How To Hack Facebook Account 2013

All information in this tutorial is for educational purposes only. Any illegal activity relating to

this tutorial is not my responsibility, although I would like to say I don't care how you use it, I do. So please do not use this for Black-hat activities.
One day when you grow up you might realised that you have been a skid, by using mass-deface techniques and SQLi for your entire life. Do not just hack a site because it is there. I have a few sites of my own and its annoying, unproductive, and pointless.


1 - Android Remort Adminstrator Tool - A RAT is also a shortcut called Remote Administrator Tool. It

is mostly used for malicious purposes, such as controlling Android Phones, stealing victims data,

deleting or editing some files. You can only infect someone by sending him file called Server and

they need to click it.


Here More Information -> CLICK ME


2- Remote Administrator Tool - A remote access Trojan (RAT) is a malware program that includes a

back door for administrative control over the target computer. RATs are usually downloaded invisibly

with a user-requested program -- such as a game -- or sent as an email attachment. Once the host

system is compromised, the intruder may use it to distribute RATs to other vulnerable computers and

establish a botnet. RATs can be difficult to detect because they usually don't show up in lists of

running programs or tasks. The actions they perform can be similar to those of legitimate programs.

Furthermore, an intruder will often manage the level of resource use so that a drop in performance

doesn't alert the user that something's amiss.


How To Create RAT - CLICK ME
You Tube Link - CLICK ME
Download Link - CLICK ME
Download Link 2 Official Website - CLICK ME
PDF Version - CLICK ME


3- Keylogger - Keyloggers are programs which record each keystroke on the computer they are

installed on. This provides a complete log of text entered such as passwords, emails sent and

websites visited. This log can then be automatically sent over a remote connection without the

person using the computer necessarily knowing about it. Because of this, keyloggers are typically

associated with malicious software and they will usually be picked up and removed by virus scanners.

However, there are also keyloggers which are commercially available for home or office use. In this

way, keyloggers have a distinct set of purposes which make them very useful in certain situations.


How To Create Keylogger - CLICK ME
You Tube Link - CLICK ME
Download Keylogger - CLICK ME
PDF Version - CLICK ME


4- Phishing - In computing, phishing is a form of criminal activity using social engineering

techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and

credit card details, by masquerading as a trustworthy person or business in an electronic

communication. Phishing is typically carried out using email or an instant message, although phone

contact has been used as well. Attempts to deal with the growing number of reported phishing

incidents include legislation, user training, and technical measures.


How To Create Facebook Fake Login Page - CLICK ME
You Tube Link - CLICK ME
Download fake Login Page - CLICK ME
PDF Version - CLICK ME


5- Click-Jacking - Clickjacking, also known as a "UI redress attack", is when an attacker uses

multiple transparent or opaque layers to trick a user into clicking on a button or link on another

page when they were intending to click on the the top level page. Thus, the attacker is "hijacking"

clicks meant for their page and routing them to other another page, most likely owned by another

application, domain, or both. Using a similar technique, keystrokes can also be hijacked. With a

carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe

they are typing in the password to their email or bank account, but are instead typing into an

invisible frame controlled by the attacker.


What Is Clickjacking ? How It's Work ? -

Click Jacking - CLICK ME
You Tube Link - CLICK ME
Advanced Tutorial - CLICK ME
PDF Version - CLICK ME


6- Tabnabbing - Tabnabbing is a computer exploit and phishing attack, which persuades users to

submit their login details and passwords to popular websites by impersonating those sites and

convincing the user that the site is genuine. The attack's name was coined in early 2010 by Aza

Raskin, a security researcher and design expert. The attack takes advantage of user trust and

inattention to detail in regard to tabs, and the ability of modern web pages to rewrite tabs and

their contents a long time after the page is loaded. Tabnabbing operates in reverse of most phishing

attacks in that it doesn’t ask users to click on an obfuscated link but instead loads a fake page in

one of the open tabs in your browser.


