Intro

Starting page for resources that teach how hackers work.

Hacking Articles

• Gadget Hacks
• Life hacks and tips

• ASCII by Jason Scott - post on hacking history

• Things Every Hacker Once Knew by Eric S. Raymond

• URL Encoded Attacks - Attacks using the common web browser by Gunter Ollmann

• https://github.com/r00t-3xp10it/hacking-material-books
• Unicode trick lets hackers hide phishing URLs

• Canonicalization Attack

• SentinelOne: A Guide To Encoding And Decoding In Base64 - A good explanation on hacking attack which uses Base64

Books

• Hacking With ASCII - This Book has an interesting chapter on how to create shellcode with ASCII - Hacking- The art Of Exploitation

Search Engines

• Shodan is the world's first search engine for Internet-connected devices.  Discover which of your devices are connected to the Internet, where they are located and who is using them.
• Crack Station - uses massive pre-computed lookup tables to crack password hashes. These tables store a mapping between the hash of a password, and the correct password for that hash. The hash values are indexed so that it is possible to quickly search the database for a given hash. If the hash is present in the database, the password can be recovered in a fraction of a second 

Forums

• Hacker News
• Hack-A-Day

Legal

• disclose.io is a cross-industry, vendor-agnostic standardization project for safe harbor best practices to enable good-faith security research
• TrustSec's collection of legal wording and documentation used for physical security assessments. 

Shellcode

Shellcode is the code executed by bad actors to cause an infection.

• Learning Windows Shellcode by Skape http://www.hick.org/code/skape/papers/win32-shellcode.pdf

Bind Shells

• Hacking with Netcat part 2: Bind and reverse shells:  https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
• Bind Shells and Reverse Shells with netcat: http://stuffjasondoes.com/2018/07/18/bind-shells-and-reverse-shells-with-netcat/

Exploitation Frameworks and Tools

• Metasploit: https://www.metasploit.com/
• Commercial Immunity's Canvas: https://www.immunityinc.com/products/canvas/

• Commercial Burp tool for SQL injection and other web vulnerabilities: https://portswigger.net/burp.  Can be used to scan directories in a website.
• Tamper Data add-on for Firefox: https://addons.mozilla.org/en-US/firefox/addon/tamper-data-for-ff-quantum/

Penetration Testing

• Commercial CORE Impact:  https://www.coresecurity.com/core-impact
• SQLmap, open-source tool to exploit SQL injection: http://sqlmap.org/

Lists of Hacking Tools

• Docker container with hacking tools built-in:  https://github.com/eugenekolo/sec-tools
• Has a script to install tools: https://github.com/zardus/ctf-tools  (Tool installation failed with virualenvwrapper mising in Kali, I installed it manually (pip install virtualenv) and installation succeeded after)

Tools for Cracking Zip and RAR Passwords

• fcrackzip - On Kali as well.

gunzip /usr/share/wordlists/rockyou.txt.gz -c > rockyou.txt
fcrackzip -v -u -D -p rockyou.txt MyPrecious.zip

Tools For Directory Trasversal

• DirBuster on Kali for finding hidden directories in a website

Tools For Cloning A WebSite 

Kali comes with all of these webcrawler/spider tools for cloning a website.  See Johnathan's blog on it.

SkipFish

Performs some directory guesses

skipfish -o artofthehack.ninja.skipfish  http://artofthehack.ninja/games.html

HTTrack

 httrack http://artofthehack.ninja -O artofthehack.ninja.top

Tools For Breaking Ciphers

• EverCrack cryptanalysis engine
• Cain & Abel is a password recovery tool for Microsoft Operating Systems

Tools For Reversing Encoding

• CyberChef by the British Intelligence Agency has every possible encoder/decoder you can think of.  It has  a Node.JS API so you can use in your own code.
• Cryptii.com - another great site for decoding (uudecode, base64) and also playing with conversion between signed/unsigned numbers of different byte sizes.
• Base64
• UUDecode
• XXEncode
• YEnc
• ROTEncode
• Dcode.fr - This one has a lot of decoding tools!  Braille decoder
• RapidTable -  conversion of ASCII, Hex, Base64, etc
• AsciiToHex -  hex, decimal, base64

Tools For Hiding Information

StegSolve

Applies different color filters to pictures to show hidden messages.  GUI only

Foremost

foremost -v -i 1.png -o output1

StegHide

Can't do PNG files

Binwalk

Binwalk can scan a firmware image for many different embedded file types and file systems.  You can tell binwalk to extract any files that it finds in the firmware image with the -e option:

Searches binary files for embedded files 

More info at: https://github.com/ReFirmLabs/binwalk

Extract the sections and contents of the file with --extract

Useful Linux Commands

Find all the files called AC5 and run them through binwalk.

find . -name "AC5" -exec binwalk {} \; | more

HTTP Proxies

• OWASP Zed Attack Proxy (ZAP)  - Can be used for forceful browsing
• Burp Spider - can crawl through websites

Email Spoofer

• Anonymailer
• DeadFake

IP Spoofing

• Hping: Network spoofer

MAC Spoofing

• MacShift - https://github.com/delebird/MAC_Cycler

HTTP Referrer Spoofing

• Chrome plugin Referer Control allows you to add any value you want to the HTTP referrer field.

FireSheep

From Wikipedia: Firesheep was an extension for the Firefox web browser that used a packet sniffer to intercept unencrypted session cookies from websites such as Facebook and Twitter. The plugin eavesdropped on Wi-Fi communications, listening for session cookies. When it detected a session cookie, the tool used this cookie to obtain the identity belonging to that session. The collected identities (victims) are displayed in a side bar in Firefox

Discovering Endpoints

• To discover the web endpoints to attack, an attacker could look in the client-side scripts for particular keywords: XMLHttpRequest, $.ajax, Msxml2.XMLHTTP, websocket.
• You can also use Wireshark to sniff XMLRPC connections (protocol HTTP/XML)
• Search in Google for the Web Services Description Language (WSDL) that may capture specific domain's WSDL file.  Use site:mydomain.com filetype:wsdl

WS-Attacker

WS-Attacks.org provides information about a large number of web service specific attacks.

WCF Proxy

WCF Toolkit Helps You Test WCF Applications!

Other Cool Stuff

• Fake A Hollywood Hacker Screen in Linux Terminal

• fsociety Hacking Tools Pack - All the tools used in Mr Robot series

Other People's Resources

• Corkami: Lots of info and scripts: https://code.google.com/archive/p/corkami/