Hacking

Table of Contents

1. Why?
2. News
3. Capture The Flag (CTF)
4. Linux
5. Privacy and personal security
6. Software Tools
7. Radio Frequency
8. Hackable systems
9. Resources
10. Defensive Measures

Why?

I think there's a few reasons why I'm interested in this topic - some simple and some more complicated. To start, I'm just curious and it is simply in me to tinker with things I'm interested in - and computers are something I've worked with since I was young. That is where it started. However, the interest has grown over time as I've watched the world go online head first without any knowledge of the consequences of that shift.

Whether it is as a victim of credit card fraud, one's data being witlessly leaked from a corporation, or a trojan horse that lets someone into a computer, we're all living with the consequences of the connectivity thrust upon us. Unfortunately, these threats are increasing rapidly62 Compelling Hacking Statistics 2023: Data on Common Attacks. Hackers in movies might seem powerful or mysterious but the real events involving nation-state sponsored hacker groups (the US included) are stranger than the fiction. Cyber warfare between governments is now commonplaceJames Risen; Eric Lichtblau (December 16, 2005). "Bush Lets U.S. Spy on Callers Without Courts". The New York Times.Davi E. Sanger (June 01 2012). Obama Order Sped Up Wave of Cyberattacks Against Iran. The New York Times. Andy Greenberg (September 12, 2023). China-Linked Hackers Breached a Power Grid-Again. Wired. and many governments use these tactics against their own citizensCarly Page, Zack Whittaker (March 29 2020). Saudi spies tracked phones using flaws the FCC failed to fix for years. TechCrunch.NATALIA KRAPIVA, RAND (September 13 2023). Hacking Meduza: Pegasus spyware used to target Putin's critic. Access Now.JOHN SCOTT-RAILTON, BILL MARCZAK, BAHR ABDUL RAZZAK, MASASHI CRETE-NISHIHATA, RON DEIBERT (July 10 2017). Investigation into Mexican Mass Disappearance Targeted with NSO Spyware. Citizen Lab.RONAN FARROW (Sept 25 2022). How Democracies Spy on their Citizens. The New Yorker.. This did not start with the internet eitherProject SHAMROCK involved the interception of telegraph communications to and from the US..

More than 507 million records have been leaked from government, financial firms, telecoms, and other corporations in 2023 aloneVarious, "List of Data Breaches", Wikipedia.. There is a new privacy disaster every other week. Hell, the CIA can't keep a hold of its data. The decisions of others who are, at best, indifferent to us have lasting consequences in our lives. Everyone has a relationship to this reality. Even a luddite with no computer has their data leaking out of corporations, intentionally or not.

Ethical hacking is an attempt to understand how it is possible to break into systems.

Understanding this is so much more important for anyone who wants to go on to design anything 'enterprise'. Security through obscurity is not a valid stance. One cannot hide the holes in a system and and hope it will go well. Before a website, app, or medical device is released to the world, one should know what risks they are taking. To secure a computer system is to understand the attacks that can be made against it.

I want to know how the locks work and what weaknesses they have. This does not make me a thief. I do not endorse or practice breaking into any device unless you own it or obtain express permission beforehand. This is not just a legal caveat to save my ass. I follow this. If you are not sure where the lines are, find out what they are before you try anything.

Ethical Hacking

Hacking is becoming increasingly widespread, but most hackers insist they are not out to terrorize companies or governments by deleting files or crashing servers. Instead they are dedicated to what they call “ethical hacking”. This involves finding ways into computer systems for the pure intellectual excitement of it. At the same time, a hacker can show the owners of the system that their security can be breached.

• Mark Ward Mark Ward. Sabotage in cyberspace, New Scientist

News

See Hacking news to see what the nefarious parts of cyberspace look like.

Vulnerabilities and exploits

A vulnerability is a weakness in design, implementation, operation, or internal control. An exploit is a method of attack exists using a known vulnerability. Vulnerabilities are researched, reverse-engineered, hunted, or exploited using automated tools or customized scripts. The categories these attacks fall into are listed here.

See also: Software Vulnerabilities

Capture the Flag (CTF)

Capture The Flags, or CTFs, are a kind of computer security competition. Teams of competitors (or just individuals) are pitted against each other in a test of computer security skill. Challenges involve knowledge of networking, cryptography, reverse engineering, forensics, etc. CTF's are great for people learning about cyber security.

