How To: Play table tennis for beginners
This video will teach you the basics of ping pong. Includes simple strokes and attacking and defending strategy.
Badly Attacked Search Results
How To: Analyze bo kata group 1
This video is a step-by-step analysis of each of the moves of the first bo kata, shu shi no kon, including what attack you are blocking and striking point on the opponent. A great way to learn these moves.
How To: Do a slap shot
This ice hockey tutorial shows you how to do a slap shot. This is an excellent attack play, but be warned, it is the hardest shot a player can generate, requiring full windup with the stick.
How To: Shoot from the attack position
Jesse Hubbard discusses the mechanics of shooting and discusses and illustrates the different lacrosse shots. These are the sidearm shot, the 3/4 arm shot, sidearm shot, overhand shot and outside shot, and bounce shot. He also discusses how to shoot on the run. Tips appear throughout the video in the form of pop-ups and are summarized with sidebars.
How To: Scan, Fake & Attack Wi-Fi Networks with the ESP8266-Based WiFi Deauther
The price of hacking Wi-Fi has fallen dramatically, and low-cost microcontrollers are increasingly being turned into cheap yet powerful hacking tools. One of the most popular is the ESP8266, an Arduino-programmable chip on which the Wi-Fi Deauther project is based. On this inexpensive board, a hacker can create fake networks, clone real ones, or disable all Wi-Fi in an area from a slick web interface.
How To: Use Metasploit's Web Delivery Script & Command Injection to Pop a Shell
One of the best ways to improve your skills as a hacker is to learn to combine different avenues of attack to achieve success. What if it were possible to get a victim to connect to our machine and execute a chosen payload on our behalf? This is indeed possible with the almighty Metasploit and the aid of a technique known as command injection.
How To: Abuse Session Management with OWASP ZAP
It's always a good idea to know how an attack works at the very basic level. Manual techniques for exploitation often find holes that even the most sophisticated tool cannot. Sometimes, though, using one of these tools can make things so much easier, especially if one has a solid foundation of how it works. One such tool can help us perform a cross-site request forgery with minimal difficulty.
Hacking macOS: How to Perform Privilege Escalation, Part 2 (Password Phishing)
Locating and abusing files containing unsafe permissions is an easy and surefire way to elevate shell privileges on a backdoored macOS device. This time around, we'll be more aggressive and attempt to phish a user's login password by prompting a convincing popup message merely asking the target for their password.
News: Augmented Reality Reporting from NY Times Shows That Military Perpetrated Syria Chemical Attack
In its latest feature with an assist from augmented reality in storytelling, the New York Times shows readers the virtual crime scene it constructed to prove that the Syrian military conducted chemical warfare against its citizens.
Hacking Windows 10: How to Intercept & Decrypt Windows Passwords on a Local Network
Hashes containing login passwords are transmitted between Windows computers on local Wi-Fi networks. By intercepting and decrypting these hashes using Responder and John the Ripper, respectively, we can learn a target's login credentials which can be later used to gain physical access to their computer.
How To: Automate Brute-Force Attacks for Nmap Scans
Using Hydra, Ncrack, and other brute-forcing tools to crack passwords for the first time can be frustrating and confusing. To ease into the process, let's discuss automating and optimizing brute-force attacks for potentially vulnerable services such as SMTP, SSH, IMAP, and FTP discovered by Nmap, a popular network scanning utility.
How To: Exploit DDE in Microsoft Office & Defend Against DDE-Based Attacks
In our previous article, we learned how to take advantage of a feature, Dynamic Data Exchange (DDE), to run malicious code when an MS Word document is opened. Because Microsoft built DDE into all of its Office products as a way to transfer data one time or continuously between applications, we can do the same thing in Excel to create a spreadsheet that runs malicious code when opened. The best part is, it will do so without requiring macros to be enabled.
News: How Gut Bacteria Increase Your Risk of Heart Attack and Stroke
The evidence is mounting and is becoming indisputable: Gut bacteria play a role in strokes and heart attacks. The link may seem a little far-fetched, but cardiovascular disease may have less to do with what we eat and more to do with what chemicals gut bacteria make from the food we eat.
