What are /r/blackhat's favorite Products & Services?

From 3.5 billion Reddit comments

You should be paranoid about clicking links anywhere. To ease that paranoia, try connecting to a VPN. Further from that, you can use the Tor browser, or the GhostNET script to route all your connection through the onion network. Furthermore, you can run your browser in a sandbox such as Firejail and the process will not have access to the important parts of your system.

How comfortable are you with python in general? There are some sites out there like codesignal.com that offer many small Python challenges you can do reasonably quickly. As far as "Black Hat Python" drills, not many that can be finished in 20 mins. but you can always follow the Violent Python chapters while at work. That's what I did, and it seems to go pretty smoothly.

OPSEC is not just your hardware and software setup, it also the way you behave. If you have the most "strong" setup of vpns and proxies, what does it help if you log into your email or facebook or instagram or netflix or whatever.

Before you plan your OPSEC (Google is the way) you should identify your threat model. If I remember right, there were great guides on ivpn which go into great detail and sure will give you some things to think about. Check them out here:

https://www.ivpn.net/privacy-guides/

http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1

https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding

I assume they don't block SSH. Use your ssh_config to automatically set up remote forwarding whenever your machine connects to the remote server. Then make a cron job that checks to make sure the tunnel is established (netstat/ps | grep), then reestablishes the connection to the remote forward if lost. You'll want to have keys with ssh-agent setup too so you never have to type in a password. Bon chance.

You should really read Brian Krebs' book, Spam Nation (non-affiliate amazon link). Whether you like Krebs' stuff or not, his book covers essentially all of this. He talks a lot about these sorts of things while telling his story with some notorious Russian individuals. Such as private hosts or hosts that are known as "safe" to generally unwanted customers. Even common tactics for how the services/hosts are paid for (stolen credit cards, bitcoins, etc).

As for how, anyone with some programming experience and determination can make a lightweight server and client program to do what they need. Having many clients report to a server program (or three) is a good topic to study if you're into programming. Others find open-source programs and modify them to do what they need. Obviously distributing a client program is a very different topic, that I won't discuss here

It doesn't work for anyone else, It's just up for you.

Edit: It doesn't really matter anyway. I already have a tool that does this and way more. It's called python.

if you're interested in learning more about mobile security I'd recommend looking at some of the tools in mobisec We all have unique circumstances so shouldn't matter what other people do.

There's an android app called Snoop Snitch, and its FOSS. One of its root-less features is the ability to "analyze whether a device's build of Android OS is missing security patches that should be included relative to the device's current security patch level date"

Builds of the app are avalible on the main F-Droid repo, and on the F-Droid Kali repo.

Also here's the site: https://opensource.srlabs.de/projects/snoopsnitch/repository

The app has told me of RCE's that I could've been vulnerable to, and even reported some Priv Esc. It also analyses the hardware to detect if the device is vulnerable or not (i.e. rule out Qualcomm chip vulnerability if there's no Qualcomm chip).

So if you can load an app into it, this'll give you a lot of insight. Good luck and keep us updated!

No, this implant probably isn't possible. Router implants generally aren't fileless because there isn't enough running memory to inject them into processes and they run on customized firmware that make process injection more difficult.

Even if you had kernel access on an endpoint and upstream access as well, I think you would have significant issues trying to inject exfil into a TCP stream. You'd have timing issues trying to recompile the packets and get the checksums right that would end up causing user issues, and the extra size would stand out over the wire.

You are also going to find significant issues cross-compiling on that many devices. To run efficiently, it will be written low-level so you'll need different versions for each with many limitations to run on mobile devices. Finally, to my knowledge, this level of implant hasn't ever been disclosed to the public, but I'd love to see some writeups if I'm wrong.

If you haven't read it, I'd start with this book:https://www.amazon.com/Rootkits-Subverting-Windows-Greg-Hoglund/dp/0321294319. While it focuses on windows and is a little dated, the concepts are solid to get a foundational grasp.

Oh, I definitely handled it stupidly. But as I said, this was a part-time job, I was years away from making the same money I made at my day job, so it was more hassle than it was worth at the time.

Every day I kick myself because now the VPN industry is like a $10 billion dollar industry and the largest player at the time was Torguard, so I had a decent chance of being big.

where does it do that?

