How To: Exploit Shellshock-Vulnerable Websites with Just a Web Browser
I'm sure that many of us have heard of that nasty Shellshock vulnerability, but not very many people know how to exploit it. Try these few tricks on vulnerable websites!
Terror Attack Search Results
How To: iPhone Messages App Keeps Crashing? Here's How to Fix It
If your iPhone is rebooting or your Messages app is constantly crashing, you might be the victim of an iOS exploit or just a buggy software update. While one problem sounds worse than the other, they both can get annoying real quick when you can't send any messages or even read new ones.
Hack Like a Pro: How to Extract Email Addresses from an SMTP Server
Welcome back, my budding hackers!
How To: Stream Beats Music in Safari Using HTML5 Instead of Flash Player
Thanks to its longevity and familiarity among web designers, Flash is still alive and thriving, but HTML5 is catching up since it can render faster in web browsers, can be customized by developers on a per platform basis, doesn't need a plugin to run, and is less vulnerable than Adobe Flash Player to attacks (for the moment).
How To: When in Distress, Shake Your Android to Send a Quick SOS Alert with Your Location
I've been lucky enough to never be a victim of street crime, but I have read and seen too many articles and videos to completely rule it out as a possibility. You can do some things to prevent it, but if your life suddenly turns into a scene from Friday the 13th, you'll want to be prepared with some sort of way to let others know you need help. This is where Shake2Safety comes in, a free Android app from Phontonapps.
How To: Calm Your Fear of Public Speaking for Better Presentations
Sweaty palms, stuttered speech, and terror blackouts: if you're someone who absolutely despises speaking before audiences, you've probably experienced side effects like these. No matter how well prepared we are, or how familiar our audience is, giving a presentation can be an experience more terrifying than death, according to psychologists. Unfortunately, it's impossible to avoid public speeches, but you can make these events less frightening with a few simple hacks.
Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 4 (Armitage)
Welcome back, my hacker novitiates! As you know by now, the Metasploit Framework is one of my favorite hacking tools. It is capable of embedding code into a remote system and controlling it, scanning systems for recon, and fuzzing systems to find buffer overflows. Plus, all of this can be integrated into Rapid7's excellent vulnerability scanner Nexpose.
How To: Rid Your Kitchen of Fruit Flies Once and for All
Even the best-maintained kitchens occasionally get a fruit fly infestation. These critters descend, lay eggs (up to 500 at a time!), and then disappear usually only after extreme cleaning efforts (i.e., finally attacking that weird puddle of goo behind your refrigerator).
Blue Screen of Death: Prank Your Friend's Precious Android Phone with Fake Viruses
It's time for another mobile prank. The classic pranks and practical jokes are always great, but let's hit your friends where it really hurts—their precious (and expensive) smartphones. And what better way to scare the shit out of them than making them believe their phone's been infected by malware?
How To: Never Get Raided Again in Clash of Clans for Android Using This Hack
Clash of Clans is one of the most successful games ever to come out for Android and iOS. It has been downloaded over 50 million times from Google Play alone, and shows no signs of decline.
How To: Keep Comcast from Using Your Router as a Wi-Fi Hotspot
In a era where cyber security is becoming increasingly important, Comcast has decided to use its customers' routers to provide hotspot access to the public. A new program, outlined by Dwight Silverman over on the Houston Chronicle website, seeks to provide Xfinity customers with city-wide Wi-Fi hotspots by using, well...other customers' wireless routers.
Hack Like a Pro: How to Crack Online Passwords with Tamper Data & THC Hydra
Welcome back, my tenderfoot hackers! Not too long ago, I showed how to find various online devices using Shodan. As you remember, Shodan is a different type of search engine. Instead of indexing the content of websites, it pulls the banner of web servers on all types of online devices and then indexes the content of those banners.
News: Android Exploit Allows Apps to Film You Undetected: Here’s How to Reduce Your Risk
A recent security risk exposed by software engineer Szymon Sidor has raised a few eyebrows amongst the Android community.