CTF and related

• PicoCTF an - have a good spectrum of beginner to advanced concepts
  • CTF Primer: learning content
  • PicoGym online CTF practice site that tracks one's tracks progress
  • Competitions
• CTF 101
• CTF Field Guide
• pwnable.tw
• LiveOverflow a cybersecurity enthusiast's YouTube channel and website - contains lots of useful info
• John Hammond a cybersecurity professional's YouTube channel producing cybersecurity education content

Other games

• RegEx Crossword - Learn Regular Expressions through puzzles

Linux

Most of the infrastructure of the world (all of the fastest supercomputers, NASA, smart TVs, game consoles, cars, spacecraft, etc.) runs on Linux of some kind so knowing how to use it is necessary for many professionals.

Both Kali and Parrot are Debian-derived Linux distributions designed for digital forensics and penetration testing. They are preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs), and many others.

• Kali
• ParrotSec offers multiple distros:
  • One for pentesting that inlcudes many basic programs similar to Kali
  • a "secured" distro, an OS pre-configured for a high level of security for any Linux user
  • a general purpose distro that includes tools that make it easier to use, while also exposing what is under the hood
  • a distro for forensics experts
• Tails OS - for those who need to avoid censorship, surveillance, etc. Tails is an OS that boots from a USB and leaves no trace of itself on the computer you use.

Privacy and personal security

• Electronic Frontier Foundation
• Tor Project
• Brave Browser a Chrome-based browser that is pre-configured for privacy, blocking ads/trackers
• Adblocking software, such as Pihole, primarily for filtering your entire network of ads, trackers, and known malicious sites.
• pfSense an open source firewall software platform, for someone who wants more customization on the administration of a network. can also host intrusion detection software (IDS) though this is really only necessary for a home user who allows some external access into the network
• Have I been pwned? Check if your email address is in a data breach.
• See also Basic Computer Security Practices and Data Privacy Strategies

Software Tools

• CyberChef a simple web app for analyzing and decoding data - e.g. convert a Base64 string to ASCII, analyze a hash, extract EXIF data from an image, etc.
• Nmap a free / open source port scanner for network discovery and security auditing.
• Cipher Identifier (online tool) | Boxentriq
• IDA Freeware a hex editor and reverse engineering tool
• Ghidra -
• Process Hacker - a Windows program

See more at Hacking Software Techniques

Hardware Tools

See Hacking Hardware Tools

Hackable systems

• TryHackMe | Cyber Security Training
• Hack The Box: Hacking Training
• Damn Vulnerable Web Application (DVWA) - a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.
  Buggy Web Application
• Google Gruyere
• WebGoat
• Metasploitable 2
• Damn Vulnerable iOS App
• OWASP Mutillidae II
• Web Security Dojo

Lists and Resources

Lists

• Github - awesome-sec-talk - a collection of cybersecurity talks at various conferences
• Github - Hacking resources and cheat sheets - lots of reference material
• Github - awesome-security - Collection of software tools, documents, resources lots of reference material
• Github - FalsePhilosopher/Infosec-Cheatsheets - another list of lists, resource of resources

Courses

• Ethical Hacking course (9-hour video by edureka) - covers history, networking basics, Kali Linux, pentesting, Nmap, XSS, DDOS, SQL injection,
• Ethical Hacking course (14 -hour video by freeCodeCamp) - covers the creation of an Active Directory lab in Windows, making it vulnerable, hacking it, and patching it
• Computer Security: A Hands-On Approach Udemy course taught by Wenliang Du
• Github - Infosec_Reference/Courses & Training - an extensive list of courses on a wide spectrum of topics
• Antisyphon Training by John Strand (Course files)

Other sites

• Ransomware.live: A database that focuses on the the landscape of ransomware, its victims, and its perpetrators.

Books

Technical

• Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson, a book about reverse engineering as a method of discovering how software works and find way to exploit them
• NSA's Python Training Document: Released after FOIA request was submitted
• Aggressive Network Self-Defense

Historical

• Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers by Andy Greenberg
• Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter
• Ghost in the Wires: My Adventures as the World's Most Wanted Hacker by Kevin Mitnick

Defensive Measures

For basic defensive security practices, see Basic Computer Security Practices

A bit more advanced

• Firewall: Have a firewall running (eg. Windows Firewall). A network firewall (like pfSense or OPNsense) is probably overkill for most home networks but it is recommended if you are opening up any access into your network to the outside internet i.e. a web server or any other server functions.

• Intrusion Detection System (IDS) / Intrusion Prevention Systems:

  • Snort
  • Suricata
  • CrowdSec

• TonyPhipps/SIEM - SIEM tactics, techniques, and procedures

• awesome-cybersecurity-blueteam

History

Textfiles.com is a repository of text files from 1980 - 1995. During this time, text files were written and shared about computer hacking techniques, phone phreaking.

References