News: Bacteria-Killing Viruses Can Help Us Take Down Superbugs
Fighting fire with fire, scientists are harnessing the adaptability of helpful microbes to challenge the adaptability of deadly microbes. What are we talking about? Hunting with phages — viruses that attack and kill bacteria.
News: Ukraine Power Attacks; How, Who and Why?
Although there has been much speculation about how much damage could be done if hackers were to take control of a country's SCADA systems, there have been few examples - until a few months ago, with the power outage in Ukraine caused by hackers.
How To: Use NMAP 7 to Discover Vulnerabilities, Launch DoS Attacks and More!
NMAP is an essential tool in any hacker's arsenal. Originally written by Gordon Lyon aka Fydor, it's used to locate hosts and services and create a map of the network. NMAP has always been an incredibly powerful tool, but with it's newest release, which dropped mid-November of last year, they've really out done themselves.
News: The Consequences of Hacking
Mostly all hackers like to have a laugh. We like to have fun! We like to troll. And maybe, even cause some havoc once in a while. But, while we do this, we must always stay in the line of the law.
How To: Attack on Stack [Part 5]; Smash the Stack Visualization: Remote Code Execution and Shellcode Concept.
Hi everyone! In the previous part of this series, I introduced one way to hijack a program's execution flaw, though I only showed you how to crash the program and left you with a little mystery to solve. Today we are giving the solution of that and then introducing shellcode usage and remote command execution.
How To: Attack on Stack [Part 4]; Smash the Stack Visualization: Prologue to Exploitation Chronicles, GDB on the Battlefield.
Hi everyone! Last time we finished analyzing the assembly representation of our vulnerable piece of code (have I ever told you it is vulnerable?). This time we are going to introduce some fundaments about exploitation by demonstrating how to crash a program's execution. If that sounds lame, next time we will see how this crash can in fact be useful to control the program's execution, achieving remote code execution!
How To: Attack on Stack [Part 3]; Smash the Stack Visualization: Building on Fundaments, Analyzation Trilogy Conclusion.
Hi everyone! Last time we explained what roles Ebp and Esp registers have. We first introduced function's stack frame building, return address and calling conventions, but left some of the concepts floating without a full stop.
How To: Attack on Stack [Part 2]; Smash the Stack Visualization: Ebp, Esp, RET and Stack Frames.
Hi everyone! After messing around a little bit with IDA and Hopper disassemblers and briefly introducing you to memory, registers and Assembly, we are going to understand what happens when a process is running, which variables join the play and especially what happens when a function is called and why is this procedure-logic so interesting and useful along with the concept of stack.
How To: Use Traffic Analysis to Defeat TOR
As was mentioned by the great OTW last week, TOR, aka The Onion Router, has had its integrity attacked by the NSA. In an attempt to reduce the anonymity granted by the service, the NSA has opened a great many nodes of their own. The purpose is presumably to trace the origin of a communication by compromising some entrance and exit nodes. Once both are compromised, it is much easier to correlate traffic with a particular individual.
How To: Apologize to your husband after a fight
Marriage isn't always easy, and there are going to be times when you irritate your husband so badly that the relationship may seem to be in jeopardy. If you want to apologize effectively but aren't sure how, this video will give you some tips on making an honest, heartfelt, effective apology that will get your marriage back on track.
How To: Use copulative verbs and subjective complements
Yossarian the Grammarian dispels the fog surrounding copulative (linking) verbs and explains why you probably never mean to say, "I feel badly." Great English grammar lesson for ESL students.
How To: Expand Your Analytical & Payload-Building Skill Set with This In-Depth Excel Training
It's nearly impossible not to be at least somewhat familiar with Microsoft Excel. While it's needed for many office jobs and data analysis fields, hackers could also benefit from improving their spreadsheet skills. Many white hats already know some of the essential Excel hacks, such as cracking password-protected spreadsheets, but there's so much more to know from an attack standpoint.
