Tuesday, July 26, 2011

Crowd Simulation - Intelligent Agents Simulation

Monday, July 25, 2011

Camera Flash Effect With JQuery

You can see the working demo here. Go to the page and Click anywhere to generate the effect.



Include SoundManager for Sound

<script type='text/javascript' src='script/soundmanager.js'></script&gt; <script type="text/javascript">soundManagerInit();</script> 

Learn more about it.


    background:black; }  .flashDiv{ 
    position:fixed;  top:0;


function flash(e)

$('.flashDiv') .show()  //show the hidden div .animate({opacity: 0.5}, 300)  .fadeOut(300)
        .css({'opacity': 1});     //play the sound    
    soundManager.play('capture'); }
{         $('.flashDiv').hide();  
    $(document).mouseup(function(e) { flash(e); }) });   

Include this div to the body
<div class='flashDiv'></div>





Sunday, July 10, 2011

Freelance Freedom

Resources: Freelance Freedom

Inner eye Project

While Microsoft tend to support more Natural User Interface (NUI) projects, as most celebrated example its early NUI work is the Kinect Xbox body motion sensor, there’s also quite a bit of focus by Microsoft’s NUI researchers on the intersection between NUI and healthcare. There are a number of Microsoft Research projects exploring the NUI-health connection. One of these projects, named “Inner Eye” is focused on  the medical automation analysis of Computed Tomography ( CT ) scans, using modern machine learning techniques as 3D model navigation and visualization.
InnerEye takes advantage of advances in computer-human interactions that have put computers on a path to work for us and collaborate with us. The development of a natural user interface (NUI) enables computers to adapt to you and be more integrated into your environment via speech, touch, and gesture. As NUI systems become more powerful and are imbued with more situational awareness, they can provide beneficial, real-time interactions that will be seamless and naturally suited to your context—in short, systems will understand where you are and what you’re doing
Antonio Criminisi, as a leader of the research group of Microsoft’s Research center in Cambridge, who develop the system that will make it easier for doctors to work with databases of medical imagery. This system indexes the images generated during the scans. It automatically recognizes organs, and they are working to train the system to detect certain kinds of brain tumors.
This software snaps a collection of 2D and 3D images and index them all together. After combining them all together, medical imaging databases are created using the text comments linked to the image for doctors to search. This gives them the ability to search, but it takes time because not all of the results are relevant. These kinds of systems will allow doctors to easily navigate from new images to old images in the same patient, side-by-side. It will also allow doctors to easily pull up images from other patients for comparison.
Criminisi’s team is also working on embedding the technology found in Kinect. This will give surgeons the ability to navigate through the images with gestures. This will give them access to the images mid-procedure without them having to touch a mouse, keyboard, or even a touch screen. As these are all things that could compromise the sterility of the operation, this will be a very useful tool. The team plans for this tool to be implemented at a large scale, making automatic indexes of images as they are scanned and tying them into the greater database seamlessly.
Using Kinect technology, they would only have to motion their hands to access the parts they need to focus on. The potential Microsoft solution is quicker and slicker: And it could help to save lives. Criminisi said: “Our solution enables surgeons to wave at the screen and access the patients images without touching any physical device, thus maintaining asepsis. By gesturing in mid-air surgeons can zoom in on specific organs or lesions and manipulate 3D views; they can also search for images of other patients with similar conditions. It’s amazing how such images can offer clues of disease and potential cure. Pre-filtering patient data can be an important tool for doctors and surgeons.
Although needs in each hospitals different and levels of sophistication, the general outcome was sufficiently encouraging to drive scientific research towards a new, efficient tool to aid surgery.

  • Tecnology Review
  • Pappas Evangelos. 30/03/2010 - Assesment for CO3 6th Semester Academic English. University of Wales

JavaScript Attack/Defend

As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are executed and how to defend against them. By the end of this article you will have a few techniques in your security tool belt to help you build more secure web applications.

The Open Web Application Security Project (OWASP) is a global organization that focuses on improving web application security and security awareness among the developer community. OWASP maintains a list of what are considered the most serious top ten security threats to web applications: the OWASP Top Ten project. We are going to examine two attacks from the Top Ten list, Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF). These attacks are both widespread and can be easily overlooked when developing an application. The good news is that finding these attacks is simple and building mitigations for them is just as easy.

Cross Site Scripting (XSS)

Many web applications today allow users to generate content to share with other users. To find examples of this look no further than a corporate blog. Many companies use blogs to communicate with their customers by writing about new products, ad campaigns, or just the everyday happenings of the business. To encourage a conversation between the customer and company, these blogs permit comments. Comments are user generated content that is posted to the blog for others to see, including the company’s blog administrator. In this scenario, Cross Site Scripting attacks occur when a user leaves a comment on the blog with the intent to execute a malicious payload against another user.

Cross Site Scripting (XSS) is an exploitation of the trust that the user has with the web site where the attack is hosted. When a user is interacting with a site that they trust they do not expect that a malicious user has poisoned the site against them. Anywhere in a site that allows input from a user opens the door for a possible XSS attack. The malicious input is often in the form of some client side script (usually JavaScript but it could also be VBScript, ActionScript, etc…) that executes when the user performs an action such as clicking a link or loading the page.