Heartbleed Still Lingers: How to Check Your Android Device for Vulnerabilities
Unless you've been living under a rock with no internet connection, it's safe to say that you've heard of the Heartbleed flaw that allows practically anyone with the right knowledge to steal your personal information, such as passwords, credit card numbers, and e-mail addresses using OpenSSL.
How To: Turn Your Galaxy S4 into a TV-Pranking Machine with a Universal Power Button
April Fools may be over, but any day is a good day to prank someone, and the best time to do it is when everyone's eyes are glued to the television.
How To: Patch the SSL Bug Without Updating Your Jailbroken iPad or iPhone to iOS 7.0.6
Last week, Apple issued an iOS 7.0.6 update that fixed a serious security vulnerability that could allow hackers to steal passwords, read emails, and get info from other SSL-encrypted communications.
How To: Got Beef? Getting Started with BeEF
With the the general computer users understanding of Information security rising (at least to the point of not clicking on unknown links), and operating system security getting better by default. We need to look for new and creative ways to gain a foothold in a system.
How to Hack Databases: Extracting Data from Online Databases Using Sqlmap
Welcome back, my greenhorn hackers! In a previous tutorial on hacking databases, I showed you how to find online databases and then how to enumerate the databases, tables, and columns. In this guide, we'll now exfiltrate, extract, remove—whatever term you prefer—the data from an online database.
Hack Like a Pro: How to Pivot from the Victim System to Own Every Computer on the Network
Welcome back, my hackers apprentices! To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we can take advantage of the biggest weak link of all—humans.
How To: Properly Connect Additional Controllers to Your Xbox One System
Don't be greedy, sharing is caring. If you have a brand new Xbox One, let some friends and family in on the action by getting a few extra controllers. You can connect up to eight controllers on one Xbox One console. Now that's a gamer party waiting to happen.
Hack Like a Pro: How to Create a Nearly Undetectable Backdoor with Cryptcat
Welcome back, my fledgling hackers! Awhile back, I demonstrated one of my favorite little tools, netcat, which enables us to create a connection between any two machines and transfer files or spawn a command shell for "owning" the system. Despite the beauty and elegance of this little tool, it has one major drawback—the transfers between the computers can be detected by security devices such as firewalls and an intrusion detection system (IDS).
How to Hack Wi-Fi: Performing a Denial of Service (DoS) Attack on a Wireless Access Point
Welcome back, my neophyte hackers! As part of my series on Wi-Fi hacking, I want to next look at denial-of-service (DoS) attacks, and DoSing a wireless access point (AP). There are a variety of ways to do this, but in this tutorial we'll be sending repeated deauthentication frames to the AP with aircrack-ng's aireplay. Remember, hacking wireless networks isn't all just cracking Wi-Fi passwords! Our Problem Scenario
My OS: Bugtraq II Black Widow
Welcome back my precious hackerians. Today i would like to promote an OS which i have been using for the past couple months. I'm not talking about Backtrack 5 or Kali Linux. Something even more promising:
News: Why Is Steampunk Plagued by Plague Doctors?
I'm sure that there are plenty of people out there who have no idea what a plague doctor is/was, so I'll start with an explanation.
How To: Share Your Links More Securely Using These Temporary, Self-Destructing Short URLs
We share links on an almost daily basis, usually not even thinking twice about it. Whether you're sending a funny cat video to your sister, or letting your coworker know where to go to download relevant files, there are plenty of reasons you might be giving someone a URL.
How To: Play Skyrim Like a Girl
Anyone that has ever watched a member of the opposite sex play a video game knows that the other gender does it wrong.
Light Painting with Fire: How to Create a Badass Wall of Flames!
Believe it or not, capturing a beautiful shot of a vehicle is more difficult than you think. Sure, you can just snap a photo, but capturing the design, detail, and essence of the car is a whole other story. Lighting, location, settings, and angles are play into how well the photographic representation turns out.
