Null Byte Features
How To: Post to Null Byte [4.10.15 Revision]
Hello readers, and welcome to Null Byte. Before we start, for those of you who may not know me, my name is ghost_; I'm a relatively active member of our community and have been around for a while.
Hack Like a Pro: How to Evade a Network Intrusion Detection System (NIDS) Using Snort
Welcome back, my fledgling hackers! Nearly every commercial enterprise worth hacking has an intrusion detection system (IDS). These network intrusion detection systems are designed to detect any malicious activity on the network. That means you!
How To: Struggling to Connect to WiFi Network on Kali Linux 2.0 VirtualBox
Hello y'all! I apologize if this question has been solved somewhere else, but I have looked around on Google, Yahoo, and Null Byte and have not been able to find any working solutions.
How To: Exploit DDE in Microsoft Office & Defend Against DDE-Based Attacks
In our previous article, we learned how to take advantage of a feature, Dynamic Data Exchange (DDE), to run malicious code when an MS Word document is opened. Because Microsoft built DDE into all of its Office products as a way to transfer data one time or continuously between applications, we can do the same thing in Excel to create a spreadsheet that runs malicious code when opened. The best part is, it will do so without requiring macros to be enabled.
How To: Bypassing School Security (White-Hat)
While following a tutorial on python recon tools, I found a new way to access the command prompt on a school network. While there are other ways of bypassing security, it's nice to learn use Python's OS library.
Exploit Development: How to Learn Binary Exploitation with Protostar
Being able to write your own hacking tools is what separates the script kiddies from the legendary hackers. While this can take many forms, one of the most coveted skills in hacking is the ability to dig through the binary files of a program and identify vulnerabilities at the lowest level. This is referred to as binary exploitation, and today we're going to check out a tool known as Protostar.
News: Samy's MagSpoof Hacking Device Was Just Featured on Mr. Robot
Samy Kamkar, security researcher and friend of WonderHowTo, just had one of his devices featured in Mr. Robot.
Hack Like a Pro: How Windows Can Be a Hacking Platform, Pt. 1 (Exploit Pack)
Welcome back, my tenderfoot hackers! As most of you know, I am strong advocate for using Linux as a hacking platform. In fact, I would say that without knowing Linux, you will never become a professional hacker/pentester.
Hack Like a Pro: How to Conduct OS Fingerprinting with Xprobe2
Welcome back, my novice hackers! I've written a couple of articles on reconnaissance and its importance, and as I've said before, a good hacker will spend 3 to 4 more times doing reconnaissance than actually exploiting the system. If your recon isn't good, you'll likely fail, or worse—end up serving time and becoming Bubba's wife for a couple years. I can't say it enough—recon is critical.
How To: A Hitchhiker's Guide to the Internet: Today and Now, How It All Connects
In the first part of this series, we took a factual and technical look at the history of the Internet. I explained how all of these wires and servers got here in the first place. Obviously, a firm did not just create and build the Internet around 1995! Now that we know how the Internet came to be, we can get into the really fun stuff—what the Internet looks like now! Well, that's not quite the network design I was talking about, but it does show what the Internet looked like back in 2007 befo...
HIOB: WebSite Hacking Series Part 2: Hacking WebSites Using The DotNetNuke Vulnerability
Today, I want to share a tutorial on one of the most useful but old methods which you could use to hack websites, that is using the Dot net nuke (DNN) vulnerability . I know some of you already know about this method.
Hacking macOS: How to Perform Situational Awareness Attacks, Part 1 (Using System Profiler & ARP)
The first few minutes after gaining access to a MacBook are critical — but where do we begin? Using tools built into macOS, we can develop an in-depth understanding of running background processes, detect antivirus software, locate sensitive files, and fingerprint other devices on the network. All of this can be done without installing additional software or modifying any files.
How To: Make Your Own USB Keylogger Hardware
Keyloggers are a must-have tool in your arsenal. Hardware keyloggers have the advantage of being undetectable through anti-virus or other protection programs. They also capture keystrokes before the OS even boots up, so they are pretty handy tools.
How To: Hack Windows(7,8) With Task Scheduler and No-IP (On WAN)
Hi there, Elites Welcome to my 6th post, This tutorial will explain how to hack windows, using a program (No-IP)
How To: Reverse Shell Using Python
Hi Folks. This is my first post. I will teach how to create a server and client python reverse shell using sockets and python language. The script i'll post here is going to be very simple, and from here you'll have the possibility to adapt to your own purpose. For example, my original script can download files, upload files, make changes to registry, create user accounts and more. I'm sure you could do it on your own too.
How To: Evil-Twin (Part 1) - Setting Up the Dhcp Server.
Hello again, ***UPDATE: Adding links to the other Two articles****
Hack Like a Pro: The Basics of XORing
Welcome back, my novice hackers! In a recent tutorial, I showed you how to use shikata_ga_nai to change the signature of a payload to evade detection by security devices (firewalls, IDS, etc.) and AV software.
Hack Like a Pro: Exploit MS Word to Embed a Listener on Your Roommate's Computer
In my last hack blog on crashing your roommates Win7 system, we started looking at client- side attacks. As promised, we will be looking at some more client-side attacks.
Exploiting XSS with BeEF: Part 1
BeEF is an XSS-exploiting framework that lets you "hook" or gain control of victim web browsers. In this part of XSS exploitation, we will be working on finding an XSS-vulnerable website. We can simply do this by Google Dorking.
How To: Use Traffic Analysis to Defeat TOR
As was mentioned by the great OTW last week, TOR, aka The Onion Router, has had its integrity attacked by the NSA. In an attempt to reduce the anonymity granted by the service, the NSA has opened a great many nodes of their own. The purpose is presumably to trace the origin of a communication by compromising some entrance and exit nodes. Once both are compromised, it is much easier to correlate traffic with a particular individual.
