How To Become a Hacker: http://catb.org/~esr/faqs/hacker-howto.html
Web Dev General: >>55311535
Daily Programming Thread: >>55346344
Learning:
http://cybrary.it/
http://n0where.net/
http://www.offensive-security.com/metasploit-unleashed
http://resources.infosecinstitute.com/
http://www.windowsecurity.com/articles-tutorials/
http://www.sans.org/reading-room/
https://www.corelan.be/index.php/articles/
http://opensecuritytraining.info/Training.html
https://www.blackhat.com/html/archives.html
http://www.securitytube.net/
News/CVE releases:
https://threatpost.com/
http://www.deepdotweb.com/
https://packetstormsecurity.com/
http://www.cvedetails.com/
http://routerpwn.com/
http://www.exploit-db.com/
https://www.rapid7.com/db/
http://0day.today/
Wargames:
http://overthewire.org/wargames/
https://www.pentesterlab.com/
http://www.itsecgames.com/
https://exploit-exercises.com/
http://www.enigmagroup.org/
http://smashthestack.org/
http://3564020356.org/
http://www.hackthissite.org/
http://www.hackertest.net/
http://0x0539.net/
Tell us what you're working on.
I appreciate this thread
Still working on my trial after i got arrested for being in a skid group that took out a countries ISP for 2 days.
Have the country off.
>>55380707
you'd probably be able to achieve that against my shithole's ISP
>>55380788
Prob
Always getting hyped to read about hacking / see hacks in action, just to have the hype die after five hours of lerning theory and reading about different protocols. Feels bad man.
>>55380578
I'm learning cryptography and ordered the C Programming Language 2nd edition book a few days ago. Exciting stuff.
>>55380578
>>55380616
>>55381357
>>55381381
Wait... this isn't bait?
>>55381616
I think it's like those fucko threads that started as a joke but then became it's own general with some pretty interesting discussion.
Currently modding a galaxy s3 in hopes of making it act similar to Watch Dogs phone. Probs wont get far though.
>>55381652
Worst case scenario you put aircrack on it and start sending deauthentification packets left right and center for shits and giggles.
>>55381715
There's an apartment complex down the road filled with off campus college students. Half of the routers are either not pass protected or WEP. Managed to disconnect some kid from xbox live with the phone so far. Could see the xbox and tv through the window.
>>55381747
The place I currently stay at has around 25 fucking people using the same network. The internet is shit. Lucky me the neighbours have a WEP encrypted Wi-Fi. Took around 10 min to get the pass. Feels good... Every now and then I capture some packets for shits and giggles, filter for HTTP, maybe look for POST requests. Good way to kill some time in the evenings.
>>55381814
Ever find anything interesting like porn or sketchy stuff?
>>55382073
Sadly, it's mostly boring shit. News articles, random shopping websites, trivial stuff really. Although I kind of know the political and fashion prefferences of half the people around without talking to them once. So there's that. The funniest thing I managed to do some time ago is sniff the router username / pass. They were playing loud music late at night. So I deauthentificated the laptop running spotify (amongs other devices). For a minute or two it was quiet, that's about when I stoped sending the deauth packets and starting sniffing for the lols. And lo and behold, the guy logged into his router's admin panel to troubleshoot. The login was a http post. I facepalmed.
I didn't follow up on that. I still have the credentials but I haven't really fucked around yet.
But yeah, really dissapointed because of the lack of porn and sketchy stuff around. Boring people.
>>55382073
Although I've got myself 2 raspberry pis. Have Arch running on them, maybe I can get them to be 24/7 sniffers. While I'm at work or smth. So I can come home and just look at the goodies while having dinner.
>>55381638
I think this hacking/security general might be pretty cool. Much better than all the GPU bullshit plaguing /g/.
>>55382205
What packet sniffer do you use?
>>55382230
Gore threads would be preferable to /v/tard transplants.
>>55382230
The GPU threads are seriously getting out of hand.
How much time do you people put into learning crypto and related stuff? Do any of you make money out of it, bug bounties and stuff? How good are you at math?
>>55382242
Atm Wireshark, since I'm doing it rarely, and mostly for fun. Wireshark is easy as fuck to set up and runs nicely pretty much out of the box, perfect for something quick.
