Now that a new year is here, I thought it would be a good time to give all my novice hackers a heads-up on what to expect in 2014 on Null Byte. We just began to scratch the surface of the art and science of hacking in 2013, and now we will delve a bit deeper this year to advance your hacking skills toward your ultimate goal of becoming a professional hacker!
In 2014, you can expect all of the following.
Metasploit
In 2013, we looked at the basics of how to use Metasploit for remote hacking, but in 2014 we will look at remote hacking Windows 2008, Windows 7, and Windows 8. In addition, we will look at pivoting from one system to another and we will work with the many auxiliary modules in Metasploit, including the many post-exploitation modules, some of which are great for digital forensics. We will also work on developing some scripts for Metasploit and our own Metasploit exploits.
Scripting
In 2013, we began to develop some BASH scripting skills and we will continue that process toward advanced BASH scripting, but we will also script with Perl, Ruby, and Python, working toward developing our own zero day exploits.
Botnets
Botnets are one of the most important and lucrative hacks on the web today. I will help you develop your own bot and then suggest strategies to distribute it to create your own botnet that can be used for password cracking, bitcoin mining, spam, DDoS, etc.
Reconnaissance
Reconnaissance is one of the most important, albeit least appreciated, aspects of hacking. We looked at nmap, xprobe2, hping, netcraft and some other tools for doing reconnaissance, but we will look at more tools for doing SNMP recon, DNS recon, and others. We also explore Nikto, Wikto, Ettercap, and Maltego for recon.
Android
I'll be starting a series soon on hacking the Android OS, the world's most popular mobile operating system. As so much computing is going mobile, Android and all its vulnerabilities will become a critical vector for hacking individual and corporate networks.
Bluetooth
Although we examined multiple ways to hack Wi-Fi, we need to still look at ways to hack Bluetooth, the ubiquitous short-range Wi-Fi technology used on multiple devices, but most importantly on cell phones and other mobile devices.
Digital Forensics
In 2013, we began a new series on digital forensics to educate hackers on what a good forensic investigator can learn about them after the intrusion/hack. We will be delving deeper into network forensics, as well as registry and file forensics.
Linux for Hackers
Having completed 13 modules on the basics of Linux for hackers, we will continue to develop your Linux skills with some intermediate level tutorials, including building your own router and firewall with Linux. We will look at some key text manipulation tools and delve deeper into the open source Apache web server and MySQL database.
Exploit Development
We will look at some simple shellcode development for a zero day. Before we can do that, I'll do some tutorials on how memory systems work on Windows and Linux as well as a bit of Assembly language (machine language).
Buffer Overflows
Buffer overflows are at the heart of so many remote exploits (nearly all our remote Metasploit hacks make use of a buffer overflow). We will look at the basics of a buffer overflow, how we can make buffer overflows happen, and how to test for buffer overflows.
Web Application Hacking
In 2013, we never got around to web application hacking, but it will be a key focus in 2014. We'll look especially at SQL injection and Cross-Site Scripting (XSS).
Evading Detection
A good hacker must know how to evade detection or else expect to spend some unpleasant years behind bars. We looked at some basic detection evasion in 2013, but we will delve into more advanced techniques for evading firewalls and IDSs in 2014.
Covering Your Tracks
Its critical for the survival of a hacker to cover their tracks after an intrusion. In 2013, we looked at ways to erase log files in Linux and Windows, as well as delete our command history. In 2014, we will look to overwrite the deleted log files so as to leave no gap in the log files for the sysadmin to notice as well how to completely wipe our deleted files, so that forensic investigator will be left without a clue we were ever there.
Database Hacking
In 2013, we covered some database hacking concepts, and looked at how to hack Microsoft's SQL Server and we will expand upon that subject in 2014, but we also examine how to hack Oracle, the world's most popular enterprise database and MySQL, the world's most popular web application database, as well.
Hacking with Your Tablet
Finally, we will do some hacking from your tablet or other mobile device. Now you take your hacking platform wherever you go and wreak havoc!
Another Great Year Coming for Null Byte
We have a lot coming in 2014 my aspiring hackers, so have a Happy New Year and I look forward to seeing and hearing from you around Null Byte this coming year!
Take a minute here and let me know which of these topics are most important to you, and if I missed something that you really want to see in 2014.
21 Responses
Can't wait for "Hacking with your tablet"!
Sir,
A very happy new year to you.
U31
good , then why are you waiting for ? :D its 2014 now :D
well it would be good to learn more scripting(Perl) and bot-nets how they work and how to make them(how to make them click soo you make money :D)
but over all everything you written would be read i am looking forward to it :)
quite eager for bluetooth and android hack.........thx master
Null Byte,
I am REALLY looking forward to this year. After all the amazing tutorials you have already put out here, I know this year will be even better.
Jake Hemmerle
oh my god... can't wait! YOU ROCK OTW! Thank you for being our Teacher. I appreciate your work!
Cant wait to see what kind of bot spreading methods you have :) Maybe include a section on crypting as well :)
Thank You
That looks like very promising and exciting 2014 !! :-D
Can't wait for what 2014 has in store!
1.exploit development(making exploits that work on win7 and win8)
2.hacking using mobile devices
3.forensics
4.hacking android os
5.recon
6.buffer overflows
7.more linux
the in and outs of netcat and its many uses :)
Have you seen my netcat and cryptcat tutorials?
this all looks amazing, i have been wanting to learn about blue snarfing and starting a botnet but every one of these looks good so can't wait.
thank you for taking the time to teach us.
much appreciated.
I cant find your post on why you wanted to use Kali instead of Linux,also I'm very new,I have a question. When hacking a computer,do you have to use more than one application when doing so?
Patra:
Kali is built on Debian Linux.
OTW
Glad to have discovered this site. A great source on information and knowledge.
I'm really excited to be reading your Tutorials for the two past week,I really enjoyed them and I hope you cover all the topics you said in this year.Thank you!
What about in 2015? what are your plans mr. OTW?
Check out this article on what to expect in 2015.
Do some articles on cryptography basics.
Share Your Thoughts