wifite – Automated Wireless (wifi) Attack Auditor

Hacking Wifi

Wifite v2 is now available Get the latest version on Github What’s new in this version: support for cracking WPS-encrypted networks (via reaver) 2 new WEP attacks more accurate WPA handshake capture various bug fixes Version 2 does not include … Continue reading

How to Hack: Fingerprint Web Servers Using Httprint

server_room (1)

If you are following my site, you have undoubtedly read a few ways to identify what system a server is running. Probably the simplest way is to use netcat and connect to port 80 and pull the webserver banner. The … Continue reading

Find Openings in Firewalls with Firewalk in Linux/UNIX

firewall

Access control lists represent an important first line of defense on most networks, since they are commonly used on routers to limit the protocols allowed to pass to host systems behind the router. Firewalk is an open source tool that … Continue reading

Passive Operating System Fingerprinting with p0f

p0f-fingerprinting

Passive fingerprinting works by quietly examining packets for patterns and not  sending data directly to a target host. Due to this passive analysis, the remote system will not be able to detect the packet capture. The process is completely passive … Continue reading

John the Ripper Basics Tutorial

john-1

I wrote this tutorial as best I could to try to explain to the newbie how to operate JTR. Remember, this is a newbie tutorial, so I won’t go into detail with all of the features. JTR is a program … Continue reading

15 Hacking Tools to Start Your Journey

largest-buyer-tools-hacking.si_-618x347

1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although … Continue reading

Crack Wifi Encryption with Kali Linux – Fern Wifi Cracker for WEP Hacking

wifi_hack

Today we will cover cracking WEP Wifi Network Encryption with Fern Wifi Cracker. This Hacking tool comes prepacked in Kali Linux. This is a relatively simple process anyone can do with the proper equipment and following this tutorial. First you … Continue reading

How to Pivot from Victim System to Owning the Network with Metasploit

cyber-attack

To own a network and retrieve the key data, we only need to find ONE weak link in the network. It makes little sense to beat our heads against heavily fortified systems like the file and database server when we … Continue reading

Using Netdiscover & ARP to Find LAN IP and MAC Addresses

tumblr_m9zwq9U46G1r5kin3o1_500

Quite often, people will ask me where they should start in Hacking. Oh my gosh! There are soooo many topics, subjects, ideas, things to memorize, things to mess with, etc… It is much too difficult to tell someone where to … Continue reading

Kali Linux: Goohost.sh extracts Hosts, IPs, or Email from Google

ski-mask-hacker-2

Goohost is a simple shell script written by Watakushi that extracts hosts/subdomains, ip or emails for a specific domain with Google search. Installation First create a directory for the installation $ mkdir -p /pentest/enumeration/google/goohost/ Then download the tool and make … Continue reading

Wordlists for Password Cracking and Other Brute Force Resources

Biggest password cracking wordlist

Brute Forcing and Dictionary Attacks are two methods of getting the same result, a password. Dictionary Cracking can mostly rely on the quality of your word list. Quite often, I have people ask me where they can get wordlists. It … Continue reading

How To Hack: Kali Linux Router Password Hack Using Medusa

medusa

Medusa is described as a “speedy, massively parallel, modular, login brute-forcer” with modules available to support almost any service that allows remote authentication using a password, including: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, POP3, PostgreSQL, SMTP-AUTH, Telnet and VNC. Medusa … Continue reading

Historical Hacking Philes: Improving the Security of Your Site by Breaking Into it (1993)

again_china_implicated_espionage

Dan Farmer Wietse Venema Sun Microsystems Eindhoven University of Technology 2550 garcia ave MS PAL1-407 P.O. Box 513, 5600 MB Mountain View CA 94043 Eindhoven, NL zen@sun.com wietse@wzv.win.tue.nl Introduction ———— Every day, all over the world, computer networks and hosts … Continue reading

Mimikatz: Windows Powershell Script for Dumping Local and Domain Passwords

powershell_2

clymb3r recently posted a script called “Invoke-Mimikatz.ps1” basically what this does is reflectively injects mimikatz into memory, calls for all the logonPasswords and exits. It even checks the targets architecture (x86/x64) first and injects the correct DLL. This is really … Continue reading

How to Hack: Snatch the Sysadmin Password from Remote Desktop Protocol (RDP)

cain-rdp

One of the keys to becoming a professional and successful hacker is to think creatively. There is always a way to get into any network or system, if you think creatively. In previous tutorials, I have demonstrated ways to crack … Continue reading

Historical Hacking Philes: My Favourite UNIX Commands, By ZeeBee (1990)

Unix-1

*** My Favourite UNIX Commands *** *** A List Of Some OF The Most Useful UNIX ** *** Hacking Commands, and Some Hints On Their Usage *** *** Written By ZeeBee Australia Inc. 1990 *** Ok UNIX freaks, here is … Continue reading

How to Hack: Ultimate Metasploit Meterpreter Command Cheat Sheet

metasploit

Many of you have probably heard about the MetaSploit Meterpreter Shell. A number of you have probably even used it. But some of you are probably wondering, “What are all the commands for Meterpreter?” Well, here we have a comprehensive … Continue reading

How to Hack: Use Wireshark to Capture, Filter, and Inspect Packets

wireshark-logo

Wireshark, a network analysis tool formerly known as Ethereal, captures packets in real time and display them in human-readable format. Wireshark includes filters, color-coding and other features that let you dig deep into network traffic and inspect individual packets. This … Continue reading

How To Hack: Execute BAT File in the Background Invisibly

Batch coading

What happens when you double-click on a BAT file? Or, you run the BAT file from your commandeered cmd prompt? It pops up and runs! Now, we can’t be having the user see this, can we? A hacker also sometimes … Continue reading

How To Hack: Wafw00f Tutorial – Web Application Firewall Detection Tool

waf-logo

Introduction This is a Web Application Firewall Detection Tool. The tool was written by – Sandro Gauci And G. Henrique. It will help you detect the WAF ( Web Application Firewall )  behind the any domain. Wiffit (Wafw00f ) can … Continue reading