I'f I'll decide to automate it on the raspberry, then most likely something like tcpdump or whataever. Still need to look into what is out there. Would be pretty excited to trie some new tools out.
>>55382303
If*, try*
Ahh fuck it, why do I even bother.
>>55382294
somebody made a /gpug/ the other day but the /v/tards refused to take their shit there
>>55382303
You should consider building your own using the scapy module for python or similiar. It takes longer but you learn more abourlt packet analysis in the process. Its a neat project if nothing else.
>>55380578
>>55380616
>>55380707
>>55380788
>>55380942
>>55381381
>>55381638
>>55381616
>>55381652
>>55381814
>>55381747
>>55381715
>>55382073
>>55382205
>>55382294
>>55382242
>>55382303
>>55382327
>>55382410
i got the zeus - translation if anyone's interested.
>>55382778
>zeus - translation
What?
>>55382808
I think he means he reverse engineered the zeus malware.
>>55382302
I got an A on my engineering differential calculus
>>55382808
Zeus botnet translated. It's the 2009 version though. I know fuck all about programming. I asked some bloke on the dark net and he told me to start programming with APL, but I made the switch to linux and I can't load the right key board font even though terminal brings up apl fairly easily. Then some other bloke said to try A+ instead because it accepts the ASCII stuff and the European layout. But every A+ is about emacs and cancer. I kid you not, no A+ tutorials worth mentioning. They told me APL and A+ allows you to try cooler shit because you're allowed to do more stuff. Then they told me to move onto C but only after I got A+ or APL. I tell them that the zeus translation is in c++, c and php for the command and control bits, and that i'd need a copy of windows server 2010. Not server, the windows thing you use to write c++, the thing that has c#. I have mono of course but fuck if i know how to use it.
>>55382830
Wish I did, i'm a noob. Just got this from a Russian thingy some time ago, that's all. I'm an idiot trying to learn.
>>55382886
Where do i dump it. It's a folder so how do i dump it?
>>55382888
you know you have to be 18 to be here right
picture of me war driving lads
don't worry I still use 7 proxies when I hax the gibson, it's the last line of defense
>tfw taking a computer security and network security class for my last semester of CS major at uni.
What am I in for?
https://github.com/Visgean/Zeus
>>55382952
listen you, if you can think of any good places to dump it let me know, i have to go for a bit, say an hour or so and i'll be back, kay/
>>55382982
yeah i know right. think of a good place to drop the file and i'll drop it soon as i get back, give me an hour, tops.
I doubt people here actually operate botnets. They wouldnt be wasting their time on /g/
>>55382980
Memorizing security protocols
>>55383000
>https://github.com/Visgean/Zeus
>>55382975
>>55382952
>>55382982
so if i were to write code and compile it, would it say bin and configs and geobase and stuff? i know geobase is for the virus to find out where in the world it is, but if i were to compile raw code that's raw syntax would i get different folders like that, and how does one compile that stuff and where to i go for the code that made those folders?
i thought i had to go out apparently i don't have to anymore.
>>55383062
I remember reading that the Russians could tailor make a botnet for you or modify one for you and charge you around 485 bucks and charge you 82 a month. You'll have to pay in bitcoins of course. If your copy of windows dies, that is if you get any update or anything that changes it, you can kiss your bot and your money good bye. the bot self deletes and they cancel your account, you'll have to open another.
>>55383314
Damn. How do you connect securely to botnet anyway? You can't just use paid VPNs (you can get banned) or proxies (easy to trace)
>>55383489
The botnet has control servers, you can easily connect to those
I inject chaos into my veins!
>>55383726
>>55383746
cool, what compound is that?
>>55383766
Death
>>55383746
Why did I find this hilarious?
>>55383726
Hail
>>55380578
how do i hack the gibson?
>>55383746
waht is taht blu stuf
>>55384334
Hi, Ev.
So these threads are going to be mainly about SQLi and "how do I Crack my neighbors wifi, he's using WPA"
>>55384833
>how do I Crack my neighbors wifi, he's using WPA
How do I do this?
>>55384860
Buy a raspberry pi
>>55384888
and what then?
