Terminal Mode
Iโve participated in various high level complex CTF challenges, some of which landed me interviews at companies that had them as a part of their hiring process such as: โSecurity Innovationโ, โBrainnest Consultingโ, as well as โChip Scanโ. I also do a bunch of platforms like HackTheBox and TryHackMe, as well as the many 6 that are available on โCanyouhack[.]usโ which was provided by โSecurity Innovationโ. Iโm also a Pico CTF competitor, and have even done a few high level forensics challenges that involve high level cryptanalysis techniques to decipher hidden data, as well as rebuild, analyze, and compile them. All of the CTFโs Iโve participated in inspired me to create my own known as โFutabaโs Playgroundโ - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is the final tier for all of my regular patreon content that isn't apart of my mentorship tiers. THERE ARE NO LIMITED SPOTS FOR THIS! It's heavily focused on Cyber Security content and is where my main follower should subscribe if they wish to gain access to highly exclusive content. This will be one of the main tiers I invest a lot of benefits into. * You get 2 day early access to any and all non-excluisve updates before they are announced on all of my platforms! * Members of this tier will receive a more advanced version of any and all articles that are released. This means that you get access to exclusive stuff like: exploit guides, videos, including any programming videos if they are set for it that non-patreons won't get. * Members of this tier will receive 1 additional EXCLUSIVE article on top of the 2 that are set to launch bi-weekly, which will sample some of the main material that will be in my mentorship program when it launches. That way you get to see if you would like the content for it BEFORE you buy it! This includes any and all exploit videos and guides that happen to come with it! * Members of this tier will receive 1 additional EXCLUSIVE article on top of the 2 that are set to launch bi-weekly, which will sample some of the main material that will be in my mentorship program when it launches. That way you get to see if you would like the content for it BEFORE you buy it! This includes any and all exploit videos and guides that happen to come with it! * You get access to โlightโ mentorship, where you can ask me any direct questions about the material that is included in this tier. This also includes anything from the FREE material as well! If there is something that you donโt understand, simply message me via discord or LinkedIn and Iโll answer them for you. THIS DOES NOT INCLUDE THE IN DEPTH MENTORSHIP THAT WILL BE APART OF MY MAIN PROGRAM! This is another testing ground to let you see if you like my teaching style BEFORE you join my program. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
A new version of my FREE samples will be launching soon! There will be a new system, as well as a new mailing list that you will use to gain access! In order to gain access to it, you will have to review SELECTED products! If you happen to be subscribed to my patreon tier YOU get to vote on which samples get chosen each month based on a poll I will make available! * You get access to โlightโ mentorship, where you can ask me any direct questions about the material that is included in this tier. This also includes anything from the FREE material as well! If there is something that you donโt understand, simply message me via discord or LinkedIn and Iโll answer them for you. THIS DOES NOT INCLUDE THE IN DEPTH MENTORSHIP THAT WILL BE APART OF MY MAIN PROGRAM! This is another testing ground to let you see if you like my teaching style BEFORE you join my program. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
I wrote a test sample to demonstrate how ransomware targets and infects a victim system via file enumeration and disk encryption tactics such as RSA and AES encryption. For this test specifically I am only using RSA encryption. The code basically creates a directory with a series of files with a bit of sample data in them, creates crypto keys to use for the experiment, enumerates and locates all the root files in the folder, and then handles them via encrypting the files, showing you the cipher text, and then reversing the process to decrypt it in front of you. It even tests the keys by asking you to input data when it launches so that you see the program works. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
I've always wanted to have one of my rubber ducky scripts write its own code In a cool way, so I figured why not combine that with a LAN turtle. I'm even working on a version of this that acts as retro malware to disable security systems in place, allowing me to install any backdoor. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
