Metasploit, one of my favorite hacking/pentesting tools, has so many capabilities that even after my many tutorials on it, I have only scratched the surface of it capabilities. For instance, it can be used with Nexpose for vulnerability scanning, with Nmap for port scanning, and with its numerous auxiliary modules, nearly unlimited other hacking related capabilities. […]
Continue Reading
In this series, I have been trying to familiarize you with the many features of the world’s best framework for exploitation, hacking, and pentesting, Metasploit. There are so many features, and techniques for using those features, that few pentesters/hackers are aware of all of them. Many times, when doing a pentest/hack, we need to run […]
Continue Reading
Eluding and evading antivirus software and intrusion detection systems is one of the most critical tasks of the hacker. As soon as a new exploit is developed and discovered, the AV and IDS developers build a signature for the attack, which is then likely to be detected and prevented. One obvious way around this problem […]
Continue Reading
One of the most important issues any hacker must address is how to get past security devices and remain undetected. These can include antivirus software, intrusion detection systems, firewalls, web application firewalls, and numerous others. As nearly all of these devices employ a signature-based detection scheme where they maintain a database of known exploits and […]
Continue Reading
Welcome back, my rookie hackers! In this series, we are building a Raspberry Pi that we can use to spy. In part 1, we set the operating system, installed the camera and then established a SSH connection to Spy Pi. Here, we will configure and test the camera so that can then use to spy […]
Continue Reading
Welcome back my rookie hackers! Every so often, I run across a new hacking tool that really gets me excited. Autosploit is one of those! Autosploit combines the power of two of my favorite tools, Shodan and Metasploit! AutoSploit uses Shodan to find specific targets based upon their banners and then Metasploit to automate the use […]
Continue Reading
In previous tutorials, we learned how to steal system tokens that we could use to access resources, how to use hashdump to pull password hashes from a local system, and how to grab password hashes from a local system and crack them. In each of these cases, the password hashes were the passwords of the […]
Continue Reading
In this series, we are examining how to reverse engineer malware to understand how it works and possibly re-purposing it. Hackers and espionage agencies such as the CIA and NSA, regularly re-purpose malware for other purpose. Previously, we looked at the basics of IDA Pro, the most widely used disassembler in our industry. In this […]
Continue Reading
Did you love Linux Basics for Hackers? Then you will love this book! Once again, Master OTW–in his inimical style of making the complex appear simple–now addresses computer network and their protocols. There has never been a book quite like this! Master OTW breaks down each of the many network protocols showing you how […]
Continue Reading
Welcome back, my nascent Hackers! In previous articles , we looked at a passive way to gather information necessary for a hack. The advantage of using passive recon is that it’s totally undetectable, meaning that the target never knows you’re scouting them and you leave no tracks. The disadvantage, of course, is that it’s limited […]
Continue Reading