>>55384933
Then kill yourself, and leave it to someone who's not a helpless piece of shit that can't into Google.
>>55384978
>helpless
I did this all on my own
â–¶
â–¶
â–¶
am I worthy enough now?
>>55384334
Tzeentch is best chaos god. He would be very pleased with this general, causing change and making schemes.
>>55382888
c# is to programming what iphones are to smartphones.
>>55383062
I knew some fat faggot from irc that had a 9k deep botnet. He would cycle them in and out of irc channels to crash their server.
>>55384833
Gotta start somewhere my nigger.
Here's something that doesn't get asked often from what i've seen:
MAC address 'leakage', if that's the term for it.
sudo macchanger wlanx -r yadda yadda, but since the address always reverts back to the default after the device fails to connect to an AP, does the same happen in monitor mode when jizzing packets all over the place during scans and replay?
Is there any way to test this and more importantly is there a more permanent solution to MAC spoofing?
I doxxed whitehouse.org location. What next? Where are google servers located?
>>55385128
Not necessarily. Don't argue that dotnet isn't comfy as fuck. C# is a really fun language to program in as well. Drop the hipster bullshit for a second and just enjoy it
>>55385225
it's convenient, but doing web stuff really isn't my thing.
c++ can be frustrating as fuck sometimes but the effort is worth it.
>>55380578
>CTRL + F
>install gentoo
>0 out of 0
It's like none of you even want to be hackers
I haxed a ccTLD once... could have done so much, but in the end, I just let them be.
it was fun.
otoh, perhaps doing some retarded shit could have landed me a job...
>>55382830
but zeus is open source
>>55385549
>CTRL + F
>install Kali
>0 out of 0
It's like none of you even want to be hackers
Relevant for this thread
https://ghostbin.com/paste/zf6af/raw
>>55386080
>a really long list of programs
>in protest against systemd
>relevant to the hacking general
I don't get it. does this make sense at all?
If you can't program in APL, Coq, or FORTH, and don't understand Lambda Calculus, you're not a hacker. Period.
>>55386146
I know is big but browse a little, just the part of pentesting is good enough.
If all the tools and exploits are already written by someone else, by definition every pentester is a Script Kiddie right?
>>55386374
Not exactly, but I like were you are going.
>>55386401
What do you mean not exactly?
>>55386562
There is an original developer behind the tools.
>>55386080
Ah yes, now that I have my icons set I am ready to hack!
>>55386760
I might be wrong, but I think it'd be dangerous to be using an operating system with backdoors and traceability if you're trying to do something illegal like cracking. Becoming familiar with free software tools is a necessity if you not only want to become more proficient, but also avoid getting caught. See these:
>>55386198
>>55385549
>>55385954
But I don't know anything about any of this.
shit I got stuck on the ROT 13 Bandit level
>>55382888
recommend dark net forums.
i cant gete into hell forums
>>55387308
This is a joke right?
....
>not being able to rot13
>>55387358
I mean clearly I can just do it manually but I want to figure out the commands
I never said I was good @ komputor. Thanks to this game I learned about sort, base64, uniq and others so far
who here got a botnet? might try throw some php shells on some vunreable sites and build one up a bit
>>55385183
encrypt your traffic so attacker doesn't have a MAC, but that doesn't work for long.
If you are legit worried about it Radius server and rotate passwords.
>>55386374
the idea is that you have to be smart enough to evade IDS and recognize how the tool is crashing. Half the tools are shit (just because the landscape is all over the place and not because of the author) and need tweaks to get running. The other thing recognizing an error message may give you the hint for the next attack vector
nu
Learned about SQL injection recently.
Really fascinating subject, and probably the only form of hacking that a business user could pull off
>>55387334
Why would you want to? Hell is a honeypot, it got shut down and feds brought it back online so they can keep an eye on the skids.
>>55385128
IMO c# is java done right. JIT compilation > VM.
>>55382888
>>55382982
>>55383276
You'll make a great CISSP one day kid. baka
>>55383276
Probably not the best idea to disclose your identity like that, especially around here.
where should I start? footprinting?
>blackhats
stay in school, kids
>>55385183
Try spoofing it directly with ifconfig. I've encountered that same macchanger issue. With ifconfig it should stay changed.