Three Types of XSS

Three Types of XSS There are three types of XSS attacks:

  • Stored: The attack is saved into a persistent storage medium such as a database or file.
  • Reflected: Non-persistent attacks needing a delivery method to initiate the attack such an email or malicious form.
  • DOM based XSS: This attack manipulates the DOM to execute the attack payload.

For this article we will be referring to Reflected XSS in our examples but the defenses we will cover work for all the flavors of XSS. More information can be found at: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)XSS attacks can impact your users in a variety of ways. The attack can steal information from the user, perform unintended actions in the application or even load malicious software to the user’s machine. A XSS attack can also have significant impacts on your web application as well. Once the attack is exposed, users will lose faith in the safety of your application causing damage to your company’s reputation.

XSS Attack

So how does a XSS attack work? Here is an example of a very simple Reflected XSS attack:

  1. <span id="message-text">
  2.     <%=Request.QueryString["msg"]%>
  3. </span>

This quick code snippet grabs a string from the query string variable named “msg” and writes it directly to the HTML element “message-text”. Imagine the query string variable was the following:

  1. <script>alert('123');</script>

 This would load the script tag and execute the alert message to the HTML of message-text.

While this example is very simplistic, XSS attacks can become more difficult to find when they are invoked from an Ajax request or when created during a data binding expression. When the attack is brought to the page from a database or other stored data, which is called a Stored XSS Attack. The example of the corporate blog is a Stored XSS attack as the malicious user has left the code to perform the XSS attack in the corporate blog Comments database.

XSS Defense

To defend against XSS attacks you must be conscious of input to your application. Input can come from many different sources such as configuration files, databases, web services, and any other source that populates the application with data. With this in mind, the best defense against XSS is sanitizing data as it is input into your application.

Fortunately sanitizing your input is simple using tools like the Microsoft AntiXSS Library (available for download at http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f4cd231b-7e06-445b-bec7-343e5884e651). This code library makes it very easy to sanitize code on the server side. Using the AntiXSS library for our above example, we would update the code to be the following:

  1. <span id="message-text">
  2.     <%=Microsoft.Security.Application.Encoder.HtmlEncode(Request.QueryString["msg"])%>
  3. </span>

The library offers a multitude of encoding options including JavaScript, CSS, and XML encoding among others. Using the Anti-XSS Library, you can clean the input going in to your data store and sanitize the output coming through your application. While this library is an excellent resource for server side coding, sometimes you need a client side sanitizer to make sure the data you retrieve in JavaScript is clean.

The OWASP Enterprise Security API (ESAPI) is one of the many projects available on the OWASP site. This API allows developers to wrap output into encoder methods for most development platforms. The JavaScript ESAPI library can be found athttps://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#tab=JavaScript. Encoding with the ESAPI JavaScript library is just as simple as using the AntiXSS encoder. Here is an example:

  1. <script src="Scripts/jquery-1.4.1.js" type="text/javascript"></script>
  3. <!-- ESAPI requirements -->
  4. <script src="Scripts/lib/log4js.js" type="text/javascript"></script>
  5. <script src="Scripts/esapi.js" type="text/javascript"></script>
  6. <script src="Scripts/resources/i18n/ESAPI_Standard_en_US.properties.js" type="text/javascript"></script>
  7. <script src="Scripts/resources/Base.esapi.properties.js" type="text/javascript"></script>
  9. <!-- ESAPI usage -->
  10. <script language="javascript" type="text/javascript">
  11. function cleanData() {
  12.             org.owasp.esapi.ESAPI.initialize();
  13.         var cleanedInput = $ESAPI.encoder().encodeForHTML("<script>alert('123');<//script>");
  14.             $("#message-text").html(cleanedInput);
  15.         }
  16. </script>

Using the $ESAPI object, we can encode the malicious string to be treated like text data and not interpreted like HTML tags. The ESAPI encoder is an excellent tool to ensure clean data from Mashups or the results of an Ajax call.

Libraries like the Anti-XSS library and ESAPI do have a downside, performance. By channeling all your data through a sanitization library, you incur some overhead in the application. The security benefit from using these libraries far outweighs the slight performance hit as XSS attacks can damage not just your company’s image but also your user’s information.

Cross Site Request Forgery (CSRF)

While XSS exploits the user’s trust in a specific web site, Cross Site Request Forgery (CSRF) exploits a user’s trust in how their Web Browser works. A CSRF attack happens when an attacker crafts a malicious HTTP request and then tricks the user into executing the request. When an HTTP request is sent to a web site all the cookies, session and header information are sent as well. With this in mind, using CSRF an attacker could execute commands against a site posing as the user.

Let’s look at an example of this attack. One day a user is checking their bank balance online using the new XYZBank.com website. The user makes a few transfers moving money around different accounts. Leaving the site, the user clicks around on the web until they land on the corporate blog we discussed in the XSS example. The user reads the latest blog entry and looks at the various comments. One of the comments was left by a malicious user who has setup an invisible image tag whose SRC attribute is an HTTP request to transfer money from the users account to the attacker’s account. Since the user was already authenticated to the XYZBank.com website, the browser and server assume this is a valid request from the user and executes the money transfer. The next time the user goes to XYZBank.com and sees they are missing money; it is likely they will assume their account was hacked and not connect the loss to the corporate blog.

