It's always a good idea to know how an attack works at the very basic level. Manual techniques for exploitation often find holes that even the most sophisticated tool cannot. Sometimes, though, using one of these tools can make things so much easier, especially if one has a so ...more
After gaining access to a root account, the next order of business is using that power to do something more significant. If the user passwords on the system can be obtained and cracked, an attacker can use them to pivot to other machines if the login is the same across systems ...more
One of the most critical bugs to come out in the last five years was Shellshock, a vulnerability which allows attackers to execute arbitrary code via the Unix Bash shell remotely. This vulnerability has been around for a while now, but due to the ubiquity of Unix machines conn ...more
Once a hacker has created a PowerShell payload to evade antivirus software and set up msfconsole on their attack system, they can then move onto disguising their executable to make it appear as a regular text file. This is how they will get a Windows 10 users to actually open ...more
In my previous article, I discussed installing and configuring OpenVAS on Kali Linux. Now it's time to start using OpenVAS with the Greenbone Security Assistant to audit networks for security issues. This can be extremely helpful when you are looking for vulnerabilities or mis ...more
Kodi, formerly known as XBMC, is one of the most versatile media players available. With it, you can play virtually any internet and media file in a large variety of formats, and it can be used on practically every single operating system out there, including iOS 10. Kodi, an ...more
Containers are isolated software instances representing applications, servers, and even operating systems—complete with all of their dependencies, libraries configuration files, etc.—and they're taking over the corporate world. The ephemeral, portable nature of containers help ...more
WordPress did not become what is arguably the most popular blogging and CMS platform on the planet because it was difficult to use. Rather, its user-friendly and rich feature set led to it finding a home on somewhere north of 70 million websites—and that's just counting blogs ...more
With the release of the Mirai source code, botnets are back in a big way. In the early days of botnets, zombies (infected hosts) would report to IRC (Internet Relay Chat) channels for CNC (command and control) instructions. Modern botnets have evolved, but they continue to use ...more
Gaining access to a system is always exciting, but where do you go from there? Root or bust. Sure, a compromised host is a great way to run a botnet, or do some other boring, nefarious thing—but as hackers, we want root. We also want to take the easiest path possible, search o ...more
Most of you lot would be aware what WPA/WPA2 is so I won't bang on about the encryption or protocols a great deal. In short WPA and WPA2 both have a maximum of 256bit encrypted with a maximum of 64 characters in the password. The encryption is really only 64bit but x 4 because ...more
NOTICE: Ciuffy will be answering questions related to my articles on my behalf as I am very busy. Hope You Have Fun !!! As much as I love other SSH bruteforcing tools like Ncrack, Metasploit, THC-Hydra, ... ( Just to mention a few ). I prefer using my own script. The tools ab ...more
Welcome back, my apprentice hackers! As many of you know, I have been hesitant to adopt the new Kali hacking system from Offensive Security. This hesitancy has been based upon a number of bugs in the original release back in March of 2013 and my belief that BackTrack was easi ...more
If you've ever wanted to track down the source of a Wi-Fi transmission, doing so can be relatively easy with the right equipment. Using a directional Wi-Fi antenna and Wireshark, we can create a display filter to target any device in range to plot the signal strength on a gra ...more
There are many ways to attack a Wi-Fi network. The type of encryption, manufacturer settings, and the number of clients connected all dictate how easy a target is to attack and what method would work best. Wifite2 is a powerful tool that automates Wi-Fi hacking, allowing you t ...more
A rainbow table can be thought of like a dictionary, except instead of words and their definitions, it holds combinations of characters on one side and their hashed form on the other. What is a hash and why would you want to know what random combinations of characters are hash ...more
Electronic warfare tactics work by jamming, disrupting, or disabling the technology a target uses to perform a critical function, and IoT devices are especially vulnerable to attacks. Wireless security cameras like the Nest Cam are frequently used to secure critical locations, ...more
It's easy to run Kali Linux from a live USB on nearly any available computer, but many publicly accessible laptops and desktops will be locked down to prevent such use. School, work, or library PCs can be secured with a BIOS password, which is often an easily recovered default ...more
Hashes containing login passwords are transmitted between Windows computers on local Wi-Fi networks. By intercepting and decrypting these hashes using Responder and John the Ripper, respectively, we can learn a target's login credentials which can be later used to gain physica ...more