That moment when you sniff your first http login request. Got super hyped, only to find out it's some fucking spanish football related thing (like fantasy league or whatever that's called).
http://www.comunio.es/
Username: mariusli
Password: 12345
What a fucking retarded password...
The website is useless though, no info of any way, not even an associated email...
Sorry the stupid question, but, how do I save this thread for future uses? (I'm quite new to boards)
>>55393411
>open all images on the thread
>right click on wherever the fuck u want but not images
>click save
there you go
>>55393411
right click
save as
save webpage, complete
Just booted kali off a USB stick on my Mum's laptop, and I accidentally wiped the hard drive. She'll be so pissed when she finds out.
Wish me luck, anons.
So a lot of people around where I live use some router where you can calculate the default password with an algorythm. I have access to like one router in my house now, sadly they dont do anything interesting at all.
>>55394013
>>55393981
thank you guys
>>55394048
CTRL + Z
Can someone take a look at this site and explain how it was done?
Someone hacked the site of ministry of internal affairs.
Link have disturbing images
http://moi.gov.iq/
>>55382888
>I asked some bloke on the dark net
>start programming with APL
you got trolled
why the fuck would you use the "dark net" for this? Use google instead of being a mong
>>55381638
>>55381616
it should be called netsec general (/nsg/), that will filter a lot of babbies
Are there any programs to brute force route Username/Password authentication?
>>55394499
https://forums.kali.org/showthread.php?23564-Brute-Force-Router-Password
My suggestion /g/:
Go the slow but highly satisfying route:
http://www.zerodayinitiative.com/
Learn x86_64 assemly language, learn your underlying operating system in heavy detail
crack open binaries that interest you and go for gold. Find locations to network recv calls and trace the input through the program and maybe find bugs that operate on network input. Next step write a reliable exploit to bypass aslr-dep control flow guard.... etc... all the modern protections and make money legitimately or keep the zero days up your sleeve and have fun.
>>55394560
>http_fuzz
Is this what I should use?
Also, does this apply to any HTTP page that require authentication?
>>55394643
do say more
>>55394643
>Learn x86_64 assemly language, learn your underlying operating system in heavy detail.
Rough estimate of how long that would take?
>>55382888
>I asked some bloke on the dark net and he told me to start programming with APL
>>55394788
damn... i bet she was hot when she was young
>>55394840
years most likely, faster with rigorous training.
>>55394643
>x86_64 assemly language
Oneo f the things that confused me about learning x86_64, Is there its own language for that? I mean I came across blog article on using ansi C to write assembly. What languages write in assembly? All of them? Just choose your poison?
>>55394890
w-where do I even start
>>55394465
T H I S
H
I
S
>>55394935
https://en.wikipedia.org/wiki/Assembly_language
>>55394936
At a truck stop, mouth wide open, on your knees.
>>55394643
if only it was that easy...
they pay US$20k++ for exploit for a reason.
>>55394936
buy a book on amazon, like windows internals, if you wanna reverse on windows, reverse engineering, intel x86_64 architecture, already know how to program etc etc
>>55380707
Mind telling us a little more detail? How fo you achieve that stuff?
>>55394465
I'm less concerned with babbies wanting muh hax scripts and /v/ asking AM I CYBERPUNK YET HOW TO HACK GIBSON, more with faggots descending to shitpost since the word "hacker" works like a magnet.
>>55395002
nah some of those on go for much much less like anywhere from 3k to 15k and anywhere in between.
http://www.zerodayinitiative.com/advisories/ZDI-13-269/
this guy claimed he received 10k for this bug, for good reason that is a devestating bug as /g/ would know. and something like operating system bugs easily 6 figures and up.
>>55394788
>>55394840
>>55394935
here, fags. learn x86 asm:
https://pacman128.github.io/pcasm/
also download the intel manuals
https://www-ssl.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html
you can learn from the intel manuals, but that's probably a painful route.
>>55395002
also, go for gold, even if you never find a nice bug you will have insanely useful skills and your fundamental computer knowledge will be useful in many many other areas. no one said it is easy and will take years of work.
>>55395037
ah, wait, I didn't notice you were talking about ZDI, duh....
what happened to the idefense vuln program?
