Welcome back, my aspiring hackers! As you have probably discovered by now, the file system in Linux is structured differently from Windows. There are no physical drives—just a logical file system tree with root at the top (yes, I know, roots should be at the bottom, but this ...more
MouseJack vulnerabilities were disclosed over three years ago. Some wireless keyboard manufacturers have since issued firmware updates, but millions (if not billions) of keyboards remain unpatched worldwide, either because they can't be updated or because the manufacturer neve ...more
Cross-site scripting is one of the most common vulnerabilities found on the web today, with repercussions of this type of flaw ranging from harmless defacement to sensitive data exposure. Probing for XSS can be tedious and time-consuming for an attacker, but luckily there are ...more
Welcome back, my tenderfoot hackers! As hackers, we often are required to get past antivirus (AV) software or other security measures. To do so effectively, we need to have some understanding of how AV software works. In this tutorial, we will take a cursory view of how AV so ...more
Remember when MITMing people to pentest webapps and log-ins you had to fire Ettercap,Arpspoof, SSLstrip, then look for credentials in the captured packets? No more thanks to (or fault of?) "Subterfuge". Surprisingly, there's nothing about Subterfuge here on Null Byte (is it? ...more
Welcome back, my greenhorn hackers! Throughout this series on Metasploit, and in most of my hacking tutorials here on Null Byte that use Metasploit (there are many; type "metasploit" into the search bar and you will find dozens), I have focused primarily on just two types of ...more
Russian cyber disinformation campaigns have many missions, but one of particular interest is using technology to monitor, influence, and disrupt online communications surrounding culturally sensitive topics or protests. The ability to watch these events, and even filter positi ...more
Though you can use the Social Engineering Toolkit to clone websites, this way is much more customisable. For example, you could send the credentials your victim enters to a script that mails you notifying you of new data someone's just entered, or automatically store them in ...more
Most companies have services like employee login portals, internal-only subdomains, and test servers they would prefer to keep private. Red teams and white hat hackers can find these obscure and often vulnerable services using a tool designed to help protect users from fraudul ...more
Welcome back, my budding hackers! As I have mentioned many times throughout this series, knowing a bit of digital forensics might keep you out of a lot of trouble. In addition, digital forensics is a burgeoning and high paying career. Some knowledge and certifications in this ...more
Containers are isolated software instances representing applications, servers, and even operating systems—complete with all of their dependencies, libraries configuration files, etc.—and they're taking over the corporate world. The ephemeral, portable nature of containers help ...more
Today I will show you how to make a metasploit exploit really quickly. This tutorial is mainly applied to stack based buffer overflows and seh buffer overflows exploits .There is a simple way for rop exploits too but I will dedicate a special tutorial on this subject. I will ...more
Welcome back, my budding hackers! One of the most basic skills the forensic investigator must master is the acquisition of data in a forensically sound manner. If data is not captured in a forensically sound manner, it may not be admissible in court. In my Kali Forensics seri ...more
OTW's great Tutorial Hack Like a Pro: How to Save the World from Nuclear Annihilation gives me the inspiration to try this on Win7 sp1. I did this under Bugtraq 2 Black Widow but it works almost similar on Kali-Linux. Step 1: Start All Services Und Run Metasploit On bugtraq ...more
Welcome back, my aspiring hackers! As I mentioned in earlier posts, the best hackers (or at least those not behind bars) have a keen understanding of digital forensics. If I am tasked to intrude upon an enemy's file server to retrieve war plans, such as in this tutorial, it i ...more
Welcome back, my aspiring hackers! Those of you who use Windows in a LAN environment understand that Windows machines can share directories, files, printers, etc. using "shares." This protocol dates back to the 1980s when the then dominant computer firm, IBM, developed a way ...more
Single sign-on (SSO) lets users login across different sites without having to manage multiple accounts. I'm sure most of us appreciate the convenience of seeing "Sign in with …" buttons that let us login with a single username. Hackers, however, see a possible avenue for expl ...more
Welcome back, my budding hackers! People often ask me, "Why are you training hackers? Isn't that illegal?" Although I usually give them a short version of this post, there are MANY reasons why YOU should be studying hacking. Before I begin, I want to re-emphasize to all of y ...more
KeePassX, 1Password, and LastPass are effective against keyloggers, phishing, and database breaches, but passwords managers rely on the operating system's clipboard to securely move credentials from the password vault to the web browser. It's within these few seconds that an a ...more