Today's Tidbit: Believe Your Own Lies and Everyone Will Believe Them Too
Numerous studies have shown that people are over-confident in their own abilities. Most people, for example, think that they are better drivers than average.
News: Unencrypted Air Traffic Communications Allow Hackers to Track & Possibly Redirect Flights
Considering how often many of us fly on commercial airlines, the idea that a hacker could somehow interfere with the plane is a very scary thought. It doesn't help to learn that at Defcon, a researcher found that the Automatic Dependent Surveillance Broadcast (ADS-B), transmissions that planes use to communicate with airport towers are both unencrypted and unauthenticated.
News: News Clips - June 14
An amazing amount of news this week; new proposals and new agreements have sprung up. But so has our "need" to spread our presence. The military warns of another war, while 26 congressmen decry the use of drone strikes. Read on:
How To: 10 Free Multiplayer Games Everyone Should Try on Android & iPhone
Phone specs get better and better each year, and multiplayer mobile games are right there with them. Instead of playing solo, jump into some real-time gameplay with co-op and player vs. player modes, and battle friends, family, and strangers from around the world. But which multiplayer games are worth your time on Android or iOS?
Analyzing the Hacks: The Girl in the Spider's Web Explained
The latest film addition in the American-produced Millennium series, The Girl in the Spider's Web, was just released on Blu-ray a few days ago. As you could expect, the movie has many hacking scenes throughout, just like the previous English and Swedish language movies centered around hacker Lisbeth Salander. Of course, with the quick pace of some scenes, the hacks can be hard to follow.
How To: Walkthrough the Ultimate Spider-Man: Total Mayhem game for Apple devices
Spider-Man hits the iPhone, iPod Touch & iPad! In Ultimate Spider-Man: Total Mayhem, you take control of Spidey, slinging webs and fighting crime. No longer do you have to stick to comic books, you can enjoy Spider-Man right from your Apple mobile device.
How To: Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally
ESP8266-based microcontrollers can be used to create exciting and legal Wi-Fi hacking games to test your or your friends' Wi-Fi hacking skills.
How to Hack with Arduino: Defeat VPNs & Track a MacOS Computer Remotely
The Digispark is a low-cost USB development board that's programmable in Arduino and capable of posing as a keyboard, allowing it to deliver a number of payloads. For only a few dollars, we can use the Digispark to deliver a payload to a macOS computer that will track the Mac every 60 seconds, even bypassing security like a VPN.
Hacking Windows 10: How to Dump NTLM Hashes & Crack Windows Passwords
Windows 10 passwords stored as NTLM hashes can be dumped and exfiltrated to an attacker's system in seconds. The hashes can be very easily brute-forced and cracked to reveal the passwords in plaintext using a combination of tools, including Mimikatz, ProcDump, John the Ripper, and Hashcat.
How To: 10 Free Must-Play Shooting Games for iPhone & Android
There's something extremely satisfying about hunting down your online adversaries and knocking them out with a well-placed shot, which probably explains why shooting games are still one some of the most popular time killers for iOS and Android.
Hands-On: Niantic's Harry Potter: Wizards Unite Brings New Magic to the World of Augmented Reality
Can lightning strike twice? Niantic is betting that it can with its latest augmented reality game based on the best-selling multimedia franchise Harry Potter.
Android for Hackers: How to Exfiltrate WPA2 Wi-Fi Passwords Using Android & PowerShell
It's easier than you might think to hack into Wi-Fi routers using just one unrooted Android phone. This method doesn't require brute-forcing the password, a Windows OS for converting PowerShell scripts into EXE format, a reliable VPS for intercepting hacked Wi-Fi passwords, or Metasploit for post-exploitation tricks.
How To: Use the Buscador OSINT VM for Conducting Online Investigations
For anyone using open source information to conduct an investigation, a balance between powerful tools and privacy controls are a must. Buscador is a virtual machine packed full of useful OSINT tools and streamlined for online research. This program can easily be set up in VirtualBox, and once that's done, we'll walk you through some of the most useful tools included in it.