How To: Hack Wi-Fi Using Wifite in Kali
Welcome, my aspiring hackers! In this tutorial I'm gonna be showing you how to hack Wi-Fi using the wps compatibility of a router, in , of course, Kali. First, fire up Kali.
Hack Like a Pro: How to Conduct Active Reconnaissance on Your Target with hping3
Welcome back, my budding hackers! One of the most time-consuming, but necessary, activities in hacking is reconnaissance. Before we can hack a system, we need to know what operating system it's running, what ports are open, what services are running, and hopefully, what applications are installed and running.
How To: Disable Anti Virus Services After Got Meterpreter Session on Remote PC.
Hello Friends … My name is Suresh Senarathna and this is my first “How-To” post,
Hack Like a Pro: Perl Scripting for the Aspiring Hacker, Part 1
Welcome back, my hacker apprentices! To enter the upper echelons of hackerdom, you MUST develop scripting skills. It's all great and well to use other hacker's tools, but to get and maintain the upper hand, you must develop your own unique tools, and you can only do that by developing your scripting skills.
How To: Using BASH for Computer Forensics
Greetings to all geeks, hackers, nerds, and explorers of Null Byte. Welcome to my brand new tutorial, "Using BASH for Computer Forensics". This tutorial will give you a look at how the computer programming language, Bash, can be used to find out details on apple devices for later use.
How To: Create Service Files with Systemd
Firstly let me start by giving credit to Lucid for their guide on Evilzone which inspired this idea, as well as the recent talk of anonymity on here.
How To: The Art of 0-Day Vulnerabilities, Part2: Manually Fuzzing
welcome back my masters , teachers and classmates , in this second part of this 0-day series we will learn the basic of fuzzing, and i bought some gift for nullbyte(a 0 day vuln that will be released today exclusively on null-byte) .
How To: Protect Your Browsing with This 10-Year VPN Subscription
As useful as VPNs are for securing your browsing experience and bypassing frustrating barriers online, it's hard to find the right one among the horde of choices. VPN.asia: 10-Year Subscription is a great choice for a VPN that keeps your browsing safe and smooth, and right now, it's only $79.99.
News: 18 Easy Exploits to Raise Spellcasting Skills in Skyrim
The Elder Scrolls V: Skyrim set off a bang in the video game world this month. It will likely be video game of the year a few times over. Skyrim is another part to a series set in the fantasy world of Tamriel, a world filled with mystical creatures, folklore, and even its own history. It's quite the beatuiful and immersive experience. If you have not picked up the game yet, please do (my fiancée even plays!). Also, make sure to buy it new, so the hard working coders at Bethesda get the money ...
News: How to Study for the White Hat Hacker Associate Certification (CWA)
Since I first announced the new Null Byte recognition for excellence a few weeks ago, several of you have written me asking, "How can I study for this certification exam, and what material will be covered on the exam?" Now I have an answer for you. The White Hat Hacker Associate (CWA) will cover 14 domains or areas. Everything you need to know is here on Null Byte. There will be no questions that are not covered here on this site, guaranteed.
Hack Like a Pro: Exploring the Inner Architecture of Metasploit
Welcome back, my novice hackers! We've done a number of tutorials using one of my favorite hacking tools, Metasploit. In each of them, we've used the msfconsole, which can be reached through either the menu system or through simply typing "msfconsole" from the terminal.
How To: Use GoScan to Quickly Enumerate Networks & Services
Network enumeration is one of the essential phases of an attack, but it can take a lot of time and effort depending on the size. We've all been spoiled by Nmap and similar tools, and while there is a learning curve involved, they are extremely useful. But there's also GoScan, a tool that builds upon Nmap, offering an automated way to enumerate networks and services quickly.
How to Train Your Python: Part 18, Introduction to Bitwise Operators
Welcome back! In our last training session we covered classes and how OOP can make programming/scripting easier. Today we'll be taking a breather and covering something fairly simple, bitwise operators.
Hack Like a Pro: How to Read & Write Snort Rules to Evade an NIDS (Network Intrusion Detection System)
Welcome back, my novice hackers! My recent tutorials have been focused upon ways to NOT get caught. Some people call this anti-forensics—the ability to not leave evidence that can be tracked to you or your hack by the system administrator or law enforcement.
Uncrackable: Secure Your Secrets with 4096-Bit Encryption
As you progress in the world of information security, you'll find yourself in situations where data protection is paramount. No doubt you will have files to hide and secrets to share, so I'm going to show you how to use the GNU Privacy Guard (GnuPG or GPG for short) to encrypt and decrypt as you need. GPG is a great open-source version of Pretty Good Privacy (PGP), a similar application used for encryption, but licensing and patent problems led to the development of GPG in its wake.
How To: The Art of 0-Day Vulnerabilities, Part3: Command Injection and CSRF Vulnerabilities
INTRODUCTION Hello dear null_byters here we go again with our third part of this serie.
How To: Security-Oriented C Tutorial 0x15 - File I/O
Hello readers, in this tutorial, we will be discussing how to perform file operations such as reading and writing.
How To: Security-Oriented C Tutorial 0x18 - Malloc and the Heap
Hey guys, in this tutorial, we are going to learn about the heap segment and how to use it for storing data in our programs. We will also go into the details of its use in conjunction with the char pointer and struct data types.
How To: Attack on Stack [Part 6]; Smash the Stack Visualization: NOP Sled Technique, the End of a Trilogy.
Hi everyone! In the previous part of this series we introduced remote code arbitrary execution via buffer overflows using all of our past experiences.