Hack Like a Pro: Linux Basics for the Aspiring Hacker, Part 6 (Networking Basics)
Welcome, my neophyte hackers!
Badly Attacked Search Results
Hack Like a Pro: How to Conduct Active Reconnaissance and DOS Attacks with Nmap
Welcome back, my nascent Hackers! In my last blog, we looked at a passive way to gather information necessary for a hack. The advantage of using passive recon is that it's totally undetectable, meaning that the target never knows you're scouting them and you leave no tracks. The disadvantage, of course, is that it's limited to only some websites and not entirely reliable.
Hack Like a Pro: How to Embed a Backdoor Connection in an Innocent-Looking PDF
Welcome back , my fledgling hackers! Lately, I've been focusing more on client-side hacks. While web servers, database servers, and file servers have garnered increased protection, the client-side remains extremely vulnerable, and there is much to teach. This time, we'll look at inserting a listener (rootkit) inside a PDF file, exploiting a vulnerability in Adobe's Reader.
How To: Hack Someone's Cell Phone to Steal Their Pictures
Do you ever wonder how all these celebrities continue to have their private photos spread all over the internet? While celebrities' phones and computers are forever vulnerable to attacks, the common folk must also be wary. No matter how careful you think you were went you sent those "candid" photos to your ex, with a little effort and access to public information, your pictures can be snagged, too. Here's how.
How To: Geek Up Your Holidays with These 10 Nerdy DIY Christmas Tree Ornaments
One of the more enjoyable parts of Christmas (other than opening gifts of course) is going out to find the perfect tree, struggle bringing it into the house, and decorating it. As the years went by, I realized that our tree looked exactly like every other tree in the neighborhood: the same lights, the same angel at the top, and the same red, green and white ornaments.
How To: 60+ Free Paper Snowflake Templates—Star Wars Style!
Everyone knows how to make paper snowflakes, but the kind you learned to cut in kindergarten can get a little boring. However, they are free DIY holiday decorations, and they don't have to be a generic snowflake design. They can be anything you want, from nerdy math kirigami to all the Star Wars characters you can think of!
How to Hack Like a Pro: Hacking Windows Vista by Exploiting SMB2 Vulnerabilities
Hi, gang! Time for another hack using Metasploit. We have exploited Windows XP (a very insecure operating system) and we have exploited Ubuntu and installed Meterpreter on a Linux system exploiting the Samba service. Several of you have asked for a hack on more modern Windows systems, so here goes.
How To: Master all character ultra combos in Street Fighter 4
This is a gameplay video of all the Ultra Combos for each fighter in the highly anticipated video game Street Fighter IV for the Xbox 360.
Walkthrough Metal Gear Solid: Peace Walker on the PSP
Grab your PSP and get ready to ROCK Metal Gear Solid: Peace Walker! This video walkthrough guide will take you through every mission, from the main ones to the secondary ones. Follow along and learn the tips and tricks to the gameplay so you can beat the game yourself! Peace Walker is the fifth installment in the Metal Gear series.
How To: Hack speed in Evony with Cheat Engine (10/12/09)
Need resources in Evony? Hack them… with a speed hack. You just need Cheat Engine and this video. Watch this video tutorial to learn how to hack speed in Evony with Cheat Engine (10/12/09). In order to perform this speed hack for Evony, you need to download Cheat Engine 5.5. Try it out for yourself.
How To: Do Krav Maga, Israeli martial arts
In this video series, our expert Julio Rivera will tell you all about krav maga, he will show you how o defend against a front choke, a side choke, and a rear choke. He will teach you how to defend against a bear hug, a wrist grab, and an escrima stick attack.
How To: Use a fitness disc
This is a great video clip series that shows you 26 different possible exercises you can do with a fitness disc that attack unused muscles in parts of your body you don't even realize have them.
How To: Ride motocross bikes
In this series of videos, our expert explains all things motors. If you are a beginner looking to get involved in this sport, watch these informative videos. You will learn how to keep your control while riding the bikes through mud, sand and jumps. Our expert explains the basics, such as changing a tire on the track, suspension set ups and setting yourself up for a jump. If you are already an experienced rider, get tips on jumps and stunts like wheelies from our expert motors rider. Learn ho...
How To: Use a random orbit sander
In this series of instructional videos, expert Jon Olson demonstrates how to use a random orbit sander, including tips on how to create bevels, replace discs and brushes, empty the dust bag and general cleaning, care and basic maintenance of the tool. He also covers tool safety, including electrical safety, personal safety, such as wearing protective eye gear, tips for sanding paint and the importance of keeping your woodworking work space clean. Watch this free online tutorial and you'll att...