While the security behind WEP networks was broken in 2005, modern tools have made cracking them incredibly simple. In densely populated areas, WEP networks can be found in surprising and important places to this day, and they can be cracked in a matter of minutes. We'll show y ...more
File inclusion can allow an attacker to view files on a remote host they shouldn't be able to see, and it can even allow the attacker to run code on a target. To demonstrate these vulnerabilities, we'll be practicing PHP file inclusion using the Damn Vulnerable Web App. We'll ...more
Networking is built largely on trust. Most devices do not verify that another device is what it identifies itself to be, so long as it functions as expected. In the case of a man-in-the-middle attack, we can abuse this trust by impersonating a wireless access point, allowing u ...more
Ransomware is software that encrypts a victim's entire hard drive, blocking access to their files unless they pay a ransom to the attacker to get the decryption key. In this tutorial, you'll learn how easy it is to use the USB Rubber Ducky, which is disguised as an ordinary fl ...more
With tools such as Reaver becoming less viable options for pen-testers as ISPs replace vulnerable routers, there become fewer certainties about which tools will work against a particular target. If you don't have time to crack the WPA password or it's unusually strong, it can ...more
Greetings my fellow hackers. As you may have noticed by my lack of posts, I've been away for a while working on a big project with a team (which won't be finished anytime soon), and I have also been putting together a small side project for Null-Byte that I will be announcing ...more
Greetings to all geeks, hackers, nerds, and explorers of Null Byte. Welcome to my brand new tutorial, "Using BASH for Computer Forensics". This tutorial will give you a look at how the computer programming language, Bash, can be used to find out details on apple devices for la ...more
Welcome back, my tenderfoot hackers! As hackers, we often are required to get past antivirus (AV) software or other security measures. To do so effectively, we need to have some understanding of how AV software works. In this tutorial, we will take a cursory view of how AV so ...more
Welcome back, my hacker apprentices! Metasploit framework is an incredible hacking and pentesting tool that every hacker worth their salt should be conversant and capable on. In a previous post, I had provided you a cheat sheet of meterpreter commands. These commands are ess ...more
Android comprises an entire ecosystem of apps, games, functions, and features, so it would only make sense that it has its own lexicon. Words, phrases, and acronyms that didn't exist ten years ago are now used in an off-the-cuff style by developers and support technicians acro ...more
The internet is constantly under siege by bots searching for vulnerabilities to attack and exploit. While conventional wisdom is to prevent these attacks, there are ways to deliberately lure hackers into a trap in order to spy on them, study their behavior, and capture samples ...more
The easiest way around a security policy is to find users who don't follow it. The Have I Been Pwned database identifies accounts with information breached by major third parties like Yahoo and LinkedIn. With Maltego, hackers can locate breached accounts created using company ...more
Due to weaknesses in the way Wi-Fi works, it's extremely easy to disrupt most Wi-Fi networks using tools that forge deauthentication packets. The ease with which these common tools can jam networks is only matched by how simple they are to detect for anyone listening for them. ...more
Wi-Fi tools keep getting more and more accessible to beginners, and the LAZY script is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA ha ...more
Analysis of photographs and social connections can be a huge component of social engineering. Understanding who a person is, as well as who they know, can establish links within a company. This information could be used by hackers to execute elaborate social engineering attack ...more
Greetings all. Today I intend to append a new series to my mini-collection of posts. This series will consist of informative guides for the purpose of depicting certain aspects of the White Hat profession that I believe are of profound importance. Furthermore, I will keep thi ...more
In the previous article, we learned how to set up our VPS, configure our PHP server, and developed an in-depth understanding of how the payload works. With all that taken care of, we can get into disguising our payload to appear as an image and crafting the note in the greetin ...more
Kali Linux is probably the most well-known hacking distribution among penetration testers. However, there are alternative distros which offer versatility and advanced package management systems that are absolutely worth considering. One such distribution is Pentoo, a Gentoo-b ...more
Hi, everyone! Recently, I've been working on a pretty interesting and foolish project I had in mind, and here I'm bringing to all of you my findings. This guide's main aim is to document the process of building an Android kernel, specifically a CyanogenMod kernel and ROM, and ...more