I wrote a Man-In-The-Browser exploit that is able to sit in place via the use of exceptions to monitor and track end user browser sessions to keylog facebook credentials from the end user. I ran into a HUGE issue during trial and error with the code. Whenever the end user would clickoff off the page, the code would be unable to find the form elements, breaking the code. What I NEED it to do is, when the end user leaves the page, or should they be on the same site but the code canโt find the elements, is for the for loop to break, bringing us back to the main while loop so that the process to check for sites begins again. To get around this I set up an exception handler. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a TCP Client that I wrote that connects to a server in a listening state on a victim machine, that can check the OS and version of the system, and then install and run payloads I set based on that, even tools that I might need to pwn the system. Iโm upgrading this in the future to combine data encryption to mask my network traffic on internal networks to stay hidden for exploits. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a TCP Server that I wrote that listens on a victim machine for TCP Client side connections, so that it can interpret and handle any and all shell code commands that are sent by the botmaster. Iโm upgrading this in the future to combine data encryption to mask my network traffic on internal networks to stay hidden for exploits. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a script that I designed that solves one of โSecurity Innovationsโ first SQL injection based CTFโs. The script is able to inject a payload into the URL parameter of the web server while pre-loading a cookie session that has been assigned to it, solving the challenge, and storing the results for us in a file, in which we can parse through to check for the flag. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a custom portable CTF server that I wrote in: HTML/CSS/JS, and PHP. Further languages used are SQL for the backend of the database which is MYSQL. The server is designed to allow you to pentest wherever you are locally vs the traditional meas of having to be connected to the internet in order to engage in web application pentesting CTF challenges, allowing you to get practice wherever you are on the go. Itโs also home lab friendly and allows you to practice network penetration testing as well, and includes a variety of challenges that test a lot of your hacking methodology and skill sets. Youโre going to have to apply yourself and LEARN if you want to secure all โ11 flagsโ. You can run this challenge as either locally on your system, or on another system that you can run either directly or vm machine. This makes it more accessiible to all users. If you have nethunter you can also participate in the challenge as well from you phone if you wanted to try mobile hacking. THIS DOES RUN ON NETHUNTER AS WELL THE SAME WAY. YOU NEED TO MAKE SURE YOU ARE ROOT WHEN YOU RUN NETHUNTER SO THE SCRIPT WORKS CORRECTLY OTHERWISE IT WILL CRASH AND FAIL! - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Iโve included a safe UDP backdoor to run that only works on one system via 2 terminals. Iโve excluded the full version for safety purposes that utilizes TCP/IP in order to allow for remote data communication between said systems on the networks. Feel free to check out the SSH version. Iโve also created my own personal MITB(Man in the browser attack) program, that will launch a total โrealโ chrome browser (read the code in the description to download the module needed to run the program), which will keep track of any sites written in the code, and will log it down into a text file. For safety purposes it only tells you whether you visited the site or not. Iโve also written my own personal RSA encryption/decryption tool you can use to secure data. The program has a manual mode Iโve written that will explain how to use it. I primarily use python to program a series of low-level networking tools: Client/Servers via TCP, UDP, and SSH, HTML and flask Servers, as well as network sniffers to scan and monitor traffic on networks by sending UDP packet datagrams to wait for responses and see what machines I can talk to, as well as interacting with a variety of different network protocols. I also use python to develop: Encryption/Decryption tools, Man in the browser attack programs, mapping web applications, web brute forcing, as well as to develop trojan programs that I can update and communicate with on different systems, as well as for SQL injection attacks. Iโm learning machine learning with python at the moment, and I do also use it to develop fast GUIโs for pentesting tools using PYQT5. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is an interchangeable rubber ducky script I wrote designed to run and execute various payloads. For demonstration purposes Iโve provided a safe version of the code you can run and script onto an arduino board that utilizes a micro USB port (The arduino Keyboard library only works with those types of boards). Simply load up the arduino program and sketch โKeyboardInjectionLINUX.inoโ to the board and the sample code will run. Iโve also included a set of functions in a text file, that you can use to edit and swap out functions in the original code should you wish to. Have fun!!! - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a second build of a penetration testing app I've developed that is meant to automate a variety of the different tools I've written. The interface only includes code that has been fully tested thoroughly. Any others, feel free to browse and look at it. You won't see it in the interface but it's there in case you wish to see it. The following to look at first are: Bash_Interface.py (This is the main interface) LinuxInstall.py (Installs all needed components, including PYQ5 in case you don't have it installed. Also compatible with windows via pip installer) Installer Module.sh(Script that will install all needed compilers for Linux should you not have them installed) - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Inspired