Welcome back, my novice hackers! Reconnaissance is one of the most important preparatory steps to hacking. As I have emphasized many times before here on Null Byte, you must know the operating system, the ports, the services, the applications, and sometimes even the language ...more
Hello ladies and gentlemen, PySec here coming at you with another informative(hopefully) article for you all. In the last tutorial, we finally finished our discussion about IP Addressing and I intentionally didn't mention a really important concept with which IP Addressing wou ...more
When I tried to set up an eviltwin for a MitM-constelation in kali 2.0, I couldn't provide internet to the victim. The origin was the brctl bridging. I have read many tutorials but all of them where explained in backtrack and older versions of kali. So i was searching for a so ...more
Welcome back, my budding hackers! As I have mentioned many times throughout this series, knowing a bit of digital forensics might keep you out of a lot of trouble. In addition, digital forensics is a burgeoning and high paying career. Some knowledge and certifications in this ...more
Most users don't realize how much valuable data is in their network traffic. With a few simple tools, an attacker can quickly pick out cookies, passwords, and DNS queries from a macOS device as it covertly streams the victim's network traffic to the attacker's system. Here, we ...more
Automation has been a buzz word for quite some time now, but the principles behind it are as strong as ever. For a hacker or pentester, Bash scripting is one form of automation that cannot be ignored. Virtually any command that can be run from the terminal can be scripted — an ...more
When you need a file on your Mac as soon as possible, you usually have to get your MacBook or hop on your iMac, Mac mini, Mac Pro, or Mac Studio. But that's too much work if you're in bed, lying on the couch, or outside in the fresh air. Why even bother when you can access tha ...more
Now that we have control over a victim's browser, we need to use some attacks to maintain the connection, or even better: upload a shell. Creating a Persistent Connection Now that the victim's browser is hooked, we need to quickly set up a persistence method to keep the conn ...more
Welcome back, my budding hackers! Recently, I showed you how you could exploit the widely disseminated OpenSSL vulnerability that has to become known as "Heartbleed". Although the world has known about this vulnerability for over a month now, it will likely take many more mon ...more
The internet has undoubtedly changed the way we work and communicate. With technological advances, more and more people can collaborate on the web from anywhere in the world. But this remote-friendly environment inherently brings security risks, and hackers are always finding ...more
When performing something such as a mass mailer attack on a company, sending executables usually isn't the best option. That's why, in this tutorial, I'll be teaching you how to code a VBA script macro into a Word document in order to compromise a system. Combined with a littl ...more
Hello ladies and gentlemen, welcome back to the Part 2 of our UDP & Wireshark adventure as I promised. Last time we discussed about what DNS is and how it uses UDP as its transport protocol but we left some unexplained parts behind and I'm about to investigate those with you. ...more
Reconnaissance is the phase of an attack where a red team or hacker designs a strategy based on the information they can learn about the target, as well as what the available attack surface looks like. These scans can take time to discover relationships, but Raccoon OSINT scan ...more
Proxies can be quicker to use than a VPN for specific applications, like web browsers or torrent clients. Both services will hide your true IP address, but a VPN is slowed down because it encrypts all data through a VPN network, while a proxy just acts as a middleman for fetch ...more
Welcome hackers. Hackacademic.RTB1 is vulnerable machine for training our skills.This machine can be download from free from here. There is many tutorial how to hack these machine but i did always be my self. Step 1: Recognize Open Ports First step is recognize open ports i ...more
Samsung isn't known for its timely rollout of major Android updates, and Android 9.0 Pie won't be an exception. If we go by their Oreo update timeline, we can expect Android Pie to officially touch down for the Galaxy S9 and S9+ sometime around November, with the final version ...more
Automating port scanners, directory crawlers, and reconnaissance tools can be complicated for beginners just getting started with Kali Linux. Sparta solves this problem with an easy-to-use graphical interface designed to simplify a penetration tester's tasks. Sparta, authored ...more
Recently, there have been some questions regarding networking popping up and we have decided to put together this series to try and cover this gap. In this guide, we will cover the basics of IP addresses, both internal and external, and begin to have a a look at how this wond ...more
Welcome back, my budding hackers! If we are considering a social engineering attack against a target, we are probably going to need email addresses. By having the email addresses of people within an organization, we can tailor our social engineering attack to particular peopl ...more
