Crack Wifi Encryption with Kali Linux – Fern Wifi Cracker for WEP Hacking

Today we will cover cracking WEP Wifi Network Encryption with Fern Wifi Cracker. This Hacking tool comes prepacked in Kali Linux. This is a relatively simple process anyone can do with the proper equipment and following this tutorial. First you … Continue reading

Want to Know How the Target Hackers Stole Your Credit Card?

As nearly everyone has heard, Target Corporation, one of the largest retailers in the U.S. and Canada, was hacked late last year and potentially 100 million credit cards have been compromised. Happening just before Christmas, it severely dampened Target’s Christmas … Continue reading

How to Pivot from Victim System to Owning the Network with Metasploit

To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we … Continue reading

Tutorial: Crack Private and Public SNMP Passwords Using Onesixtyone on Kali

In a recent tutorial, I showed how the SNMP protocol can be a gold mine of information for reconnaissance on a potential target. If you haven’t already, I strongly suggest that you read it before progressing here, as little of … Continue reading

Using Netdiscover & ARP to Find LAN IP and MAC Addresses

Quite often, people will ask me where they should start in Hacking. Oh my gosh! There are soooo many topics, subjects, ideas, things to memorize, things to mess with, etc… It is much too difficult to tell someone where to … Continue reading

Kali Linux: Goohost.sh extracts Hosts, IPs, or Email from Google

Goohost is a simple shell script written by Watakushi that extracts hosts/subdomains, ip or emails for a specific domain with Google search. Installation First create a directory for the installation $ mkdir -p /pentest/enumeration/google/goohost/ Then download the tool and make … Continue reading

Wordlists for Password Cracking and Other Brute Force Resources

Brute Forcing and Dictionary Attacks are two methods of getting the same result, a password. Dictionary Cracking can mostly rely on the quality of your word list. Quite often, I have people ask me where they can get wordlists. It … Continue reading

How To Hack: Kali Linux Router Password Hack Using Medusa

Medusa is described as a “speedy, massively parallel, modular, login brute-forcer” with modules available to support almost any service that allows remote authentication using a password, including: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, POP3, PostgreSQL, SMTP-AUTH, Telnet and VNC. Medusa … Continue reading

How To Bypass Antivirus Detection – Making An Executable FUD

So in this tutorial we will show you step by step on how to make a virus Fully Undetectable from all the antiviruses. Their are lots of approaches, however here we will take a look at how to make an executable FUD … Continue reading

Tutorial: MDK3 – Network Traffic Disruption

Today, we are going to go over some options with the tool MDK3, however it has to be said that the use of these options can wreak havoc on wireless networks and should be used with caution ! And of … Continue reading

Tutorial: theHarvester – Collect a Company’s Email Addresses, Subdomains, Related Servers

The information gathering steps of footprinting and scanning are of utmost importance. Good information gathering can make the difference between a successful penetration test and one that has failed to provide maximum benefit to the client. We can say that … Continue reading

Historical Hacking Philes: Improving the Security of Your Site by Breaking Into it (1993)

Dan Farmer Wietse Venema Sun Microsystems Eindhoven University of Technology 2550 garcia ave MS PAL1-407 P.O. Box 513, 5600 MB Mountain View CA 94043 Eindhoven, NL zen@sun.com wietse@wzv.win.tue.nl Introduction ———— Every day, all over the world, computer networks and hosts … Continue reading

Mimikatz: Windows Powershell Script for Dumping Local and Domain Passwords

clymb3r recently posted a script called “Invoke-Mimikatz.ps1” basically what this does is reflectively injects mimikatz into memory, calls for all the logonPasswords and exits. It even checks the targets architecture (x86/x64) first and injects the correct DLL. This is really … Continue reading

How To Hack: Creating an iOS7 Application Pentesting Environment

Now that you have your shiny new Evasion7 jailbreak running it’s time to set up the environment for application testing! Getting in Since mobile substrate is not working yet we will focus on getting our idevice up and running as … Continue reading

Max Headroom’s List of Acronyms – pt 1 (1990’s)

A lot of you are probably feeling the same I way am right at the moment I am writing this file. I just got done applying for a nice board and I simply went blank while filling out the New … Continue reading

Hackers – Wizards of the Electronic Age (1984)

Hackers – Wizards of the Electronic Age is a PBS documentary directed by Fabrice Florin filmed at the first Hacker Conference that took place at the Headlands Institute Conference Center in 1984. The conference was organized as a result of … Continue reading

Historical Hacking Philes: ATM Security Overview (1987)

ATM

(>View: automatic teller machines From ames!amdahl!nsc!voder!wlbr!gins Mon Jul 13 12:41:23 PDT 1987 Article 479 of sci.crypt: Path: ames!amdahl!nsc!voder!wlbr!gins >From: gins@wlbr.UUCP (Fred Ginsburg) Newsgroups: sci.crypt Subject: Re: ATM secret codes Summary: ATM stuff LONG… Message-ID: <1038@wlbr.UUCP> Organization: Eaton IMS, Westlake Village, … Continue reading

How To Hack: Exploit SNMP for Reconnaissance

The more we know about a system or network, the better our chances of owning it and not leaving a trace for investigators to follow. One of the often overlooked sources for information is the Simple Network Management Protocol (SNMP). … Continue reading

How to Hack: Snatch the Sysadmin Password from Remote Desktop Protocol (RDP)

One of the keys to becoming a professional and successful hacker is to think creatively. There is always a way to get into any network or system, if you think creatively. In previous tutorials, I have demonstrated ways to crack … Continue reading