CSRF Attack

Building a CSRF attack requires a lot of homework. The first step of any attack is building a profile on the target, in this case XYZBank.com. By using the banking site, the attacker can learn what cookies are stored, what fields perform what actions, how data flows through the site, etc… By creating an account on XYZBank.com and using the site, our attacker has learned the following items:

  • Primary account number is stored in a cookie to save the user from selecting which account is their primary account on each visit.
  • On the money transfer page there are three fields required to transfer money:
    • Source Account Number: Where the money is coming from. If the value is blank, the site assumes the use of the Primary Account.
    • Destination Account Number: Where the money is going to
    • Dollar amount: How much is being transferred
  • The site also uses query string parameters for persisting data between HTTP requests.

Using this information, the attacker can create the following image tag:

  1. <img src="https://www.xyzbank.com/transfer.php?txtSource=&txtDest=[Attacker's Account]&txtAmount=1500" width="0" height="0" />

This zero height, zero width image would be invisible to the user but when the image is called by the Browser, the SRC attribute will send the transfer request to XYZBank.com. When the request is sent, the cookies and session for any existing connections to XYZBank.com will be sent as well making the website think that the request is legitimate. CSRF attacks can use images as in the example above or they could use anything that can make an HTTP request.

CSRF Defense

While XSS defense is simply a matter of cleaning data in your system, CSRF exploits how an Internet Browser is supposed to work. The good news is that there are multiple defenses that you can put in place to protect your application against CSRF. We will examine a few server side options first and then discuss some best practices to present to your users on how they can defend against CSRF on other sites.

Our goal is to create multiple layers of defense against a CSRF attack. The first step to this is to try and validate that the request is coming from your own site (in this case, a request to XYZBank.com is coming from XYZBank.com). Checking the HTTP Referrer Header can usually tell you where a request is coming from. This HTTP Header keeps track of where the HTTP request originatedfrom (for more information about the HTTP Referrer Header see:http://www.w3.org/Protocols/HTTP/HTRQ_Headers.html#z14). If the request originates from XYZBank.com then the HTTP Referrer will be XYZBank.com. Unfortunately, the Referrer Header can be spoofed and is not always present for every HTTP request. Checking the Referrer is simply an added layer of validation that you can use.

A much more reliable method for preventing CSRF attacks is to use the Synchronizer Token Pattern. This design pattern uses a randomly generated token that is associated with a user’s session to ensure that the request originated from the site. The random token is then stored in a hidden field and checked on each request. Using this method, the attacker would not be able to guess the random token (as it is only stored in a hidden field) and thus the request would be rejected. Using this method we would setup a Hidden Field on the HTML page and populate it with a random token:

  1. <input type="hidden" id="hdn1" value="29ldfoa9210129041jljfmcaoj39141" />

Now, for our banking site we would be expecting another parameter in the query string. The requested URL would now look like the following:

https://www.xyzbank.com/transfer.php?txtSource=&txtDest=[Attacker's Account]&txtAmount=1500&hdn1=29ldfoa9210129041jljfmcaoj39141

When the request arrives at the transfer.php page, we can check the value of “hdn1” against what has been stored in the Session. If the values match, then the request is valid and can continue. If not, then the request is rejected and an error message presented to the user.

For ASP.NET developers, ViewState already validates the requests coming in to the server but it is possible to forge or copy a ViewState with known valid data. By default, ViewState is not tied to a particular user but by using the Page.ViewStateUserKey, developers can bind a ViewState to a specific user or session. Setting the ViewStateUserKey to the SessionID will make the ViewState valid only for that SessionID so if an attacker attempts to reuse/forge the ViewState value, the ASP.NET application will see the request as invalid. Enabling this ViewState feature is simple. Add the following to the Page_PreInit method of your ASP.NET page:

  1. void Page_PreInit(object sender, EventArgs e)
  2. {
  3.         Page.ViewStateUserKey = Session.SessionID;
  4. }

You could use other properties such as User ID but whatever data point you use, it must be unique per user. Otherwise, it totally defeats the purpose of the ViewStateUserKey and opens your application to ViewState forgery.

The best defense against CSRF is an easy tactic that your users can do…just log out. Most CSRF attacks leverage actions that are available to authenticated users. Encourage your users to log out from your site and others when they are finished. Learn more about all of these defenses and more on the OWASP CSRF Prevention Cheat Sheet.

Tip of the iceberg

The two attacks we examined in this article, Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF), are common attacks but not the only security threats on the web. OWASP’s Top Ten list is an excellent resource to start your web application security training. Correcting XSS and CSRF vulnerabilities on your site is an excellent starting point on your application security journey. By increasing your security awareness implementing some of the mitigations presented in this article, you will be well on your way to protecting your user’s data and the reputation of your application.


Reference:  ScriptJunkie By Tim Kulp



How to Crack a Wi-Fi Network.

