Welcome back, my budding hackers! As I have mentioned many times throughout this series, knowing a bit of digital forensics might keep you out of a lot of trouble. In addition, digital forensics is a burgeoning and high paying career. Some knowledge and certifications in this ...more
Computers all over the world rely on a program called "libssh" to use the SSH communications protocol, which allows trusted users to log in and administer computers remotely. Due to a flaw in libssh, fooling a computer into granting SSH access is as easy as telling it you alre ...more
Recently, I ran across SecGen, a project which allows a user to create random vulnerable machines. I absolutely love vulnerable machines, since a vulnerable VM is a safe and legal way to practice hacking tactics, test out new tools, and exercise your puzzle-solving skills. Wh ...more
As we've seen with other tools and utilities, administrators typically use certain things to do their job more efficiently, and those things are often abused by attackers for exploitation. After all, hacking is just the process of getting a computer to do things in unexpected ...more
The ability to stay organized and be resourceful with data gathered from recon is one of the things that separates the true hackers from the script kiddies. Metasploit contains a built-in database that allows for efficient storage of information and the ability to utilize that ...more
With a cheap computer, smaller than the Raspberry Pi, an attacker can create a remote hacking device. The device can be attached to a target router without anyone's knowledge and enable the hacker to perform a variety of network-based attacks from anywhere in the world. As th ...more
You want to put out a live web server, but you don't want to be owned in the process. An expert eye for security is not needed if you take a few basic steps in locking down the hatches. Most successful attacks today are not the complex, time-consuming tasks you might think, bu ...more
Welcome back, my budding hackers! We've spent a lot of time learning to compromise Windows systems, and we've successfully compromised them with Metasploit, cracked their passwords, and hacked their Wi-Fi. However, very little time was spent developing ways to extract the inf ...more
Welcome back, my fledgling hackers! Scripting skills are essential is ascending to the upper echelons of the hacker clique. Without scripting skills, you are dependent upon others to develop your tools. When others develop your tools, you will always be behind the curve in th ...more
Why did I write this when they're tons of scanning tools available. Let's start with a real world situation. I sometimes visit clients sites that I need to obtain a usable IP address for a server or whatever. Believe it or not, they are networks that are configured with class ...more
In a previous guide, I demonstrated how to extract images from a security camera over Wi-Fi using Wireshark, provided you know the password. If you don't know the password, you can always get physical with the Hak5 Plunder Bug. Using this small LAN tap, we can intercept traffi ...more
Aircraft equipped with ADS-B are constantly shouting their location into the radio void, along with other useful unauthenticated and unencrypted data. In this guide, we will make an ADS-B receiver using a Raspberry Pi with a software-defined radio (SDR) dongle, which we can us ...more
Whether you miss the good old days of Telnet or you want to know what hacking was like when security was nothing but an afterthought, Telehack is the game for you. The text-based hacking game is a simulation of a stylized combination of ARPANET and Usenet, circa 1985 to 1990, ...more
Reconnaissance is the phase of an attack where a red team or hacker designs a strategy based on the information they can learn about the target, as well as what the available attack surface looks like. These scans can take time to discover relationships, but Raccoon OSINT scan ...more
Attacks against databases have become one of the most popular and lucrative activities for hackers recently. New data breaches seem to be popping up every week, but even with all of that attention, databases continue to be a prime target. All of these attacks have to start som ...more
Welcome back my precious hackerians. Today i would like to promote an OS which i have been using for the past couple months. I'm not talking about Backtrack 5 or Kali Linux. Something even more promising: Bugtraq 2 Black Widow I'm not going to show you how to install it beca ...more
Welcome back, my greenhorn hackers! I recently began a series on scripting and have received such positive feedback that I'm going to keep this series going. As I've said before, to graduate from the script kiddie to the pro hacker, you'll need to have some scripting skills. ...more
A hacker with privileged access to a Windows 10 computer can configure it to act as a web proxy, which allows the attacker to target devices and services on the network through the compromised computer. The probes and attacks appear to originate from the Windows 10 computer, m ...more
The first few minutes after gaining access to a MacBook are critical — but where do we begin? Using tools built into macOS, we can develop an in-depth understanding of running background processes, detect antivirus software, locate sensitive files, and fingerprint other device ...more
