Excellent, well-written hacking lessons: HackingTutorials.org

This entry is part 2 of 7 in the series [ Hacker Night School ]

It might seem funny for School for Hackers to like or endorse another hacking tutorial site, but the truth is that sites like Hacking Tutorials are terrific resources for all of us. This really excellent site features detailed, well-written step-by-step tutorials on up-to-the-minute vulnerabilities and exploits: The Top 10 Wifi Hacking Tools in Kali Linux and Penetration Testing from the Cloud, for instance.

Here at S4H we incorporate materials from the best sources and services we can find, and we encourage students to learn from YouTube videos, HackThisSite.org, root-me.org, and anywhere else you or we can find good stuff. In this case, I strongly recommend taking a tour through the site:

http://www.hackingtutorials.org/

Finding and Using Browser-saved Passwords: Another video from Starry Sky

This entry is part 3 of 7 in the series [ Hacker Night School ]

Yeah, we all do it, right? We let our browser store our passwords for all those sites we visit every day. It’s easy, it’s convenient, and it’s really easy to hack. Starry shows us how to reveal these passwords, swipe them and use them in another browser. Plus: he demos what you can do about this (besides not giving your passwords away to your browser).

Hacking for a digital marketer

This entry is part 4 of 7 in the series [ Hacker Night School ]

What is Digital Marketing

In this digital world almost everything is steadily replaced by the term of digital. An umbrella terms was created for the term marketing as well. Marketing itself is a technique which is to change the concepts of people and makes them to be wanting to buy the marketed products or services. And of course everywhere a demand and supply is occurred can supposed as a market place even on a rope which conveys purchase orders, cash and the products or services.

Digital Marketing is a technique as well but it occurs by using digital technologies, mainly on the internet also including mobile phones (of course the annoying calls form the service providers), display advertising, sharing the freeware or free to use product or trials (of course; if you don’t have to pay, you are a product) and any other digital methods.

Advancing technology of Digital Marketing techniques are such as search engine optimization (SEO), search engine marketing (SEM), content marketing, influencer marketing, content automation, campaign marketing, data-driven marketing[ and e-commerce marketing, social media marketing, social media optimization, e-mail direct marketing, display advertising, e–books, and optical disks and games are becoming more common in our advancing technology. In fact, digital marketing now extends to non-Internet channels that provide digital media, such as mobile phones (SMS and MMS), callback, and on-hold mobile ring tones.
Who will be your 1st priority?

Of course you know the technique, you have a product to market but an interesting question is “Who will be the right person to be marketed effectively and what his/her current hard time is?” We should consider it rather than what kind of digital marketing is going to be performed. In this topic the most effective way to answer the interesting question is to collect intelligence from publicly available sources otherwise OSINT (Open-Source Intelligence) before you do a digital marketing.

What is and Why OSINT?

Open-Source Intelligence gathering is intelligence collected from publicly available sources (as opposed to covert or clandestine sources) in brief and completely meaning.

Because it can help you to gather a mess of useful information and it’s the very first step to full scope of real world marketing plan. And it simulates real world connections, and can get comprehensive information of a company, its employees or your competitors and his/her employee and so on. With the knowledge of your competitors’ or your target’s information, you own the market no matter SEO or SEM.

Even though there are many tools out there helping to perform OSINT, here is a link to start Meltego. And become a Hacker Inside Digital Marketer .

Written By,

Starry Sky

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a VPN ]

Starry Sky (Htet Aung)
This entry is part 5 of 7 in the series [ Hacker Night School ]

Starry Sky and Glenn Norman discuss using a VPN or proxy server

Now take the Quiz:

1. What of these statements is the most accurate description of a proxy.

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

2. What exactly does a VPN do?

a. Hides your IP address
b. Makes it look like you’re coming from a different IP address
c. Makes your web traffic (ports 80 and 443) look like it’s coming from a different IP address
d. Makes ALL your network traffic look like it’s coming from a different IP address

3. Will a proxy hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

4. Will a VPN hide your IP if you are:

Yes    No    Streaming video
Yes    No    Downloading a torrent
Yes    No    Using instant messaging
Yes    No    Watching Flash

5. Suppose you have been given a penetration testing contract to test the security of a company’s web applications. Which type of service would give you sufficient privacy, usually at no cost, and sometimes with superior speed?

a. Proxy server
b. VPN
c. macchanger
d. Burp Suite

6. Your next pen testing contract has you scanning your client’s internal and external networks and computer systems. You’ll be using lots of non-web tools like nmap and hping3. Which type of service will give you the level of concealment you’ll need when using any networking protocol?

a. Proxy server
b. VPN server
c. Working from the nearby Starbucks
d. Kali Linux

7. How should you check to see if your proxy or VPN is working?

a. Check your external IP address after starting the VPN
b. Check your external IP address before starting the VPN
c. Both, and make sure they’re the same!
d. Both, and make sure they’re different!

8. Which would be the safest country for you to get your VPN from?

a. USA
b. Switzerland
c. China
d. Russia

Answer Key:

1: c
2: d
3: No, no, no, no
4: Yes, yes, yes, yes
5: a
6: b
7: d
8: b

[ Hacker Night School ] :: [ Hiding Your Ass ] :: [ Using a Proxy Server ]

Glenn Norman
This entry is part 6 of 7 in the series [ Hacker Night School ]

One of the trickiest things about hacking is knowing what kind of anonymity tool to use, when. If what you are doing involves only the Internet (i.e. web pages and web sites), the right anonymity tool is a proxy server. “Proxy” means “stand-in” or “intermediary” (look it up; research is your specialty, right?), and a proxy server is just that: it makes your requests on your behalf, and hides your identity.

Cool, right? The thing to remember is that proxies (like TOR) only manage http(s) traffic. The instant you download and click on a .torrent file, or watch any video in any format, you’ve just jumped out of http(s), and into a different protocol that won’t be managed by your web proxy. And that’s what we really mean here: not just proxy but web proxy.

If you want to run all of your external network traffic through an anonymizing system, that would generally be a VPN, which can be a pipeline for literally everything you do outside your cable/DSL modem. But for a good discussion of when and why you should use a web proxy, check out the article linked below. It is, to a degree, an advertisement for a TOR alternative, but we all know how to filter out the advertising, right?

http://www.makeuseof.com/tag/x-reasons-using-anonymising-proxy-server/

And:

https://www.torproject.org/

https://geti2p.net/en/

 

[ Hacker Night School ] Being Anonymous: VPNs

Glenn Norman
This entry is part 7 of 7 in the series [ Hacker Night School ]

Sometimes you can go about your business out in the open, on the Internet and everywhere. But sometimes you don’t want to be seen. It’s a good thing there are lots of privacy apps and options. It’s a bad thing that most people don’t know when – and why – to use a particular tool.

VPNs are a great example. Your source traffic “submerges” and only re-emerges at the VPN endpoint, so your traffic looks like it’s coming from that endpoint, not from you. This can be anywhere from nice to life-saving, depending on your circumstances.

When would you use a VPN? When you want ALL of your traffic to pass through that VPN. Remember, if you’re running scans and testing remote systems, that traffic is (mostly) not HTTP, it’s various manipulations of IP and nearby protocols. Hiding your browser traffic, like a proxy will, doesn’t hide scanning traffic, or chat or video or torrenting or any number of things. (That’s why you don’t torrent or watch video in Torbrowser.)

Here’s a nice little piece about VPNs, with some intelligent questions in the comments below. It’s required reading for this course.

6 Reasons You Should Be Using an Anonymising Proxy Server