by Marcus's drone from Watch Dogs 2 and as a tribute to the series, I'm developing a penetration testing drone, it's sole purpose, to fly around capturing packet data, as well as cracking Wireless encryptions, integrating the use of a raspberry pi zero to host my UDP BackDoor Server program in order to communicate with the drone and see what's on the pi as it's flying. Think of it as a flying wifi-pineapple. When the drone boots up, the pi zero will auto login, where a set of scripts will run, starting up the UDP Server. The flight controller for the drone is built up from scratch, rather than using a pre-built one. The drone will take a series of commands from the transmitter, the controller, also built from scratch (keyboard input option available as well), and depending on the value read from the analog of the joystick module, will move the drone either: forward, backward, left, right, up down, and shifts the values of the signal values sent to the ESC's of the drone in order to move the drone accordingly, all calibrated properly. The drone is still in prototype phase, and is near completion. In the future I will be diving into how to facial recognition software, which I will build from scratch in order to build a true replica of Wrench from Watch Dogs 2, his face mask that acts as a build board, where his facial expressions are scanned by the mask in order to display a a set of emojis that show his emotions. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Today we are going to be talking about how to build a custom backdoor exploit in Python3, as well as what RCE is, including various methods to achieve it. These two techniques are your bread and butter and are what youโll be going for during a lot of pentests, CTF challenges, etc, regardless of how you go about it: SQL injection, OS command injection, remote file inclusion, etc. Itโs really all the same. If youโve ever noticed, during a lot of big hacks, one of the most common things that ALWAYS happens is that the attackers somehow discover a way to RCE the system, allowing them to gain backdoor access and formulate something called a โbotnetโ, allowing them to deliver various payloads and command and control the network. Before I dive into this, as always I want to get you up to speed on some terminology so that you understand whatโs going on. Letโs go over the main TCP/IP handshake so you understand the overall process. Disclaimer: As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let's begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Today we are going to be talking about ARP poisoning and how to poison a network. A lot of this is going to be heavy networking based, so do mind your fundamentals. I'll explain some stuff along the way. As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pentest on anyone's network unless it is your own, or you have permission to do so. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Today we are going to be covering the Shodan API and how to use it for CCTV hacking to tap into camera feeds, as well as how to gather information about various IoT gateway devices on the internet and exploit the services on them. This is also going to dive into complex topics like: port forwarding, router exploitation, the routersploit framework, the metasploit framework, as well as how the internet works under the hood. I'm not going to directly tap into a camera feed live as that's illegal (even if it's a public cam for a park), but I am going to show you how to talk to specific ports using an IP address, whether it be in numeral format or alphabetical format. It's the same process you'll be using to tap into camera feeds should you find an open port. For this demonstration, since we'll be using metasploit for it, you're going to need a Shodan premium membership to get a lifetime API key(s). Sadly, Shodan now requires you to be a premium member if you wish to use the API freely. Disclaimer As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let's begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Today I'll be covering SQL injection and advanced fuzzing and filter bypassing techniques you need to know to be a successful pen-tester. You can't avoid not knowing this as you'll see it regardless of what side you are on: blue team, if you are defending against it, or red team, if you are checking if it's a weakness in the system. As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, lets begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Today, I'm going to show you how to make your own custom LAN turtle Rubber Ducky using Arduino. This is going to simulate connecting the target system back to a server side, much like a meterpreter shell, so that we can pipe over commands on our end and control the target system. The two scripts that are going to be used are the ones from the previous article on "How to Botnet". The client side is going to be integrated with Arduino, where it will will write its own code live and connect back to the server, whereas the server side, the python script, is going to sit in a listening state on the system, waiting for the client to connect to it so it can be fed instructions from the client side to control the system. Traditionally you always want to have the server sitting on the victim system so that you can connect and interact with it, but nowadays making your back-doors peer to peer is actually best because it allows your setup to be more versatile. For safety