Virtual private networks, or VPNs, are popular for helping you stay anonymous online by changing your IP address, encrypting traffic, and hiding your location. However, common IoT devices, media players, and smart TVs are hard to connect to a VPN, but we have a solution: Turn ...more
Things that are supposed to make life easier for developers and users are often easy targets for exploitation by hackers. Like many situations in the tech world, there is usually a trade-off between convenience and security. One such trade-off is found in a system known as Dis ...more
With a tiny computer, hackers can see every website you visit, exploit services on the network, and break into your Wi-Fi router's gateway to manipulate sensitive settings. These attacks can be performed from anywhere once the attacker's computer has been connected to the rout ...more
Network enumeration is one of the essential phases of an attack, but it can take a lot of time and effort depending on the size. We've all been spoiled by Nmap and similar tools, and while there is a learning curve involved, they are extremely useful. But there's also GoScan, ...more
WonderHowTo is made up of niche communities called Worlds. If you've yet to join one (or create your own), get a taste below of what's going on in the community. Check in every Wednesday for a roundup of new activities and projects. Thanks to all of our active moderators and ...more
UnrealIRCd is an open-source IRC server that has been around since 1999 and is perhaps the most widely used one today. Version 3.2.8.1 was vulnerable to remote code execution due to a backdoor in the software. Today, we will be exploiting the vulnerability with Metasploit, exa ...more
Are you the expert hacker we're looking for? Do you have a great idea for an article on Null Byte? Do you have a passion to write, and more importantly... teach? We're officially looking for Null Byters on a weekly basis who are willing to take the time to educate the communi ...more
WonderHowTo is made up of niche communities called Worlds. If you've yet to join one (or create your own), get a taste below of what's going on in the community. Check in every Wednesday for a roundup of new activities and projects. More amazing community contributions this w ...more
We're officially seeking Null Byters on a weekly basis who would enjoy taking their time to educate the community. Contributors will write tutorials, which will be featured on the Null Byte blog, as well as the front page of WonderHowTo (if up to par, of course). This is a job ...more
Hello null_byters, after some time out here we are again with another tutorial, continuing our beautiful series, today we will write our first real world bash script. BEFORE WE START Before we start today's lesson Let's recap what we learned in the previous lesson, right now ...more
Welcome back everyone. As many of you know, reconnaissance is extremely important in any successful hack. Without proper reconnaissance, we won't know what we're about to get into, literally. Among the vast ocean of information we need about our target, operating system is de ...more
In my last post I introduced how to use ncat to connect to your Pi remotely, but what's the point to if you can't actually hack? This tutorial I'm gonna show you how to use very simple tools for a much bigger purpose. With that said, boot up our Pi and lets wreck havoc. Recon ...more
We're officially seeking Null Byters interested in teaching others! Contributors will write tutorials, which will be featured on the Null Byte blog, as well as the front page of WonderHowTo (if up to par, of course). This is a job meant for anyone with the will to share knowle ...more
It's not uncommon for hackers to attempt to move laterally between devices in proximity of a compromised device to maintain a prolonged presence in the network. Malware utilizing USB flash sticks to self-replicate and compromise air-gapped machines isn't a new concept. In bot ...more
Welcome hackers. Hackacademic.RTB1 is vulnerable machine for training our skills.This machine can be download from free from here. There is many tutorial how to hack these machine but i did always be my self. Step 1: Recognize Open Ports First step is recognize open ports i ...more
In this tutorial I am going to look at what services are running on our Metasploitable machine and setup firewalls. This is more basic scanning of our machine to get an idea of how to get in. Obviously in a real engagement you would want to do research on Google and whatnot to ...more
We're officially seeking Null Byters on a weekly basis who are willing to take the time to educate the community. Contributors will write tutorials, which will be featured on the Null Byte blog, as well as the front page of WonderHowTo (IF up to par, of course). There is no ne ...more
In recent weeks, major bank websites around the world have experienced outages after being have been hit with Distributed Denial of Service (DDoS) attacks. Although few, if any, of these banks have been totally knocked offline, these DoS attacks have dramatically slowed the re ...more
MagicTree is often the go-to tool for data collection and reporting for many pentesters. It organizes data in nodes in a tree-structure which is very efficient at managing host and network data. Reports can be completely customized to meet the user's needs. Also, MagicTree all ...more
We're officially seeking Null Byters on a weekly basis who are willing to take the time to educate the community. Contributors will write tutorials, which will be featured on the Null Byte blog, as well as the front page of WonderHowTo (IF up to par, of course). There is no ne ...more
