Hot Null Byte How-Tos
How To: Security-Oriented C Tutorial 0x15 - File I/O
Hello readers, in this tutorial, we will be discussing how to perform file operations such as reading and writing.
How To: Security-Oriented C Tutorial 0x0F - Functions Part III: The Stack
Welcome back to another tutorial on functions. Last time, we looked inside memory to see what functions looked like in the flesh and all that Assembly was pretty nasty. At least you have some exposure to it. This time, we will be examining how functions work with the stack.
How To: Security-Oriented C Tutorial 0x0E - Functions Part II: Memory
In the last tutorial, we learned how to make functions and how they work on the high level. This time, we will take a peek under the hood again, stare deep into its soul and see its ugliness face to face to see how it works in the lower level.
How To: Security-Oriented C Tutorial 0x0B - User Input
Hey readers! This tutorial will be the entry point for the introduction of buffer overflows. Something like requesting user input is a very common place for vulnerabilities to pop up and we will definitely have fun while trying to make programs crash. But for now, let's start with how we can get input from a user.
How To: C++ Hash Cracker
This is my first ever how-to so I apologize in advance for any grammar mistakes or spelling errors. Introduction
Don't Be a Script-Kiddie part1: Introduction to Shell Script
Hello my anxious hackers, the week has started and here we begin a new series that I think will help many here and not only, for those that have the opportunity to follow our tutorials but they are not yet part of the community.
How To: Change File Metadata (Access/Modification Date)
In this tutorial I am going to show you how to change some file metadata, this could be very useful if you want to edit or access a file and remove any evidence of your changes.
How To: Cross Site Scripting (XSS) Basics
Hello everybody Joe here. Today I will be demonstrating how you can find XSS vulnerabilities in a website and what you can do with them
How To: Take Pictures Through a Victim's Webcam with BeEF
Recently, I've been experimenting with BeEF (Browser Exploitation Framework), and to say the least, I'm hooked. When using BeEF, you must "hook" the victims browser. This means that you must run the script provided by BeEF, which is titled "hook.js", in the victims browser. Once you've done that, you can run commands against the victims browser and cause all kinds of mayhem. Among these commands, there is an option to use the victims webcam. This is what we'll be doing here today, so, let's g...
How to Hack Bluetooth, Part 2: Using MultiBlue to Control Any Mobile Device
Welcome back, rookie hackers! We recently began an exploration of ways to hack using the Bluetooth protocol. As you know, Bluetooth is a protocol that connects near field devices such as headsets, speakers, and keyboards. Its minimum range is a 10-meter radius (~33 feet) and maximum is at 100 meters (~328 feet).
How To: HID Keyboard Attack with Android (Not Kali NetHunter)
Hi , Today i will show you how to do HID Keyboard Attacks With Android BUT without using Kali NetHunter BUT You will need to install custom kernel to your Android device, that will add keyboard+mouse functions to it's USB port,So Lets Get Started
How To: Steal Form Data from Your Fake Website
Though you can use the Social Engineering Toolkit to clone websites, this way is much more customisable.
How To: Clone Login Forms Manually and Get Login Credentials!
SET is great when you have a short space of time at hand, however sometimes you want to know whats actually going on under the hood or have found a site you can't clone with SET.
How To: Upload a Shell to a Web Server and Get Root (RFI): Part 2
If you remember last time, we successfully uploaded picture with a small hidden PHP command executer embedded in it onto a server. Now, our goal is to take this a step further and get an interactive shell. To do this, we need to upload another file that either binds a port for us, or connects back. For this tutorial, we will use a Python reverse Meterpreter shell.
SEToolkit: Metasploit's Best Friend
If you read my last tutorial on using SEToolkit, you probably know that SEToolkit is an effective way to make malicious actions look legitimate. But, that was only the beginning... the truth is, Metasploit and SEToolkit belong together, and help each other very well.
How To: Brute-Force Email Using a Simple Bash Script (Ft. THC Hydra)
Hi, my name is Alan, and I am not a script kiddy brat from Xbox Live asking you how to boot someone offline for being mean to me. I am an amateur white hat hacker hoping to learn and teach and this is my first tutorial.