Welcome back, my rookie hackers! The more we know about a system or network, the better our chances of owning it and not leaving a trace for investigators to follow. One of the often overlooked sources for information is the Simple Network Management Protocol (SNMP). Many roo ...more
Before attacking any website, a hacker or penetration tester will first compile a list of target surfaces. After they've used some good recon and found the right places to point their scope at, they'll use a web server scanning tool such as Nikto for hunting down vulnerabiliti ...more
One of the first steps in reconnaissance is determining the open ports on a system. Nmap is widely considered the undisputed king of port scanning, but certain situations call for different tools. Metasploit makes it easy to conduct port scanning from directly inside the frame ...more
Essential just dropped the Oreo Beta Program for their flagship PH-1 phone. Users have been eagerly awaiting this update as the early Nougat builds of the PH-1 software have suffered from numerous performance issues and lag. The good news is that you can grab the Oreo update t ...more
Websites are often misconfigured in ways that allow an attacker to view directories that are not ordinarily meant to be seen. These directories can contain sensitive information such as private credentials or configuration files that can be used to devise an attack against the ...more
Welcome back, my hackers novitiates! As you read my various hacking tutorials, you're probably asking yourself, "What are the chances that this hack will be detected and that I'll land behind bars, disappointing my dear mother who already thinks I'm a loser?" In this tutoria ...more
Before many games make it to the US-based iOS App Store, they get "soft launched" in a smaller country to get real-world testing for bugs. It's a pilot program, so to speak, as countries like Vietnam or the Philippines have far fewer iPhone users than the US, thus offer a more ...more
Welcome back, my greenhorn hackers! Before we attempt to exploit any target, it is wise to do proper reconnaissance. Without doing reconnaissance, you will likely be wasting your time and energy as well as risking your freedom. In previous guides, I have demonstrated multiple ...more
Android 11 won't be available as a beta update for Pixel devices until May 2020. Until then, the only way to try the latest Android version is by manually installing it. Usually, this means carrier models are left out since their bootloaders are locked, but there's still a way ...more
Brute-forcing is an easy way of discovering weak login credentials and is often one of the first steps when a hacker finds network services running on a network they gain access to. For beginners and experienced hackers alike, it's useful to have access to the right tools to d ...more
If you ever want to root your OnePlus 6, install TWRP, get Magisk and Xposed, or flash a custom ROM, the first thing you'll need to do is unlock your bootloader. Your bootloader is a piece of firmware that loads up the operating system on your phone. Normally, it's programmed ...more
While our time with the Protostar VM from Exploit Exercises was lovely, we must move on to bigger things and harder challenges. Exploit Exercises' Fusion VM offers some more challenging binary exploitation levels for us to tackle. The biggest change is that these levels are al ...more
Welcome back, my novice hackers! More and more, the world is turning to and adopting the smartphone platform as the digital device of choice. People are not only using smartphones for voice communication, but also web services, email, SMS, chatting, social networking, photogr ...more
When it comes to modding Android, there's no better tool than Team Win's TWRP custom recovery. You can use it to root your phone, flash mods like Magisk or Xposed, and even replace the entire operating system with a custom ROM like LineageOS — honestly, there's not much this u ...more
Root, TWRP, Xposed, Magisk, custom ROMs — before you can have any of these, the first thing you should do is unlock your bootloader. Thankfully, the Pixel 2 and Pixel 2 XL are some of the most modder-friendly phones out there, so you only need to send a single fastboot command ...more
Despite concerns with SafetyNet, Google actually cares about root. Every phone they sell has an unlockable bootloader, so you can toggle a setting and send a Fastboot command, then start flashing custom firmware right away. The Pixel 2 and Pixel 2 XL continue this tradition, a ...more
The gesture navigation introduced with Android 10 worked wonders by giving you more of your screen and less tapping. Android 11 offers the option to fine-tune the back gesture sensitivity for your screen's left and right sides. However, the issue still stands for people who li ...more
Rooting. As an Android user, I'm sure you've heard the word once or twice. According to Kaspersky, 7.6% of all Android users root — but for the 92.4% who don't, we wanted to talk to you. Rooting allows you to remove barriers and open Android to a level of unprecedented contro ...more
Way back, life on the range was tough and unforgiving for a HoloLens developer. Air-tap training was cutting edge and actions to move holograms not called "TapToPlace" were exotic and greeted with skepticism. The year was 2016, and developers had to deploy to their devices to ...more
