Hot Null Byte How-Tos
How To: Detect BlueBorne Vulnerable Devices & What It Means
Armis Labs has revealed eight vulnerabilities, called "BlueBorne", which put 5.3 billion Android, iOS, Windows, and Linux devices that use Bluetooth at risk. With it, hackers can control devices, access data, and spread malware to other vulnerable devices through networks. In this post, we will learn about the vulnerabilities, then look at how to find devices that have them.
How To: Use a Virtual Burner Phone to Protect Your Identity & Security
Every time you make a call or send a text, you're giving the recipient your phone number. This can be quite the security vulnerability, opening yourself up to scammers, spammers, and the feds. In this how-to, we'll look at what a burner phone is, why you might want one, and how to get started using a free second phone number on your regular smartphone.
How To: Track Government Aircraft 200 Miles Away with a Raspberry Pi
Aircraft equipped with ADS-B are constantly shouting their location into the radio void, along with other useful unauthenticated and unencrypted data. In this guide, we will make an ADS-B receiver using a Raspberry Pi with a software-defined radio (SDR) dongle, which we can use to track aircraft anywhere in real time.
Social Engineering: How to Use Persuasion to Compromise a Human Target
Social engineering makes headlines because human behavior is often the weakest link of even well-defended targets. Automated social engineering tools can help reclusive hackers touch these techniques, but the study of how to hack human interactions in person is often ignored. Today, we will examine how to use subtle, hard to detect persuasion techniques to compromise a human target.
How To: Slip a Backdoor into PHP Websites with Weevely
Backdoors are convenient to leave behind once you've already found a way into a server, and they can come in handy for a variety of reasons. They're good for developers who want a quick way into machines they're working on, or for systems administrators who want similar access. Of course, backdoors are also a hacker's best friend, and can be added in a variety of ways. One good tool for doing this is Weevely, which uses a snippet of PHP code.
How To: Install Gitrob on Kali Linux to Mine GitHub for Credentials
GitHub is an extremely popular site that allows developers to store source code and interact with other users about their projects. Anyone can download public, open-source files on GitHub manually or with Git, and anyone can fork off someone's project to expand or improve it into its own project. It's a really great site for programmers, developers, and even inspiring hackers.
How To: VBScript for DDosing Sites
Hello Guys, Today I have made a script for ddosing sites with VBScript! And I don't know how you guys do it, but I've made a script that refreshes the page in a chosen amout of milliseconds. And if you want it a number of times or if you want it to go on and on. And this is a script to run it on your botnet. But again I don't know if this works on your botnet too.
How To: Kick People Off Your Internet
This is my first post please tell me what I can improve. (I don't claim any of the images. I tried taking screen shots but it froze my computer. ) I will be using wlan0 because thats my wireless but use yours.
How To: Theme Your Kali Linux
I am back this time showing you guys how to theme your kali linux. Being true kali is good for pentesting but when it comes to looks it is lifeless , maybe the kali rolling could be an exception but even that makes you feel bored after a long time . So in this tutorial I am gonaShoe you how to theme up your kali
How To: Port Forwarding for Newbies
I have came across a lot of members on the forum that didn't have a clear idea of what port forwarding is and what it does. So...Let's get started...
SPLOIT: Cryptography Is a Bitch (Ransomware Development): Part 2: Encrypting the File System with AES
Greetings my fellow hackers, In the previous article, I discussed briefly about ransomwares and their devastating capabilities. Devastating in a way that ransomwares are not only known to encrypt files but to also lockout some specific functions of the system and hold it up for a ransom.
Networking Foundations: Subnetting Based on Host Requirements
Hello everyone! I hope you are having a great day so far. Today, instead of caring about networks we are going to talk about subnetting based on host requirements as promised in my first article about subnetting. Just like in the previous articles we will jump right into the examples because that's the best way to learn.
How To: Build an FTP Password Sniffer with Scapy and Python
Welcome back everyone. I apologize for the lack of training articles, but I've been rater busy lately. I've recently picked up a second job and my college courses are now back in session, so I'm a bit strapped for time.
Decrypting [Part 1]: How to Decrypt Caeser Encrypted Texts
In this Tutorial I will show you how you can use the frequency of letters to decrypt the famous Caesar cipher. I hope it is easy to understand and helpful for getting in touch with basic cryptanalysis. If you find any mistakes or have questions feel free to ask me. Finally I ask you to give me feedback which I will take into account for the next part.
How To: Build a Directory Brute Forcing Tool in Python
While attempting to hack a web app, there may come a point where the attacker may have to escape the default directory in order to access unauthorized files. This is known as a directory traversal attack. Much as the name implies, this attack involved traversing the servers directories. But in order to move to an unauthorized directory, we need to know where those directories are. Today we'll be building a tool to brute force these directory locations based on HTTP response codes. Before we g...
Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 13 (Web Delivery for Windows)
Welcome back, my hacker novitiates! In the previous part of this series, we looked at how to use Metasploit's web delivery exploit to create a script to connect to a UNIX, Linux, or OS X machine using Python. Many members of the Null Byte community have asked me, "Can we do the same for a Windows systems?" The answer is YES!
How To: Use Your Android as a Hacking Platform:Part 1 Getting Your Android Ready.
Hey guys I am starting this Series because I thought there was a lack of post about Hacking from Android.
How To: Gathering Sensitive Information: Scouting Media Profiles for Target Information
Here I will show you how to properly dig information on the web that has already been published, you just dont know it.
