Welcome back, my tenderfoot hackers! As you should know from before, Snort is the most widely deployed intrusion detection system (IDS) in the world, and every hacker and IT security professional should be familiar with it. Hackers need to understand it for evasion, and IT security professionals to prevent intrusions. So a basic understanding of […]
Continue Reading
WordPress is the world’s most widely used Content Management System (CMS) for websites, comprising almost 28% of all sites on the Internet. This means that tens of millions of websites use this CMS and the vulnerabilities we find there can be used on so many sites that it makes sense to devote significant time and […]
Continue Reading
Finally! “Mr. Robot” is back! The first episode of season 3 did not disappoint. Elliot is back and hacking again! The 5/9 hack of Evil Corporation has left the world in chaos and the economy crippled. There is no electricity, no banking system and little Internet access. Elliot is feeling responsible and bit guilty. The […]
Continue Reading
Mr. Robot Returns October 11! As most of you know, Mr. Robot is my favorite TV show. The storyline is familiar to most of us in the White Hat Hacker community. Elliot is an asocial, cyber-security engineer by day and a white hat, vigilante hacker by night. He is enticed by the black hat/social reform […]
Continue Reading
October 25, 2016, Voice of America (VOA) News (voanews.com) ran an article about the vulnerability of SCADA/ICS systems. In that article in the second paragraph titled “Headline Grabbers”, it cited: Because of the potential for catastrophic damage, some hackers have long targeted ICS networks in hopes of grabbing headlines. Just last month, an anonymous hacker […]
Continue Reading
This past week, NSA contractor Reality Winner, was caught and arrested for leaking information to the Interecept. This was evidence that the NSA had collected that clearly showed how the Russian hackers had attempted (maybe successfully) to hack the U.S. election system. This may be the MOST definitive evidence of how the Russians hacked the […]
Continue Reading
Welcome back, my newbie hackers! In previous articles this section, I showed you how to find WordPress sites and how to identify the vulnerabilities in these sites (WordPress comprises nearly 30% of all websites). In this tutorial, we will use wpscan again to enumerate the user accounts on that WordPress site and then brute force […]
Continue Reading
Welcome back, my novice hackers! In my series on cracking passwords, I began by showing off some basic password-cracking principles; developed an efficient password-cracking strategy; demonstrated how to use Hashcat, one of the most powerful password-cracking programs; and showed how to create a custom wordlist using Crunch. In this tutorial, I will show you how […]
Continue Reading
As a movie buff AND a professional hacker, I love the opportunity to combine my passions, so I have decided to review the best hacker movies of all time and give you my best 12 list. In recent years, Hollywood has caught the hacker bug and now nearly ever crime or adventure movie has a […]
Continue Reading
As a pentester/hacker, gathering email addresses from potential victims can have a multitude of uses. When we have email addresses of key personnel, we can launch attacks by email to get people to click on a malicious link or direct them to our malicious website where we can send XSS attacks and others browser-based attacks. […]
Continue Reading