What are assertions in Java Programming

In this article we will learn what are assertions. How to create and use assertions in Java programs and how to enable and disable assertions while running a Java program.

Assertions in Java


Definition: An assertion is a condition that should be true during the program execution. They are generally used to detect errors (testing) during development of software. They have no use after the code is released to the users. They encourage defensive programming.

Creating and Using Assertions:
Assertions can be created using the assert keyword. The general form of using assert keyword is as follows:
assert condition;
When the given condition becomes falseAssertionError is thrown by the Java run-time. The second form of assert is as follows:
assert condition : expr;
In the above syntax, expr can be any non-void value which will be passed on to the constructor of AssertionError and will be displayed as an error message.

Enabling and Disabling Assertions:
For enabling them we have to use the following syntax while executing a Java program:
java -ea ClassName
Where -ea denotes enable assertion and similarly for disabling them we can use the following syntax:
java -da ClassName
Where -da denotes disable assertion.
For enabling or disabling assertion in a package we can use the following syntax:
java [-ea | -da] [:package-name… | :ClassName]

Example Program:
Let’s consider a Java program where the numbers entered by the user must not be negative values. To implement this we can use assert keyword as follows:
If the n value is given as -9, then output of the above program is:
Exception in thread “main” java.lang.AssertionError
at AssertionDemo.main(AssertionDemo.java:9)
As the above error message does not give much information we can use second form of assert as shown in the below program:

Now the output of the above program for -9 as n value is:
Exception in thread “main” java.lang.AssertionError:
n cannot be negative
at AssertionDemo.main(AssertionDemo.java:9)

Take your time to comment on this article

BlackArch Linux 2016.12.20 Ethical Hacking Distro Released With 100+ New Tools

BlackArch Linux 2016.12.20 has just been released. The new ISO respins come with Linux kernel 4.8.13 and more than 100 new tools. The users have the option to use the live ISO images or install BlackArch Linux from the scratch.
BlackArch Linux is a popular penetration testing and ethical hacking operating system that’s based on Arch Linux. The users have the option to install all the hacking tools individually or in groups. Also, the existing Arch Linux users can convert their installation into a BlackArch Linux distro.
BlackArch, which is often listed as one of the alternatives to Kali Linux, is a relatively newer project. But, in a short period of time, its software repository has become a home to 1605 tools. Now, BlackArch project is here with BlackArch Linux 2016-12-20 ISO images.

BlackArch 2016.12.20 comes with 100+ new tools

The updated ISOs, which are available for both 64-bit and 32-bit deployments, take about 6.2GB space. This release also ships with the new Linux 4.8 kernel. The complete changelog is:
  • Linux kernel 4.8.13
  • lxdm shutdown/reboot issue fix
  • userland clean-ups
  • addition of 100+ tools
  • all BlackArch tools updated
  • all system packages updated
In this update, the menus of window manager (Openbox, Fluxbox, and Awesome) have been updated and polished.
Prior to these changes, last month, BlackArch was updated with many new tools like Dracnmap, OpenDoor, WAFNinja, Hoper, etc.

BlackArch download and installation:

The interested users can install BlackArch Linux in three different ways. First, they can install it on top of Arch Linux by running few commands. Second, one can download the ISO and use a live system. Third, the users can use an installer that comes with ISO to install BlackArch from the scratch.
The users also have the option to grab the lightweight netinstall ISO image for bootstrapping machines.
Did you find the latest release of BlackArch Linux with 1600+ tools interesting? Don’t forget to tell us your views and feedback in the comments section below.

