Roy M Bull

Today, I want to talk about the dangers of mobile end devices, how everything is connected, the risks they pose, as well as how they can be critically exploited by threat actors.

This article topic was inspired from a recent thread I was in where a woman’s mobile device got hacked and it led to various parts of her life being compromised in the process, putting her overall safety as well as that of her friends and family at risk! I wanted to raise more awareness and teach people how to protect their digital identity! A lot of the article will be me addressing what happened, as well as remedies I gave her to protect herself.

This is also the start of a new series that is called the “DANGER!” series, where I raise more Cyber Security awareness about critical flaws and vulnerabilities within system infrastructures, including any protocols and data communication methods, where I also talk about mitigation strategies that can be used to prevent such threats.

There will also be a LIVE demonstration for those of you who are subscribed to my patreon, to see how closely I can exploit mobile end devices in order to retrieve any and all sensitive data from the mobile end device! There will also be a step by step exploit guide walking you through the entire process as well, and how to gelocate someone’s phone and turn it into a GPS tracker!

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today I’m going to cover the ins and outs of some of the core basics on how to use the burp suite proxy server for ethical hacking. The key point of this article is to discuss the main features that are commonly used, as well as walk through on how to use them.

There will be live video demonstrations of course, but like always, that is for the PAID patreon members. I’m also going to show you how to botnet and command and control with the burp suite proxy server and how to strip any and all network traffic on a multitude of systems using it!

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today's EXCLUSIVE article, as well as for the rest of the next 2 EXCLUSIVE issues, we will be covering full in depth on the very material that I’ve provided you with in my free samples: footprinting and information gathering, scanning and enumeration, as well as attacking various systems.

For today we are going to focus on Footprinting and information gathering regarding web application systems. This will get you into the feel on how to conduct the first phase of a penetration test against a web application server

This will include a LIVE 14 min video demonstration that is ONLY for patreon members a part of the Cyber Security Tier on my patreon!.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today I want to talk about DLL/Code injection, which are forms of hooking techniques that allow an attacker to manipulate the overall function calls within a program to deliver malicious code and or shell code payloads in a covert manner to a system. I also want to explain the key difference between DLL and Code injection, as it’s commonly assumed to be one in the same. They are similar, BUT, are vastly different.

This allows us to control all the key function calls that control the windows system software wise, while also allowing us to manipulate and control key function calls that communicate directly with the hardware on the system, allowing us to control it.

This allows an attacker to bypass various forms of security, such as application firewalls for example, allowing them to exploit the system further and gain higher levels of privileges on the target system and exploit it further, extending their reach and possibly infecting more systems and the overall network infrastructure together as a whole.

I will be going over any and all function calls that are used to pull off the DLL/Code injection exploit, as well as the methodology and science behind it. Which will be available for PAID patreons only. There will also be a follow up video in the next bi-weekly issues that will feature a live programming video to demonstrate the process.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today's EXCLUSIVE article, as well as for the rest of the next 2 EXCLUSIVE issues, we will be covering full in depth on the very material that I’ve provided you with in my free samples: footprinting and information gathering, scanning and enumeration, as well as attacking various systems.

For today we are going to focus on Footprinting and information gathering regarding web application systems. This will get you into the feel on how to conduct the first phase of a penetration test against a web application server

This will include a LIVE 14 min video demonstration that is ONLY for patreon members a part of the Cyber Security Tier on my patreon!.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today we are going to be covering how to extract metadata from images, which can be used in order to find someone’s location with just a mere photo.

We are also going to go over various methods that can be used in order to wipe the metadata from any and all photos that you take.

When you upload a photo to stuff like Instagram for example, websites tend to have a process where they handle and wipe any and all metadata from the main photo image to preserve end user privacy.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Hellloooo Everyboddyyy! This is something that has been long overdue (for a month haha). WE FINALLY REACHED 500 CONNECTIONS!!!!! Couldn’t have done this without all the support form you guys: reacting to all my stuff, sharing, commencing, engaging, some of you even becoming full on patreon paid followers!

I wanted to write a special article and give out some more resources, as well as any guidance or advice I can give you that will aid you on your Cyber Security journey, specifically for offensive security and penetration testing.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

Today I want to talk about Network Security, specifically misconceptions from a few networking security methodologies that we commonly assume are fully secure in terms of defending our network infrastructures. The goal is to highlight the flaws within them, and prove a major point, one that is commonly seen in today’s Cyber Security practice, which is the over reliance on tools and or security methods. I will be talking about stuff like: MAC address filtering, port security, and even stuff like hiding SSID’s, and the various ways they could easily be bypassed, and methods that can be added or stacked to improve upon them.

This article is a part of the new Danger! Series I’m launching, which is where I raise more Cyber Security awareness about critical flaws and vulnerabilities that exist within various system infrastructures, including any protocols and data communication methods, and the Dangers of what could happen should they be exploited to the fullest extent. I also go over various mitigation strategies that can be used to prevent them as well.

Disclaimer

As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let’s begin!

- The Hacker Who Laughs 🕸🕸🎃🕸🕸

DANGER! Mobile

Foxy Proxy

Footprinting

SSO & OpenAuth

DLL/Code

ExifTool

2024 Resources 2

SSID & MAC

Cookie Hijacking

Zip2John

DANGER! Mobile

Foxy Proxy

Footprinting

SSO & OpenAuth

DLL/Code

ExifTool

2024 Resources 2

SSID & MAC

Cookie Hijacking

Zip2John

Terminal Mode

DANGER! Mobile Devices

Foxy Proxy

Footprinting RECON

SSO and OpenAuth

DLL/Code Injection

ExifTool Exploit

2024 Resources 2

SSID & MAC Filtering

Cookie Session Hijacking

Zip2John