How to Train Your Python: Part 18, Introduction to Bitwise Operators
Welcome back! In our last training session we covered classes and how OOP can make programming/scripting easier. Today we'll be taking a breather and covering something fairly simple, bitwise operators.
How To: Write Batch!
Right, So i've been asking alot of questions here on Null-Byte and everyone has been really helpful to me.
How To: Advanced Cryptography - Total Guide
Hello people again, I wrote my last post about crypto about 10 months ago, now I will introduce something not fresh for the science, but fresh for the people who wants to learn. In my http://null-byte.wonderhowto.com/forum/cryptography-0161538/ post of crypto concepts, there is just basics, today we will see something that targets wide concepts like Symmetric crypto, Public Key Cryptography, Hashing, Keys etc...
Hack Like a Pro: How to Hack Web Apps, Part 7 (Finding Hidden Objects with DIRB)
Welcome back, my hacker novitiates! Often, to hack a website, we need to connect to and exploit a particular object within said website. It might be an admin panel or a subdirectory that is vulnerable to attack. The key, of course, is to find these objects, as they may be hidden.
How To: Bypass UAC Using DLL Hijacking
This tutorial was written with Windows 7 in mind, but the principle applies to all versions starting from 7.
Hack Like a Pro: How to Evade AV Software with Shellter
Welcome back, my tenderfoot hackers! One key area on the minds of all hackers is how to evade security devices such as an intrusion detection system (IDS) or antivirus (AV) software. This is not an issue if you create your own zero-day exploit, or capture someone else's zero-day. However, if you are using someone else's exploit or payload, such as one from Metasploit or Exploit-DB, the security devices are likely to detect it and spoil all your fun.
A Hackers Advice & Tip: Choosing Your Path. Knowing Where to Learn & How to Learn It **Newbies Please Read**
This article is to all the newbies on here wanting to become a hacker. Since I have seen many newbie questions on here, I need to address this.
How To: Security-Oriented C Tutorial 0x21 - Linked Lists
Welcome to the final tutorial of the series on standard C. This article will cover the linked list abstract data type (ADT). There will be a lot of abstraction to try to deliver the understanding in the most basic way for easiest interpretation of what they are and how they work, then we will get into the guts of it and learn the technical code underneath. For those who have yet to grasp the concept of pointers, it's advisable that you do that first before approaching this. Having learned thi...
Raspberry Pi: Physical Backdoor Part 2
In my last post I introduced how to use ncat to connect to your Pi remotely, but what's the point to if you can't actually hack? This tutorial I'm gonna show you how to use very simple tools for a much bigger purpose. With that said, boot up our Pi and lets wreck havoc.
Hack Like a Pro: Metasploit for the Aspiring Hacker, Part 11 (Post-Exploitation with Mimikatz)
Welcome back, my neophyte hackers! Metasploit is such a powerful tool that I can only scratch the surface of its capabilities here. As it has developed over the years, it is now possible to use Metasploit for nearly everything from recon to post exploitation to covering your tracks. Given its versatility, every aspiring hacker should have at least a tentative grasp of Metasploit.
How To: Keeping Your Hacking Identity Secret: How to Become a Ghost Hacker #3
I mentioned in one of my earlier articles something about ghost hackers, and very shortly stated a thing or two of what they do.
Networking Foundations: Basic IP Addressing (Part 2)
Welcome back my networking geeks. In this part we are going to keep discussing about IP Addressing and I hope after you finish reading it you will become an IP wizzard.
IRC Guide: Making a Bot
Hello fellow Nullbytiens, I'm Washu, a long time commenter but first time poster. Today we'll be making an IRC bot, if you haven't seen OTW's post about the new IRC channel I would encourage you to go check it out. He does a good job at explaining what IRC is and how to get set up.
How To: Set Up a Pentesting Lab Using XAMPP to Practice Hacking Common Web Applications
Hello friends! This tutorial will teach you how to build a local pentesting lab on your Linux machine which will enable you to easily install common web applications so you can practice locating and exploiting their known vulnerabilities (or discover new ones!). In particular, this is an excellent way to learn how to hack Wordpress, Joomla, and Dupral plus many more!
How to Meterpreter: Obtaining User Credentials with PowerShell
In this article I will show you how to obtain victim's credentials without cracking any hashes. There are a couple of ways to perform this task (for example dumping the SAM file and cracking the NTLM hashes), but here I will explain how to do it using PowerShell and a bit of social engineering. We are going to create a fake login popup.
Hack Like a Pro: Digital Forensics for the Aspiring Hacker, Part 12 (Windows Prefetch Files)
Welcome back, my aspiring hackers! In this series, we continue to examine digital forensics, both to develop your skills as a forensic investigator and to avoid the pitfalls of being tracked by a forensic investigator.
TypoGuy Explaining Anonymity: Staying Hidden from the NSA
We all know them, and many of us despize them. And some might support them, regardless many have different opinions.
How To: Security-Oriented C Tutorial 0x16 - Functions Part IV: Recursion
Hello again, and welcome back to another tutorial on functions, this time, covering recursion. What Is Recursion?
How To: Build a Portable Pen-Testing Pi Box
Hello, Null Byte! Mkilic here. I doubt anyone knows I even exist on Null Byte, so hopefully this post will allow me to become more involved in the community and also help me learn even more.
How To: Keeping Your Hacking Identity Secret - #2
My first ever post on here was 'Keeping your hacking identity secret' and it did very well, and its not something I see here on null byte. So read along.