[ Hacking 101 ] :: [ Introduction ]

Hacking 101
This entry is part 2 of 11 in the series [ Hacking 101 ]

Hacking 101: Just the Basics.  Okay, I’m picking up another video series, and this time I’m working to answer the question I see on so many pentesting and CTF videos: How do you get started doing this? Watch this video and then: Assignments: Introduction (Video 1) 1. Set up at least three email/user accounts. Try …

Free Hacking Courses: Code Red

I was recently pointed to a cool learning platform for up-and-coming hackers: EC-Council’s Code Red. Some of the basic video courses that come with the free membership look good. Check it out: https://codered.eccouncil.org/Home I’d love to see your impressions, so comment below if you try it out.  

[ Hacker Night School ] :: CSRF

This entry is part 17 of 32 in the series [ Hacker Night School ]

Cross Site Request Forgery CSRF is a very specialized form of XSS. It relies on the victim being logged into a site, so the attacker can make a false request – to drain the victim’s bank account, for instance. Where to Learn First, read this OWASP presentation: http://repository.root-me.org/Exploitation%20-%20Web/EN%20-%20OWASP%20Cross-site%20Request%20Forgery%20CSRF.pdf Next, webpwnized is your friend. Watch these …

[ Hacker Night School ] :: WEP Cracking Basics in Kali

This entry is part 16 of 32 in the series [ Hacker Night School ]

Wifi Cracking: Start With the Basics: WEP WEP is so old and weak you’ll hardly ever find it in use, though there are always the few who haven’t paid attention. WEP cracking is a great way to get familiar with the aircrack-ng suite (https://www.aircrack-ng.org/), its commands and processes. Where to Learn Start with the horse’s …

[ Hacker Night School ] :: Tsuki CTF Pwns Access on HackTheBox

This entry is part 14 of 32 in the series [ Hacker Night School ]

Tsuki’s capture the flag Speedruns of HackTheBox machines are WAY too fun, and addictive as candy. I’m going to use this particular vid as a test, to see how useful a full explanation is for my Hacking 101 students. Hacking Access Database Files in Kali 00:00 – Port Scan nmap -sC -sV 10.10.10.98 You’ll see …

[ Hacker Night School ] :: [ Using Git ]

This entry is part 13 of 32 in the series [ Hacker Night School ]

This is a non-optional skill for anyone who manages systems, runs networks, develops software or hacks on any of these to make them work or break them. 😉 Git (in case you’re a total newb; otherwise skip this) is a code repository, a site where coder teams can work together on projects and check out …

[ Hacker Night School ] :: Cain & Abel: Hacking Windows passwords and more with Biblical glee

Cain & Abel is a “password recovery tool” that runs on Windows, and targets Windows. It’s actually two tools, one that sniffs the network looking for LM or NTLM passwords (and a lot of other stuff like recording VOIP calls, doing WEP cracking, performing wireless packet injection and more), and one that can crack a …

[ Hacker Night School ] :: Got a shell on a Windows target? Now turn off the firewall.

Part of the hacking process is getting a first foothold into a system. Then once you’re in, escalating privileges and peeling back protections is the next priority. More than once in pen-testing situations or capture-the-flag games I’ve gotten into a Windows box and then needed to get further access. Here’s a nice discussion of exactly …