Post-exploitation is often not quite as exciting as popping the initial shell, but it's a crucial phase for gathering data and further privilege escalation. Once a target is compromised, there's a lot of information to find and sift through. Luckily, there are tools available ...more
Your English teacher is a creep. The way he looks at your girlfriend, the way he always spends ages with the girls in the class going over their work but not the boys, just the way he is. You want to get rid of him, but you need some proof first. Step 1: Fire Up Kali If yo ...more
Here I will show you how to properly dig information on the web that has already been published, you just dont know it. Where Am I Going with This? Well, as many of you might or might not know, many and I mean many people do actually keep info on their profiles that they do ...more
Hak5 isn't your ordinary tech show. It's hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Damn the warranties, it's time to Trust your Technolust. In this episode, see how to obscure y ...more
The term "hacker" often has negative associations attached to it, yet the world is in dire need of professionals with hacking skills. White hat hackers are ethical computer hackers that use their hacking skills to pinpoint network vulnerabilities and patch them up before they ...more
How To:
Generate Professional Drawings in Seconds Using Image Wand on iOS 18.2 or iPadOS 18.2
How To:
Share Your Lost AirTag or Find My Tracker's Location with Contacts or Airlines for Easier Recovery
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
How To:
Make Typing Text Easier to Read on iPhone, iPad, or Mac with Apple's Hover Typing Tool
How To:
Change the Default Web Browser App on Your iPhone to Open Links in Chrome, Firefox, Safari, and More
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Follow the 2024 Election Results in Real Time with Apple News' Live Activity for iPhone, iPad, and Apple Watch
How To:
Experience Music on Your iPhone Like Never Before with Music Haptics, Which Lets You Feel Every Beat
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Quickly Pixelate Faces in Photos on Your iPhone, iPad, or Mac to Blur Out People's Identities
How To:
New Menu Lets You Set Default Apps on Your iPhone or iPad for Calling, Messaging, Emailing, Web Browsing, and More
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Easily Record Phone Calls on Your iPhone and Get Auto-Generated Transcripts and Summaries
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
How To:
Apple Music's 17 Hidden Features and Changes You Might've Missed on iOS 18 and iPadOS 18
How To:
Create and Manage Reminders Without Ever Leaving the Calendar App on Your iPhone, iPad, or Mac
How To:
Apple's Latest Podcasts App Update Brings 7 Must-Try Features in iOS 18, iPadOS 18, and macOS 15
How To:
Apple's Big TV App Update Gives You 10 New Features and Changes to Enhance Your Viewing Experience
How To:
Link to Specific Start Times in Apple Podcasts Episodes from iPhone, iPad, Mac, or the Web Player
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
Create an Admin User Account Using CMD Prompt (Windows)
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
Warning:
Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
13 Tips Every Apple Pencil User Needs to Know for iPad
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
16 Harry Potter Spells for Siri That Turn Your iPhone into a Magical Elder Wand
How To:
See What Traffic Will Be Like at a Specific Time with Google Maps
How To:
CC in a Physical Business Letter
How To:
20 Surprisingly Practical Uses for Apple AirTags
How To:
19 Harry Potter Spells Your Android Phone Can Cast Using Google Assistant
How to Hack a Vending Machine:
9 Tricks to Getting Free Drinks, Snacks & Money
How To:
11 Ways Apple's Reminders App Is Even Better with iOS 18, iPadOS 18, and macOS 15
How To:
If You Keep Valuable Information in Apple Notes, You Need to Read This
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
Keep Your Night Vision Sharp with the iPhone's Hidden Red Screen
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
How To:
Make This Amazing 9-Layer Density Tower from Things Found in Your Kitchen
How To:
Apple's Messages App Has Some Cool New Text Editing Features and Effects for iMessage — Here's How It All Works
How To:
Make Any YouTube Link Open in the YouTube Music App
Android 101:
How to Sideload Apps by Enabling 'Unknown Sources' or 'Install Unknown Apps'
How To:
Your iPad Has a Hidden Built-in Calculator You're Not Using — Here's How to Unlock It
How To:
Find Passwords in Exposed Log Files with Google Dorks
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Which Apple Watch Size Is Best for You? Use Our Printable Cutouts to Find Out
How To:
Knot a Hermès Scarf in 21 Different Ways
How To:
Fix a compact disc player drawer problem
How To:
Use Photoshop to create a hair-like texture
How To:
Schedule Messages to Send Later Automatically Using iMessage
How To:
Clear Your Frequently Used and Recent Emoji from Your iPhone's Keyboard
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Make Siri Say Whatever You Want Every Time You Connect Your iPhone to a Charger
Modular Origami:
How to Make a Cube, Octahedron & Icosahedron from Sonobe Units
How To:
Make Pixel Art in Minecraft
How To:
Change Text Color and Background Highlights in Apple Notes on iPhone, iPad, and Mac — The Official Way
