When I see the words "free trial," I know I'm probably going to have to whip out my credit card and enter in the number to "not get charged." Then I end up forgetting about the trial and want to kick myself in the ass when I see my statement at the end of the month. In order to avoid that rigmarole, you can actually use fake credit numbers instead of your own, and you can do that using the site getcreditcardnumbers.com, which can generate up to 9,999 credit card numbers at a time, or just one...| Null Byte
The ESP32-CAM is a convenient little camera module with a lot of built-in power, and you can turn one into an inconspicuous spy camera to hide in any room. There's only one issue: it does omit a USB port. That makes it a little harder to program, but with an ESP32-based board, FTDI programmer, and some jumper wires, you'll have a programmed ESP32 Wi-Fi spy camera in no time. To build the program for the spy camera, which includes facial detection and recognition, we'll be using Arduino IDE, a...| Null Byte
Project managers — and those hoping to become one — should rejoice at this killer deal. The Project Manager's Essential Certification Bundle Ft. Scrum, Agile & PMP usually runs for $1,990 but is only $49.99 for a limited time. The bundle features training on all the essential tools highly efficient program managers should know. This includes Scrum, Agile, and PMP. Scrum is most common in software development, but it also lends itself well to professionals in the marketing world. As for Ag...| Null Byte
A man-in-the-middle attack, or MitM attack, is when a hacker gets on a network and forces all nearby devices to connect to their machine directly. This lets them spy on traffic and even modify certain things. Bettercap is one tool that can be used for these types of MitM attacks, but Xerosploit can automate high-level functions that would normally take more configuration work in Bettercap. Xerosploit rides on top of a few other tools, namely, Bettercap and Nmap, automating them to the extent ...| Null Byte
If you've recently built a Wi-Fi spy camera out of an ESP32-CAM, you can use it for a variety of things. A baby monitor at night, a security camera for catching package thieves, a hidden video streamer to catch someone going somewhere they shouldn't be — you could use it for pretty much anything. Best of all, this inexpensive camera module can perform facial detection and facial recognition! The low-cost ESP32-CAM is an interesting camera module because it has enough RAM to perform those fa...| Null Byte
The ability to browse the web in coffee shops, libraries, airports, and practically anywhere else you can imagine is more than convenient, but convenience has risks. Using public Wi-Fi allows others to spy on you easily. Even your own internet service provider can see every website you've ever visited. Don't fall into the trap of protecting your identity, data, and devices after it's too late. A Virtual Private Network (VPN) provides safety and security online, and the leading VPN is also one...| Null Byte
An ESP32-based microcontroller with a camera is an amazing platform for video, but not all modules are created equal. We'll go over the pros and cons of some of the popular low-cost camera modules you can use with ESP32-based development boards, as well as what features they support. The ESP32-based microcontroller is the big brother to the ESP8266-based board, which we've covered extensively on Null Byte. The ESP32 is more powerful, comes with Bluetooth, and has an additional core for proces...| Null Byte
The Deauther Watch by Travis Lin is the physical manifestation of the Wi-Fi Deauther project by Spacehuhn, and it's designed to let you operate the Deauther project right from your wrist without needing a computer. That's pretty cool if you want to do all the interesting things that the Wi-Fi Deauther can do without plugging it into a device. If you missed our guide on using an ESP8266-based Wi-Fi Deauther, you might be confused about what the Deauther does. For one, it can create deauthentic...| Null Byte
Web applications are ubiquitous in the modern online world, and knowing how to attack them is an increasingly valuable skill. But the key to a successful attack is good recon since it's easier to be focused and efficient with the more information you have. There are many fingerprinting tools available, such as httprint and WebTech, but there are even more that can aid us in reconnaissance. Common Frameworks & TechnologiesGone are the days of simple websites using HTML, CSS, and vanilla Ja...| Null Byte
There are tons of tools out there that do all kinds of recon, but it can be hard to narrow down what to use. A great way to be more efficient is by taking advantage of scripting. This doesn't have to mean writing everything from scratch — it can simply mean integrating existing tools into a single, comprehensive script. Luckily, it's easy to create your own subdomain enumeration script for better recon. Install DependenciesBefore we begin, there are a few things we need to install and set u...| Null Byte
Kali Linux has come a long way since its BackTrack days, and it's still widely considered the ultimate Linux distribution for penetration testing. The system has undergone quite the transformation since its old days and includes an updated look, improved performance, and some significant changes to how it's used. Offensive Security is the team behind Kali Linux, a Debian-based system. Kali is the preferred weapon of choice on Null Byte, and you can install it as your primary system (not recom...| Null Byte
Kali Linux is the go-to Linux distribution for penetration testing and ethical hacking. Still, it's not recommended for day-to-day use, such as responding to emails, playing games, or checking Facebook. That's why it's better to run your Kali Linux system from a bootable USB drive. The hacker-friendly Debian-based distro did receive a major update by Offensive Security in late-2019 that changed the default desktop environment from the heavyweight Gnome to a more lightweight Xfce, making Kali ...| Null Byte
As a hacker, the final stage of exploitation is covering their tracks, which involves wiping all activity and logs so that they can avoid being detected. It's especially crucial for persistence if the target will be accessed again in the future by the attacker. To show you the basics of covering your tracks, we'll compromise a target first, then explore some techniques used to delete Bash history, clear logs, and remain hidden after exploiting a Linux system. You can check out our Cyber Weapo...| Null Byte
