Hack Like a Pro: Linux Basics for the Aspiring Hacker, Part 1 (Getting Started)

Welcome back, my hacker trainees! A number of you have written me regarding which operating system is best for hacking. I'll start by saying that nearly every professional and expert hacker uses Linux or Unix. Although some hacks can be done with Windows and Mac OS, nearly all of the hacking tools are developed specifically for Linux. There are some exceptions, though, including software like Cain and Abel, Havij, Zenmap, and Metasploit that are developed or ported for Windows.

How To: Create a Reverse Shell to Remotely Execute Root Commands Over Any Open Port Using NetCat or BASH

Reverse shells are useful for issuing commands to a remote client when the client is behind something such as a NAT. You might say, "But can't a normal shell or simple SSH tunnel do the same thing?". No, it can't. All over the internet I see a lot of confusion regarding the difference between a normal shell and a reverse shell. Let's clear this up before we get started.

Hack Like a Pro: How to Use Maltego to Do Network Reconnaissance

Welcome back, my greenhorn hackers! Before we attempt to exploit any target, it is wise to do proper reconnaissance. Without doing reconnaissance, you will likely be wasting your time and energy as well as risking your freedom. In previous guides, I have demonstrated multiple ways to perform reconnaissance including passive recon with Netcraft, active recon with Nmap or hping3, recon by exploiting DNS or SNMP, and many others.

Social Engineering, Part 2: Hacking a Friend's Facebook Password

Welcome to the second Null Byte in a series educating you on Social Engineering awareness and techniques. Today, I'm going to show you how a saavy Social Engineer would trick a friend into unknowingly surrendering their Facebook password. My intent is to warn and demonstrate how easy it is to succumb to phishing via Social Engineering, and therefore expose yourself.

How To: Fix Defective Pixels & Improve Image Quality on LCD & LED Monitors

I have owned quite the plethora of electronics in my life. A commonality between most of these devices' screens is frozen or dead pixels. This is probably the most annoying thing about buying new hardware—your LCD, or worse, LED display has one or more pixels that continues to stay lit. Most of the time, this will appear in the form of a brightly colored pixel that never changes, or a pixel that never displays the right color. Once you notice it's there, you just can't stop staring at it. It ...

How To: Make Your Own Bad USB

Hello, everyone! Many of you don‘t even know about my existence here on Null Byte, so I thought of contributing something rather interesting. Recently, someone asked how to make your own "Bad USB," and I promised to make a how-to on this topic. In addition, it would be nice to have something related on our WonderHowTo world. So here it is!

How to Hack Like a Pro: Getting Started with Metasploit

This is my first contribution in an ongoing series on detailing the best free, open source hacking and penetration tools available. My goal is to show you some of the quality tools that IT security experts are using every day in their jobs as network security and pen-testing professionals. There are hundreds of tools out there, but I will focus and those that meet four key criteria:

How To: Create a Bump Key to Open Any Door

Lockpicking is a skill that takes years upon years to master. Locks come in all sorts of shapes and sizes, but have common ground in how they work. Most cylinder locks have "tumblers," which are metallic cylindrical objects that sit vertically to the actual locking mechanism. Tumblers have five or six holes with rounded key pins of various height in them, each needing to meet an exact height or the cylinder in the center (the lock itself) will not be allowed to turn. This is the reason why yo...

Hack Like a Pro: How to Hack Remote Desktop Protocol (RDP) to Snatch the Sysadmin Password

Welcome back, my budding hackers! One of the keys to becoming a professional and successful hacker is to think creatively. There is always a way to get into any network or system, if you think creatively. In previous tutorials, I have demonstrated ways to crack passwords on both Linux and Windows systems, but in this case, I will show you a way to get the sysadmin password by intercepting it from a Remote Desktop session.