$ wget -O - kibh4gc.guest.vacations -Sq HTTP/1.1 200 OK Server: Cowboy Connection: keep-alive X-Powered-By: Express Content-Type: text/html; charset=utf-8 Content-Length: 307 Etag: W/"133-4kBu4v6AfbEdnxYkoOJsYg" Date: Wed, 07 Jun 2017 22:45:28 GMT Via: 1.1 vegur <!DOCTYPE html> <body> <img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1652235888384042&amp;ev=AirbnbRich"/> <script> window.addEventListener('load', function() { window.location.replace("https://www.airbnb.com/users/show/1871055"); }); </script> </body>

And i tried with a bunch of uagents...

https://haveibeenpwned.com/Passwords will tell you if a specific password has been seen in any breach, it won't tell you exactly what breach or email it's tied to, but it helps.

If you have single use unique passwords, and it says that it's been seen 1 times, then you can pretty much guarantee that that account is vulnerable.

I think you might be mixing up terminology and concepts. VM's are great for "host level" level protections (I use that term loosely). You want to be able to burn down your infrastructure, or run malicious things, or manage a persona from dedicated sandboxed playgrounds, etc

The VPN or networking side of things should be decoupled from your research playground or whatever flavor suites you. It's how you use these components (VPNs, routes, tor, general L3/L4 conepts etc)

This is the primary use case for Whonix.

In short, whatever your research playground looks like it needs to be ephemeral. Combine that with the proper networking and other public services, you will enable you to achieve your goal.

It is Nethunter. Offensive Security released an app store so they don't have to keep curating devices and making custom kernels for everybody who wants to port it to their specific handset. It's a modified f-droid store. OS worked with a Dev from FDroid to make it.

The video dosent do it justice, here's the official story from Offensive Security

https://www.kali.org/news/kali-nethunter-app-store/

This is the link to the store seen in the video with the QR code

https://store.nethunter.com/

You would still need a rooted device with busy box and nethunter itself needs a special kernel for external wireless adapters and USB hubs to work. They are putting the responsibility on users now to port the kernel of they want to use nethunter and chroot, otherwise the rest of the tools in the suite just need root access.

No one has to use Kali, jus tinstsll your own tools, OS like always is just putting it together in one place.

> Dtube: > - hosted by IPFS pinning so it is accessible through the any web browser. > - has rating system that works similar to Reddit's, in regard to the power of up/down votes. > - Provides incentives for content creators, in the form of cryptocurrency > - https://d.tube/

If anyone keeps up with CTF's oftern nowadays they are livestreamed since Dtube supports Cryptocurrency's I feel like it has the potential to twitch but for CTF stuff.

Here's what I did on my Mac OS X 10.7.3 to get this working:

1. download nmap-5.61TEST5.tar.bz2 which contains all the updated scripts you need.

2. in terminal after unpacking archive run: ./configure; make; sudo make install

3. if successful you should see these two lines:

NPING SUCCESSFULLY INSTALLED

NMAP SUCCESSFULLY INSTALLED

1. curl -O http://seclists.org/nmap-dev/2012/q1/att-662/rdp-ms12-020.nse; sudo cp rdp-ms12-020.nse /usr/local/share/nmap/scripts

2. Run nmap -p3389 --script=rdp-ms12-020.nse 192.168.1.108 again. :)

I should have been more clear. I actually looked this up before posting, but I have a specific error.

[root@lin01 ~]# nmap --script=rdp-ms12-020.nse 192.168.1.108

Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-27 13:22 CDT NSE: failed to initialize the script engine: /usr/share/nmap/nse_main.lua:276: ./rdp-ms12-020.nse:46: module 'vulns' not found: no field package.preload['vulns'] no file '/usr/share/nmap/nselib/vulns.lua' no file './vulns.lua' no file '/usr/share/lua/5.1/vulns.lua' no file '/usr/share/lua/5.1/vulns/init.lua' no file '/usr/lib64/lua/5.1/vulns.lua' no file '/usr/lib64/lua/5.1/vulns/init.lua' no file './vulns.so' no file '/usr/lib64/lua/5.1/vulns.so' no file '/usr/lib64/lua/5.1/loadall.so' stack traceback: [C]: in function 'assert' /usr/share/nmap/nse_main.lua:276: in function 'new' /usr/share/nmap/nse_main.lua:466: in function 'get_chosen_scripts' /usr/share/nmap/nse_main.lua:766: in main chunk [C]: ?