>>55395217
not sure but out of the programs i researched a while ago the zero day initiative seems to be the program i would participate in.
how to make thc-hydra work for forms? it doesn't fucking work!
>>55385128
Reliable and with support? And not a shitty cellphone that relies on running in a virtualized runtime?
>>55385549
>CTRL + SHIFT + W
>pwned
ffs /g/
>>55394465
Exactly this
>>55382778
>>55382808
>>55382830
It's on github you dumb fucks, but you won't do anything with it cause every fucking AV detects it.
>>55396315
HNNG
sauce
>>55395962
That's why I was confused you sperglord. It might still work if you could mask it's signature.
>>55386080
>Vulkan
>Game engine
Opinion discarded.
>>55396960
where'd it go and where's the sauce!?!?
>>55397883
>>55396960
cari/carli banks
>>55398102
thanks m8
>>55398161
Protip for next time, screenshot first frame of video, google image search -- check old archived 4chan threads, check for backlinks giving source.
>>55394937
>>55395025
>>55395814
Changing the title isn't going to fool the shitposters.
At least this way we don't have people asking what an IP is used for
>>55393060
is HTTPS safe from sniffing?
>>55399871
no, but it will take a few years for most people to read it.
>>55395023
You don't want to acheive that stuff, you go to jail in the post Snowden world unless you're a Russian that is politically connected. By connected I mean your uncle/father/cousin is a cabinet member or police chief somewhere that can protect you because the feds will contact Russia and make threats, Russians will come visit you for a shakedown for 80% of your money or worse will demand you work exclusively for them and threaten prison to appease the Americans.
If you want to get into this the legal way, you learn about bits, floating point, assembly, memory abstractions in C ect. This book does that: http://csapp.cs.cmu.edu/
Then you go and try memorycorruption.com or starfighter.io and try the AVR jailbreak CTF. Finish those and you will get a junior security consultant contract somewhere and they will teach you everything else you need to know about software security like punching holes into remote proprietary routers and redirecting the traffic which is prob what this guy did.
At my current place, we do less and less networky/systemsy pentesting and almost entirely do mathematical analysis of control flow graphs. You want to be a l337 haxor that sells bugs to thegrugq for hundreds of thousands then learn Satisfiability
>>55399967
what this person said. the big dawgs in the security industry are the ones developing zero days. now some people sift through code and can find bugs but why would they do that? modern concolic/symbolic execution combined with dynamic and static analysis, smt solvers the whole shubang can find bugs or at the very least assist greatly in the process by automating much of the work necessary to discover these bugs. the process of exploiting the bugs is an entire subject in itself but this is the top of the security food chain; no fucking around with sniffing or sql injection etc etc.. (not that these are very useful techniques) but zero days just launch the payload and spawn a remote shell instantly and begin your work.
i already posted this earlier but...
http://www.zerodayinitiative.com/advisories/ZDI-13-269/
think about what that bug really means, in the right hands that is a cyber nuclear weapon.
>>55400283
> (not that these are very useful techniques)
*meant aren't typo fellas, other forms of attack are just as valid but the most mathematically rigorous and devastating bugs come from low level attacks which takes a lot of math to find these bugs automatically.
Anyone else wish they were born in eastern Europe?
I'm in the USA and working in the InfoSec field, but would never actually try to hack anything out of fear of federal pound me in the ass prison.
The risk is way too high to operate out of this country. You can make decent money just doing pen testing and defense work though.
>>55399967
Thank you for imparting knowledge based anon. I just found a pdf of that book you posted. Do you have any tips for someone who does not have a background in higher level maths?
>>55395023
Just a small group of people had a sime bots some servers. Pretty easy. Tracked all dns servers of the isp then hit them off.
>>55401043
Why tho?
>>55401218
EYE AM DA LAWRRR
>>55400708
Anything in for coders or is it mostly just networking majors.
i work in security, doing red and blue team for my organization. finally got cuckoo up and running on my personal esxi machine but there are still some bugs to work out, but i like to collect samples that come across the work network and bring them home to look at. lots of ransomeware and other stuff, a couple where someone opened up a vnc session to look at my desktop and shit.
going to work on honeypots next, with the hopeful intent of forwarding network probes from my corporate network to one i control so that shit isnt connected at all to corporate stuff
Any guides on sandboxing a VM so all of my traffic would be sent through Tor? Going to install Kali and mess around.