How To: Silence Annoyingly Loud Emergency Alerts on iPhone Without Disabling Them Completely
Wireless emergency alerts help warn mobile phone users of imminent threats to life or property, such as extreme weather and natural disasters. These alerts target affected geographic areas and come with a loud sound scary enough to make you want to turn off emergency alerts altogether on your iPhone, but there's a way to keep emergency alerts without the ear-splitting, intrusive sound.
News: Vuzix Smartglasses Factory Reveal Gives Another Glimpse of Next-Gen AR Wearable
Away from the hype around Facebook's smartglasses, the high-end fascination with the Microsoft HoloLens, and the unending rumors about Apple's AR wearable is the small but powerful darling of the enterprise AR world—Vuzix.
How To: Perform Advanced Man-in-the-Middle Attacks with Xerosploit
A man-in-the-middle attack, or MitM attack, is when a hacker gets on a network and forces all nearby devices to connect to their machine directly. This lets them spy on traffic and even modify certain things. Bettercap is one tool that can be used for these types of MitM attacks, but Xerosploit can automate high-level functions that would normally take more configuration work in Bettercap.
News: Update Your iPhone to iOS 14.4.2 Right Now to Patch an Actively Exploited WebKit Vulnerability
Attackers may have actively exploited a new WebKit vulnerability on iOS and iPadOS, but Apple just released a patch to secure your iPhone and iPad from attacks.
How To: Turn Off Amber Alerts on Your iPhone, Plus Emergency, Public Safety & Other Government Warnings
Amber, emergency, and public safety alerts on an iPhone are loud — startle-you-to-death loud even. They can happen at any time, day or night, and sometimes back to back when you're in a big city. Those blaring sirens can wake you from sleep, interrupt an important meeting, or disrupt an entire movie theater mid-movie, but you can turn most of them off if you're tired of hearing them.
How To: Safeguard Your Data & Privacy with This Speedy VPN
It's a myth that regular users only need the protection of a virtual private network when on a public Wi-Fi connection. First, almost all network connections can be accessed without the proper permissions. Second, ethical hackers also need to think about using a VPN as one step to encrypting and protecting their activity and identity during pentests, phishing, and other actions.
How To: Conduct a Pentest Like a Pro in 6 Phases
Penetration testing, or pentesting, is the process of probing a network or system by simulating an attack, which is used to find vulnerabilities that could be exploited by a malicious actor. The main goal of a pentest is to identify security holes and weaknesses so that the organization being tested can fix any potential issues. In a professional penetration test, there are six phases you should know.
How To: Find & Exploit SUID Binaries with SUID3NUM
File permissions can get tricky on Linux and can be a valuable avenue of attack during privilege escalation if things aren't configured correctly. SUID binaries can often be an easy path to root, but sifting through all of the defaults can be a massive waste of time. Luckily, there's a simple script that can sort things out for us.
News: Act Fast — These Games Are Free for a Limited Time to Help with Coronavirus
Staying inside during the coronavirus pandemic isn't easy for most of us. As important as it is to keep away from others, it can be challenging to keep to ourselves day after day. That's why mobile game developers are stepping in to help; many are making their games free for a limited time, to provide some much-needed fun during scary times.
Hacking macOS: How to Turn Forums into C&C Servers to Control MacBooks
An attacker can repurpose public MyBB forums to act as command-and-control servers. It only takes a few lines of code to configure a MacBook to fetch commands and send responses to any website the attacker desires.
How To: 7 Tips to Improve Your Privacy & Safety on Twitter
As fun as Twitter is, it can also quickly turn scary. Anonymous, aggressive, and troll accounts can attack you for your tweets and stalk your every move. While you could make your profile private and block users, there are lesser-known privacy and security features that you can switch to improve your safety online.
How To: Find Hidden Web Directories with Dirsearch
One of the first steps when pentesting a website should be scanning for hidden directories. It is essential for finding valuable information or potential attack vectors that might otherwise be unseen on the public-facing site. There are many tools out there that will perform the brute-forcing process, but not all are created equally.
How To: Hack UnrealIRCd Using Python Socket Programming
UnrealIRCd is an open-source IRC server that has been around since 1999 and is perhaps the most widely used one today. Version 3.2.8.1 was vulnerable to remote code execution due to a backdoor in the software. Today, we will be exploiting the vulnerability with Metasploit, examining the underlying code to understand it, and creating our own version of the exploit in Python.
How To: Run Your Favorite Graphical X Applications Over SSH
While SSH is a powerful tool for controlling a computer remotely, not all applications can be run over the command line. Some apps (like Firefox) and hacking tools (like Airgeddon) require opening multiple X windows to function, which can be accomplished by taking advantage of built-in graphical X forwarding for SSH.