The only thing better than programming MicroPython is programming MicroPython over Wi-Fi. So once you set up MicroPython on a microcontroller and have it on its own power source, you won't need to use a data cable to connect to it whenever you need to interact with it, program ...more
Hello everyone Today I will show a different way to exploit a windows machine with a reverse https payload..."wait...why https? Isn't tcp good anymore?" The answer is yes...and no...Actually https has few but very important benefits that tcp hasn't : 1)HTTPS hides what is b ...more
Directory traversal, or path traversal, is an HTTP attack which allows attackers to access restricted directories by using the ../ characters to backtrack into files or directories outside the root folder. If a web app is vulnerable to this, an attacker can potentially access ...more
Computers all over the world rely on a program called "libssh" to use the SSH communications protocol, which allows trusted users to log in and administer computers remotely. Due to a flaw in libssh, fooling a computer into granting SSH access is as easy as telling it you alre ...more
This is the best how-to's website that I've ever seen, and I wanted to join it. It taught me a lot, but, because I'm here to learn too, please correct me if I'm wrong. You probably know that Ettercap is a very powerful tool for man in the middle attacks. You probably know tha ...more
The default tool for payload generation is MSFvenom, a Metasploit standalone payload generator as well as encoder. This tool is an incredibly powerful tool for payload generation, but it can be difficult and requires a bit of reading for newer users. Even after the initial re ...more
Recently, I ran across SecGen, a project which allows a user to create random vulnerable machines. I absolutely love vulnerable machines, since a vulnerable VM is a safe and legal way to practice hacking tactics, test out new tools, and exercise your puzzle-solving skills. Wh ...more
With just one line of Ruby code embedded into a fake PDF, a hacker can remotely control any Mac computer from anywhere in the world. Creating the command is the easy part, but getting the target to open the code is where a hacker will need to get creative. Ruby is just one wa ...more
As we've seen with other tools and utilities, administrators typically use certain things to do their job more efficiently, and those things are often abused by attackers for exploitation. After all, hacking is just the process of getting a computer to do things in unexpected ...more
Welcome to the sequel to the latest post on writing 64 bit shellcode! This tutorial will assume that you are aware of everything mentioned in the last one, as I will try to make this tutorial void of formalities and straight to the point! If you have not read the last one, I s ...more
Welcome back, my aspiring hackers! Although this article may have been better placed first in this series, I doubt that anyone would have read it when just starting out studying Linux. Now, that you are well into your Linux studies and have some familiarity with how it operat ...more
SET is great when you have a short space of time at hand, however sometimes you want to know whats actually going on under the hood or have found a site you can't clone with SET. Step 1: Select Your Target! The First Thing You're Going to Want to Do Is Select the Site Login ...more
SSH, or the secure shell, is a way of controlling a computer remotely from a command-line interface. While the information exchanged in the SSH session is encrypted, it's easy to spy on an SSH session if you have access to the computer that's being logged in to. Using a tool c ...more
Hello friends. This is actually my first how to. In this tutorial I'll be teaching how to simply copy someone's WhatsApp pictures gallery into your computer, in an automated way. It is just an example of how easy is to steal data from someone's smartphone. I am covering Whats ...more
The ability to stay organized and be resourceful with data gathered from recon is one of the things that separates the true hackers from the script kiddies. Metasploit contains a built-in database that allows for efficient storage of information and the ability to utilize that ...more
While our time with the Protostar VM from Exploit Exercises was lovely, we must move on to bigger things and harder challenges. Exploit Exercises' Fusion VM offers some more challenging binary exploitation levels for us to tackle. The biggest change is that these levels are al ...more
With a cheap computer, smaller than the Raspberry Pi, an attacker can create a remote hacking device. The device can be attached to a target router without anyone's knowledge and enable the hacker to perform a variety of network-based attacks from anywhere in the world. As th ...more
Information gathering is one of the most important steps in pentesting or hacking, and it can often be more rewarding to run things on the target itself as opposed to just running scripts against it remotely. With an SQL injection, a hacker can compromise a server and, ultimat ...more