How To: Crack WPA/WPA2 with Wifite
Hi there again, aspiring hackers (and veterans as well)! I'm going to explain how to perform a dictionary attack on a WPA/WPA2 protected network with Wifite. Please note that this doesn't work with WPA Enterprise For that end, you'd have to use an Evil Twin to get the "Enterprise" auth attempt, and then crack it.
How To: Networking Basics for the Aspiring Hacker
Hi there, nullbytes! I've been recently using NullByte as my only source of learning (almost) and it has proven to be really good to me.
HIOB: WebSite Hacking Series Part 2: Hacking WebSites Using The DotNetNuke Vulnerability
Today, I want to share a tutorial on one of the most useful but old methods which you could use to hack websites, that is using the Dot net nuke (DNN) vulnerability . I know some of you already know about this method.
How To: Creating a (Almost) Fully Undetectable EXE Using Kali & GCC
First, I want to give credit to the author where I first found how to do this: Astr0baby's Blog. This article was dated, so I took the script on his page and reworked it to make it work today. (I also included the way to make it hide the cmd line popup.) Requirements
Hack Like a Pro: Python Scripting for the Aspiring Hacker, Part 1
Welcome back, my greenhorn hackers!
Advice from a Real Hacker: How to Protect Yourself from Being Hacked
Each day, we read about another security breach somewhere in our digital world. It has become so commonplace that we hardly react anymore. Target, J.P. Morgan, iCloud, Home Depot, and the list goes on and on.
How To: Binary Patching. The Brute Force of Reverse Engineering with IDA and Hopper (And a Hex Editor).
What if the code you are trying to reverse engineer is obfuscated or somehow corrupted? What if no way is left? Here comes what I like to call (wrongly and ironically) the "brute force of reverse engineering".
Hack Like a Pro: How to Compile a New Hacking Tool in Kali
Welcome back, my newbie hackers! Recently, I "upgraded" to Kali as my hacking platform, despite my preference for BackTrack. I did this reluctantly, primarily because new readers here could no longer download BackTrack from their site. I want to point out here that we all must keep in mind that with any software—or for that matter, any product—that is newer is not necessarily better.
Hack Like a Pro: How to Use the New p0f 3.0 for OS Fingerprinting & Forensics
Welcome back, my fledgling hackers! A short while ago, I did a tutorial on conducting passive OS fingerprinting with p0f. As you remember, p0f is different from other operating system fingerprinting tools as it does not send any packets to the target, instead it simply takes packets off the wire and examines them to determine the operating system that sent them.
Hack Like a Pro: How to Hack into Your Suspicious, Creepy Neighbor's Computer & Spy on Him
Welcome back, my neophyte hackers! Have you ever had a neighbor that you're certain is up to no good? Maybe you've seen him moving packages in and out at all hours of the night? Maybe you've seen people go into his home and never come out? He seems like a creep and sometimes you hear strange sounds coming from his home? You know he's up to no good, but you aren't sure what it is exactly.
Hack Like a Pro: How to Exploit SNMP for Reconnaissance
Welcome back, my rookie hackers! The more we know about a system or network, the better our chances of owning it and not leaving a trace for investigators to follow. One of the often overlooked sources for information is the Simple Network Management Protocol (SNMP). Many rookie hackers are not even aware of it, but it can prove to be a treasure trove of information, if you understand how it works and how to hack it.
Hack Like a Pro: How to Change the Signature of Metasploit Payloads to Evade Antivirus Detection
Welcome back, my budding hackers! I've written several listener guides on creating a malicious PDF or malicious Word document that would carry in it a payload with the Meterpreter, or reverse shell enabling you to own the system. One of the hurdles to using these techniques is the antivirus (AV) software on the target system. For instance, if you try to email a malicious PDF or Word doc, it's likely that the victim system will alert the victim that it contains a virus or other malware.
