how do i hack into Jow Forums point system and give myself 1000k
Adam James
pity bump
Elijah Richardson
I wish this general was more popular, but 99% of Jow Forums are just autistic that think they know computers.
Daniel Rodriguez
how should i autism out web app hacking?
Zachary Roberts
The reason these threads fail so hard is because this isn't hacking. This is a cyber security industry circle jerk, and in case you haven't noticed, the cyber security industry is gay. >Kali >Metasploit >OSCP You should probably swing yourself from an ethernet cord.
Real hacking is where you actually hack things, but that's never something that will be discussed here, and for good reason. Go read the old zines: el8, zf0, HTP ..etc. You'll understand
Evan Long
Where to learn python scripts for hacking? Im not a good coder but im playing around in vim with python 3
Isaiah Gomez
I am okay with this general being blueteam based, as the user above said there will seldom ever be any real discussion about hacking/cracking on here. We can steer some conversation towards that.
Nolan Adams
I get it. These were bad, sick people who did illegal things. Putting out real hacking info here and instigating a separate community for hackers will probably likely end with Jow Forums's very own christchurch shooter, or something like el8 or those guys. But what about the guys that want to put forth good, honest use to this kind of knowledge? The whole reason I want to learn this stuff is that I want to be the guy that fights for the right stuff and protects people.
Christopher Martinez
you're looking for /cyb/ + /sec/, the gay version of /hmg/
If you are a "real" hacker, do you think it's efficient to redownload every tool onto a VM of your favourite distro when you need to create a new machine for an engagement?
Do you think it's efficient to rewrite and redevelop every exploit in the metasploit framework, or to write your own shellcode instead?
When you use Kali, yes you may have heard a skiddie mention it once, but they can't use it like an experienced user can. All of the tools there are convenient, Kali is very easy to roll out and contains 75% of the programs you need to enumerate and exploit a target.
The logic of using metasploit is the same. You can write your own exploits if you want to, but hacking is not one big 0day you run and boom, you have root shell. It's a long string of different techniques executed sequentially, if you needed to make every component, you'd be unable to have the time to engage with the big picture.
The OSCP is one of the most succinct and well designed cybersecurity certifications out there, it teaches you how to teach yourself how to hack. You learn a mindset and how to apply it against simulated machines designed by some of the industry's greatest. I've got the OSCP, and it was very significant towards helping me understand the "hacking mindset".
Hacker culture is able to reject and separate itself from the control of industry, but hackers and their culture are what the cybersecurity industry is comprised of. The OSCP will set you on the path even if you don't want to be in the industry. Everyone needs to start somewhere, understand what you are talking about before you say things that can discourage newbies.
If you really love this stuff, share knowledge. People who have egos with hacking tend to be shit because they don't think they have anything more to learn. There is always something more to learn.
This has always been my favorite general...along with the sec general. Advice on getting the OSCP? Ive been doing hacktheboxes and Im not reading the web security handbook and going to focus on trying to get some bug bounties for cash. Im not a good programmer but I can do it. Every hackerman started as a skiddie
Gavin Bailey
Also, the reason you can't talk about "real" hacking here is because its illegal. I got 3 day ban for telling an user to put a keylogger on a keyboard
Tyler Ortiz
Godspeed, hackerman. Thanks for the help.
Caleb Anderson
>do you think it's efficient to redownload every tool onto a VM of your favourite distro Every blackhat I've ever known has used a minimal linux install. No one outside of the security industry and kids fucking around with wifi are using Kali.
>Do you think it's efficient to rewrite and redevelop every exploit in the metasploit framework, or to write your own shellcode instead? There's nothing wrong with using old public exploits, but there's absolutely no reason to have metasploit installed on your system unless you're a penetration tester - you're also probably running a Nessus scan in the background at that point.
>hacking is not one big 0day you run and boom, you have root shell. It's a long string of different techniques executed sequentially, if you needed to make every component, you'd be unable to have the time to engage with the big picture. You just don't have the right 0dayz. I think what you OSCPfags fail to realize is hackers have all the time in the world to "engage with the big picture", unlike a pentester who is on the clock. Does a pentester really see the big picture? Do they see that their job is a waste of time? A hacker has no rules to abide by. This means they will hack the fucking datacenter your client is using to host their website. They'll take their DNS registrar. They'll hack an administrator's grandmother to use for social engineering. It doesn't fucking matter. Hackers don't play by any rules, and they only need one way in.
>I've got the OSCP, and it was very significant towards helping me understand the "hacking mindset". I'm sorry you wasted your time and money on a meme.
>hackers and their culture are what the cybersecurity industry is comprised of. The cybersecurity industry is mostly comprised of retards, fags, and jews selling snake oil. There's a few cool people in the industry, but they are outliars.
I recommend anyone wanting to actually become a hackerman to go learn C and x86 asm, and then start from there.
What CyberSec guy cucced you for you to be so upset that people enjoy security related exercises? Of course most of the topics itt are gonna be pure theoretical but that’s because talking about legitimate “unethical” hacking on this board would be retarded kek
Samuel Cruz
Any interesting vulnerabilities you guys would recommend I check out? I need to design a vulnerability workshop as part of a project for one of my classes and feel a little lost on where to start. Currently thinking of just a basic sql injection since i’ve never implemented one of them before.
Ryan Rodriguez
>people enjoy security related exercises Based on how dead these threads always are, I'm going to speculate that this isn't the case.
>What CyberSec guy cucced you When has a cybersec guy ever cucked someone? It's almost always the other way around.
Carter Davis
I wrote a short paper on "how i would hack" a local business recently. Found old and unupdated ssh versions and found the exploits on exploit-db
Joseph Martin
Are you tarded....it comes to the question of time. A cybersecurity person builds a defense against attackers. A black hat only has to find one mistake and has years to find it. >how dead these threads are No, youre probably the austistic virgin sperg who wants everyone to reply in cyberpunk general. Go back to playing WOW you fuck
Julian Anderson
Take your meds.
The crc32 exploit that affected openssh is a good read
Juan Ross
Rolled 2 (1d6)
Never thought about writing something on hacking local businesses, mite b kewl. I would imagine i could get away with making a workshop on it by finding the exploit and then making my own vulnerable dummy site.
Daniel Hughes
What an amazing idea. Heck, why not just hack your fucking school? Live a little.
Why do you want to be a blackhat when theres good bux in the sec industry?
Justin Bailey
Read books about it, solve ctfs and what helps is also reading poc from bug bounties
Thomas Fisher
Not a l337 hacker or anything but I’ve been wondering about something and wondering if you guys had some knowledge on it.
If a Tor exit node is corrupted, but you’ve connected to it via a VPN / socks 5 proxy, wouldn’t whoever is monitoring the exit node only see your VPN / socks 5 IP? That is your original IP wouldnt show, right?
Depends, lots of brainlets misconfigure their vpns and don't check for dns leaks and shit like that. But assuming all works well then it should be fine.
Just tried to do level 0 of bandit but everytime i try to enter the password (bandit0) it keeps on saying permission denied. Did they change the pass or something?