You already know that if you want to lock down your Wi-Fi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy? Take a look. 

This tutorial is for information purposes only, and I do not endorse any of the activities discussed within this guide. I nor anyone hosting this guide can be held responsible for anything you do after reading this. What you do with your day lies on your shoulders.

1.Black Track

Today we’re going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn’t mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn’t make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise.

Dozens of tutorials on how to crack WEP are already all over the internet using this method. Seriously—Google it. This ain’t what you’d call “news.” But what is surprising is that someone like me, with minimal networking experience, can get this done with free software and a cheap Wi-Fi adapter. Here’s how it goes.

What You’ll Need.

Unless you’re a computer security and networking ninja, chances are you don’t have all the tools on hand to get this job done. Here’s what you’ll need:

* A compatible wireless adapter—This is the biggest requirement. You’ll need a wireless adapter that’s capable of packet injection, and chances are the one in your computer is not. After consulting with my friendly neighborhood security expert, I purchased an Alfa AWUS050NH USB adapter, pictured here, and it set me back about $50 on Amazon. Update: Don’t do what I did. Get the Alfa AWUS036H, not the US050NH, instead. The guy in this video below is using a $12 model he bought on Ebay (and is even selling his router of choice). There are plenty of resources on getting aircrack-compatible adapters out there.

A BackTrack 3 Live CD. We already took you on a full screenshot tour of how to install and use BackTrack 3, the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started. (I tried the BackTrack 4 pre-release, and it didn’t work as well as BT3. Do yourself a favor and stick with BackTrack 3 for now.)

* A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people are using it, connecting and disconnecting their devices from it. The more use it gets while you collect the data you need to run your crack, the better your chances of success.

* Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you’ll need to launch Konsole, BackTrack’s built-in command line. It’s right there on the taskbar in the lower left corner, second button to the right. Now, the commands.

First run the following to get a list of your network interfaces:


The only one I’ve got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).

Now, run the following four commands. See the output that I got for them in the screenshot below.

airmon-ng stop (interface)
ifconfig (interface) down
macchanger –mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)

If you don’t get the same results from these commands as pictured here, most likely your network adapter won’t work with this particular crack. If you do, you’ve successfully “faked” a new MAC address on your network interface, 00:11:22:33:44:55.

Now it’s time to pick your network. Run:

airodump-ng (interface)

To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), . Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.

Like I said, hit Ctrl+C to stop this listing. (I had to do this once or twice to find the network I was looking for.) Once you’ve got it, highlight the BSSID and copy it to your clipboard for reuse in the upcoming commands.

Now we’re going to watch what’s going on with that network you chose and capture that information to a file. Run:

airodump-ng -c (channel) -w (file name) –bssid (bssid) (interface)

Where (channel) is your network’s channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). I chose “yoyo,” which is the network’s name I’m cracking.

You’ll get output like what’s in the window in the background pictured below. Leave that one be. Open a new Konsole window in the foreground, and enter this command:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

Here the ESSID is the access point’s SSID name, which in my case is yoyo. What you want to get after this command is the reassuring “Association successful” message with that smiley face.

You’re almost there. Now it’s time for:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

Here we’re creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets. (Also, I was unable to surf the web with the yoyo network on a separate computer while this was going on.) Here’s the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack. Watch the number in the “#Data” column—you want it to go above 10,000. (Pictured below it’s only at 854.)

Depending on the power of your network (mine is inexplicably low at -32 in that screenshot, even though the yoyo AP was in the same room as my adapter), this process could take some time. Wait until that #Data goes over 10k, though—because the crack won’t work if it doesn’t. In fact, you may need more than 10k, though that seems to be a working threshold for many.

Once you’ve collected enough data, it’s the moment of truth. Launch a third Konsole window and run the following to crack that data you’ve collected:

aircrack-ng -b (bssid) (file name-01.cap)

Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it’s the one with .cap as the extension.

If you didn’t get enough data, aircrack will fail and tell you to try again with more. If it

Problems Along the Way

With this article I set out to prove that cracking WEP is a relatively “easy” process for someone determined and willing to get the hardware and software going. I still think that’s true, but unlike the guy in the video below, I had several difficulties along the way. In fact, you’ll notice that the last screenshot up there doesn’t look like the others—it’s because it’s not mine. Even though the AP which I was cracking was my own and in the same room as my Alfa, the power reading on the signal was always around -30, and so the data collection was very slow, and BackTrack would consistently crash before it was complete. After about half a dozen attempts (and trying BackTrack on both my Mac and PC, as a live CD and a virtual machine), I still haven’t captured enough data for aircrack to decrypt the key.

So while this process is easy in theory, your mileage may vary depending on your hardware, proximity to the AP point, and the way the planets are aligned. Oh yeah, and if you’re on deadline—Murphy’s Law almost guarantees it won’t work if you’re on deadline.


2.Comm View For WiFi

CommView for WiFi is a powerful wireless network monitor and analyzer for 802.11 a/b/g/n networks. Loaded with many user-friendly features, CommView for WiFi combines performance and flexibility with an ease of use unmatched in the industry.