Everybody knows not to store sensitive information in unencrypted files, right? PDFs and ZIP files can often contain a treasure trove of information, such as network diagrams, IP addresses, and login credentials. Sometimes, even certain files that are encrypted aren't safe fro ...more
Your social security number, credit card information, and medical history can fall into the wrong hands if you're not careful about how and where you share your data online. If you really care about your data, there are tools and techniques you can utilize to protect yourself ...more
Kali Linux has come a long way since its BackTrack days, and it's still widely considered the ultimate Linux distribution for penetration testing. The system has undergone quite the transformation since its old days and includes an updated look, improved performance, and some ...more
Internet Relay Chat, or IRC, is one of the most popular chat protocols on the internet. The technology can be connected to the Tor network to create an anonymous and secure chatroom — without the use of public IP addresses. IRC servers allow one to create and manage rooms, us ...more
Airgeddon is a multi-Bash network auditor capable of Wi-Fi jamming. This capability lets you target and disconnect devices from a wireless network, all without joining it. It runs on Kali, and we'll cover installing, configuring, and using its jamming functionalities on a smal ...more
A mention of the deep web can bring to mind images of drugs, hackers, and other criminal activity. Despite the presence of these elements, the Tor network is a valuable tool for preserving privacy and anonymity. And browsing the deep web and any hidden services can be as simpl ...more
Systm is the Do It Yourself show designed for the common geek who wants to quickly and easily learn how to dive into the latest and hottest tech projects. We will help you avoid pitfalls and get your project up and running fast. Search Systm on WonderHowTo for more DIY episode ...more
ProjectKinectMagicMirror combines augmented reality and CT-scan imagery to create a virtual "X-ray machine." Another amazing Microsoft Kinect hack to add to the vault. The ingenuity is infectious... Get inspired. Make-your-own. Video: . More Kinect Hacks: Hacked Kinect Captur ...more
In this video tutorial, you'll learn how to install VNC, or Virtual Network Computing, remotely onto a Windows machine for GUI access. This tutorial assumes you know how to start a session and get into active command line access in a remote Windows PC. For step-by-step instruc ...more
For most street artists, it takes a considerable amount of time to paint large art installments on the walls of urban structures. The more time it takes, the better chance there is of getting caught, since nearly all of the rogue artwork is slapped on the sides of city and pri ...more
Installing two operating systems and then dual boot your machine. This is to put more than just Windows and Linux and OSX on the same machine. Another option is a virtual desktop option. This video will guide you through the steps of setting your computer up to boot two differ ...more
In this brief video tutorial, the host show you how to mix songs and DJ using Virtual DJ. He recommends that you use a laptop with a minimum of four gigs of ram, have a version of Virtual DJ 5.0 or higher, have a mixer readily available, and have your own DJIO machine with the ...more
Software expert David Steinlage guides the viewer through the step-by-step process of installing VMware and Windows XP on a computer driven by Ubuntu Linux. The first step is to get a serial number, which can be obtained free by visiting the site www.vmware.com and filling out ...more
Bucky from The New Boston serves up this Python video tutorial on how to do cool things with strings in Python. This is the program you use to write all of your Python code down. Do cool things with strings and format them! Python is a dynamic, object-oriented, high-level, pr ...more
Bucky from The New Boston serves up this Python video tutorial on how to use cool string methods in Python. This is the program you use to write all of your Python code down. Cool string methods! Python is a dynamic, object-oriented, high-level, programming language that can ...more
Bucky from The New Boston serves up this Python video tutorial on how to use dictionaries in Python. This is the program you use to write all of your Python code down. Dictionary! Python is a dynamic, object-oriented, high-level, programming language that can be used for many ...more
Bucky from The New Boston serves up this Python video tutorial on how to program "if" statements in Python. This is the program you use to write all of your Python code down. The famous if statement! Python is a dynamic, object-oriented, high-level, programming language that ...more
Bucky from The New Boston serves up this Python video tutorial on how to program else and elif statements in Python. This is the program you use to write all of your Python code down. Else and elif (elseif)! Python is a dynamic, object-oriented, high-level, programming langua ...more