>>55384589
The mix he was using was probably Bis(2,4,5-trichlorophenyl-6-carbopentoxyphenyl)oxalate with some 9,10-Diphenylanthracene. Otherwise known as phenol death.
>>55401380
there are tools built for routing vm traffic through tor, but it uses windows
>>55401411
Examples?
>>55401411
My host is Linux unfortunately.
>>55401601
time to pirate vista or 7.
>>55401582
tortilla
if you cannot do a simple google search chances are whatever you are trying to do is fucking childish and illegal
>>55401380
use a second small vm running pfsense and use firewall rules to push tcp and dns through tor OR just use iptables in kali.
>>55401601
>>55401411
A quick way to accomplish this is to use UFW. Install gufw (the graphical interface) and only allow outbound traffic on localhost port 9050. You could also set the DNS servers to route through tor, which there are many guides available (Personally I've never done this before).
Don't ever use windows for anything security related, linux is better suited for things like this.
>>55394643
Don't expect anyone on a /g/ hacking thread to have the remotest inclination towards learning assembly. All of these kids are looking for easy ways to crack WEP/WPS and watch their neighbors masterbate.
Assembly is way over their heads.
>>55402218
Fuck you anon. Im interested.
>>55399967
> http://csapp.cs.cmu.edu/
Holy shit what a fantastic book, thank you anon!
>>55394840
It's actually pretty quick to pick up on, but a bitch to master, especially if you're learning x86 and its millions of instructions
>>55401380
Have you considered looking for one of the 10000 guides on google you piece of shit?
>>55402622
I've just started it, basically almost done with the introduction chapter. Fantastic stuff. And looking at the table of contents, it'll be a hell of a ride.
Well, I have all the time in the world, I see it as a great opportunity to learn how shit works under the hood rather than a challenge or something to rush through.
>>55402292
If you're interested then I can recommend checking out http://challenges.re/
I quite enjoyed them
>>55402218
>All of these kids are looking for easy ways to crack WEP/WPS and watch their neighbors masterbate.
Its funny how you assume WPS is a encryption like WEP. That is like saying bluray/bluetooth.
>>55402791
>http://challenges.re/
Oh mah gawd, this is beautiful
>>55380578
>no krebs
>no xyli
dafuq are you doing?
Add US-CERT too.
>>55385549
I actually took that advice when I first got here
immediately regretted it
you got me good you guiz
>>55402791
You're a pretty cool guy anon.
>>55401582
http://www.malwaretech.com/2015/08/creating-ultimate-tor-virtual-network.html
>>55402887
also add the grugq
Does anybody here know Powershell for pentesting? Any decent info gathering scripts out there?
VMware or Virtual Box?
>>55403280
Both
VBOX for Type2, ESXi for server hardware
>>55401289
Do you use their API?
I've been keen on getting this setup, if possible, so that my firewall will automatically send tasks to the sandbox for inspection. Hoping this to be possible, although most firewall/UTM information is vague on this specific area, or have their own anti-virus stuff.
Is hacking always malicious?
Is the point just to see if you can?
>>55404473
No.
Sometimes you do it because there's money in it, legit or not.
umpbay
>>55404473
Sometimes is just pure interest. Figuring out how something works and how to break can be rewarding as hell. Curiosity is a driving force after all.
>>55404473
Our lord and savior defined hacking as "playfully doing something difficult", which is not necessarily malicious.
>>55404689
This
Should hacking generals be welcoming of skids?
>>55405672
Skids can always become real programmers/hackers.
>>55405672
I mean it's a way to start.
As long as they don't stay skids for too long.
>>55380578
Do you have anything programming related? I'm curious about how programs (viruses, network scanners, packet sniffers etc.) works, any good reads?
>>55406551
Practical Malware Analysis
Look up also the Zeus bot source code in the thread
For what I understand from this thread, to understand some deep/low level aspects of all this stuff i would need a good comprehension on mathematics. Any suggestion where I might start in this regard? Book? Webpage?