CommView for WiFi captures every packet on the air to display important information such as the list of access points and stations, per-node and per-channel statisticssignal strength, a list of packets and network connections, protocol distribution charts, etc. By providing this information, CommView for WiFi can help you view and examine packets, pinpoint network problems, and troubleshoot software and hardware.

CommView for WiFi includes a VoIP module for in-depth analysis, recording, and playback of SIP and H.323 voice communications.

Packets can be decrypted utilizing user-defined WEP or WPA-PSK keys and are decoded down to the lowest layer. With over 70 supported protocols, this network analyzer allows you to see every detail of a captured packet using a convenient tree-like structure to display protocol layers and packet headers. Additionally, the product provides an open interface for plugging in custom decoding modules. WEP and WPA key retrieval add-ons are available subject to terms and conditions.

A number of case studies describe real-world applications of CommView for WiFi in business, government, and education sectors.

CommView for WiFi is a comprehensive and affordable tool for wireless LAN administrators, security professionals, network programmers, or anyone who wants to have a full picture of the WLAN traffic. This application runs under Windows XP/2003/Vista/2008/7 and requires a compatible wireless network adapter. To view the list of the adapters that have been tested and are compatible with CommView for WiFi, click on the link below:


If your wireless card is not on the list, please click here for the technical information, or take advantage of our special offer and get a compatible adapter free of charge!

What you can do with CommView for WiFi

  • Scan the air for WiFi stations and access points.
  • Capture 802.11a, 802.11b, 802.11g, and 802.11n WLAN traffic.
  • Specify WEP or WPA keys to decrypt encrypted packets.
  • View detailed per-node and per-channel statistics.
  • View detailed IP connections statistics: IP addresses, ports, sessions, etc.
  • Reconstruct TCP sessions.
  • Configure alarms that can notify you about important events, such as suspicious packets, high bandwidth utilization, unknown addresses, rogue access points, etc.
  • View protocol “pie” charts.
  • Monitor bandwidth utilization.
  • Browse captured and decoded packets in real time.
  • Search for strings or hex data in captured packet contents.
  • Log individual or all packets to files.
  • Load and view capture files offline.
  • Import and export packets in Sniffer®, EtherPeek™, AiroPeek™, Observer®, NetMon, Tcpdump, hex, and text formats.
  • Export any IP address to SmartWhois for quick, easy IP lookup.
  • Capture data from multiple channels simultaneously using several USB adapters.
  • Capture A-MPDU and A-MSDU packets.
  • And much more!

Who needs CommView for WiFi

  • WLAN administrators.
  • Security professionals.
  • Home users who are interested in monitoring their WLAN traffic.
  • Programmers developing software for wireless networks.

An evaluation version is available in the Download Area.

To purchase this product, add it to the shopping cart (see the link at the top right corner of this page) or visit the Product Catalog. If you purchased this product in the past and would like to purchase an upgrade to the latest version, please visit theUpgrades page.

3. AirCrack NG

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.In fact, Aircrack-ng is a set of tools for auditing wireless networks.

Packet injection on a phone Aircrack-ng suite now fully works with the internal card of the Nokia N900, including packet injection.


  • Aircrack-ng 1.1
    SHA1: 16eed1a8cf06eb8274ae382150b56589b23adf77
    MD5: f7a24ed8fad122c4187d06bfd6f998b4


  • Aircrack-ng 1.1 (Windows)
    SHA1: 043ac7346cfd4878eb3af9783554873fbb5c28d4
    MD5: 407e342f01f6d46886a9f908b241d53a


    Important information:
    This version requires you to develop your own DLLs to link aircrack-ng to your wireless card (it will not work without).
    The required DLLs are not provided in the download and there will be no support for them.
  • Linux packages can be found here.

Previous versions

  • Previous versions of Aircrack-ng can be found here.
  • A backup of the original versions (from Christophe Devine) are available here.
  • Previous versions of Slitaz Aircrack-ng can be found here.
  • Previous versions of our VMWare appliance can be found here.

Other downloads

Sample files

  • test.ivs – This is a 128 bit WEP key file. The key is AE:5B:7F:3A:03:D0:AF:9B:F6:8D:A5:E2:C7.
  • ptw.cap – This is a 64 bit WEP key file suitable for the PTW method. The key is 1F:1F:1F:1F:1F.





ReferencesArrow Webzine  Nyjil George




Academic Search Engines: Beyond Google Scholar





how to use the invisible web

Scirus has a pure scientific focus. It is a far reaching research engine that can scour journals, scientists’ homepages, courseware, pre-print server material, patents and institutional intranets.










invisible web search engines

Infomine has been built by a pool of libraries in the United States. Some of them are University of California, Wake Forest University, California State University, and the University of Detroit. Infomine “˜mines’ information from databases, electronic journals, electronic books, bulletin boards, mailing lists, online library card catalogs, articles, directories of researchers, and many other resources.

You can search by subject category and further tweak your search using the search options. Infomine is not only a standalone search engine for the Deep Web but also a staging point for a lot of other reference information. Check out its Other Search Tools and General Reference links at the bottom.