Bucky from The New Boston serves up this Python video tutorial on how to program nesting statements in Python. This is the program you use to write all of your Python code down. Nest a simple "if" statement! Python is a dynamic, object-oriented, high-level, programming langua ...more
Bucky from The New Boston serves up this Python video tutorial on how to program full and while loops in Python. This is the program you use to write all of your Python code down. Learn how to use the for and while loop in Python programming! Python is a dynamic, object-orien ...more
Bucky from The New Boston serves up this Python video tutorial on how to program infinite loops and breaks in Python. This is the program you use to write all of your Python code down. Learn how to make an infinite loop and also how to use the break statement! Python is a dyn ...more
Bucky from The New Boston serves up this Python video tutorial on how to build and program your own functions in Python. This is the program you use to write all of your Python code down. Learn how to create your own function! Python is a dynamic, object-oriented, high-level, ...more
How To:
Generate Professional Drawings in Seconds Using Image Wand on iOS 18.2 or iPadOS 18.2
How To:
Share Your Lost AirTag or Find My Tracker's Location with Contacts or Airlines for Easier Recovery
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
How To:
Make Typing Text Easier to Read on iPhone, iPad, or Mac with Apple's Hover Typing Tool
How To:
Change the Default Web Browser App on Your iPhone to Open Links in Chrome, Firefox, Safari, and More
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Follow the 2024 Election Results in Real Time with Apple News' Live Activity for iPhone, iPad, and Apple Watch
How To:
Experience Music on Your iPhone Like Never Before with Music Haptics, Which Lets You Feel Every Beat
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Quickly Pixelate Faces in Photos on Your iPhone, iPad, or Mac to Blur Out People's Identities
How To:
New Menu Lets You Set Default Apps on Your iPhone or iPad for Calling, Messaging, Emailing, Web Browsing, and More
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Easily Record Phone Calls on Your iPhone and Get Auto-Generated Transcripts and Summaries
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
How To:
Apple Music's 17 Hidden Features and Changes You Might've Missed on iOS 18 and iPadOS 18
How To:
Create and Manage Reminders Without Ever Leaving the Calendar App on Your iPhone, iPad, or Mac
How To:
Apple's Latest Podcasts App Update Brings 7 Must-Try Features in iOS 18, iPadOS 18, and macOS 15
How To:
Apple's Big TV App Update Gives You 10 New Features and Changes to Enhance Your Viewing Experience
How To:
Link to Specific Start Times in Apple Podcasts Episodes from iPhone, iPad, Mac, or the Web Player
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
How To:
Generate Professional Drawings in Seconds Using Image Wand on iOS 18.2 or iPadOS 18.2
How To:
Share Your Lost AirTag or Find My Tracker's Location with Contacts or Airlines for Easier Recovery
How To:
Create an Admin User Account Using CMD Prompt (Windows)
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
CC in a Physical Business Letter
Warning:
Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Roll Sushi—The Ultimate Guide
How To:
Make an Origami Dragon A4 Easy
How To:
20 Surprisingly Practical Uses for Apple AirTags
How To:
Change Text Color and Background Highlights in Apple Notes on iPhone, iPad, and Mac — The Official Way
How To:
Bypass School Internet Filters to Unblock Websites
How To:
Easily Record Phone Calls on Your iPhone and Get Auto-Generated Transcripts and Summaries
How To:
16 Harry Potter Spells for Siri That Turn Your iPhone into a Magical Elder Wand
How To:
See What Traffic Will Be Like at a Specific Time with Google Maps
How To:
Clone Any Android App on Your Samsung Galaxy Phone Without Using Any Third-Party Tools
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
Redstone Logic Gates:
Mastering the Fundamental Building Blocks for Creating In-Game Machines
How To:
Make This Amazing 9-Layer Density Tower from Things Found in Your Kitchen
How To:
Lock and Hide Apps on Your iPhone or iPad — The Official Way
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Make Your Own Bad USB
How To:
The Easiest Way to Secretly Record Someone's Conversation with Your iPhone
How To:
Master SCRABBLE & Win Every Game
How To:
Dox Anyone
How To:
Create the Most Compact 2x2 Hidden Piston Door in Under 50 Seconds!
How To:
Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities
How To:
If You Keep Valuable Information in Apple Notes, You Need to Read This
Android 101:
How to Sideload Apps by Enabling 'Unknown Sources' or 'Install Unknown Apps'
How To:
Access All Your Mac's Files Right on Your iPhone or iPad — No Third-Party Software Needed
How To:
Your iPhone Has a Hidden Text-to-Speech Tool That'll Read Articles, Books, News, and Other Text Out Loud to You
How To:
New Menu Lets You Set Default Apps on Your iPhone or iPad for Calling, Messaging, Emailing, Web Browsing, and More
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Are Your Devices Compatible with iOS 18, iPadOS 18, and macOS 15? Here's the Complete List
How To:
Blast Your iMessage Friends with an Emoji Explosion Using This iPhone Trick