QUITTING!

I don’t know Cryptomator, which is also why I’m not sure about it. Cryptography is easy to get wrong and hard to get right.

It appears to have been security audited

So has KeePass

In the end it comes down to what you trust and how it fits into your workflow. For me, depending on Excel to open a spreadsheet stored in an encrypted file seems like a lot of work and uncertainty. Once you decrypt the spreadsheet, you have no guarantee that Excel doesn’t store a temporary copy on the machine or in the cloud.

Password managers are made to keep your secrets, Excel is made to share data.

Overall, i love it, it goes right to my bookmarks list. I do though have a few design suggestions

Design:

1. At first i didn't what the upvote was so you should maybe find a different icon
2. The "You need to be logged in to your account to upvote." message could be an modal
3. The mobile design doesn't look as good as on computer (amazing design btw) maybe make the items in a grid like on computer and the filters also seems a little misplaced
4. Its basically nothing but the icon pack could be a little better (especially the backup category)

Practical:

1. Then you read about an item and then go back your filters have been reset
2. I would love to see the upvote function be free though, then you could maybe add a comment section for patrions so you could get a little more personalized feedback on the items

And thats all the constructive criticism i can give, I think is a really cool project and I hope you continue development

btw you website reminds me quite a bit about privacytools.io there you just have a much broader selection and they (besides more privacy oriented) has less options but is more detailed

According to this review of the app, you also need another app called Total Commander.

&#x200B;

Have you tried Total Commander? If not, try it and see if it works.

Hey man,

I did a little digging and i'm willing to help.

I'm gonna spell it out, correct me if i'm wrong on anything:

Your old Mp3 devices (Sandisk sport clip+) used a fat32 filesystem. As per their website, otg disk explorer pro only supports fat32.

Your new devices are most likely formatted in exFAT (maybe NTFS), hence the error you received on the android.

What you need is an 'OTG explorere pro equivalent that is compatible with exFAT and NTFS.

Try this: https://play.google.com/store/apps/details?id=com.paragon.tcplugins_ntfs_ro&amp;hl=en_CA

It's the same thing as the app you were using but it is compatible with NTFS and exFAT. It DOESN'T require root!

Let me know if it works!!

Depends what you mean.

The web server hosting the storefront would see the request coming from where ever NordVPN pops out I.e I'd it has a US IP address, the web server is most likely going to accept that the order has been placed from the US.

There may be some tracking cookies that give the game away, but browsing the site in incognito mode should fix that

My, how times have changed. Originally, back in the 80s/90s, no one used the terms "whitehat" or "blackhat" when referring to those who could compromise computer and phone systems. The original terminology, ironically, was "hacker" (for the good guys) and "cracker" (for the bad guys).

I want to point out this serious irony, as "cracker" is a slang, derogatory term for white people, but you never hear someone calling a black person a "blackhat" simply because of their race.

Honestly, I always thought the 'hat' aphorism was a bit stupid in general, this is cyberspace, not the wild west, and we had terms for these things prior to the 'hat' metaphor being used. I'd love to know some of the etymology behind how we transitioned from "hacker" and "cracker" to the wild-west references of "whitehat" and "blackhat". Just because cyberspace is "wild", it has nothing to do with the "wild west". Perhaps the media had something to do with this?

As an aside, this is a great book (somewhat relevant): https://www.amazon.com/Hacker-Cracker-Brooklyn-Frontiers-Cyberspace/dp/0060935812

Also, despite what we see in movies, most cowboys were historically not white. And hat colors didn't have anything to do with "alignment".

For your use, something like StrongVPN (below, I use them, fastest) or even HideMyAss Pro VPN (easy, GUI) will be enough. You dont need to re-route fiber to secure your connection.

Oh and... Tor.

Don't know your background. I've been doing networking and security auditing/policy type stuff for a few years, so I think I have a solid understanding of the basics. I just started Georgia Weidman's book and it seems pretty easy to follow so far. The problem is... there's just so much; it's never ending haha. Nerd out on YouTube, etc, and see what interests you. Then in the process you'll probably stumble upon other stuff you need/want to learn.

My best advice as somebody who's also just starting... just start, my friend! You got this