Welcome back, my novice hackers! This is the third installment of my Python scripting series. If you haven't read the previous two articles, take some time now to go back and read Part 1 and Part 2 before you proceed here. As I mentioned in previous tutorials, Python is prob ...more
Apps that have no business accessing the internet can share your location, device ID, and other personal information with potentially malicious data snatchers. If you're connected to the internet on your Nexus 7 tablet, you're a potential target for cyber threats. For instanc ...more
A few days ago, Russian hacker Alexy Borodin found a way to get free in-app purchases on an iPhone or iPad. In-app purchases include things like items and power-ups for iOS games, as well as subscriptions and "premium" memberships for certain apps. The method is novel, not fo ...more
One of the ultimate goals in hacking is the ability to obtain shells in order to run system commands and own a target or network. SQL injection is typically only associated with databases and their data, but it can actually be used as a vector to gain a command shell. As a les ...more
Welcome back, my neophyte hackers! Many newbie hackers seem to be confused regarding the process or methodology to employ a successful hack. Most want to simply go straight to the exploit without doing the due diligence to make certain that the hack will work and you won't ge ...more
With an ordinary birthday card, we can introduce a physical device which contains malicious files into someone's home and deceive them into inserting the device into a computer. In my last series, we used a Post-it note to trick a neighbor into visiting a website that we cont ...more
Your social security number, credit card information, and medical history can fall into the wrong hands if you're not careful about how and where you share your data online. If you really care about your data, there are tools and techniques you can utilize to protect yourself ...more
It's not uncommon for hackers to attempt to move laterally between devices in proximity of a compromised device to maintain a prolonged presence in the network. Malware utilizing USB flash sticks to self-replicate and compromise air-gapped machines isn't a new concept. In bot ...more
Have you ever wanted to make your own Minecraft server on Windows? This tutorial will teach you how, without having to download Hamachi. The whole process is a lot simpler than you might think, and it will only take a few minutes! You will need: Firefox web browser Computer ...more
In the previous article, we learned how to set up our VPS, configure our PHP server, and developed an in-depth understanding of how the payload works. With all that taken care of, we can get into disguising our payload to appear as an image and crafting the note in the greetin ...more
I still remember when I had to get up from my comfy spot on the couch to change the channel on my old television. So for me, the remote control may be one of the most underrated inventions of the last century. These days, remotes take on all sorts of shapes, not just the typic ...more
Screenshots taken from a compromised computer can provide hackers with access to private emails, photographs, and information found in sensitive documents. This data can be used by the attackers to build profiles of a target for social engineering attacks and blackmail or even ...more
Welcome back, my hackers apprentices! To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we can take advantage of the b ...more
Welcome back, my novice hackers! Previously in my "Spy on Anyone" series, we used our hacking skills to turn a target's computer system into a bug to record conversations and found and downloaded confidential documents on someone's computer. In this tutorial, I will show you ...more
With just one line of Ruby code embedded into a fake PDF, a hacker can remotely control any Mac computer from anywhere in the world. Creating the command is the easy part, but getting the target to open the code is where a hacker will need to get creative. Ruby is just one wa ...more
It seems like every day now that we see a new headline on a cyber security breach. These headlines usually involve millions of records being stolen from some large financial institution or retailer. What doesn't reach the headlines are the many individual breaches that happen ...more
The microphone in a Windows computer is accessible to most applications running on the device at all times and completely without security limitations. Information gathered from recorded audio conversations taking place in the surrounding area of a compromised computer can be ...more
With a simple social engineering trick, sudo passwords can be captured in seconds without the target's knowledge. The passwords can then be saved to a file or exfiltrated to another computer on the network. After exploiting a system, penetration tester's and hackers will ofte ...more
While hackers have taken advantage of numerous vulnerabilities in Adobe's products to deliver payloads to Windows users via PDF files, a malicious PDF file can also wreak havoc on a Mac that's using the default Preview app. So think twice before double-clicking a PDF open on y ...more
In this video you will learn how to get past website blocks on your school network. Some school computers have command prompts blocked. If this is the case then you will want to open a notepad. In the notepad type command, then save as something school related, making sure the ...more