How To: Phish for Social Media & Other Account Passwords with BlackEye
Social media accounts are a favorite target for hackers, and the most effective tactics for attacking accounts on websites like Facebook, Instagram, and Twitter are often based on phishing. These password-stealing attacks rely on tricking users into entering their passwords into a convincing fake webpage, and they have become increasingly easy to make thanks to tools like BlackEye.
News: Apple Just Released iOS 13 Public Beta 2, Includes FaceTime Attention Correction, Cursor Sizing Options & More
The third developer beta for iOS 13 has been out since July 3, and while devs have had fun exploring all the new features, those of us on the public beta have sat on the sidelines running the public version of dev beta 2. But we don't need to wait any longer, as Apple just released iOS 13 public beta 2 and all the goodies that come with it.
News: Apple's iOS 13 Developer Beta 3 Available for iPhone, Packed with New Features & Changes
On July 3, Apple pushed out iOS 13 developer beta 3 for iPhone, and there's a lot found hidden within. A new FaceTime setting, more Arcade details, full-page scrolling screenshots everywhere, a noise cancellation option in the Control Center, and a new markup tool — and that's just a few of the new features.
How To: Team Up with Friends to Raid Fortresses in Harry Potter: Wizards Unite
If you've read or watched anything Harry Potter before, you know friendship and teamwork are huge parts of the story. The same goes for Harry Potter: Wizards Unite, with its "Wizarding Challenges." Here, you can tackle Fortresses full of Foes alone, but why do that when you can battle with up to four other friends at once? Here's how it all works on Android or iOS.
News: Apple Releases iOS 13 Developer Beta 2 with Config Profile OTAs, Plus Controls & New Effect for Portrait Lighting
There's no doubt iOS 13 has dominated the talk around the Apple community this month. Since the announcement and release of the first developer beta, we iPhone users have had a treasure trove of new features and changes to explore and discuss. Now the fun continues with iOS 13 dev beta 2. Who's ready to start up the conversation all over again?
News: iOS 13 Developer Beta 1 Available for iPhone with a Lot of Kinks to Work Out
The first developer beta for iOS 13 is available to install on iPhone models, but the process for doing so may be a bumpy ride. Apple has not included configuration profiles for the developer beta yet, and many developers are having issues installing iOS 13 even with macOS 10.15 Catalina installed. Plus, since this is the first beta, there are a lot of problems with old and new features to work the kinks out of.
How To: Install Android Q Beta on Any Project Treble Phone
For many, the stock version of Android is often considered the epitome of what the operating system should look and feel like by default. It's clean and clear of unwanted extra apps that come pre-installed with the system, provides a fluid and fast user experience, and runs on just about any device that has an unlocked bootloader to install a custom ROM with the stock version ready to go.
How To: Exploit EternalBlue on Windows Server with Metasploit
Particular vulnerabilities and exploits come along and make headlines with their catchy names and impressive potential for damage. EternalBlue is one of those exploits. Originally tied to the NSA, this zero-day exploited a flaw in the SMB protocol, affecting many Windows machines and wreaking havoc everywhere. Here, we will use EternalBlue to exploit SMB via Metasploit.
How To: Use & Abuse the Address Resolution Protocol (ARP) to Locate Hosts on a Network
When joining a new network, computers use the Address Resolution Protocol to discover the MAC address of other devices on the same network. A hacker can take advantage of ARP messages to silently discover the MAC and IP address of network devices or actively scan the network with spoofed ARP requests.
How To: Track a Target Using Canary Token Tracking Links
Canary tokens are customizable tracking links useful for learning about who is clicking on a link and where it's being shared. Thanks to the way many apps fetch a URL preview for links shared in private chats, canary tokens can even phone home when someone checks a private chat without clicking the link. Canary tokens come in several useful types and can be used even through URL shorteners.
How To: Add 2-Step Verification to Uber for Stronger Overall Account Security
If you've ever received an email from a sketchy address purporting to be Uber, asking you to sign in with your credentials, you might be a phishing target. Hackers use a fake login page from real-looking domains to trick you into giving up your account information, and while it's been an issue in the past, Uber is making it more difficult on cyber thieves with the addition of two-step verification.
How To: Use Metasploit's Database to Stay Organized & Store Information While Hacking
The ability to stay organized and be resourceful with data gathered from recon is one of the things that separates the true hackers from the script kiddies. Metasploit contains a built-in database that allows for efficient storage of information and the ability to utilize that information to better understand the target, which ultimately leads to more successful exploitation.