What Is TabNabbing ? How It's Work - CLICK ME
You Tube Link - CLICK ME
TabNabbing In Backtrack 5 - CLICK ME
PDF Version - CLICK ME


7- Session Hijacking - The Session Hijacking attack consists of the exploitation of the web session

control mechanism, which is normally managed for a session token. Because http communication uses

many different TCP connections, the web server needs a method to recognize every user’s connections.

The most useful method depends on a token that the Web Server sends to the client browser after a

successful client authentication. A session token is normally composed of a string of variable width

and it could be used in different ways, like in the URL, in the header of the http requisition as a

cookie, in other parts of the header of the http request, or yet in the body of the http

requisition. The Session Hijacking attack compromises the session token by stealing or predicting a

valid session token to gain unauthorized access to the Web Server.


What Is Session Hijacking ? How It's Work ? - CLICK ME
You Tube Link - CLICK ME
PDF Version - CLICK ME


8- Side Jacking Using Fire Sheep - HTTP session hijacking, better known as “sidejacking”, poses a

major threat to all internet users. This is due to the common use of Wi-Fi networks, which are

inherently unsecure, but also because of the wide-spread misplaced trust in the safety of internet

use on phones and perceived secure connections. It has been demonstrated that wired networks are

also not necessarily safe from sidejacking attempts and even your interactions in an App store can

be at risk as well.

If you are logging into Facebook using the open Wi-Fi network at your local watering hole, an

individual with a simple tool such as Firesheep can gain access to your account, change your

password, and then potentially take advantage of other programs linked to that account. These

sidejacking attacks can be done without any programming knowledge and the problem isn’t simply

limited to the unencrypted Wi-Fi networks we are familiar with. Firesheep can be used to intercept

information sent over any unencrypted HTTP session, whether it is wired or wireless. And what can a

Sidejacker do with my connection to an App store, you may wonder? Great question! Elie Bursztein at

Google cites the various ways your App browsing and buying can be compromised. It can be everything

from password stealing to App swapping, when an attacker’s malware App is downloaded instead of the

actual App that was paid for.The industry is slowly starting to adapt the practice of always on SSL

to protect users, including in App stores. The implementation of always on SSL, or end-to-end

encryption using HTTPS, is a great place to start. It is natural to visit a website and feel secure

because you have logged in to your account with a unique username and password, but the problem is

that if the rest of the traffic is not encrypted, a Sidejacker can gain access to the vulnerable

cookie and then manipulate any personal information within the account. However, when a website is

secured with HTTPS from the time of first access to the time you leave, the entire session is

encrypted in a way that prevents your information from being compromised.

What Is SideJacking Using FireSheep ? - CLICK ME
You Tube Link - CLICK ME


9 - ARP Poisoning - Address Resolution Protocol (ARP) poisoning is a type of attack where the Media

Access Control (MAC) address is changed by the attacker. Also, called an ARP spoofing attacks, it

is effective against both wired and wireless local networks. Some of the things an attacker could

perform from ARP poisoning attacks include stealing data from the compromised computers, eavesdrop

using man-in-the middle methods, and prevent legitimate access to services, such as Internet

service.

A MAC address is a unique identifier for network nodes, such as computers, printers, and other

devices on a LAN. MAC addresses are associated to network adapter that connects devices to

networks. The MAC address is critical to locating networked hardware devices because it ensures

that data packets go to the correct place. ARP tables, or cache, are used to correlate network

devices’ IP addresses to their MAC addresses.In for a device to be able to communicate with another

device with a known IP Address but an unknown MAC address the sender sends out an ARP packet to all

computers on the network. The ARP packet requests the MAC address from the intended recipient with

the known IP address. When the sender receives the correct MAC address then is able to send data to

the correct location and the IP address and corresponding MAC address are store in the ARP table for

later use.

