How To: Build a Man-in-the-Middle Tool with Scapy and Python
Man-in-the-Middle attacks can prove to be very useful, they allow us to do many things, such as monitoring, injection, and recon.
Calculate Target Search Results
How To: Use a Light Bulb and the Sun to Make a Fire
Don't throw away your dead light bulbs, they may come in handy one day. This video will show you how to start a fire using a dead lightbulb. And no electricity. The tricky part is emptying out the insides, but this can be done with sticks and stones, assuming you're in a survival situation and just happen to have a light bulb with you for whatever reason.
How To: Calculate Faster Than a Calculator
When you need to crunch numbers quickly — and I mean really quickly — there's a cool method you can use to multiply two numbers together in just a few seconds.
How To: Hack a Hard Drive into a Hidden Flash Drive, Cell Phone Charger & More!
Video: . Recycle your hard drive into a hidden flash memory device that only you know how to turn on and use in secret. This DIY hack project allows you to recycle your broken hard drives back to life and turn them into something useful.
How To: Master Newton's laws of motion in aerospace with NASA
NASA -- the National Aeronautics and Space Administration, the United States government's most infamous agency, the powerhouse of space exploration -- teaches you the basics of Isaac Newton's Laws of Motion. Who better to learn motion theory from than NASA?
How To: Gather Information on PostgreSQL Databases with Metasploit
Attacks against databases have become one of the most popular and lucrative activities for hackers recently. New data breaches seem to be popping up every week, but even with all of that attention, databases continue to be a prime target. All of these attacks have to start somewhere, and we'll be exploring a variety of methods to gather information on PostgreSQL databases with Metasploit.
How To: Find & Exploit SUID Binaries with SUID3NUM
File permissions can get tricky on Linux and can be a valuable avenue of attack during privilege escalation if things aren't configured correctly. SUID binaries can often be an easy path to root, but sifting through all of the defaults can be a massive waste of time. Luckily, there's a simple script that can sort things out for us.
How to Hack with Arduino: Building MacOS Payloads for Inserting a Wi-Fi Backdoor
Arduino is a language that's easy to learn and supported on many incredibly low-cost devices, two of which are the $2 Digispark and a $3 ESP8266-based board. We can program these devices in Arduino to hijack the Wi-Fi data connection of any unlocked macOS computer in seconds, and we can even have it send data from the target device to our low-cost evil access point.
How To: Use One-Lin3r to Quickly Generate Reverse Shells, Privesc Commands & More
A lot of time can be wasted performing trivial tasks over and over again, and it's especially true when it comes to hacking and penetration testing. Trying different shells to own a target, and testing out privilege escalation commands afterward, can eat up a lot of time. Fortunately, there is a tool called One-Lin3r that can quickly generate shells, privesc commands, and more.
Market Reality: Magic Leap vs. Nreal Lawsuit Update, Disney & Target Do AR Marketing, Sotheby's Comes to Magic Leap One
Magic Leap's legal battle against Nreal has taken an intriguing turn this week, as Magic Leap set a date to discuss the matter with Nreal. But a new partnership struck by Nreal adds another wrinkle to the duel between the two AR wearable makers.
How To: Use LinEnum to Identify Potential Privilege Escalation Vectors
The art of privilege escalation is a skill that any competent hacker should possess. It's an entire field unto itself, and while it's good to know how to perform the techniques involved manually, it's often more efficient to have a script automate the process. LinEnum is one such script that can be incredibly useful for privilege escalation on Linux systems.
How To: Use Metasploit's Timestomp to Modify File Attributes & Avoid Detection
It is said that the best way to avoid detection when hacking is to leave no trace, and often that means not touching the filesystem at all. But realistically, in most cases, it's impossible not to interact with the filesystem in one way or another. The next best thing to do to throw off any investigators is to change the file attributes to hide activity. We can do this with Metasploit's Timestomp.
How To: Change Resolution & Bit Rate in Filmic Pro for High-Quality Video Up to 4K at 100 Mbps
Filmic Pro harnesses the full native power of your iPhone or Android phone — and then some. If your smartphone shoots in 4K resolution, Filmic Pro will let you choose that resolution. However, it's not all about the pixels — bit rate is an essential factor in determining the overall quality of your 720p, 1080p, or 4K video, something Filmic Pro gives you full control over.
News: 8th Wall Brings Image Targets to Its Web-Based Augmented Reality Platform
When it comes to web-based augmented reality, 8th Wall has emerged as one of the leading platform providers, and the company just cranked up its capabilities another notch for AR marketers.
