For the uninitiated, it can be difficult to buy that special hacker in your life a perfect holiday gift. That's why we've taken out the guesswork and curated a list of the top 20 most popular items our readers are buying. Whether you're buying a gift for a friend or have been ...more
Net neutrality is dead and your internet service providers can collect all the data they want. While VPNs are a great way to protect some of that privacy, they're not perfect. There is another option, though, called Noisy, which was created by Itay Hury. It floods your ISP wit ...more
In the previous article in this short series, we learned how to find our neighbor's name using publicly accessible information and how to monitor device activity on their home network. With this information at our disposal, it's time to get into installing and configuring the ...more
Koadic allows hackers to monitor and control exploited Windows systems remotely. The tool facilitates remote access to Windows devices via the Windows Script Host, working with practically every version of Windows. Koadic is capable of sitting entirely in memory to evade detec ...more
PowerShell Empire is an amazing framework that is widely used by penetration testers for exploiting Microsoft Windows hosts. In our previous guide, we discussed why and when it's important to use, as well as some general info on listeners, stagers, agents, and modules. Now, we ...more
The threat of an evil access point has been around for a long time, and with the rise of open public Wi-Fi, that threat is often overshadowed by how comfortable we are using third-party Wi-Fi hotspots at coffee shops and public spaces. While we've shown an evil twin attack usi ...more
In one of my previous articles, I discussed ShinoBot, a remote administration tool that makes itself obvious. The goal is to see if the user could detect a remote administration tool or RAT on their system. In this article, I'll be demonstrating the use of Pupy, an actual RAT, ...more
Bluetooth Low Energy (BLE) is the de facto wireless protocol choice by many wearables developers, and much of the emerging internet of things (IoT) market. Thanks to it's near ubiquity in modern smartphones, tablets, and computers, BLE represents a large and frequently insecur ...more
RouterSploit is a powerful exploit framework similar to Metasploit, working to quickly identify and exploit common vulnerabilities in routers. And guess what. It can be run on most Android devices. I initially covered RouterSploit on Kali Linux and macOS (OS X), but this tuto ...more
Greetings aspiring hackers. I have observed an increasing number of questions, both here on Null-Byte and on other forums, regarding the decision of which USB wireless network adapter to pick from when performing Wi-Fi hacks. So in today's guide I will be tackling this dilemm ...more
Open-source intelligence researchers and hackers alike love social media for reconnaissance. Websites like Twitter offer vast, searchable databases updated in real time by millions of users, but it can be incredibly time-consuming to sift through manually. Thankfully, tools li ...more
The tactic of brute-forcing a login, i.e., trying many passwords very quickly until the correct one is discovered, can be easy for services like SSH or Telnet. For something like a website login page, we must identify different elements of the page first. Thanks to a Python to ...more
The macOS 10.14 security update tried to make parts of the operating system difficult for hackers to access. Let's take a closer look at how its new feature works and what we can do to spoof the origin of an application attempting to access protected data. Apple introduced so ...more
Wi-Fi tools keep getting more and more accessible to beginners, and the LAZY script is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA ha ...more
Beginners learning brute-forcing attacks against WPA handshakes are often let down by the limitations of default wordlists like RockYou based on stolen passwords. The science of brute-forcing goes beyond using these default lists, allowing us to be more efficient by making cus ...more
Being able to write your own hacking tools is what separates the script kiddies from the legendary hackers. While this can take many forms, one of the most coveted skills in hacking is the ability to dig through the binary files of a program and identify vulnerabilities at the ...more
NOTICE: Ciuffy will be answering questions related to my articles on my behalf as I am very busy. Hope You Have Fun !!! Hello Guys, Welcome to my first tutorial and in this tutorial we are basically going to create a port scanner in python ( I guess without external librarie ...more
Web applications are ubiquitous in the modern online world, and knowing how to attack them is an increasingly valuable skill. But the key to a successful attack is good recon since it's easier to be focused and efficient with the more information you have. There are many finge ...more
The USB Rubber Ducky is a well-known hacking device in the cybersecurity industry, but it needs to be preprogrammed before it can be used. That means it's not easy to issue commands to a target computer since you can't interact with it from afar after plugging it in. And if yo ...more
The moment arrives when you finally pop a shell on the web server you've been working on, only you find yourself in a strange environment with limited functionality. Restricted shells are often used as an additional line of defense and can be frustrating for an attacker to stu ...more
Browser extensions are extremely useful since they can expand web browsers like Google Chrome and Mozilla Firefox beyond their built-in features. However, we don't always know who's behind a browser add-on or what it's doing beyond what's advertised. That's where ExtAnalysis c ...more
Secure Shell is one of the most common network protocols, typically used to manage remote machines through an encrypted connection. However, SSH is prone to password brute-forcing. Key-based authentication is much more secure, and private keys can even be encrypted for additio ...more
Sudo is a necessity on most Linux systems, most of which are probably being used as web servers. While the principle of least privilege is typically applied, sudo misconfigurations can easily lead to privilege escalation if not properly mediated. Which brings us to SUDO_KILLER ...more