Today I am going to teach the various ways that you can use social engineering to hack a system. For those of you that have followed my past tutorials, you know that social engineering can unlock a world of possibilities. This is because no matter how many firewalls, no matter ...more
If you need to scan a large number of domains for a specific web app vulnerability, Dorkbot may be the tool for you. Dorkbot uses search engines to locate dorks and then scan potentially vulnerable apps with a scanner module. This tool is useful if you're managing a large num ...more
After backdooring a MacBook not protected by FileVault or using a fake PDF to gain remote access, an attacker may wish to upgrade their Netcat shell to something more fully featured. While a root shell allows attackers to remotely modify most files on the MacBook, Empire featu ...more
Welcome back, my amateur hackers! When you are using and administering Linux, it is important to be conversant in the use of the log files. As you know, log files are the repository for much information about our system, including errors and security alerts. If we are trying ...more
INTRODUCTION Hello dear null_byters here we go again with our third part of this serie. in this third part of our series I'd like to do a demonstration or continuation on fuzzing, but I think I should leave for later because the next tutorials about fuzzing will require from ...more
Now that we have our vulnerable server, it's time to start up BeEF. Getting Started Step 1: Running BeEF If you have Kali, BeEf comes pre-installed. You can find it in /usr/share/beef-xss/. Once you're there, type ./beef to execute the program. You will need to know both of ...more
Hello dear friends! I'm jgilhutton and I want to show you guys a Python wrapper I made a few months ago. It's name is Pyxiewps and uses pixiewps, reaver and airodump to retrieve the WPA password in at least 9 secods! (Best case scenario) It takes advantage of the pixie-dust v ...more
Microsoft.com is one of the most extensive domains on the internet with thousands of registered subdomains. Windows 10 will ping these subdomains hundreds of times an hour, making it challenging to firewall and monitor all of the requests made by the operating system. An attac ...more
This tutorial is for those who've purchased an account with Private Internet Access to hide your VPN and would like to set it up in Kali. Please note, you can chose to run your PIA service from your Windows computer without configuring it in linux as long as you'll be using a ...more
OpenVAS is a powerful vulnerability assessment tool. Forked from Nessus after Nessus became a proprietary product, OpenVAS stepped in to fill the niche. OpenVAS really shines for information gathering in large networks where manual scanning to establish a foothold can be time- ...more
Welcome back, my budding hackers! We've spent a lot of time learning to compromise Windows systems, and we've successfully compromised them with Metasploit, cracked their passwords, and hacked their Wi-Fi. However, very little time was spent developing ways to extract the inf ...more
Websites and web applications power the internet as we know it, representing a juicy target for any hacker or red team. TIDoS is a framework of modules brought together for their usefulness in hacking web apps, organized into a common sense workflow. With an impressive array o ...more
If you've spotted an unintended Ethernet connection and wondered what you could do with all of the information coursing through those wires, there's an easy way to hack into it and find out. Let's say there's a router that we need to know the password for, and we have physica ...more
Hi there, Elites Welcome to my 6th post, This tutorial will explain how to hack windows, using a program (No-IP) and windows's inbuilt Task Scheduler. Meanings... Task Scheduler: It is a program, inbuilt in windows, which allows us to create some tasks and execute them at s ...more
Welcome back, my fledgling hackers! Scripting skills are essential is ascending to the upper echelons of the hacker clique. Without scripting skills, you are dependent upon others to develop your tools. When others develop your tools, you will always be behind the curve in th ...more
Welcome back, my tenderfoot hackers! As you should know from before, Snort is the most widely deployed intrusion detection system (IDS) in the world, and every hacker and IT security professional should be familiar with it. Hackers need to understand it for evasion, and IT se ...more
I'm sure that many of us have heard of that nasty Shellshock vulnerability, but not very many people know how to exploit it. Try these few tricks on vulnerable websites! Background Information So, what is Shellshock? Shellshock is a vulnerability in Bash shell (v1.1 to v4.3 ...more
Configuring onion services for the first time can be tricky. A surprising number of system administrators make seemingly trivial mistakes that ultimately lead to catastrophic cases of de-anonymizing supposedly anonymous sites on the dark web. OnionScan is a tool designed to id ...more
Determining the antivirus and firewall software installed on a Windows computer is crucial to an attacker preparing to create a targeted stager or payload. With covert deep packet inspection, that information is easily identified. This attack assumes the Wi-Fi password to the ...more