How To: Use Websploit to Scan Websites for Hidden Directories
Websites are often misconfigured in ways that allow an attacker to view directories that are not ordinarily meant to be seen. These directories can contain sensitive information such as private credentials or configuration files that can be used to devise an attack against the server. With a tool called Websploit, hackers can scan targets for these hidden directories without difficulty.
How To: Elevate a Netcat Shell to a Meterpreter Session for More Power & Control
Popping a shell is often the main goal of a hacker, and it can be exciting when executed properly, but sometimes they do have their limitations. Metasploit's Meterpreter probably needs no introduction, but this powerful, dynamic payload can offer a leg up over normal shells. To prove it, we'll show how to take a normal command shell and elevate it to a Meterpreter session.
How To: Hack Distributed Ruby with Metasploit & Perform Remote Code Execution
Things that are supposed to make life easier for developers and users are often easy targets for exploitation by hackers. Like many situations in the tech world, there is usually a trade-off between convenience and security. One such trade-off is found in a system known as Distributed Ruby, which can be compromised easily with Metasploit.
Hacking macOS: How to Perform Situational Awareness Attacks, Part 1 (Using System Profiler & ARP)
The first few minutes after gaining access to a MacBook are critical — but where do we begin? Using tools built into macOS, we can develop an in-depth understanding of running background processes, detect antivirus software, locate sensitive files, and fingerprint other devices on the network. All of this can be done without installing additional software or modifying any files.
How To: Use MDK3 for Advanced Wi-Fi Jamming
You may have heard of a signal jammer before, which usually refers to a device that blasts out a strong enough radio signal to drown out the reception of nearby devices like cell phones. Purpose-built jammer hardware is outright illegal in many countries. Still, Wi-Fi is vulnerable to several different jamming attacks that can be done with Kali Linux and a wireless network adapter.
News: Hitman Sniper Topped Our Chart for the Best Paid Shooting Game — Get It Free on Android Right Now
Hitman Sniper topped our roundup for the best premium shooting games, and it's easy to see why. Straightforward yet intense story. Awesome visuals. Stealthy action. Strategic gameplay. Hitman Sniper is easily the best sniper game available for your smartphone, and it's currently free on Android for a limited time, as well as discounted for iPhone.
News: Malware Targets Mac Users Through Well-Played Phishing Attack
Maybe you thought sitting behind a Mac gives you special protection when it comes to getting hacked. Thanks to a a new report from Check Point, you can kiss that theory goodbye. The cyber security company just uncovered the latest strain of malware — OSX/Dok — infecting all versions of macOS (previously Mac OS X).
Mac for Hackers: How to Organize Your Tools by Pentest Stages
With all of the bare-bones setup out of the way in our Mac for Hackers series, your Apple machine should be ready to run a significant amount of pentesting tools. We can pull tools from GitHub and compile them, we can pull dependencies or tools from Homebrew, we have both Python and Ruby. Everything is ready to go and now it's time to start building a toolbox on our local host.
How To: Hack Metasploitable 2 Including Privilege Escalation
This guide is written for anyone who is practicing his penetration skills using the Metasploitable 2. The problem that we are facing here is that we have to penetrate to Metasploitable 2 and when this happens we understand that we are not logged in as root but as a user with less privileges!
How To: Facebook Credentials Revisited
Hey everyone, this guide will show the process of stealing your victims Facebook credentials. This is a followup to my previous post.
How To: The Art of 0-Day Vulnerabilities, Part2: Manually Fuzzing
welcome back my masters , teachers and classmates , in this second part of this 0-day series we will learn the basic of fuzzing, and i bought some gift for nullbyte(a 0 day vuln that will be released today exclusively on null-byte) .
How To: Run an VNC Server on Win7
OTW's great Tutorial Hack Like a Pro: How to Save the World from Nuclear Annihilation gives me the inspiration to try this on Win7 sp1.
How To: Auto Move for Android Puts Your Files Exactly Where You Want Them
While I consider myself to be a pretty organized guy, there are often times where I just can't find a file I put on my phone. Most of the time, when I download a file it goes automatically into my Download folder, but when I use a third-party to download other files, like torrents, they could end up in a number of places. Filtering abilities on file explorers often fall short, so it was time to find an app that would automatically sort files in real time.
Hack Like a Pro: The Ultimate Social Engineering Hack
Welcome back, my greenhorn hackers! Although we have focused primarily on technical hacks here, social engineering can sometimes be especially effective. This one requires a bit of technical skill, but not too much. In addition, it's limited by how specific a target you can choose—but it will work.