The 27 Top Android Apps for Hacking

Here we have in no particular order the top Android apps for hacking using an android smartphone.
Disclaimer: These apps should be used for research purposes only
1. SpoofApp:- SpoofApp is a Caller ID Spoofing, Voice Changing and Call Recording mobile app for your iPhone, BlackBerry and Android phone. It’s a decent mobile app to help protect your privacy on the phone. However, it has been banned from the Play Store for allegedly being in conflict with The Truth in Caller ID Act of 2009.
2. Andosid:- The DOS tool for Android Phones allows security professionals to simulate a DOS attack (an http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.
3.Faceniff:- Allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks.
4.Nmapper:- (Network Mapper) is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a “map” of the network. To accomplish its goal, Nmapper sends specially crafted packets to the target host and then analyses the responses.
5. Anti-Android Network Toolkit:- zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety.
6. SSHDroid:- SSHDroid is a SSH server implementation for Android. This application will let you connect to your device from a PC and execute commands (like “terminal” and “adb shell”) or edit files (through SFTP, WinSCP, Cyberduck, etc).
7. WiFi Analyser:- Turns your android phone into a Wi-Fi analyser. Shows the Wi-Fi channels around you. Helps you to find a less crowded channel for your wireless router.
8. Network Discovery:- Discover hosts and scan their ports in your Wifi network. A great tool for testing your network security.
9. ConnectBot:- ConnectBot is a powerful open-source Secure Shell (SSH) client. It can manage simultaneous SSH sessions, create secure tunnels, and copy/paste between other applications. This client allows you to connect to Secure Shell servers that typically run on UNIX-based servers.
10. dSploit:-Android network analysis and penetration suite offering the most complete and advanced professional toolkit to perform network security assesments on a mobile device.
11. Hackode:- The hacker’s Toolbox is an application for penetration tester, Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc.
12.Androrat:- Remote Administration Tool for Android. Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.
13.APKInspector:- APKinspector is a powerful GUI tool for analysts to analyse the Android applications. The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code.
14.DroidBox:- DroidBox is developed to offer dynamic analysis of Android applications.
15.Burp Suite:- Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
16. Droid Sheep:- DroidSheep can be easily used by anybody who has an Android device and only the provider of the web service can protect the users. So Anybody can test the security of his account by himself and can decide whether to keep on using the web service.
17. AppUse:– Android Pentest Platform Unified Standalone Environment:- AppSec Labs recently developed the AppUse Virtual Machine. This system is a unique, free, platform for mobile application security testing in the android environment, and it includes unique custom-made tools created by AppSec Labs.
18. Shark for Root:- Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump.
19. Fing:- Find out which devices are connected to your Wi-Fi network, in just a few seconds.
Fast and accurate, Fing is a professional App for network analysis. A simple and intuitive interface helps you evaluate security levels, detect intruders and resolve network issues.
20.Drozer:- drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a drozer agent by using weasel – MWR’s advanced exploitation payload.
21. WifiKill:– Second app, developed also by B.Ponury is an app which can kill connections and kick site-hoggers from the site. This app definitely kick then net user from the site so he cannot use it anymore. The app also offers the list of viewed sites by the hogger.
22. DroidSniff:– Similar to DroidSheep but with a newer and nicer interface is DroidSniff – sniffing app not only for Facebook. This app shows you what is the hogger looking for and then you can “take” his control, steal the cookies and rock’n’roll. Works perfectly.
23. Network Spoofer:– The last app, called NetWork Spoofer is very similar to dSploit but it’s more easier to use. Only hitch is that you need to have at least 500MB of free data. It offers you a lot of troll features – change Google searches, flip images, redirect websites, swap YouTube videos and others.
24. Droid SQLI:- allows you to test your MySQL based web application against SQL injection attacks. DroidSQLi supports the following injection techniques: Time based injection, blind injection, error based injection, normal injection.
25. sqlmapchik:- is a cross-platform sqlmap GUI for the extremely popular sqlmap tool
26. Whatsapp viewer:- is a simple forensic tool. It gives the access to whatsapp chat directly from sqlite databases, even from encrypted databases.
27. WhatsAPI:- Is a platform that allows you to send bulk messages through PHP. The script itself is simple.