>>55407035
>good comprehension on mathematics
Only if you're into reverse engineering and crypto stuff.
What you really need is knowledge of the inner workings of a computer system
Just want to chime in with my .02 cents on hacking.
If you want to break into companies and steal information, you don't need to learn how to program. You don't need Kali or Metasploit. That's for tryhards who usually fail to get anywhere. You just need an understanding of how the internet works and how to target people. Learning more will always be helpful depending on what you're trying to break into though. Maybe learn to use hashcat/johntheripper and learn basic linux. Learn to use all the database software out there too. You don't need to learn how to code. You just need to be able to understand what the code is trying to do without actually understanding every variable. In the end, you need to develop a hacker mindset. Something that I doubt 99% of people in this thread have at the moment.
The above only applies to blackhats and greyhats. Any company or individual can be hacked with these rules.
You want to find 0days and code software that protects companies? You can go learn code and do your boring shit.
Become a blackhat or hack for your government.
plz rename thread to /skg/ script kiddie general
if you are into it security leave this thread asap
Listen kiddo, i bet you couldnt decode a base64 from a binary string. I know all of the encodings and encryptions from the back of my hand. I could send you a virus right now and make your puter that your mommy bought you go byebye. See my display name? Yep, I'm in anonymous. I'm the leader actually. I've ran multiple operations on hidden deepdarknet mIRCs and could onion route your null ping from icmp using tracer-t to dox the site you're currently on. I'm currently telneting your http client ports to send to my kali linux, where I have access to a range of tools, which I'll use each one to slowly dissect your ip address until it becomes 0, you'll be ddos'd for an entire lifetime.
>>55407971
t. brainlet
It's like I'm really on shrekchan's /hack/ board again
>>55403077
I actually use gentoo though
Shameless bump
>>55394465
I definitely agree on a /nsg/ or netsec general. It's a nice umbrella word that can cover a wide range of topics like security, exploits, hacks, etc.
>>55411379
This
>>55411379
I'll start on the logo
>>55394560
wow, patator is quite amazing.
>>55411379
This. And the anon who posted
http://csapp.cs.cmu.edu/ should be a tripfag for this thread.
>>55411661
what the hell, i didn't know fucking bryant wrote a book on low-level programming. i only know him as a hardware verification genius.
>>55411551
>>55411611
>>55411661
You think a /nsg/ page on the wiki should be made since it's going to soon become a regular thread on /g/?
Okay guys, I made a rough page on the wiki for /nsg/. Any improvements I can make? The page definitely needs more contributions and to be cleaned up to wiki standards.
https://wiki.installgentoo.com/index.php/Netsec_general
>>55405672
>>55405715
Agreed, being a skiddy shouldn't be encouraged, but rather letting them know they're just a skid and they can be much better than that.
>>55412573
>https://wiki.installgentoo.com/index.php/Netsec_general
Not bad. I've cleaned it up a bit.
>>55413405
Good stuff.
>>55412573
>>55413405
Cool. One thing the page should also include is explaining what netsec is rather than just being a link dump. You know, the basics of network and information security, common tools for the job, how hacking works, various attacks and how to secure your network from them, and so on.
>>55413405
Good stuff!
>>55402791
I'm pretty sure problem 3 is for encoding something in base64, only because I've seen a similar array when I was deobfuscating a piece of JS malware at work
>>55413545
To add on to this, should we also put information about networking as well? If it's about network security, it seems a bit folly to not mention what a network is and how it works.
>>55413635
Sure. A short blurb like a paragraph or two about the basics of networking wouldn't hurt.
>>55413661
> A short blurb.
I've got you covered anon!
http://eclass.uth.gr/eclass/modules/document/file.php/INFS131/%CE%94%CE%B9%CE%B1%CF%86%CE%AC%CE%BD%CE%B5%CE%B9%CE%B5%CF%82%20%CE%94%CE%B9%CE%BA%CF%84%CF%8D%CF%89%CE%BD%20%CE%94%CE%B5%CE%B4%CE%BF%CE%BC%CE%AD%CE%BD%CF%89%CE%BD/Computer_Networking_A_Top-Down_Approach.pdf
>>55413545
Got plenty of info to garnish with..
