/hmg/ Hackerman General

Question

/hmg/ Hackerman General

Austin Smith

In /hmg/ we discuss pentesting, ctfs, exploits, and general being a hackerman.

CompTIA is not beneficial to your career and if you think it will be, you don’t belong here.

Resources:

VM/CTFs:
overthewire.org/wargames/bandit/
>easy beginner bullshit

vulnhub.com/
>prebroken images to work on.

hackthebox.eu/
>super secret club

Tools:
kali.org/
>meme dragon distro but it just werks

metasploit.com/
>scriptkiddie starting point and swiss army knife

Tutorials/Guides:
abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob
>From zero to OSCP-hero rough outline

youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
>IppSec, video guides for retired HTB VMs.

Certs:
eccouncil.org/programs/certified-ethical-hacker-ceh/
>CEH, only looks good a resume to non-technical in HR

offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
>OSCP, the big dick swinging exam, 24 hours to own 5 machines and a further 24 hours to write up a report detailing your methods.

Resources:

>web app hackers handbook.
Thanks IBM!

ibm.com/developerworks/community/files/form/anonymous/api/library/635ec0e2-2989-4663-82d2-3488f9d16dd8/document/09d6ec5f-ff2f-4901-8d44-05d10e848bc5/media

>OSCP videos

magnet:?xt=urn:btih:f91feb6d2ea93f1c3c03b6be52051c2df72da1b7&dn=CERTCOLLECTION+-+BASELINE+-+SANS+%26+Offensive-Security&tr=udp%3A//tracker.coppersurfer.tk%3A6969&tr=udp%3A//tracker.zer0day.to%3A1337&tr=udp%3A//public.popcorn-tracker.org%3A6969&tr=udp%3A//tracker.leechers-paradise.org%3A6969&tr=udp%3A//explodie.org%3A6969

>Advanced Penetration Testing

danwin1210.me/uploads/F3thinker !- Hacking 2017/1. Advanced Penetration Testing Hacking 2017.pdf

>learn assembly and C

leaksource.files.wordpress.com/2014/08/hacking-the-art-of-exploitation.pdf

Attached: badshitedition.gif (739x736, 246K)

May 22, 2018 - 18:13

Other urls found in this thread:

gitgud.io/yrmt/OSCP-Roadmap
xxxx.com/yyyy/resendcode.php?id=XXXXXXX&ajax=true
radare.gitbooks.io/radare2book/content/
monosource.gitbooks.io/radare2-explorations/content/intro/basics.html
0x0539.net/stage2.txt
twitter.com/NSFWRedditVideo

Aiden Reed

I need your help fags im blacking out
I managed to own a user and the entire system, but its all part of a much greater network
Forget bruteforcing other ports, what would you generally look for in an owned machine, nmap excluded

May 22, 2018 - 18:49

Kayden Nguyen

whats the role of the machine? I'd just listen quietly and see if you can write to a local file or socket somewhere for keystrokes. see if you can find some logins to their intranet services?

May 22, 2018 - 18:58

Josiah Baker

No its not an active machine, I used a few exploits to get in, its got a bunch of services running, listening has no real sense
I tried to get other users' credentials in case they were also the same on other machines too, but to no avail
Most of them are behind a firewall so I cant really run exploits, and the one I am into now is airtight so no internet even if I have root

May 22, 2018 - 19:36

Hudson Wilson

protection bumb

May 22, 2018 - 21:44

Lincoln James

Is it a user machine? Is it a server?
From what you wrote I'd say you hit a honeypot.
Hope you used a VPN user!

May 22, 2018 - 22:02

Andrew Jones

So does anyone know of any hacker themed rpgs?

May 22, 2018 - 22:19

Anthony Russell

Asked this last thread, got some good input so asking again: how can a hacker make money, apart from having a literal pentesting job and looking for bounties?

May 22, 2018 - 22:22

Grayson Walker

Use your imagination mr fbi

If you paid any iota of attention to the last thread you would have seen a way...

May 22, 2018 - 22:52

Jaxon Baker

So, I finished the bandit ctf, and I want to get in further, preferable with web app pentesting. Can anyone recommend a good CTF for me? Inb4 the web application hackers handbook; I've already read it.

May 22, 2018 - 23:29

1 2 ... 10 Next

/hmg/ Hackerman General

Last threads