Welcome back, my aspiring cyberwarriors! In our industry, we often carry around some very valuable and sensitive data. This might include a bug bounty technique, a zero-day, future plans in our cyberwar, or simply confidential information on our family and friends that they have shared with us. It is critical that this information not fall into the wrong hands if our laptop is stolen or misplaced. As you know, a password protected operating system will not protect your data from a skilled investigator. Data on your hard drive can be accessed using a live boot forensic operating system o ..read more

Welcome back, my aspiring cyberwarriors! Bluetooth is a nearly ubiquitous protocol used to communicate between devices in close proximity or piconet such as speakers, headphones, and cellphones. If one can exploit Bluetooth, it may be able to take control or eavesdrop on any of these devices. There are numerous classes of Bluetooth devices. These different classes are announced to the connecting device in the banner. In previous Bluetooth tutorials here, we have discussed probably the most important class for exploiting Bluetooth devices, the HID class. This class of devices are known as H ..read more

Welcome back, my aspiring radio hackers! Radio hacking using inexpensive SDR's is the state-of-the art in hacking. So many communication mediums using radio waves that the list could fill this tutorial but a few include; Bluetooth Cellular phones Satellite phones Wi-Fi National defense and Police radio Satellite communication Remote controls GPS NFC Automobile key fobs ...the list could go on and on. Many of the tools in this field are open-source with a significant list of dependencies. This can mean hours of downloading and configuring applications and dependencies. Thankfully, we now have ..read more

Many of our aspiring cyberwarriors have been asking for a separate digital forensics and incident response (DFIR) training program and we have responded! This new program will use many of the existing courses on our Subscriber and Subscriber Pro platform and add additional, new courses specifically for digital forensics and incident response. We recognize that not everyone in cybersecurity wants to become a hacker/penetration tester and many of you will choose a career in protecting an institution's resources. This career has excellent job security (hacks will not stop any time soon) and exce ..read more

Welcome back, my aspiring cyberwarriors! Pretty Good Privacy or PGP has been around for over 30 years and has proven that it is pretty good! PGP is used in many different environments but most widely in email. The most common use for PGP is to enable people to confidentially send messages and data to each other using a combination of their public and private keys (PKI). It is often used to encrypt and decrypt emails, files, text messages, and entire disk partitions, and to authenticate digital certificates. PGP can also used to authenticate messages and check for integrity. It can detect wheth ..read more

In the dynamic landscape of cybersecurity operations, the use of Command and Control (C2) servers stands as a critical component for orchestrating coordinated tasks across compromised systems. However, directly interacting with a C2 can often leave an operator exposed to detection and countermeasures. This is where the strategic implementation of a redirector plays a pivotal role. A redirector acts as an intermediary, designed to conceal the true endpoint of a C2 by channeling the communication through seemingly benign relay points. By using a redirector, threat actors can obfuscate their tra ..read more

Welcome back, my aspiring cyberwarriors! As you well know, the Distributed Denial of Service (DDoS) attack is one of simplest attacks. It is simply brute-force packet jamming a network to render it useless or nearly useless. When its done with just a few nodes it can be easily thwarted by a number techniques such as load balancing, black hole routing, rate limiting and many newer intelligent systems techniques. The impact is minimal. Massive Numbers of Compromised IoT Devices When it done with a massive number of nodes, nearly everything is vulnerable. Millions of IoT devices have been comprom ..read more

If you've ever used Evil-Droid, you've probably encountered a variety of issues to solve. In order to save you from wandering all over the internet searching for forums and videos to separately address each of these problems, we have created this post so that you can use this powerful tool without any further hassle. We'll assume that you successfully installed the tool, and you won't encounter any major complications, also the procedure is clearly detailed on this website ,Official Evil-Droid The first common error to encounter is the "Connection Failed" error. Chapter 1: Connection Failed ..read more

Welcome back, my aspiring cyberwarriors! Increasingly, we are seeing cybersecurity tools and apps using docker. For instance, in my tutorial on IP camera credential brute forcing, we used docker to contain our app. To help you understand docker, Aircorridor has written a short tutorial here to explain what it is and how it works. What is Docker? Docker is an open-source platform for developing, shipping, and running applications. It uses OS (operating system)-level virtualization to create containers, which are lightweight, standalone packages that include everything an application needs to ru ..read more

Welcome back, my aspiring cyberwarriors! According to the Open Web Application Security Project (OWASP), command injection is perennially one of the most serious and numerous attacks against web applications. In addition, these attacks usually involve serious financial damage to the companies and other institutions as they are attacks against the database, the repository of so much valuable information such as credit card numbers and personally identifiable information (PII). OWASP Top 10 Although there are numerous attack vectors against databases, the most common is the SQL injection. SQL i ..read more