The WWW Virtual Library


invisible web search engines

This is considered to be the oldest catalog on the web and was started by started by Tim Berners-Lee, the creator of the web. So, isn’t it strange that it finds a place in the list of Invisible Web resources? Maybe, but the WWW Virtual Library lists quite a lot of relevant resources on quite a lot of subjects. You can go vertically into the categories or use the search bar. The screenshot shows the alphabetical arrangement of subjects covered at the site.













search invisible web

DeepPeep aims to enter the Invisible Web through forms that query databases and web services for information. Typed queries open up dynamic but short lived results which cannot be indexed by normal search engines. By indexing databases, DeepPeep hopes to track 45,000 forms across 7 domains.

The domains covered by DeepPeep (Beta) are Auto, Airfare, Biology, Book, Hotel, Job, and Rental. Being a beta service, there are occasional glitches as some results don’t load in the browser.







Reference: 10 Search Engines to Explore the Invisible Web

Evolution machine: Genetic engineering on fast forward

Source: NewScientist

Automated genetic tinkering is just the start – this machine could be used to rewrite the language of life and create new species of humans

IT IS a strange combination of clumsiness and beauty. Sitting on a cheap-looking worktop is a motley ensemble of flasks, trays and tubes squeezed onto a home-made frame. Arrays of empty pipette tips wait expectantly. Bunches of black and grey wires adorn its corners. On the top, robotic arms slide purposefully back and forth along metal tracks, dropping liquids from one compartment to another in an intricately choreographed dance. Inside, bacteria are shunted through slim plastic tubes, and alternately coddled, chilled and electrocuted. The whole assembly is about a metre and a half across, and controlled by an ordinary computer.

Say hello to the evolution machine. It can achieve in days what takes genetic engineers years. So far it is just a prototype, but if its proponents are to be believed, future versions could revolutionise biology, allowing us to evolve new organisms or rewrite whole genomes with ease. It might even transform humanity itself.

These days everything from your food and clothes to the medicines you take may well come from genetically modified plants or bacteria. The first generation of engineered organisms has been a huge hit with farmers and manufacturers - if not consumers. And this is just the start. So far organisms have only been changed in relatively crude and simple ways, often involving just one or two genes. To achieve their grander ambitions, such as creating algae capable of churning out fuel for cars, genetic engineers are now trying to make far more sweeping changes.

Grand ambitions

Yet changing even a handful of genes takes huge amounts of time and money. For instance, a yeast engineered to churn out the antimalarial drug artemisinin has been hailed as one of the great success stories of synthetic biology. However, it took 150 person-years and cost $25 million to add or tweak around a dozen genes - and commercial production has yet to begin.

The task is so difficult and time-consuming because biological systems are so complex. Even simple traits usually involve networks of many different genes, which can behave in unpredictable ways. Changes often do not have the desired effect, and tweaking one gene after another to get things working can be a very slow and painstaking process.

Many biologists think the answer is to try to eliminate the guesswork. They are creating libraries of ready-made "plug-and-play" components that should behave in a reliable way when put together to create biologicial circuits. But George Church, a geneticist at Harvard Medical School in Boston, thinks there is a far quicker way: let evolution do all the hard work for us. Instead of trying to design every aspect of the genetic circuitry involved in a particular trait down to the last DNA letter, his idea is to come up with a relatively rough design, create lots of variants on this design and select the ones that work best.

The basic idea is hardly original; various forms of directed evolution are already used to design things as diverse as proteins and boats. Church's group, however, has developed a machine for "evolving" entire organisms - and it works at an unprecedented scale and speed. The system has the potential to add, change or switch off thousands of genes at a time - Church calls this "multiplexing" - and it can generate billions of new strains in days.

Of course, there are already plenty of ways to generate mutations in cells, from zapping them with radiation to exposing them to dangerous chemicals. What's different about Church's machine is that it can target the genes that affect a particular characteristic and alter them in specific ways. That greatly increases the odds of success. Effectively, rather than spending years introducing one set of specific changes, bioengineers can try out thousands of combinations at once. Peter Carr, a bioengineer at MIT Media Lab who is part of the group developing the technology, describes it as "highly directed evolution".

The first "evolution machine" was built by Harris Wang, a graduate student in Church's lab. To prove it worked, he started with a strain of the E. colibacterium that produced small quantities of lycopene, the pigment that makes tomatoes red. The strain was also modified to produce some viral enzymes. Next, he synthesised 50,000 DNA strands with sequences that almost matched parts of the 24 genes involved in lycopene production, but with a range of variations that he hoped would affect the amount of lycopene produced. The DNA and the bacteria were then put into the evolution machine.

The machine let the E. coli multiply, mixed them with the DNA strands, and applied an electric shock to open up the bacterial cells and let the DNA get inside. There, some of the added DNA was swapped with the matching target sequences in the cells' genomes. This process, called homologous recombination, is usually very rare, which is where the viral enzymes come in. They trick cells into treating the added DNA as its own, greatly increasing the chance of homologous recombination.

The effect was to create new variants of the targeted genes while leaving the rest of the genome untouched. It was unlikely that all 24 genes would be altered simultaneously in any one bacterium, so the cycle was repeated over and over to increase the proportion of cells with mutations in all 24 genes.

