Hacker Zer0

Hacker Zer0

These blog posts are the latest information in Ethical Hacking. There is a ton of information out there on hacking and whats the newest exploitation or virus? but how credible is the information? it's for you to investigate. This isn't another membership service or weird chat asking you to download files. Here you're going to learn about what websites are safe to browse, well we also have a section on Anonymity and how you can see the not so visible pages like; Zero days - [0day.today]. I would definitely not check this page out without a good VPN and Tor Browser. Now you might ask how legal is this? having browsers and a VPN isn't illegal what is illegal is what you decide to do with the links and browsers. In better terms looking at public information isn't illegal. Just don't download the weird .exe file. Now that you have this bit of jargon let's explore some topics.


WireShark

[WIRESHARK]

What is WireShark WireShark 4.4.2 is the newest release, Is a network packet capture tool that is commonly used used in Penetration Testing/Ethical Hacking to identify and assess networks.

Download WireShark

WireShark a GUI; Graphical User Interface it supports Dark Mode in Windows and Kali-Linux.

Network Reconnaissance: WireShark can help identify targets like devices, parts, and services by analyzing the type and amount of network traffic they exchange.

Traffic Analysis: WireShark can scan network traffic for signs of malicious activity such as unusual traffic patterns or payloads.

Password Cracking:WireShark can help identify and Crack network packets that contain user credentials, such as passwords and user names.

Denial- Of- Service:WireShark can help detect and mitigate Dos Attacks by blocking traffic from specific sources or locations.

More info at WireShark.org...

[CROWDSTRIKE | FALCON RECON]

What is Crowdstrike/Falcon Recon and how do you navigate their site. Crowdstrike/Falcon Recon is among the Top 10 best Cyber Threat Intelligence Tools. My favorite site is Kaspersky Threat Intelligence Kaspersky|Cyber Threat Map

Now let's talk about how amazing Cyber Threat Intelligence is. CTI or Cyber Threat Intelligence is the process of collecting, analyzing, and sharing data to understand and defend against cyber threats. The best part of Threat Intelligence understanding its uses like, Identifying an attack's mechanisms, Determine how to recognize and attacks in process, Understand how different types of attacks may impact a business, Predict the behaviors of potential cyber attackers and Reveal patterns of potential cyber attacks.
Cyber Threat Intelligence is crucial for the Banking Sector to protect their customer's Data and Finances. When Black Hat Hackers gain access to their Databases it is devastating to the company and it's consumer's. Data that has been compromised always ends up on the Deep/Dark Web. Black Hackers use the info like the Bins of the user accounts to sell this on the Black Market. There are a lot of sites on Anonymous browsers that sell that data like DataBreach or 0Days, please do not download or purchase any weird .exe files from these sites it's Illegal. Now with that I said you can find more information on CTI | Cyber Threat Intelligence at Crowdstrike| Counter Adversary Operations

Continue Reading...

[Hacker Zer0]

[Cyber Threat Intelligence]

What is Cyber Threat Intelligence Cyber Threat Intelligence is crucial and Important Databases. If you conduct a simple google search for CTI you will be overwhelmed with all of the platforms that are promising to keep your data safe. However I know some amazing links to CTI tools that can help you conduct research and Investigations

These are my Top 8 CTI: Cyber Threat Intelligence


1.UrlScan.io


What it analyzes: Urlscan.io looks for potential threats and vulnerabilities, such as malicious code, suspicious links, phishing attempts, and other risks. It also checks if the website has been flagged as malicious by other users or security platforms.

2.Cisco Talos


Cisco Talos Intelligence is a Powerhouse of Tools, Vulnerability Research, Incident Response and Security Resources.Such as; Snort, ClamAV, PE-Sig, Synful Knock Scanner, MBR Filter, FIRST, Cisco Smart Install Scanner and so many tools.

3.Abused IP DB


Abuse IP DB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. You can report an IP address associated with malicious activity, or check to see if an IP address has been reported, by using the search box above.

4.Breached Directory


BreachDirectory allows you to search through all public data breaches to make sure your emails, usernames, passwords, and domains haven't been compromised.

5.Checked Leak CC


Check Leaked CC is a is a website that checks for leaked data. They have a free account and a Pro Account. You can research most of your social accounts.

6.Kaspersky Threat MAP


Kaspersky Cyber Threat MAP is the best up-to-date analysis of cyber attacks in real time by country and type of attack. Kaspersky Digital Footprint Intelligence A service that helps organizations monitor their digital assets and detect threats from the surface, deep, and dark web. It provides real-time alerts, analytical reports, and the ability to customize monitoring capabilities.

7.Recorded Future


Recorded Future Research: Discover an array of Threat Intelligence Resources at Recorded Future. From in-depth eBooks and enlightening webinars to comprehensive research papers and impactful case studies. Browse through our extensive press mentions and watch testimonial videos to understand how our intelligence solutions empower cybersecurity.

8.Alien Vault


LevelBlue/Labs: with Alien vault's Lab you can find any known vulnerabilities. For example: Users, Groups, Pulses, Malware Families, Adversaries and so much more. The World’s First Truly Open Threat Intelligence Community.Submit files and URLs for free malware analysis within LevelBlue Labs OTX sandbox. Open Threat Exchange is the neighborhood watch of the global intelligence community. It enables private companies, independent security researchers, and government agencies to openly collaborate and share the latest information about emerging threats, attack methods, and malicious actors, promoting greater security across the entire community. The possibilities are endless.


Kali-Linux

[Kali-Linux]

Kali Linux [VMware & VirtualBox] images are available for users who prefer, or whose specific needs require a virtual machine installation.

Now I know that the loading page to Kali-Linux can seem overwhelming and not knowing what to install but as mentioned in the previous vide installing a Virtual Machine or Virtual Box is the best way to run Kali-Linux operating system. Unfortunately I decided to completely wipe my system default Operating System. Incase you want to know how? heres how I did it.I used a 16gb Flash drive to install Kali-Linux ISO Operating System and the used [Rufus] to mount the ISO file but the importing to note here I now have a different OS. I do not recommend anyone changing their OS unless they understand how to boot it in The BIOS and how to install the new OS, short story long this method works. Download Kali-Linux

Learn How to Download and Install Kali-Linux

Continue Reading...

SQL-MAP

[SQL-MAP]

What is SQL MAP? It was created by Bernardo Damele and Miroslav Stampar, Sqlmap's goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.This a powerful tool used by all hackers

SQL is a Powerful Tool

sqlmap is an open source penetration testing tool that [automates] the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Simply put it's purpose is to extract data from the database, including tables, columns, and their associated data. The way it works is truly amazing it attacks on a website and gathers the information from the database all you need to do is run it. If you don't have it you need to download it from the the official website or the github repository.

Continue Reading...

[MITRE | ATT&CK]

What is MITRE | ATT&CK? One of the most powerful knowledge base of adversarial techniques based on real-world observations. ATT&CK focuses on how adversaries interact with systems during an operation, reflecting the various phases of an adversary's attack lifecycle and the platforms they are known to target.

Use this knowledge base to grow your CTI [Cyber Threat Intelligence] as a new hacker you will need to learn to identify Tactics, Techniques and Cyber Crime groups.Cyber crime is a huge problem all over the world, in the ATT&CK website under [CTI] you will find a Groups LINK will get you to all of the known Cyber Crime Groups and their preferred methods of attack and know associated groups.

Continue Reading...

Hacker 0

txt.file-py-Randomstring - Click ME!

"This is not a Trojan trust me"