ARP poisoning is when an attacker is able to compromise the ARP table and changes the MAC address so

that the IP address points to another machine. If the attacker makes the compromised device’s IP

address point to his own MAC address then he would be able to steal the information, or simply

eavesdrop and forward on communications meant for the victim. Additionally, if the attacker changed

the MAC address of the device that is used to connect the network to Internet then he could

effectively disable access to the web and other external networks.


What Is ARP Poisoning How It's Work - CLICK ME
ARP Poisoning Advanced tutorial - CLICK ME
You Tube Link - CLICK ME
PDF Version - CLICK ME


10- Stealers - It is a small software which steals passwords that are stored in our web browsers,

chat apps such as yahoo messenger .etc , Stealer's then send these stolen passwords to the Hackers

FTP server, Usually Stealer's look like keyloggers but there are many differences, Stealer's steal

only passwords that stored in the web browsers they wont capture keystrokes typed by the user


What Is Stealers How It's Work - CLICK ME
Advanced tutorial - CLICK ME
You Tube Link - CLICK ME


11 - Java Drive By - A Java Drive-By is a Java Applet that is coded in Java and is put on a website.

Once you click "Run" on the pop-up, it will download a program off the internet. This program can be

a virus or even a simple downloader. If you'd like to get the source code or wanna know more

information about a Java Drive-By, use Google.

What Is Java Drive By ? How It's Work - CLICK ME
You Tube Link - CLICK ME
You Tube Link For Noobs Peoples - CLICK ME


12 - Cookie Stealing Attack - Cookies are small files that stored on users computer by websites when

a user visits them. The stored Cookies are used by the web server to identify and authenticate the

user .For example when a user logins in Facebook a unique string is generated and one copy of it is

saved on the server and other is saved on the users browser as Cookies. Both are matched every time

the user does any thing in his account. So if we steal the victims cookie and inject them in our

browser we will be able to imitate the victims identity to the web server and thus we will be able

to login is his account . This is called as Side jacking .The best thing about this is that we need

not no the victims id or password all we need is the victims cookie.


What Is Cookie Stealing Attack ? - CLICK ME
You Tube Link - CLICK ME


13 - Social Engineering - Social engineering is the use of deception and manipulation to obtain

confidential information. It is a non-technical kind of intrusion that relies heavily on human

interaction and often involves tricking people into breaking normal security procedures. Social

engineers rely on the fact that people are not aware of the value of the information they possess

and are careless about protecting it. In anti virus computer security software, social engineering

is generally a hacker's clever manipulation of the natural human tendency to trust. The hacker's

goal is to obtain information that will gain him/her unauthorized access to a system and the

information that resides on that system. Typical examples of social engineering are phishing e-mails

or pharming sites.


What Is Social Engineering ? - CLICK ME
You Tube Link - CLICK ME
PDF Version - CLICK ME


14 - Botnets - Botnets are not commonly used for hacking facebook accounts, because of it's high

setup costs, They are used to carry more advanced attacks, A botnet is basically a collection of

compromised computer, The infection process is same as the keylogging, however a botnet gives you,

additional options in for carrying out attacks with the compromised computer. Some of the most

popular botnets include Spyeye and Zeus.


What Is Botnet ? How It's Work ? - CLICK ME
You Tube Link - CLICK ME
PDF Version - CLICK ME


15 - Man In the Middle Attacks - A Man-in-the-Middle attack is a type of cyber attack where a

malicious actor inserts him/herself into a conversation between two parties, impersonates both

parties and gains access to information that the two parties were trying to send to each other. A

Man-in-the-Middle Attack allows a malicious actor to intercept, send, and receive data meant for

someone else, or not meant to be sent at all, without either outside party knowing until it is too

late. Man-in-the-Middle attacks can be abbreviated in many ways including, MITM, MitM, MiM, or MIM.


How They Work ? What Was That - CLICK ME
You Tube - CLICK ME
Pdf Version - CLICK ME

THANKS FOR READING TILL THE END! HOPE YOUR MOUSE SCROLL IS STILL WORKING GOOD LOL