Professional Documents
Culture Documents
__
_
___
_
_
/__ \ |__ ___
/\ \ \___ ___ | |__
/ _ \_ _(_) __| | ___
/ /\/ '_ \ / _ \ / \/ / _ \ / _ \| '_ \ / /_\/ | | | |/ _` |/ _ \
/ / | | | | __/ / /\ / (_) | (_) | |_) | / /_\\| |_| | | (_| | __/
\/ |_| |_|\___| \_\ \/ \___/ \___/|_.__/ \____/ \__,_|_|\__,_|\___|
---------OS Picking
---------For hacking specifically, it is recommended to use open source Operating Systems
(OSes) such as Linux distributions
that have root (Administrator) privileges in order to get the most out of the to
ols you use. Let me give you some
ordered examples:
FOR LINUX NOOBS
1) Mint great to learn Linux and for hacking as well, tools can be added easily,
and has a lovely desktop.
2) Ubuntu same as mint, but better approach toward learning Linux than just look
ing good. Mint is based on it.
3) Tails strongly recommended as a Virtual Machine, it is closest to anonymity y
ou can get.
Despite what other anons and the internet is saying, Kali isn't useful to you un
less you have your own server to work on.
--------Anonymity
--------There is a constant presence of fear in everyone's mind that our information is
being monitored 24/7/365 by people
behind monitors all day long, searching for private data and invading your perso
nal life. Well, this conspiracy is
something experienced by those who have something to hide from the authorities,
whether it is illegal or possibly
embarrassing.
Either way, there is one thing you must know you will never be able to fully pr
otect yourself while
browsing on the internet. However, there are several tools and techniques you ma
y embed in order to get as close as
possible to being anonymous online. True anonymity lies in several layers of dat
a transfer, which is difficult for
an individual to achieve without knowledge of 3rd-party software that allows suc
h possibilities.
Remember, there's no magical tool that let's you be 100% anonymous online.
You will NEVER be 100% anonymous in a system that is designed to be traceable.
Let's get straight to the point. The following techniques will help to achieve
a high anonymity level:
TOR found at https://www.torproject.org/ it allows you to connect through severa
l nodes before reaching a server,
and that way all data transfer stays private. For maximum browsing anony
mity,
use the TOR browser in combination with a good, paid VPN as well.
VPN stands for Virtual Private Network and is a server that you connect through
before you reach anything online.
From a security point of view, it is the safest and most anonymous tool
to use, as long as you trust the VPN
provider.
Proxy This is another possible way to achieve good anonymity, but is often slow
and unreliable for torrenting or
downloading large files. Proxy websites can be found anywhere online,
but preferably use proxy servers that
need configuration of the browser settings, since that will likely cau
se fewer javascript and HTML issues.
More Useful Tools/Guides
1) Anonymous file sharing: https://onionshare.org
2) File uploading: http://tinyupload.com/ and https://anonfile
s.com/
3) http://www.deepdotweb.com/jolly-rogers-security-guide-for-beg
inners/
al.
MDK3
This is preinstalled on Kali Linux and it basically allows to deauthenticate any
Wi-Fi routers in range by overloading
them with empty packets until they can no longer operate, thus taking them down
locally on your own (DoS).
================================================================================
======================================
tionality.
Kali Linux has it preinstalled. For Windows and Mac, download it here: https://w
ww.wireshark.org/download.html
Ettercap
As usual, it is preinstalled on Kali Linux. It performs marvellously, and suppor
ts 'driftnet' (for image capturing).
>>> http://ettercap.github.io/ettercap/downloads.html
---------------Website Scanning
---------------nmap
This is great for port scanning, checking whether a host is up, ping scan, TCP a
nd UDP, etc.
>>> http://nmap.org/download.html
Nikto
It performs comprehensive tests against web servers for items including potentia
lly dangerous files, performs checks
for outdated server versions, and version specific problems.
>>> https://github.com/sullo/nikto
Dmitry
About it >>> http://linux.die.net/man/1/dmitry
Download >>> http://packetstormsecurity.com/files/download/35796/DMitry-1.2a.t
ar.gz
Vega
A powerful vulnerability scanner.
>>> https://subgraph.com/vega/download
CL2 (filename)
This is a simple web crawler written in Python that indexes all hyperlinks of a
particular webpage and/or website.
>>> https://ghostbin.com/paste/vg3af
FTP-Spider
Written in perl, it cleverly scans FTP servers and logs their directory structur
e, detects anonymous access & writable
directories, and looks for user specified data.
http://packetstormsecurity.com/files/35120/ftp-spider.pl.html
Arachni
This is a framework developed to assess web app security and evaluate them in re
al time.
Read about it & download it here >>> http://www.arachni-scanner.com/
-------------Useful To Note
-------------Detailed information about IP addresses http://www.ip-tracker.org
A course I highly recommend you follow http://offensive-security.com/metasploitunleashed/Main_Page
Find out what websites are built with http://builtwith.com
================================================================================
======================================
================================================================================
======================================
---------ALL IN ALL
---------Conclusion: You are prepared for anything if you are able to apprehend the work
that lies ahead, but let me tell you,
no one is going to endlessly spoon-feed you the information and know
ledge, because all you will learn is
how to copy from someone else. I think the old saying "practice make
s perfect" fits this pretty damn well
from my point of view, and I'm not saying that you can't ask anythin
g, but if you want to learn fast, do
it the hard way and look it up yourself, that's all!
For the record
All tools used above are compatible with Linux distributions (apart from L0phtCr
ack) and are best used with the three
OSes that I listed at the very beginning. In my personal opinion, and I'm sure m
any people would agree with me here,
Windows is not suited best for the tools listed above. However, it would be usef
ul for you to get hold of a Virtual
Machine program in that case, such as VirtualBox (( https://www.virtualbox.org/w
iki/Downloads )), and a disk image
of a Linux distribution.
If you read the whole lot, that should get you started, and remember to have fun
! Good luck :D