Showing posts with label Domain and Website Hacking. Show all posts
Showing posts with label Domain and Website Hacking. Show all posts

How to Create your domain Email account with Hotmail

The first step is to go to domains.live.com and enter your domain name on the next page



Now Select Sign in with an existing Microsoft Account and Click on Continue


Now Click on I Accept Button


Log in to the Cpanel for your domain.
Navigate to an MX record maintenance page. MX records are special DNS (Domain Name Service) records, and are often located under sections titled “DNS Management,” “Mail Server Configuration,” You may need to turn on advanced settings to allow editing of these MX records.


Delete any existing MX records before entering new MX records.

Add an MX record for the email server.
Enter the fully qualified server name, such as 07e1d99c5dbf194ba723c7439a5517.pamx1.hotmail.com many domain providers also require a trailing period at the end of the server name. Set the priority for the record.



Go to Windows Live Admin Center on the left sidebar you will find options to member accounts on your domain. Now Click on Add Button



Now you can manually create email accounts. Just fill in the form to add an account and click Ok


Now login to your Hotmail account



Domain Analyzer Security Tool

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.

Features
  • It creates a directory with all the information, including nmap output files.
  • It uses colors to remark important information on the console.
  • It detects some security problems like host name problems, unusual port numbers and zone transfers.
  • It is heavily tested and it is very robust against DNS configuration problems.
  • It uses nmap for active host detection, port scanning and version information (including nmap scripts).
  • It searches for SPF records information to find new hostnames or IP addresses.
  • It searches for reverse DNS names and compare them to the hostname.
  • It prints out the country of every IP address.
  • It creates a PDF file with results.
  • It automatically detects and analyze sub-domains!
  • It searches for domains emails.
  • It checks the 192 most common hostnames in the DNS servers.
  • It checks for Zone Transfer on every DNS server.
  • It finds the reverse names of the /24 network range of every IP address.
  • It finds active host using nmap complete set of techniques.
  • It scan ports using nmap.
  • It searches for host and port information using nmap.
  • It automatically detects web servers used.
  • It crawls every web server page using our Web Crawler Security Tool.
  • It filters out hostnames based on their name.
  • It pseudo-randomly searches N domains in google and automatically analyze them!
  • Uses CTRL-C to stop current analysis stage and continue working.
First download Domain Security Analyzer from here and save in your desktop
Now untar the file tar zxvf domainanalyzer.tar.gz


Crawler
./crawler.py –u www.hackingarticles.in


Options:

  -u, --url                           
URL to start crawling.
-m, --max-amount-to-crawl
Max deep to crawl. Using breadth first algorithm
-w, --write-to-file                 
Save summary of crawling to a text file. Output directory is created automatically
-s, --subdomains                    
Also scan subdomains matching with url domain.
-r, --follow-redirect               
Do not follow redirect. By default follow redirection at main URL.
-f, --fetch-files                   
Download there every file detected in 'Files' directory. Overwrite existing content.
-F, --file-extension                
Download files specified by comma separated extensions. This option also activates 'fetch-files' option. 'Ex.: -F pdf,xls,doc'
-d, --docs-files                    
Download docs files:xls,pdf,doc,docx,txt,odt,gnumeric,csv, etc. This option also activates 'fetch-files' option.
-E,--exclude-extensions            
Do not download files that matches with this extensions. Options '-f','-F' or '-d' needed.
-h, --help                          
Show this help message and exit.
  -V, --version                       
Output version information and exit
  -v, --verbose                       
Be verbose
  -D, --debug                         
Debug.

Domain Analyzer
./domain_analyzer_v_0.5.py –d www.example.com



Options               

-h, --help
Show this help message and exit
-V, --version
Output version information and exit.
-D, --debug
Debug
-d, --domain
Domain to analyze.
  -j, --not-common-hosts-names
Do not check common host names. Quicker but you will lose hosts
-t, --not-zone-transfer 
Do not attempt to transfer the zone.
-n, --not-net-block 
Do not attempt to -sL each IP netblock.
-o, --store-output
Store everything in a directory named as the domain. Nmap output files and the summary are stored inside.
-a, --not-scan-or-active 
Do not use nmap to scan ports nor to search for active hosts
-p, --not-store-nmap 
Do not store any nmap output files in the directory /nmap
-e, --zenmap
Move xml nmap files to a directory and open zenmap with the topology of the whole group. Your user should have access to the DISPLAY variable.
-g, --not-goog-mail 
Do not use goog-mail.py (embebed) to look for emails for each domain
-s, --not-subdomains 
Do not analyze sub-domains recursively. You will lose subdomain internal information.
-f, --create-pdf 
Create a pdf file with all the information.
-w, --not-webcrawl 
Do not web crawl every web site (in every port) we found looking for public web mis-configurations (Directory listing, etc.).
-m, --max-amount-to-crawl
If you crawl, do it up to this amount of links for each web site. Defaults to 50.
-F, --download-files
If you crawl, do ti up to this amount of links for each web site. Defaults to 10.
-c, --not-countrys
Do not resolve the country name for every IP and hostname.
  -q, --not-spf
Do not check SPF records.
-k, --random-domain
Find this amount of domains from google and analyze them. For base domain
-x, --nmap-scantype
Nmap parameters to port scan. Defaults to: '-O --reason --webxml --traceroute

