Hot Posts

How To: See Passwords for Wi-Fi Networks You've Connected Your Android Device To

You've probably connected your Android device to dozens of Wi-Fi networks since you've had it, and your phone or tablet remembers each of them. Whether it's a hotspot at home, school, work, the gym, a coffee shop, a relative's apartment — or even from a friend's phone — each time you type in a Wi-Fi password, your Android device saves it for safekeeping and easy access later.

How To: Apple's New Cutout Tool Magically Isolates Subjects and Removes Backgrounds from Images on Your iPhone or iPad

Apple's upcoming iOS 16 and iPadOS 16 software updates bring an exciting new feature that lets you instantly lift the subject out of a photo, separating it from the background. Once extracted, you can paste, save, or drop the cutout wherever you want as a new image, and you can even make it a sticker in messaging apps.

How To: 20 Things You Can Do in Your Photos App in iOS 16 That You Couldn't Do Before

There are many great things about Apple's Photos app for iPhone and iPad that we know and love, and the new iOS 16 and iPadOS 16 software updates bring even more features that are about to become your favorites. There's one big change you may have already heard about and several minor improvements that make the app more useful and enjoyable.

How To: Exploit EternalBlue on Windows Server with Metasploit

Particular vulnerabilities and exploits come along and make headlines with their catchy names and impressive potential for damage. EternalBlue is one of those exploits. Originally tied to the NSA, this zero-day exploited a flaw in the SMB protocol, affecting many Windows machines and wreaking havoc everywhere. Here, we will use EternalBlue to exploit SMB via Metasploit.

Warning: Sensitive Info You Black Out in Images Can Be Revealed with a Few Quick Edits on Your iPhone

These days, most images we post online or share with others come from our smartphones. Whenever personal data is in them, such as debit card numbers, addresses, phone numbers, passwords, and other sensitive information, it's easy to jump into your iPhone's markup tools to black out the text before sharing. But a digital marker may not hide everything.

How To: Brute-Force FTP Credentials & Get Server Access

Hackers often find fascinating files in the most ordinary of places, one of those being FTP servers. Sometimes, luck will prevail, and anonymous logins will be enabled, meaning anyone can just log in. But more often than not, a valid username and password will be required. But there are several methods to brute-force FTP credentials and gain server access.

How To: Make Siri Say Whatever You Want Every Time You Connect Your iPhone to a Charger

Whenever your iPhone's on Ring mode, you'll hear Apple's iconic "Connect Power" chime every time you connect it to a wired or wireless power source, which lets you know that charging has started. There's no way to disable the sound without turning on Silent mode, but there is a way to make Siri automatically say whatever you want after a successful connection.

How To: Brute-Force Nearly Any Website Login with Hatch

The tactic of brute-forcing a login, i.e., trying many passwords very quickly until the correct one is discovered, can be easy for services like SSH or Telnet. For something like a website login page, we must identify different elements of the page first. Thanks to a Python tool for brute-forcing websites called Hatch, this process has been simplified to the point that even a beginner can try it.

How To: Dial These Secret Codes to See if Someone Is Hijacking Calls & Texts on Your iPhone

Malevolent hackers can divert your incoming calls and texts to any number they want, and they don't need to be a criminal mastermind to do it. Even friends and family members can reroute your incoming calls and messages so that they know exactly who's trying to reach you, and all it takes is seconds of access to your iPhone or wireless account. These secret codes can help uncover them.

How To: Get Rid of Frequently Visited Websites in Safari on Your iPhone, iPad, or Mac

Safari has a helpful feature that shows your most frequently visited webpages whenever you open a new tab or window, but it's not for everyone. If you never use it, would rather have a minimalist start page, or want to prevent other people with access to Safari on your iPhone, iPad, or Mac from seeing the websites you frequent the most, you can get rid of it.

How To: Find Identifying Information from a Phone Number Using OSINT Tools

Phone numbers often contain clues to the owner's identity and can bring up a lot of data during an OSINT investigation. Starting with a phone number, we can search through a large number of online databases with only a few clicks to discover information about a phone number. It can include the carrier, the owner's name and address, and even connected online accounts.

How To: Write an XSS Cookie Stealer in JavaScript to Steal Passwords

JavaScript is one of the most common languages used on the web. It can automate and animate website components, manage website content, and carry out many other useful functions from within a webpage. The scripting language also has many functions which can be used for malicious purposes, including stealing a user's cookies containing passwords and other information.

How To: Scan for Vulnerabilities on Any Website Using Nikto

Before attacking any website, a hacker or penetration tester will first compile a list of target surfaces. After they've used some good recon and found the right places to point their scope at, they'll use a web server scanning tool such as Nikto for hunting down vulnerabilities that could be potential attack vectors.

How To: The Easiest Way to Convert Videos to GIFs on Your iPhone

Countless third-party apps and services exist that can convert the videos on your iPhone into GIFs. With so many options available, the problem becomes which one to choose. Do you install something on the App Store that provides good quality but costs money, or should you use a shady online service where you have to jump through hoops to get the GIF? Your best option may be neither.

How To: Create Custom Wordlists for Password Cracking Using the Mentalist

Beginners learning brute-forcing attacks against WPA handshakes are often let down by the limitations of default wordlists like RockYou based on stolen passwords. The science of brute-forcing goes beyond using these default lists, allowing us to be more efficient by making customized wordlists. Using the Mentalist, we can generate millions of likely passwords based on details about the target.

How To: Install MicroG to Replace Google Play Services & Prevent Data Mining

With all the talk about privacy concerns recently, Google's name keeps coming up because they are a very data-driven company. As an Android user, they know basically everything about you based on your device usage. That can easily scare some people off who are worried about their privacy and security. You do have some say in what personal data Google controls, but what if you want total control?

How To: Dox Anyone

Doxing is the act of finding one's personal information through research and discovery, with little to no information to start with. You may have seen doxing in the news, for instance when not so long ago, hacker team Anonymous doxed and reported thousands of twitter accounts related to ISIS. Doxing can be useful for finding the address of a coworker, or simply investigating people on the internet. The tutorial I will provide to you now will teach you the basics of doxing and how you can prot...

How To: See What Traffic Will Be Like at a Specific Time with Google Maps

As intuitive as Google Maps is for finding the best routes, it never let you choose departure and arrival times in the mobile app. This feature has long been available on the desktop site, allowing you to see what traffic should be like at a certain time and how long your drive would take at a point in the future. Fortunately, Google has finally added this feature to the app for iPhone and Android.

How To: Crack Shadow Hashes After Getting Root on a Linux System

After gaining access to a root account, the next order of business is using that power to do something more significant. If the user passwords on the system can be obtained and cracked, an attacker can use them to pivot to other machines if the login is the same across systems. There are two tried-and-true password cracking tools that can accomplish this: John the Ripper and Hashcat.

How To: Find Vulnerable Webcams Across the Globe Using Shodan

Search engines index websites on the web so you can find them more efficiently, and the same is true for internet-connected devices. Shodan indexes devices like webcams, printers, and even industrial controls into one easy-to-search database, giving hackers access to vulnerable devices online across the globe. And you can search its database via its website or command-line library.

How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack

Cracking the password for WPA2 networks has been roughly the same for many years, but a newer attack requires less interaction and info than previous techniques and has the added advantage of being able to target access points with no one connected. The latest attack against the PMKID uses Hashcat to crack WPA passwords and allows hackers to find networks with weak passwords more easily.

Prev Page