Going work now, will make additions after
>>55412573
This is a great idea. NetSec/InfoSec even sounds a lot better than "Hacking"
I'll refrain from posting much in those if they do take off, since I just started learning this stuff from the ground up. More power to all of you, though.
>>55380578
how do you get your desktop set up like that friendo
>>55414960
lots and lots of ricing and boredom
https://wiki.installgentoo.com/index.php/GNU/Linux_ricing
>>55394499
SWEATY UNWASHED GALKO TIDDIES
HELLO GUYS WHAT PROGRAM DO I DOWNLOAD TO HACK FΑCΕΒΟΟK.COM
THANKS GUYS!
>>55415829
Install gentoo
>>55411981
Maybe
I mean there is a fucko page and those threads are infrequent so sure
>>55416112
HMMM IVE HEARD ABOUT THIS PROGRAM BEFORE
I WILL CHECK IT OUT ......
>>55415829
Download
CapsLockOFFVirus.exe
You're welcome and good luck ;)
>>55416295
One was already made. Check it out.
https://wiki.installgentoo.com/index.php/Netsec_general
>>55416362
Yeah I saw after posted
Good stuff desu~
>>55416324
I GOOGLED IT AND I CAN'T FIND IT
CAN YOU GIVE ME A LINK?
>>55416112
I DOWNLOADED IT AND I DOUBLE CLICK IT BUT IT DOESN'T RUN?
CAN YOU TELL ME A LESS COMPLICATED PROGRAM?
LIKE I WANT TO WRITE THEIR NAME AND GET THEIR PASSWORD....
I'VE SEEN MANY OF WORKING ON YOUTUBE.....
Would a neural network virus be difficult to make/train? It sounds cool in my head but I tend to underestimate difficulty.
>>55412573
here's leddit's book list, pretty good actually
most of the other recc's there were online courses or were already in the IG wiki
>>55399967
>memorycorruption.com
i think you meant microcorruption.com
>>55413405
>>55412573
more wargames not mentioned yet:
vulnhub.com [virtual machine images]
ringzer0team.com
root-me.org
microcorruption.com
starfighter.io
what can an Ubuntu user do to protect herself from hacking/botnet?
>>55399871
Its more secure, but there are tons of ways you can de escalate if you know what you're doing.
Learn some social skills and the art of lying -- I mean, "social engineering" instead.
>>55419300
Ewww don't use unity
>>55419300
not use ubuntu
>>55419236
Added them to Wiki.
>>55419527
>>55419509
Debian is too autistic, they don't even bother to provide wifi drivers and nice look wm settings.
>>55419719
what
why don't u learn to install them
how do you expect to be proficient in anything computer related if u can't do that
Is WPA2-Personal hackable? My neighbour was using WEP but half a stolen TB later they replaced their router with one that uses WPA
>>55419777
as far as anyone knows, no
passphrases could be susceptible to a good dictionary attack
Why don't you have a YubiKey /g/ ?
It is beyond awesome. I use mine for U2F on Google account and GitHub. I also keep GPG subkeys on it.
The entire notion of passwords should be replaced by these keys. It's simply so much better. The only way to improve it is to make one that has a fingerprint sensor.
>>55417833
they literally copied tptacek's amazon list
>>55419777
If you know their old password, they probably used the same one (assuming they changed it from the default)
>>55419536
starfighter.io should be stockfighter.io
Why is it impossible to find pirated offensive security courses
Good thread, I hope this becomes a common thing.
Can anyone tell me why I get these kind of things appearing in my Apache logs? It's happening a few times, random IP's (typically Chinese) hit with these GET requests with weird Asian online stores.
120.132.50.135 - - [25/Jun/2016:10:50:33 -0400] "GET http://www.ctrip.com/ HTTP/1.1" 200 3380 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0"
>>55422183
Disable hotlinking?
>>55419777
You can dictionary crack it. Besides that, no.
>>55421746
Aren't they in the /G/entoomen library?
>>55423214
I-idk
>>55423882
Ah, for some reason I thought it was.
The gentoomen library is on the install gentoo FTP server along with the lectures.
That is where I got mixed up.
ftp://ftp.installgentoo.com/EBOOKS/Computers/Offensive Security - Penetration Testing with BackTrack