The latest film addition in the American-produced Millennium series, The Girl in the Spider's Web, was just released on Blu-ray a few days ago. As you could expect, the movie has many hacking scenes throughout, just like the previous English and Swedish language movies centere ...more
One thing I absolutely cannot stand is lag when I'm gaming. Every time I'm about to beat my killstreak record on Call of Duty, my internet connection drops and I'm a goner. It never fails. This usually happens because someone else on my Wi-Fi is streaming a movie or downloadin ...more
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
How To:
Make Typing Text Easier to Read on iPhone, iPad, or Mac with Apple's Hover Typing Tool
How To:
Change the Default Web Browser App on Your iPhone to Open Links in Chrome, Firefox, Safari, and More
How To:
Use Apple Intelligence's Image Playground to Craft Custom Drawings and Animations for Almost Anything You Can Think Of
How To:
Follow the 2024 Election Results in Real Time with Apple News' Live Activity for iPhone, iPad, and Apple Watch
How To:
Experience Music on Your iPhone Like Never Before with Music Haptics, Which Lets You Feel Every Beat
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
Quickly Pixelate Faces in Photos on Your iPhone, iPad, or Mac to Blur Out People's Identities
How To:
New Menu Lets You Set Default Apps on Your iPhone or iPad for Calling, Messaging, Emailing, Web Browsing, and More
How To:
30 Must-Know New Features in iOS 18.1 and iPadOS 18.1 That'll Make You Want to Update
How To:
Easily Record Phone Calls on Your iPhone and Get Auto-Generated Transcripts and Summaries
How To:
Download and Install iOS 18.2 Beta or iPadOS 18.2 Beta to Try New iPhone or iPad Features First
How To:
Apple Music's 17 Hidden Features and Changes You Might've Missed on iOS 18 and iPadOS 18
How To:
Create and Manage Reminders Without Ever Leaving the Calendar App on Your iPhone, iPad, or Mac
How To:
Apple's Latest Podcasts App Update Brings 7 Must-Try Features in iOS 18, iPadOS 18, and macOS 15
How To:
Apple's Big TV App Update Gives You 10 New Features and Changes to Enhance Your Viewing Experience
How To:
Link to Specific Start Times in Apple Podcasts Episodes from iPhone, iPad, Mac, or the Web Player
How To:
Everything You Can Do with the Camera Control Button on Your iPhone 16 or 16 Pro
How To:
Always-Updated List of Apps That Support the Camera Control Button on iPhone 16 Series Models
How To:
Use Genmoji to Create Custom Emoji That Work Just Like Regular Emoji in Messages, Notes, and More
How To:
Create an Admin User Account Using CMD Prompt (Windows)
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
Remove Unwanted Objects, People, and Distractions in Photos on Your iPhone, iPad, or Mac
How To:
CC in a Physical Business Letter
Warning:
Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone
How To:
16 Harry Potter Spells for Siri That Turn Your iPhone into a Magical Elder Wand
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
Modular Origami:
How to Make a Cube, Octahedron & Icosahedron from Sonobe Units
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
Add Unsupported Cards and Passes to Apple Wallet for Quick, Easy Access on Your iPhone
How To:
Expired or Still Good? The Quickest Way to Test Baking Soda & Baking Powder for Freshness
How To:
This Is the Quickest Way to Add a New Contact on Any Phone
How To:
Turn Your Samsung Galaxy Smartphone or Tablet into a Second Display for Your Computer
How To:
This iPhone Setting Instantly Improves Video Quality When Shooting in Low Light
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Apple's Massive Calculator Update Lets You Convert Currency, Area, Length, Time, and Other Measurement Units with Ease
How To:
Share Apple Music Songs to Spotify Users (& Vice Versa) on Your iPhone
How To:
Customize the Quick Responses for Declining Calls in the Google Phone App
How To:
Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone
How To:
Generate Text, Images, and Insights with Apple Intelligence's Built-in ChatGPT Integration
How To:
See What Traffic Will Be Like at a Specific Time with Google Maps
How To:
20 Surprisingly Practical Uses for Apple AirTags
Android Basics:
How to See What Kind of Processor You Have (ARM, ARM64, or x86)
How To:
Make This Amazing 9-Layer Density Tower from Things Found in Your Kitchen
How To:
You're Using Lidar on Your iPhone and iPad — And You Don't Even Know It
How To:
Create Parabolic Curves Using Straight Lines
How To:
Quickly Pixelate Faces in Photos on Your iPhone, iPad, or Mac to Blur Out People's Identities
How To:
Turn Your Gag Reflex Off with Pressure Points
How To:
Disable the iMessage Typing Bubble Indicator So Others Don't Know You're Currently Active in the Chat
How To:
8 Ways to Shut Down and Restart Your iPhone 13, 13 Mini, 13 Pro, or 13 Pro Max
How To:
Group Texts Split into Separate Conversations on Your iPhone? Here's the Fix
How To:
Play The Card Game Declare
How To:
Create a USB Mouse Jiggler to Keep a Target Computer from Falling Asleep (& Prank Friends Too)
How To:
Remove Unnecessary Profiles & Certificates on Your iPhone to Protect Your Privacy & Security
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
How To:
Welcome to Math Craft World! (Bonus: How to Make Your Own Paper Polyhedra)
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