Repeating the cycle 35 times generated an estimated 15 billion new strains, each with a different combination of changes in the target genes. Some made five times as much lycopene as the original strain, Wang's team reported in 2009 ( Nature, vol 460, p 894).

It took Wang just three days to do better than the biosynthesis industry has managed in years. And it was no one-off - he has since repeated the trick for the textile dye indigo.

Church calls this bold approach multiplex automated genome engineering, or MAGE. In essence, he has applied the key principles that have led to the astonishing advances in DNA sequencing - parallel processing and automation - to genetic engineering. And since Church was one of the founders of the human genome project and helped develop modern sequencing methods, he knows what he is doing.

Just as labs all over the world now buy thousands of automated DNA sequencing machines, so Church envisions them buying automated evolution machines. He hopes to sell them relatively cheaply, at around $90,000 apiece. "We're dedicated to bringing the price down for everybody, rather than doing some really big project that nobody can repeat," Church says.

He hopes the machines will greatly accelerate the process of producing novel microbes. LS9, a biofuels company based near San Francisco that was co-founded by Church, has said it hopes to use MAGE to engineer E. coli that can produce renewable fuels. Church and colleagues are also adapting the approach for use with other useful bacteria, including Shewanella, which can convert toxic metals such as uranium into an insoluble form, and cyanobacteria which can extract energy from light using photosynthesis.

A big revolution

In principle, the technique should work with plant and animal cells as well as microbes. New methods will have to be developed for coaxing cells to swap in tailored DNA for each type of organism, but Church and his colleagues say that progress has already been made in yeast and mammalian cells.

"I think it is a big revolution in genome engineering," says Kristala Jones Prather, a bioengineer at the Massachusetts Institute of Technology who is not part of Church's collaboration. "You don't have to already know what the answer is. You can manipulate multiple things at a time, and let the cell find a solution for you."

Because biological systems are so complex, it is a huge advantage to be able to tweak lots of genes simultaneously, rather than one at a time, she says. "In almost every case you'll get a different solution that's a better solution."

The disadvantage of Church's approach is that the "better solution" is mixed up with millions of poorer solutions. Prather points out that the technique is limited by how easy it is to screen for the characteristics that you want. Wang selected good lycopene producers by growing 100,000 of the strains he had created in culture dishes and simply picking out the brightest red colonies. "Essentially nothing that we use in my lab can be screened so easily," Prather says.

By automating selection and using a few tricks, though, it should be practical to screen for far more subtle characteristics. For instance, biosensors that light up when a particular substance is produced could be built into the starting strain. "The power going forward will have to do with clever selections and screens," says Church.

As revolutionary as this approach is, Church thinks MAGE's most far-reaching potential lies elsewhere. He reckons it will be possible to use the evolution machine to make many thousands of specific changes to a cell's DNA: essentially, to rewrite genomes.

At the moment, making extensive changes to even the smallest genome is extremely costly and laborious. Last year, the biologist and entrepreneur Craig Venter announced that his team had replaced a bacterium's genome with a custom-written one (Science, vol 329, p 52). His team synthesised small pieces of DNA with a specific sequence, and then joined them together to create an entire genome. It was an awesome achievement, but it took 400 person-years of labour and cost around $40 million.

MAGE can do the same job far more cheaply and efficiently by rewriting existing genomes, Church thinks. The idea is that instead of putting DNA strands into the machine with a range of different mutations, you add only DNA with the specific changes you want. Even if you are trying to change hundreds or thousands of genes at once, after a few cycles in the machine, a good proportion of the cells should have all the desired changes. This can be checked by sequencing.

If the idea works it would make feasible some visionary projects that are currently impossibly difficult. Church, needless to say, has something suitably ambitious in mind. In fact, it is the reason he devised MAGE in the first place.

In 2004 he had joined forces with Joseph Jacobson, an engineer at the MIT Media Lab, best known as inventor of the e-ink technology used in e-readers. Searching for a "grand goal" in bioengineering, the pair hit upon the idea of altering life's genetic code. Rather than just alter the sequence of DNA, they want to change the very language in which the instructions for life are written(see diagram).

This is not as alarming as it might sound. Because all existing life uses essentially the same genetic code, organisms that translate DNA using a different code would be behind a "genetic firewall", unable to swap DNA with any normal living thing. If they escaped into the wild, they would not be able to spread any engineered components. Nor would they be able to receive any genes from natural bacteria that would endow them with antibiotic resistance or the ability to make toxins. "Any new DNA coming in or any DNA coming out doesn't work," says Church. "We're hoping that people who are concerned, including us, about escape from industrial processes, will find these safer."

There is another huge advantage: organisms with an altered genetic code would be immune to viruses, which rely on the protein-making machinery of the cells they infect to make copies of themselves. In a cell that uses a different genetic code, the viral blueprints will be mistranslated, and any resulting proteins will be garbled and unable to form new viruses.

Doing this in bacteria or cell lines used for growing chemicals would be of huge importance to industry, where viral infections can shut down entire production lines. And the approach is not necessarily limited to single cells. "It's conceivable that it could be done in animals," says Carr.