purposes, it's just going to connect back and that's it, nothing else! The real version that is unsafe to use stays with me. Sadly, this is one of those projects that you NEED to have the right equipment for to pull off, but you can still follow along the 2 demonstration videos here. One, that shows the code being automated, and then another, of me connecting it live in front of you as proof it works. Disclaimer As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let's begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Today Iโm going to be going over Crypto malware/ransomware and how to fabricate your own for educational and study purposes. But before I start, I would like to mention as a disclaimer that I by no means condone any form of illegal behavior you might use this information for. It's STRICTLY for educational purposes ONLY. Due to the nature of how long my posts will be getting in the future I will be writing them in main news articles so I can fully flesh them out better in full detail. Link to the main article for the video and explanation is in the link below. Any and all major past content Iโve made will also be made available via my newsletter article following soon. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
SOOOOOO, as promised, here is the list of any and all resources I wanted to openly share of mine that I personally recommend and use all the time. It's a special celebration for finally reaching close to 300 connections on here. If you would like to help other people have access to HIGH QUALITY resources so they can learn, then I suggest MEGA sharing this so that connections in your network see it! - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Today we are going to talk about Social Engineering, specifically, a "man in the browser" exploit, as well as what social engineering is and how threat actors use it to exploit and leverage a system to gain access. There are various forms of social engineering, and we'll cover them all here today. Social engineering is one of the most commonly used tactics, as well as something that is known as a physical hack. As always, before we dive right into this, some terminology needs to be explained so that you can follow along with the article. Disclaimer As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let's begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Today, in order to celebrate the launching of my new website, I have a special article for today. It's going to feature the first episode of "Mr.Robot", where Elliot hacks a pedophile. We are also going to talk about the TOR Onion protocol, as well as how to bypass it. We are also going to discuss online anonymity, and how to setup and configure TOR so you can be "truly" anonymous. In order to discuss this I need to go over the 3 layers of the internet: The surface web, deep web, and dark web. Disclaimer As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pen-test on anyone's network unless it is your own, or you have permission to do so. Now, let's begin! - The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Self-Taught Cyber Security Professional with a background in Software Engineering, IT Technical Support, Security Engineering, and proficiency in Electrical engineering and Reverse Engineering. I have a love and passion for offensive security. I reverse engineer various core APIโs and technologies in order to explore and fabricate new ideas that will make my projects come to life. I use my Software Engineering skills to design custom exploits and penetration testing tools, and CTF servers that demonstrate my Security Engineering skills and ingenious ingenuity. My Electrical Engineering skills allow me to devise various custom tools such as keyboard injection exploits that manipulate the virtual keyboard API of a system in order to inject payloads and bypass security measures for security testing, some with the ability to write their own code, which I use to extend further C/C++ Win32API and LinuxAPI exploits along with python scripts. On top of being proficient in C/C++ Iโm also proficient in 13 programming languages in total, my main ones being: C/C++, Python3, Bash, SQL, HTML/CSS/JS, PHP, and of course a bit of Powershell scripting as well. My IT skills are on par with level 4 tier experience. I use my reverse engineering skills in order to deduce probable causes and solutions for technical problems. Reverse engineering is my specialty and is how I learn. Given my level of ingenuity, I was allowed to operate above my tier level and demonstrate my skill sets to the fullest and solve lots of complex technical problems at the companies that I worked at, including the infamous Pfizer Pharmaceutical company, which I have thorough documentation of in my research portfolio. My skill sets wonโt disappoint you! Check out my work and my research. I take pride in what I do as a professional hacker. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
Futaba_Webs is a new brand Iโm starting that focuses on developing a series of unique penetration testing tools with style, both software and hardware wise. I also develop and create educational resources that will help people learn how to program, as well as paint the clear pathway to the cyber security field and all itโs intricacies. The most difficult part of learning anything is knowing where to start. - The Hacker Who Laughs ๐ธ๐ธ๐๐๐ธ๐ธ
This is a custom portable CTF server that I wrote in: HTML/CSS/JS, and PHP.