Hack Like a Pro: How to Conduct Active Reconnaissance and DOS Attacks with Nmap
Welcome back, my nascent Hackers! In my last blog, we looked at a passive way to gather information necessary for a hack. The advantage of using passive recon is that it's totally undetectable, meaning that the target never knows you're scouting them and you leave no tracks. The disadvantage, of course, is that it's limited to only some websites and not entirely reliable.
Hack Like a Pro: How to Exploit IE8 to Get Root Access When People Visit Your Website
All of my hacks up to this point have been operating system hacks. In other words, we have exploited a vulnerability usually in an operating system service (SMB, RPC, etc.) that all allow us to install a command shell or other code in the target system.
How To: Do a vinyasa yoga flow to whittle your obliques
Most ab workouts target your upper abdominals only. Sit ups and crunches, for instance, only work on that upper part of your abs without even touching the lower portion, where most of us have muffin tops and really need the work.
How To: Show up on Google results in the right country, wherever your server
Google is the biggest and best search engine on Earth, and if you are a webmaster and want your website to be a big success it would really behoove you to know as much about how it works as possible. The Google Webmasters series of videos and website were created to teach webmasters, SEO professionals, and others how Google works by answering their questions and giving them insights into how they can best integrate and utilize Google's functionality to improve their business. This video will ...
How To: Make milk chocolate and caramel slices
Have you ever wondered what it would taste and feel like to take a bit fat bite out of a supersized Twix bar? No, we're not talking about the King Size Twix bars you can get at Target. We're talking a goddamn cake-sized Twix bar.
How To: Do the runaway chainsaw glitch in Gears of War 2
The runaway chainsaw family of glitches for Gears of War 2 enable the player to chainsaw a target to death instantly, without having to wait through the tedious process of watching their victim being sawed in half vertically. This video will teach you how to use the glitch in multiplayer, whether hosting or not. Like most of the game's glitches, this isn't all that useful in the game, but if you've finished all the other content, it's time to turn to the glitches!
How To: Use the pressure points of the arms in self defense
The arms are the part of the body most used by Westerners in fighting. As a result, targeting and disabling an opponents arms is a great way to end a fight quickly without the risk involved in hitting an opponent's head. This three-part video details pressure points all over the arms and various ways of striking them in order to hurt and disable your opponent, ending your engagement with limited damage to both yourself and them.
How To: Do Lady Gaga's "Poker Face" makeup look
A poker face is sharp, beautiful, and intimidating, giving your target a peak at the cow without giving away the milk. Bring out your inner card-dealing bovine by watching this professional makeup tutorial by makeup artist Reiva Cruze.
How To: Correct colors in photos with Photoshop CS3
Need to color correct your photos and you're not sure how? In this video, the basics of RGB and CMYK colors are discussed as well as how to use them to color correct everything from everyday snapshots to portrait photographs. By using the eyedropper and the info palette to read the colors in the photos, you can then color correct. Based on the CMYK read out of the color sample targets, you can then adjust the color channels using a curves adjustment to achieve the kind of colors you'd like. A...
How To: Throw a cast net the right way
First, you have to lay down your net and bundle up the rope in one hand like an extension cord all the way up to the net. Hold the net in the same hand, and grasp the rim of the net with the other hand. When you want to throw the net, grab the net midway with the rim in the other hand, and throw it towards your target with some spin, so the net lands flat on the water. If the net landed properly, it should sink slowly to the bottom, trapping some fish underneath it. To retract the net, simply...
How To: Do Sumo squats
In this video tutorial, viewers learn how to perform a sumo squat. It is the same as a regular squat, except the legs are extended more wider. The bar should be setup a little bit below your shoulder level. Go into a split stance when picking up the bar. Keep your core muscles tight and keep the bar stabilized. Spread the legs wide, pass the shoulder width. This exercise target the leg muscles and helps strengthen them. Inhale when going up and exhale when going down. This video will benefit ...
How To: Use the siva count card sleight for many card tricks
In this video tutorial, viewers learn how to perform the Siva count sleight card trick. This sleight card trick is very similar to the Elmsley, except it is a reversal. It reveals the cards instead of facing them down. This sleight uses 5 cards, but only reveal 4 of them. It hides the target card. The card that you want to hide needs to be in he middle (3rd card). When going through each card, users have to double drop the card and not allow the spectator to see the hidden card. This video wi...