News: Niantic Picks an AR Fight with Pokémon GO Players via Trainer Battles Rollout
Augmented reality gaming company Niantic Labs is now instigating conflicts between Pokémon GO players, but it's not as bad as it sounds.
Hacking macOS: How to Hack a Mac Password Without Changing It
A powered-off MacBook can be compromised in less than three minutes. With just a few commands, it's possible for a hacker to extract a target's password hash and crack it without their knowledge.
How To: Detect Script-Kiddie Wi-Fi Jamming with Wireshark
Due to weaknesses in the way Wi-Fi works, it's extremely easy to disrupt most Wi-Fi networks using tools that forge deauthentication packets. The ease with which these common tools can jam networks is only matched by how simple they are to detect for anyone listening for them. We'll use Wireshark to discover a Wi-Fi attack in progress and determine which tool the attacker is using.
Hacking macOS: How to Break into a MacBook Encrypted with FileVault
Don't think because your MacBook is using FileVault disk encryption your device is secure or immune to hackers. Here's how to find out if that FileVault password is strong enough to withstand an attack from a motivated attacker.
How To: Dump a MacOS User's Chrome Passwords with EvilOSX
Barrow's article on Pupy made me wish for a RAT that could target an OS frequently used by gatekeepers at startups, tech companies, and creative firms: macOS. Once run, a RAT can do severe damage by dumping a user's stored credentials for many accounts. The best loot lives in the Chrome Password cache, and EvilOSX, an OS X RAT, infiltrates macOS and dumps these credentials.
How To: Build a Pumpkin Pi — The Rogue AP & MITM Framework That Fits in Your Pocket
A man-in-the-middle attack places you between your target and the internet, pretending to be a Wi-Fi network while secretly inspecting every packet that flows through the connection. The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target.
News: Malware Targets Mac Users Through Well-Played Phishing Attack
Maybe you thought sitting behind a Mac gives you special protection when it comes to getting hacked. Thanks to a a new report from Check Point, you can kiss that theory goodbye. The cyber security company just uncovered the latest strain of malware — OSX/Dok — infecting all versions of macOS (previously Mac OS X).
How To: Gathering Sensitive Information: Scouting Media Profiles for Target Information
Here I will show you how to properly dig information on the web that has already been published, you just dont know it.
Hack Like a Pro: How to Hack Web Apps, Part 6 (Using OWASP ZAP to Find Vulnerabilities)
Welcome back, my tenderfoot hackers! Web apps are often the best vector to an organization's server/database, an entry point to their entire internal network. By definition, the web app is designed to take an input from the user and send that input back to the server or database. In this way, the attacker can send their malicious input back to the servers and network if the web app is not properly secured.
News: Predictions for the New Year
infosecinstitute posted a handy article about what to expect in the new year for cyber security, along with highlighting major game changers from 2015; 2016 Cyber Security Predictions: From Extortion to Nation-state Attacks - InfoSec Resources.
How To: HID Keyboard Attack with Android (Not Kali NetHunter)
Hi , Today i will show you how to do HID Keyboard Attacks With Android BUT without using Kali NetHunter BUT You will need to install custom kernel to your Android device, that will add keyboard+mouse functions to it's USB port,So Lets Get Started
How To: Configure a Reverse SSH Shell (Raspberry Pi Hacking Box)
If you've been watching the latest USA TV Series Mr Robot, you will have seen the Raspberry Pi used by Fsoeciety to control the HVAC system. OTW covers this very well here with his take on setup they may of used.
How To: Backdooring on the Fly with MITMf
Do you remember my last article on how to hook any web browser with MITMf and BeEF? Well, we are using the tool once again, but this time for auto-backdooring....
How To: Make a Locked File Cracker with Python
Welcome back, friends! Many times, businesses, friends, and family will lock their zip files with a password to keep their files secure. It is reasonable, and understandable. Well, thanks to hackers, there are many ways to get past this wall of security.
SEToolkit: Metasploit's Best Friend
If you read my last tutorial on using SEToolkit, you probably know that SEToolkit is an effective way to make malicious actions look legitimate. But, that was only the beginning... the truth is, Metasploit and SEToolkit belong together, and help each other very well.