click on Check Now and fix issues. Then click Start.
Tips: If you have any other drives like D:, E: etc., then scan those disks also.

Speed up the Windows 7
Windows 7 is starved for resources. It features many visual effects that draw heavy on your graphics
card and system memory. If your system was slow out of the box, chances are you can easily fix that
by turning off excessive effects.
1. Click on the Start button and then click Control Panel.
2. Click on System and Security
3. Click on System and then click on Advanced system settings from the left hand pane.
4. On Advance tab, under Performance Click Settings
5. The Performance Options window will open.
6. Under Visual Effects select Adjust for best performance.

Tips: If you would like to retain a nice interface, select Custom and check Use visual styles on windows and buttons.

God Mode of Windows 7
Windows 7 has changed Control Panel a little, but it's still too difficult to locate all the applets and
options that you might need. God Mode, however, while not being particularly godlike, does offer an
easier way to access everything you could want from a single folder.

To create God Mode,
1. Create a New folder and rename it to GodMode.{ED7BA470-8E54-465E-825C-
99712043E01C}

sorry I will to continou in the next time.....................
Continue Reading
...