In my previous article, I discussed installing and configuring OpenVAS on Kali Linux. Now it's time to start using OpenVAS with the Greenbone Security Assistant to audit networks for security issues. This can be extremely helpful when you are looking for vulnerabilities or mis ...more
The newest version of macOS has arrived. While everyone's mind is being blown by Mojave's groundbreaking new Dark Mode, we'll be taking advantage of its insecure file permissions to establish a persistent backdoor with a self-destructing payload that leaves little evidence for ...more
In a previous guide, I demonstrated how to extract images from a security camera over Wi-Fi using Wireshark, provided you know the password. If you don't know the password, you can always get physical with the Hak5 Plunder Bug. Using this small LAN tap, we can intercept traffi ...more
It is said that the best way to avoid detection when hacking is to leave no trace, and often that means not touching the filesystem at all. But realistically, in most cases, it's impossible not to interact with the filesystem in one way or another. The next best thing to do to ...more
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Follow the 2024 Election Results in Real Time with Apple News' Live Activity for iPhone, iPad, and Apple Watch
How To:
Experience Music on Your iPhone Like Never Before with Music Haptics, Which Lets You Feel Every Beat
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Quickly Pixelate Faces in Photos on Your iPhone, iPad, or Mac to Blur Out People's Identities
How To:
New Menu Lets You Set Default Apps on Your iPhone or iPad for Calling, Messaging, Emailing, Web Browsing, and More
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Easily Record Phone Calls on Your iPhone and Get Auto-Generated Transcripts and Summaries
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
How To:
Apple Music's 17 Hidden Features and Changes You Might've Missed on iOS 18 and iPadOS 18
How To:
Create and Manage Reminders Without Ever Leaving the Calendar App on Your iPhone, iPad, or Mac
How To:
Apple's Latest Podcasts App Update Brings 7 Must-Try Features in iOS 18, iPadOS 18, and macOS 15
How To:
Apple's Big TV App Update Gives You 10 New Features and Changes to Enhance Your Viewing Experience
How To:
Link to Specific Start Times in Apple Podcasts Episodes from iPhone, iPad, Mac, or the Web Player
How To:
Everything You Can Do with the Camera Control Button on Your iPhone 16 or 16 Pro
How To:
Always-Updated List of Apps That Support the Camera Control Button on iPhone 16 Series Models
How To:
19 New Messages Features in iOS 18, iPadOS 18, and macOS 15 You Didn't Know You Needed
How To:
Master iOS 18's T9 Dialing for Lightning-Fast Contact Searches on Your iPhone
How To:
Apple Messages Lets You Switch Rich Link Previews and Use Plain Text URLs for Webpages More Easily — Here's How
How To:
Follow the 2024 Election Results in Real Time with Apple News' Live Activity for iPhone, iPad, and Apple Watch
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Experience Music on Your iPhone Like Never Before with Music Haptics, Which Lets You Feel Every Beat
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
Modular Origami:
How to Make a Cube, Octahedron & Icosahedron from Sonobe Units
How To:
16 Harry Potter Spells for Siri That Turn Your iPhone into a Magical Elder Wand
How To:
Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone
Redstone Logic Gates:
Mastering the Fundamental Building Blocks for Creating In-Game Machines
How To:
CC in a Physical Business Letter
How To:
If 'Messages' Consumes Too Much iPhone or iCloud Storage, Don't Delete Your Conversations Just Yet
How To:
Create an Admin User Account Using CMD Prompt (Windows)
How To:
Clone Any Android App on Your Samsung Galaxy Phone Without Using Any Third-Party Tools
How To:
Keep Your Night Vision Sharp with the iPhone's Hidden Red Screen
How To:
13 Tips Every Apple Pencil User Needs to Know for iPad
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
19 Harry Potter Spells Your Android Phone Can Cast Using Google Assistant
How To:
Make This Amazing 9-Layer Density Tower from Things Found in Your Kitchen
How To:
Master SCRABBLE & Win Every Game
How To:
Add Unsupported Cards and Passes to Apple Wallet for Quick, Easy Access on Your iPhone
How To:
Fold an Origami F-18 Fighter Jet Out of a Dollar Bill
How To:
Turn Your Gag Reflex Off with Pressure Points
How To:
Revive a Stale Baguette Using the Miraculous Water Trick
How To:
Apple Music's 17 Hidden Features and Changes You Might've Missed on iOS 18 and iPadOS 18
How To:
Create the Most Compact 2x2 Hidden Piston Door in Under 50 Seconds!
How To:
Build a Tree Farm in Minecraft for Easy Access to All Types of Wood
How To:
Track Who Views Your Facebook Profile
How To:
Uninstall Bloatware Without Root or a PC Using Android's New 'Wireless Debugging' Feature
How To:
Pronounce Cherokee letters of the alphabet
How To:
Stealthfully Sniff Wi-Fi Activity Without Connecting to a Target Router
How To:
Watch 2 Videos Simultaneously on Your Galaxy Note 20 or Note 20 Ultra
Dragon Safari:
The Incredible Metamorphosis from Nymph to Dragonfly
How To:
Solve the blinking "FEE" error message on a Nikon DSLR
How To:
See All the People Who Tapbacked on an iMessage
How To:
Unlock VLC's Hidden Jigsaw Puzzle Mode
How To:
Solve Math Problems with Google Lens' Homework Mode