How to Setup Website cpanel in Your PC (Windows 7)

Sign into your cPanel and follow these steps:
Go to Files and click Web Disk


Create a new user by entering a name into the Login. Enter a password into New Password and then again into Password (Again).  A directory should automatically be entered once you enter in your password. However, if you would like to change it, enter your desired directory into Directory. Click Create


You will then get confirmation that your user has access to the web disk. Click Go Back



Go to Web Disk Account Management and click Access Web Disk on the account you just created.


Choose your operating system and version. For this example, we will be using Windows 7.


Select your Operating option.




From the desktop, click on Start and then Computer. Then, click Map Network Drive.


From that screen, click Connect to a Web site that you can use to store your documents and pictures, and then click next.


Click on next



Click Choose a custom network location, and then click next.


Enter the following in the Internet or network address field: http://example.com:2077


Enter your Web Disk username and password when prompted.


In the Type a name for this network location field, type a name that you will recognize. Click Next.
If you want to access the Web Disk right away, click the checkbox next to Open this network location when I click Finish.
Click Finish. Your Web Disk will open.

How to Protect Your Domain Name

Domain Theft Protection is a security service offered to provide an additional layer of security to Domains. This FREE service allows you to lock your Domain Names, guarding them against unauthorized Transfers. Enabling Theft Protection on your domain name will result in a Transfer Away Request for this domain name to another Registrar to fail at the Registry itself.



Login in Your Domain Panel

Find the Domain Theft Protection



Domain Lock
Apart from enabling Theft protection for your domain name, you can also place a Lock on it. Applying a Lock on your domain protects it from accidental modification of name servers and contact details.

How to setup Google Apps for Your Domain

Step 1 - Sign up your domain for Google Apps:

·         specify that you are an ‘Administrator’, not an ‘End-user’
·         enter the domain name as follows: yourdomain.com
·         click the ‘Get Started’ button to continue

Step 2 - Create an account administrator & enter the relevant organisation information

·         use an existing email address
·         tick the box to indicate you understand about the required DNS changes
·         enter the organisation info




Step 3 - Create your first administrator account
·         select an username
·         Type a password
·         accept the terms & conditions


Click ‘I accept’ & Google Apps will send you a welcome email detailing next steps. You can ignore the email but keep it around for future reference. Please make a note of all these details as these are the domain administrator details and will be required at some stage in the future

Verifying ownership via the Upload an HTML file method

The next step involves activating your Google Apps account and you need to verify that you own yourdomain.com.
Step 1 - Select the ‘Upload an HTML file’ option



To create MX records for a domain:
·         Log in to the Cpanel for your domain.
·        Navigate to an MX record maintenance page. MX records are special DNS (Domain Name Service) records, and are often located under sections titled "DNS Management," "Mail Server Configuration," or "Name Server Management." You may need to turn on advanced settings to allow editing of these MX records.

Delete any existing MX records before entering new MX records.
Add an MX record for the email server.
Enter the fully qualified server name, such as ASPMX.L.GOOGLE.COM. Many domain providers also require a trailing period at the end of the server name.
Set the priority for the record.


MX Server address Priority
ASPMX.L.GOOGLE.COM. 10
ALT1.ASPMX.L.GOOGLE.COM. 20
ALT2.ASPMX.L.GOOGLE.COM. 20
ASPMX2.GOOGLEMAIL.COM. 30
ASPMX3.GOOGLEMAIL.COM. 30
ASPMX4.GOOGLEMAIL.COM. 30
ASPMX5.GOOGLEMAIL.COM. 30

The Google Apps Dashboard
Once in the Google Apps dashboard the first step is to activate email: click the link below the email icon and on the next MX records screen say ‘I have completed these steps’ - we have already made all the appropriate DNS entries for your domain.
After this step the dashboard will state how long before email is activated: they say 48 hours but it’s usually within the hour.