Hacker Handle

A text editor is where a script coder or hacker spends most of his time. Choosing one that we master and feel comfortable with is therefore a crucial factor affecting productivity and speed. A common mistake is made by new hackers: they find a text editor with a GUI and jump towards it because it's simple and similar to standard editors. This is a bad practice because they'll find only later that the capabilities of such editors are limited. It is recommended to start with a more advanced text editor since day one, even if this requires more effort, time and dedication to master. Today we'll talk about Vim, short for Vi Improved, a text editor that has earned the reputation of the most powerful editor out there. Vim, the friendly beast that scared newbies The very first thing we notice about Vim is that it doesn't have a GUI. Instead, it runs entirely in a terminal window. Add to this the lack of functionality for the mouse -- all interaction is done through the ke

Perhaps the most important skill a hacker should master is programming. This is what makes the true difference between "hackers" and "script kiddies". The latter lacks the knowledge to write his own script: he rather uses programs made by others to attack his target. In contrast, a worthy hacker builds his own program tailored to his needs in order to exploit a specific vulnerability. Does that mean that a hacker never uses material written by others? Of course not. As most of the exploits (i.e. scripts that exploit a flaw) written by/for the Linux community are open-source, hackers often reverse-engineer these programs to understand how they work and potentially modify them to suit their own needs. What's more, when building his own script, a hacker very often integrates some tool from a fellow hacker. This is precisely how malware evolves on a daily basis: a programmer uses his know-how to combine multiple exploits in an effective way. Writing your firs

There are different methods for getting unauthorized access to a Wifi network. I will try to cover several ones, but in this post I will focus on capturing a WPA handshake for a subsequent dictionary or brute-force attack. Requirements Before getting started make sure you have the following: Raspberry Pi 3 running Kali Linux ( tutorial here ) Monitor-mode and Packet-injection capable wifi adapter PC Decent internet connection We'll be using the wifi adapter with the Raspberry Pi, controlling them with a PC via VNC ( tutorial here ). What is a WPA handshake? In simple words, a WPA handshake is used to authenticate a user with an AP (Access Point). To illustrate things, think of it as a literal handshake: if the client presents his hand but the AP doesn't, the handshake can't happen and authentication thus fails. Because the engineering behind a WPA handshake is not the main purpose of this guide, let's dive into our work. Discovering the target AP Th

In my previous post I talked about setting up a headless Raspberry Pi configuration -- the real purpose of using a Pi as a pentesting tool. The first step in making our Pi portable is the installation and activation of a VNC (Virtual Network Computing) connection. I will be glad to answer any questions you might have after reading this guide. Requirements As always, verify that you have the necessary material: Raspberry Pi 3 running Kali Linux ( tutorial here ) Power adapter HDMI cable TV or monitor Decent internet connection Installing the VNC server on the Pi There are many VNC softwares but we'll be using TightVNC because it's simple to configure and compatible with most devices. In a terminal window on your Pi, type apt-get install tightvncserver to download the software. Once completed, type  tightvncserver to start the VNC service. You will be prompted to choose a password, note that it cannot exceed 8 characters. You will also be asked if you wan