How to Hack Databases: Cracking SQL Server Passwords & Owning the Server
Welcome back, my rookie hackers! A short while back, I began a new series on database hacking, and now it's time to continue and extend your education in that field. As you know, the database contains all of the most valuable info for the hacker, including personally identifiable information, credit card numbers, intellectual property, etc. So, it's the ultimate goal of cybercrime and the APT hacker.
How To: Use GPG4Win in Windows to Encrypt Files & Emails
I love cryptography. It is like a great gigantic puzzle for me to solve. However, it is more important than that. It is also how we keep secrets safe. Not just sorta safe either, but really safe.
How To: Introduction to Modern Cryptography
Cryptography is the science of keeping secrets, or more specifically, the science of disguising them. As a point of fact, cryptography has progressed quite a bit farther and now encompasses file and message integrity, sender authentication, and pseudo-random number generators.
Hack Like a Pro: How to Conduct OS Fingerprinting with Xprobe2
Welcome back, my novice hackers! I've written a couple of articles on reconnaissance and its importance, and as I've said before, a good hacker will spend 3 to 4 more times doing reconnaissance than actually exploiting the system. If your recon isn't good, you'll likely fail, or worse—end up serving time and becoming Bubba's wife for a couple years. I can't say it enough—recon is critical.
Hack Like a Pro: How to Hack Your School's Server to Download Final Exam Answers
Welcome back, my fledgling hackers! If you're like most aspiring hackers, at one time or another you've probably spent too much time playing Call of Duty and not enough time preparing for your final exams.
Hack Like a Pro: How to Find the Latest Exploits and Vulnerabilities—Directly from Microsoft
Welcome back, my rookie hackers! Several of you have written me asking about where they can find the latest hacks, exploits, and vulnerabilities. In response, I offer you this first in a series of tutorials on finding hacks, exploits, and vulnerabilities. First up: Microsoft Security Bulletins.
Hack Like a Pro: Linux Basics for the Aspiring Hacker, Part 3 (Managing Directories & Files)
Welcome back, my tenderfoot hackers! This is the third installment of my series on basic Linux skills that every hacker should know. Although some hacking tools are available for Windows and Mac, every real hacker uses Linux—for good reason.
Hack Like a Pro: Linux Basics for the Aspiring Hacker, Part 2 (Creating Directories & Files)
In my first tutorial on Linux basics, I discussed the importance of hackers using Linux and the structure of the directory system. We also looked briefly at the cd command. In this second Linux guide, I'll spend a bit more time with changing directories, listing directories, creating files and directories, and finally, getting help. Let's open up BackTrack and getting started learning more Linux for the aspiring hacker.
How To: Use Very Basic AppleScript to Create a Fake Virus
AppleScript is quite an easy scripting language to use. In this guide, I will be showing you several commands. Near the end, I will show how these can be used to create a fake virus that actually does no harm.
Hacking Reconnaissance: Finding Vulnerabilities in Your Target Using Nmap
Remember that scene in The Matrix when Trinity uses a realistic Nmap port scan, followed by an actual SSH exploit (long since patched) to break into a power company? Well, believe it or not, but that scene is not far fetched at all. If you want to exploit vulnerabilities and root boxes, you'll need to learn how to perform the necessary reconnaissance first. In fact, you will spend far more time researching your target then you will exploiting it. In this article, I am going to show you the fi...
How To: Scan for Viruses in Windows Using a Linux Live CD/USB
Many windows users, if not all, run into a virus infection once in a while. This is unavoidable when using Microsoft's operating system. Without digressing too much, the fact that Windows is such a popular OS with no controlled software sources makes it easy for viruses and malware to spread. And while there's a plethora of antivirus tools for Windows, sometimes infections (such as certain scareware) can disable the install and/or use of antivirus systems and render your OS unusable until cle...
How To: Make a Gmail Notifier in Python
In this article, I'll show you how to make a simple Gmail notifier. Python can do various things in terms of notifications; sending commands to an Arduino unit, playing sounds, opening windows, etc. The code below simply plays some music, but the possibilities of notification methods are endless. If you aren't familiar with python, there are many sites with tutorials like this one, or this one.