ESP8266-based microcontrollers can be used to create exciting and legal Wi-Fi hacking games to test your or your friends' Wi-Fi hacking skills. When you first start learning how to hack Wi-Fi, it can be tempting to use your powers on Wi-Fi networks you don't have permission to use. Needless to say, this can get you into a lot of trouble because Wi-Fi hacking isn't particularly subtle, so it's easy to get caught. To keep you from getting into a predicament, we want to make sure you have access...| Null Byte
A PirateBox creates a network that allows users to communicate wirelessly, connecting smartphones and laptops even when surrounding infrastructure has been disabled on purpose or destroyed in a disaster. Using a Raspberry Pi, we will make a wireless offline server that hosts files and a chat room as an educational database, a discreet local chat room, or a dead-drop file server. The Need for Offline File SharingIf you can't think of a use for an offline file server with a built-in wireless ho...| Null Byte
Python is one of the most commonly used programming languages in the world. From data science to game design, Python appears in almost every industry that requires coding of some kind. If you're looking to get into or get promoted to a higher level in one of those industries, then your next step is to learn this versatile programming language. The 2021 Premium Python Certification Bootcamp Bundle can be your guide from Python beginner to master, and it is currently on sale for $34.99. Whether...| Null Byte
Microcontrollers like ESP8266-based boards have built-in Wi-Fi, and that's really cool, but what's even cooler is that certain pro models of the D1 Mini also have a port where you can connect a directional antenna. This can give you exceptional range, but if you were to just plug one in after opening the package, it most likely wouldn't work. The problem, as Glytch covered in a Hak5 video last year, is that there's a tiny zero-ohm resistor on the board that's connecting the built-in antenna t...| Null Byte
There are hidden Wi-Fi networks all around you — networks that will never show up in the list of available unlocked and password-protected hotspots that your phone or computer can see — but are they more secure than regular networks that broadcast their name to any nearby device? The short answer is no, and that could be for any number of reasons. Hidden networks are actually the same as regular Wi-Fi networks; only they don't broadcast their names (ESSID) in the beacon frames that regula...| Null Byte
If you've wanted to get into Wi-Fi hacking, you might have noticed that it can be pretty challenging to find a safe and legal target to hack. But you can easily create your own test network using a single ESP8266-based microcontroller like the D1 Mini. Our goal is to crack a handshake that we capture from our wireless card. So what we'll do here is flash an Arduino sketch onto an ESP8266-based board that allows us to play both sides of a Wi-Fi conversation, simulating a device joining a Wi-Fi...| Null Byte
If you're getting into automation, Bash scripting is usually the way to go. However, there are a couple of limitations, and one of them is logging into another device like a Raspberry Pi and running a script automatically. To help in those situations, we're going to automate delivering an SSH payload with an "expect" script. Bash scripting is more like duct-taping things together, so it isn't able to do everything, including predicting and then reacting to certain variables. So we're going to...| Null Byte
Bash scripting is a convenient way to automate things on any Linux system, and we're going to use it here to automate certain tasks we use all the time. Bash is a simple language for stringing together several different Linux utilities. Its simplicity makes it easy for beginners to create lots of scripts that would otherwise be pretty complicated or require some pretty hefty programming skills. If you know the right Bash commands, you can do all sorts of things. In this guide, we'll use Bash ...| Null Byte
While obvious, it's a lot more difficult to hack into a locked computer than an unlocked computer. As a white-hat hacker, pentester, cybersecurity specialist, or someone working in digital forensics, there's an easy solution — make it so that the computer won't fall asleep and lock automatically in the first place. One way to stop a laptop or desktop computer from sleeping into a locked state is to use a mouse jiggler. It's a tactic used frequently by law enforcement to avoid having to get ...| Null Byte
RedRabbit is an ethical hacking toolkit built for pen-testing and reconnaissance. It can be used to identify attack vectors, brute-force protected files, extract saved network passwords, and obfuscate code. RedRabbit, which is made specifically for red teams, is the evil twin of its brother, BlueRabbit, and is the offensive half of the "Rabbit Suite." The creator of RedRabbit, Ashley Moran, better known as securethelogs, makes a plethora of Windows-based ethical hacking and penetration testin...| Null Byte
With just two microcontrollers soldered together, you can inject keystrokes into a computer from a smartphone. After building and programming the device, you plug it into a desktop or laptop, access it over a smartphone, and inject keystrokes as you would with a USB Rubber Ducky. However, with a Rubber Ducky, you need to first know the type of computer and its operating system, followed by the payload you want to use, so you can program the hacking device to do your bidding. There is no real-...| Null Byte
If you're living or staying out in the middle of nowhere or a rural area outside of a big city or town — where there are no reliable cable, fiber, or wireless networks available — how can you get an internet connection? There are several possibilities, but they all come with tradeoffs, which we'll go over in detail. Normally, rural, more isolated areas in the U.S. are usually only served by one internet provider, whether that's dial-up or some other connection type. These providers offer ...| Null Byte
Password cracking is the process of recovering passwords from stored data, often through techniques such as brute force attacks, dictionary attacks, and...| Null Byte