Completely virus-proof

Carr and his colleagues have already begun eliminating redundant codons from the genome of E. coli. They are starting with the rarest, the stop codon TAG, which appears 314 times. Each instance will be replaced by a different stop codon, TAA. So far they have used MAGE to create 32 E. coli strains that each have around 10 of the necessary changes, and are now combining them to create a single strain with all the changes. Carr says this should be completed within the next few months, after which he hopes to start replacing another 12 redundant codons. To make a bacterium completely virus-proof will probably require replacing tens of thousands of redundant codons, he says, as well as modifying the protein-making factories so they no longer recognise these codons.

To ensure novel genes cannot be translated if they get passed on to other organisms, the team would have to go a step further and reassign the freed-up codons so a different amino acid to normal is added to a protein when they occur. This could include amino acids that do not exist in nature, opening the door to new types of chemistry in living cells. Artificial amino acids could be used to create proteins that do not degrade as easily, for example, which could be useful in industry and medicine.

There are potential dangers in making organisms virus-proof, though. Most obviously, they might have an advantage over competing species if they escaped into the wild, allowing them to dominate environments with potentially destructive effects. In the case of E. coli, those environments could include our guts.

"We want to be very careful. The goal is to isolate these organisms from part of the natural sphere with which they normally interact," says Carr. "We shouldn't pretend that we understand all possible ramifications, and we need to study these modified organisms carefully." But he points out that we deal with similar issues already, such as invasive species running riot in countries where they have no natural predators. Additional safeguards could be built in, such as making modified organisms dependent on nutrients they can get only in a lab or factory. And if the worst came to the worst, biologists could create viruses capable of killing their errant organisms. Such viruses would not be able to infect normal cells.

Church argues that with proper safety and regulatory controls, there is no reason why the approach shouldn't be used widely. "I think that to some extent you'd like every organism to be multi-virus resistant," he says. "Or at least industrial microbes, agricultural species and humans."

Yes, humans. Church is already adapting MAGE for genetically modifying human stem cell lines. The work, funded by the US National Human Genome Research Institute, aims to create human cell lines with subtly different genomes in order to test ideas about which mutations cause disease and how. "Sequencing is now a million times cheaper, and there are a million times as many hypotheses being generated," he says. "We'd like to develop the resources so that people can quickly test hypotheses about the human genome by synthesising new versions."

As the technology improves and becomes routine, says Church, it could also be used to alter the cells used for cell-based therapies. Tissue-engineered livers grown from stem cells, say, could have their genetic code altered so that they would be immune to liver-destroying viruses such as hepatitis C.

"Everybody getting stem cell therapies will be given a choice of doing ordinary stem cell therapy - either with their cells or donor cells - or doing stem cells that are resistant to viruses," he says. "There will have to be all kinds of safety checks and FDA approval and so forth, but most people faced with two fairly safe choices, one of which is virus-sensitive and one of which is virus-resistant, are going to take the virus-resistant one."

Of course, there would be enormous experimental and safety hurdles to overcome. Not least the fact that gene targeting using homologous recombination or any other method is not perfect - the added DNA is sometimes inserted into the wrong place in the genome, and the process can trigger other kinds of mutations too. Such off-target changes might be a big problem when making hundreds of targeted changes at a time.

So not surprisingly, Carr describes the move to humans as "fraught with peril". But if we do get to a point where there are lots of people walking around with virus-resistant tissues or organs, and lots of farm animals that are completely virus-resistant, Church thinks it is only a matter of time before clinics create virus-resistant babies. "If it works really well, somebody somewhere will decide to try it in the next generation."

Making changes to the genomes of humans that will get passed on to their children has long been seen as taboo. But Church points out that there was strong resistance to techniques such as in vitro fertilisation and organ transplants when they were new; yet as soon as they were shown to work, they were quickly accepted. "Many technologies start out that way," he says. "But once they work really well, everybody says it's unethical not to use them."

Arthur Caplan, a bioethicist at the University of Pennsylvania in Philadelphia who advises the US government on reproductive technologies, is sceptical about the idea of making virus-resistant people, because anyone modified in this way would only be able to conceive children naturally with a partner whose genome had been altered in exactly the same way. "You would be denying a hugely important choice to a future modified human."

But, he says, if MAGE really can be used to edit the genome of human cells, it would provide a way to fix the mutations that cause inherited disease. It could be the technology that opens the door to the genetic engineering of humans. We should start debating now how best to use it, Caplan says. Should it be limited to preventing disease, or used for enhancement too? What sort of regulation is needed? Who should be eligible?

This prospect might seem a long way off, but Caplan argues that if the technique works well in other species, it could become feasible to attempt to engineer humans in as little as 10 years. "If you learn to do this in microbes and then in animals, you'll find yourself wondering how we got to humans so fast," he says. "You've got to pay attention to what's going on in lower creatures because that's the steady march to people."

If all this sounds wildly implausible, bear in mind that the idea of sequencing an entire human genome in days seemed nigh on impossible just a few years ago. Now it's fast becoming routine. Most biologists would probably agree that it is just a matter of time before we develop the technology needed to rewrite the DNA of living creatures at will. If Church succeeds, this future will happen faster than any imagined.