Hacking Attempt Requests Not showing Up on Webserver Logs But Google Analytics Shows it

Which hacking tool makes a request and does not show up on web-server logs?

/en/latest/ has been requested over 116, we don’t have this URL on the website at all!

The request to that URL does not show up on web-server logs but I setup google analytics to track ad-blockers by loading the script on a different URL that ad-blockers don’t know . But ever since i setup this google analytics it has trapped lots of hacking request on none existing URL?

How comes google analytics captures the request(The Hackers don’t actually know) and the request seems not reach the web-server because no logs are shown?

The thing is there is a deliberate request to none existing URL, that don’t show up on web-server logs, but my secrete google analytic scripts captures the URL

python time since epoch hacking system variable

I am trying to figure out whether it’s safe to let a payed software check its own license date validity using the client’s computer

the way this is done is by invoking time.time() function from python and comparing it to the hashed license expiry date. if the time.time() returns anything after the expiry date than the software throws a license expired error.

The concern I have is whether it’s possible for someone to change some system variables and get time.time() function return a different difference since epoch than the real actual one.


IT security audit : is threat modelling key to reproducible success of just following a methodology (ex : ethical hacking)

To sum up the methodology of ethical hacking, what you do is :

  • Information gathering (gets the IP, domains, etc…)
  • Fingerprint the IP (what OS, what services are running, etc…)
  • Vulnerability assessment (are any services or vulnerable application found to be vulnerable ?)
  • Exploitation : verify the result of the step above

But, I came to realize during my security audit that end up either asking google questions like “what should I do to hack system A ?” or questions like “what are the tools to assess the security of system A ?”

It’s like looking for a looking for a needle in a haystack.

Then I read a paper in which the audit started with threat modelling. I was just asking myself how would a hacker (either a script kiddy or an ethical hacker) should perform threat modelling in order to have results meaningful to integrate and follow the methodology (info gathering, fingerprinting, vuln assessement, etc…)

I’m starting to believe this would make the security audit more professional and its results more reproducible. What do you think ?

I think my neighbors are hacking my cellular data

My neighbors and I don’t get along. I moved out of the place to get away from my neighbors because I suspected that they have been hacking my cellular data and WiFi. After 2 months, I move back to the same place and now I can’t access the internet using cellular data on my iPhone 7. I’m too scared to use WiFi on my phone. I have an Ultra mobile plan and my cellular data is 4G LTE. The LTE sign on the upper left is still visible, but I cannot connect to the internet. Any page I visit it will say cannot connect to the server. I don’t have unlimited data in my plan but I checked it and it says I have about 799 MBs of mobile data left so I should still be able to surf the web.

I think it could be either a DDos attack on my cellular data’s IP address or something jamming the signal?? I really don’t know and it’s stressing me out. I mean I could go and buy a new ultra mobile SIM card for $ 30, but it would be pointless to buy it just for it to happen again. Any ideas what is going on and how can I prevent this from happening?

Any help is greatly appreciated.

Australian Bush fire donation hacking

On the recent Australian Bushfire event, people are donating to help them. But some inhumane(cybercriminals) are stealing people’s money by injecting malicious script on e-commerce and donation sites. For people, it seems that they have donated the money to the right donation site but all the credit card info along with submitted information is being diverted to the domains which are being controlled by the hackers.

My question is can this be minimized by cybersecurity awareness/education? Or how as a user we can prevent ourselves by not being the victim? and how to detect these hijacked websites?

How could learning hacking help me secure myself?

I am mostly interested in the branch of web hacking (the one most used by bug hunters), usually the two types of hackers are the black hat hackers, those who attack, and the white hat hackers the ones who defends.

My question is: If someone learned web hacking for the purpose of defending and searching for bugs, how can this field of study affect his daily life protection and privacy? Would it be useful to learn this type of hacking for personal security? (i.e. the security of my laptop and network etc.)

And what could be some best branches of hacking that are useful for securing and protecting myself? And what other benefits would I get by learning hacking assuming that I am not considering it as my future career like working as cyber security or something?