The server is designed to allow you to pentest wherever you are locally vs the traditional means of having to be connected to the internet in order to engage in web application pentesting CTF challenges, allowing you to get practice wherever you are on the go.
Todayโs exploit video will feature something that has been HEAVILY requested by many of my followersโฆ BINARY injection, also known commonly as a Buffer Overflow exploit specifically for 64 bit.
Much like how SQL injection is hard to learn without proper instruction, so is binary injection. This will be for beginners.
Check out my Linkedin Business Page to see more of my content!
This is a custom portable CTF server that I made! Try it out!
Take a loot at some of my projects available on my GitHub page!
Check out some of my live hacking exploit demonstrations.
Check out some of the demo code for my Pent-Testing Tools!
I was featured on a photography platform called โYouPicโ.
Check out some of my Keyboard Injection (Rubber Ducky) Scripts.
This is a penetration testing app I'm developing!
I'm developing a drone based on WatchDogs for penetration testing!
Today we are going to be talking about how to build a custom backdoor script in Python3
Today we are going to be talking about ARP poisoning and how to poison a network.
Today we are going to be covering the Shodan API and how to use it for CCTV hacking
Today I'll be covering SQL injection and advanced fuzzing and filter bypassing
Today, I'm going to show you how to make your own custom LAN turtle Rubber Ducky
Today Iโm going to be going over Crypto malware/ransomware and how to write it
Here is a list of some of my best Cyber Security Resources for 2024 that I personally recommend
Today we are going to talk about how to perform a "man in the browser" exploit
Today we are going to cover Mr.Robot, specifically how Elliot bypassed Tor
This is a main collective of my entire Cyber Security Journey
Check out some of my Write-UPs from various CTF competitions.
I wrote a simulation of ransomware for demonstration
I made a LAN Turtle that writes it's own code! Check out the live video
Man-In-The-Browser exploit that steals Facebook credentials
This is a custom TCP Client that connects back to a TCP server
This is a custom TCP Server that listens for TCP Client Connection
This is a script that I designed to make Kali Linux more accessible!
Solves an entire CTF challenge from โSecurity Innovationโ
This is a custom version of my resume in dark mode for you to view.
This is a custom version of my resume in light mode for you to view.
This is a standard classic word version of my resume for you to view.
Cyber Security Skills
Latest Updates ๐ธ๐ธ๐๐ธ๐ธ
- The Hacker Who Laughs ๐ธ๐ธ๐๐ธ๐ธ
Click to see more! ๐ธ๐ธ๐๐ธ๐ธ
Check out the new Terminal Mode Feature that is available on my site! Control the site like never before, simulating a REAL Linux terminal experience!
Hit Shift-Alt-O for a standard shell to quickly navigate the site
Hit Shift-Alt-P for Full Screen Mode, which will provide a more immerisve Linux experience for both Cyber and Linux Enthusiasts! Standard terminal comes with it, including enhanced features for immersive!
Check out the new bundle edition that just dropped for my patreon! On top of getting access to any and all past goodies, you can download all of my latest videos!
You also get access to my master manual which covers over 100 tools, as well as full in depth examples on how to use them.
It also comes with my EXCLUSIVE 2 FULL 2 hour course on all the basics of web application penetration testing for beginners. Learn some of the BEST practical tools that will aid you in your journey!
A new version of my FREE samples will be launching soon! There will be a new system, as well as a new mailing list that you will use to gain access!
In order to gain access to it, you will have to review SELECTED products!
Each month I will rotate the free samples so you can try my content before you buy it! It won't include the FULL video, BUT, it will include a demo which you can try out. Stay tunned for more info!