One of the most exciting things as an ethical hacker, in my opinion, is catching a reverse shell. But often, these shells are limited, lacking the full power and functionality of a proper terminal. Certain things don't work in these environments, and they can be troublesome to ...more
While our time with the Protostar VM from Exploit Exercises was lovely, we must move on to bigger things and harder challenges. Exploit Exercises' Fusion VM offers some more challenging binary exploitation levels for us to tackle. The biggest change is that these levels are al ...more
After a long hiatus, we shall once again emerge from the shadowy depths of the internet to build an exploit. This time, we'll be looking at how to defeat a non-executable stack by using the ret2libc technique — a lean, mean, and brilliant way of exploiting a stack overflow vul ...more
OpenBSD implements security in its development in a way that no other operating system on the planet does. Learning to use the Unix-like operating system can help a hacker understand secure development, create better servers, and improve their understanding of the BSD operatin ...more
A man-in-the-middle attack, or MitM attack, is when a hacker gets on a network and forces all nearby devices to connect to their machine directly. This lets them spy on traffic and even modify certain things. Bettercap is one tool that can be used for these types of MitM attac ...more
A dead man's switch is a fairly simple concept. If you don't perform a specific task before a set amount of time, it'll perform a specific action you set. They can be handy not just for hackers but for everyone who wants to protect themselves, someone else, or something tangib ...more
A mention of the deep web can bring to mind images of drugs, hackers, and other criminal activity. Despite the presence of these elements, the Tor network is a valuable tool for preserving privacy and anonymity. And browsing the deep web and any hidden services can be as simpl ...more
How To:
Apple News Gives You More Options for Automatic Downloads on iOS 17.5
How To:
Apple Has a Killer New Word Game Puzzle Called Quartiles on iOS 17.5
How To:
Apple Integrates Game Center Leaderboards into News+ Puzzles with iOS 17.5
How To:
11 Big New Features for Apple News on Your iPhone with iOS 17.5
How To:
Apple's iOS 17.5 Gives Your iPhone 32 New Features and Changes — Here's Everything You Need to Know About
How To:
Apple's Repair Mode for iOS Makes Prepping Your iPhone to Be Fixed Easier and More Secure
How To:
15 iPhone Tips for Busy Users to Maximize Your Productivity
Home Screen Customization:
How to Hide and Show Specific Home Screen Pages on Your iPhone
How To:
Make Your iPhone Do All Your Talking for You on Calls and in Person
How To:
Add Website Shortcuts to Your iPhone's Home Screen for Fast Access to Web Apps and Bookmarks
News:
Apple Pencil 3 Is Almost Here — And It Comes with Squeeze Gestures and These Other Features
How To:
The Messaging Trick You Never Knew You Needed
How To:
Customize and Use Control Center on Your iPhone for Quick Access to Your Most-Used Apps, Features, and Settings
How To:
Identify Any Song Playing on Instagram, TikTok, and Other Apps on Your iPhone Using Shazam
How To:
Download and Install iOS 17.5 Beta on Your iPhone — And Try New Features Before Everyone Else
How To:
Download and Install iPadOS 17.5 Beta on Your iPhone to Explore New Features Before Everyone Else
How To:
Update Your iPhone's Lock Screen with an Attention-Grabbing Note, Reminder, Warning, or Other Custom Message
How To:
Your iCloud Email Lets You Create Aliases to Protect Your Primary Email Address and Organize Your Inbox
How To:
Use Your iPhone's Built-in Image Analyzer to Reveal the Hidden Meaning Behind Symbols, Signs, and More
Text Replacements:
The Secret Weapon to Typing More with Less on Your iPhone, iPad, or Mac
How To:
Apple's iOS 17.5 Gives Your iPhone 32 New Features and Changes — Here's Everything You Need to Know About
How To:
Apple Has a Killer New Word Game Puzzle Called Quartiles on iOS 17.5
How To:
See Passwords for Wi-Fi Networks You've Connected Your Android Device To
How To:
Use FaceTime's Secret Hand Gestures and Reaction Buttons to Add Animated On-Screen Effects to Your Video Feed
How To:
11 Big New Features for Apple News on Your iPhone with iOS 17.5
How To:
Create an Admin User Account Using CMD Prompt (Windows)
Warning:
Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
How To:
See What Traffic Will Be Like at a Specific Time with Google Maps
How To:
15 iPhone Tips for Busy Users to Maximize Your Productivity
How To:
Your iPad Has a Hidden Built-in Calculator You're Not Using — Here's How to Unlock It
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Make Siri Say Whatever You Want Every Time You Connect Your iPhone to a Charger
How To:
Get Root with Metasploit's Local Exploit Suggester
How To:
The Trick That Lets You Link to Specific Start Times in YouTube Videos Right from Your Phone
How To:
Keep Your Night Vision Sharp with the iPhone's Hidden Red Screen
How To:
The Complete Guide on How to Build a Crystal Radio—Plus How They Work
Money Origami, Flower Edition:
10 Different Ways to Fold a Dollar Bill into a Blossoming Bloom
How To:
Make the USB Connection on Your Android Phone Default to File Transfer Mode
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Clone Any Android App on Your Samsung Galaxy Phone Without Using Any Third-Party Tools
Modular Origami:
How to Make a Cube, Octahedron & Icosahedron from Sonobe Units
How To:
Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Make Your Own Bad USB
How To:
If 'Messages' Consumes Too Much iPhone or iCloud Storage, Don't Delete Your Conversations Just Yet
How To:
100+ Secret Dialer Codes for Your iPhone
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
How To:
Crack a Combination Bike Lock in Under 30 Seconds
How To:
Your iPhone Has a Hidden Text-to-Speech Tool That'll Read Articles, Books, News, and Other Text Out Loud to You
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Turn Any Website into a Full-Screen App on Your iPhone
How To:
Use Command Injection to Pop a Reverse Shell on a Web Server
How To:
Make Delicious Thai Sticky Rice Without a Steamer or Rice Cooker
How to Fix Car Dents:
8 Easy Ways to Remove Dents Yourself Without Ruining the Paint
Anonymous Texting 101:
How to Block Your Cell Phone Number While Sending Text Messages
How To:
Make Furniture in Minecraft
How To:
Create the Most Compact 2x2 Hidden Piston Door in Under 50 Seconds!
