Agent, your mission—code-named “Digital Lockpick”—is set within the cyber walls of Active Directory, the nexus of network security. Your mission, should you choose to accept it: to exploit the Server Message Block (SMB) protocol, a seemingly innocuous yet vital pathway through which information travels. This operation hinges on mastering the SMB Relay Attack, a tactic […]
Continue Reading
Welcome back, my aspiring cyberwarriors! Bluetooth is a nearly ubiquitous protocol used to communicate between devices in close proximity or a piconet, such as speakers, headphones, and cellphones. If an attacker can exploit Bluetooth, it may be able to take control of or eavesdrop on any of these devices. There are numerous classes of Bluetooth […]
Continue Reading
Introduction. We already know what a C2, or Command and Control server is and, if you are not familiar you should take a look at our first post of this series. In the first post of this series, we walked through setting up and configuring one. Now, it’s time to test its functionality and get […]
Continue Reading
Welcome back, my aspiring radio hackers! With the advent of inexpensive radio devices such as the RTL-SDR, HackRF, LimeSDR and bladeRF, the possibility of hacking radio frequency (RF) communication and control devices has been blown wide open to anyone in the cybersecurity/infosec field. Although not commonly included in penetration tests, radio hacks should be considered […]
Continue Reading
Many of our aspiring cyberwarriors have been asking for a separate digital forensics and incident response (DFIR) training program and we have responded! This new program will use many of the existing courses on our Subscriber and Subscriber Pro platform and add additional, new courses specifically for digital forensics and incident response. We recognize that […]
Continue Reading
Welcome back, my aspiring cyberwarriors! SCADA hacking and security is different from traditional hacking in numerous ways. For a review of how SCADA hacking is different, check out my article here. One of the key ways that SCADA Hacking and Security is different is that the security professional is protecting the process and not necessarily […]
Continue Reading
Welcome back, my cyberwarriors! In our digital age, we are blessed with many digital wonders. Among these is the mobile phone. The mobile phone enables us to call nearly any body from anywhere, take photos, listen to music, text and email, and other myriad pleasures and convenience. At the same time, this mobile phone can […]
Continue Reading
Welcome back, my cyberwarriors! Hackers-Arise is a white-hat hacker training site. This means that we use our skills for good. Obviously, this means things like penetration testing and cyber-security. That is the textbook definition of a white hat hacker and one you will see on many hacking/cybersecurity certification exams. Rather than be confined by the […]
Continue Reading
Welcome back, my hacker novitiates! I began this series on scripting a while back to teach all aspiring hackers how to write some basic scripts for hacking and reconnaissance. Without developing some basic scripting skills, the aspiring hacker will be condemned to the realm of the script kiddie. This means that you will be limited […]
Continue Reading
Welcome back, my aspiring OSINT Investigators! In the course of OSINT or forensic investigations, there are often times when you will need an email password of the subject of your investigation. In a security assessment or pentest, you may want to check to see whether you can obtain the passwords of users in the target […]
Continue Reading