[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / edu / siberia / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / tv / twitter / tiktok ] [ GET / ref / marx / booru ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Name
Options
Subject
Comment
Flag
File
Embed
Password(For file deletion.)


File: 1608526080361-0.png (58.33 KB, 1200x1200, hacktivism.png)

File: 1608526080361-1.pdf (307.87 KB, rs1.pdf)

 

pdf on left wing hacktivism

File: 1608526080518.png (9.66 KB, 708x787, swarm.png)


tankie larping without any connection to reality

>>2936
>tankie
most hacktivism is actually anarchist, anon

>>2940
RedHack?

>>2941
exception. go look at lainchan or w/e its all anarcho transhumanists

CEH v10 full course
https://www.youtube.com/watch?v=4DQtZo3RAO0

Practical hacking course
https://www.youtube.com/watch?v=3Kq1MIfTWCE

Pastebin hackback guides
https://www.exploit-db.com/papers/41913 &lt– A DIY Guide for those without the patience to wait for whistleblowers
https://www.exploit-db.com/papers/41915 &lt– hackback A DIY Guide
https://www.exploit-db.com/papers/47682 &lt– A DIY guide to rob banks

Training grounds for first timers
https://pentesterlab.com/bootcamp &lt– web hacking and training guide
https://tryhackme.com &lt– beginner hacking courses alot free some paid, alot of handholding
https://www.hackthebox.eu/ &lt– have to hack your way in ( you can google a walkthough, boxes ranging from easy to hard 10 free boxes a week all retired boxes and networks are pay to hack
https://www.vulnhub.com/ &lt– all free download a vm to put in personal lab

If you want any more resources or idea's let me know, I'll post more.

>>2943
good post.

>>2943
very good post.

Has anyone done anything worked on any projects to get better?

>>2942
Can confirm. A lot more hacktivists (or at least skiddies) are more post-left illegalism types than MLs. But then, that's a gross generalization too, I'm sure there's a few great tankie haxxors.

>>2943
I can't even code with Python, is there even a point me trying to learn this stuff for counter-awareness (as in, I can't do it per se, but can recognise when it's being done to me and/or take precautions against)?

>>3026
sure.

File: 1608526088932.png (3.28 MB, 1000x1822, 2020-07-06 13-03-10 2.png)

>>3026
No. There's nothing useful to learn from the details of these attacks unless you are actually a programmer writing code (or the wannabe attacker).

If you are an "average" user you should instead
1) install GNU/Linux and never touch Windows ever again,
2) install Firefox and never browse the web without an ad-blocker ever again,
3) keep your software up-to-date,
4) separate your online identities (don't reuse passwords, etc.)
5) learn how to recognize phishing,
6) don't visit shady websites and download random shit.

If you are more of a sysadmin, you can start looking into "hardening" GNU/Linux and proper network administration. Even then I don't think knowing the attacks themselves is much help in defending against them.

Of course if you are just interested in it, go on and learn it.

>>3028
>sure.
>>3029
>No.

fuck.

>>3032
If you want to learn it, just learn it. You don't have to justify it.

>>3026
You don't need to be a expert coder, im sure not. that being said the pratical hacking course assumes just basic computer usage and is a good beginner guide.

If I had to pick between being a good sysadmin, or a good programmer. The sysadmin is a better background. Knowing how to build systems and how they work together is more important. especially how windows servers works, 90% of corporate systems are windows.

>>3029
I disagree far from it, knowing how attackers attack is essential for understanding how to harden, and knowing how to defend is important on how to attack and bypass security systems.


Fundamentally computer security ( or anything really) the most important part is getting started any bit of studying is better than none.

>>3170
It doesn't really, knowing how to do a ROP attack in no way helps you in turning on ASLR. For a regular user there's very little to gain from understanding the technical details of these attacks.

>>3171
for a regular user the nitty gritty isn't that important, but knowing how it works you can put settings on your system, my post was more trying to encourage >>3026 to start trying and start learning.

Has anyone practice in their personal lab yet?

bump

>>2934
Did whomever made that pdf do it in Hawaii?

>>3702
Been getting back into it yes

>>4329
Nice, I've been trying to get back into it for awhile. Anything in specifically or general pentesting.

>>4336
Been going back and trying to learn sql injection by hand, I know there's sqlmap just would like to know how to do it rather than just spamming a database.

what have you been doing?

>>4339
playing with macro malware and av bypassing.

>>4329
>Did whomever made that pdf do it in Hawaii?
what makes you think that

Mods this autist is back. Thanks for the swift clean up last time &lt3

>>4431
The timezone of it's creation was UTC-10

What's a good tool for anonymization of document files?

Does Bunkerchan have a canary set up, btw?
also are the passwords for deletion salted and hashed so they can't be used to identify different posts? with, for example, the post timestamp or post humber?

>>2943

Would you consider running a Leftypol course on how to hack?
Kind of like a book club, but more focused around hacking?

I know how to pirate books, but that's really just using software thats readily available. I want to learn how to get past paywalls, hack into emails etc

>>4496
I could do some blog posting about specific topics, but as for a club prob not, my work schedule is all over the place, almost always if you're interested in a specific topic their is a blog about it for free.

>>4498

Do some blog posting then.
As a priority for me it's:

1) Getting past paywalls, specifically things like the Economist, Financial Times, Jacobin, Catalyst, New Left Review and Tribune.
2) How to hack into individual email accounts.
3) How to not get caught and improve my security. Cause I know nothing about that

>>4495
>Does Bunkerchan have a canary set up, btw?
no and that would be a good idea

WATCH OUT FOR ANONYMOUS
HE DOES NOT FORGIVE

HE DOES NOT FORGET

File: 1608526243748.png (730.45 KB, 1366x768, Screenshot_3.png)

>>3001
you could alway start with something simple like XSS Hunter

>>4513
>1) Getting past paywalls, specifically things like the Economist, Financial Times, Jacobin, Catalyst, New Left Review and Tribune.
https://www.online-tech-tips.com/computer-tips/12-ways-to-get-past-a-paywall/

2) How to hack into individual email accounts.
https://www.phishing.org/phishing-techniques
https://getgophish.com/

3) How to not get caught and improve my security. Cause I know nothing about that
https://ssd.eff.org/en/module/your-security-plan

>>4513
>script/cookie blocker
some of those Demsucc sites require credential login, so those typical measures for evasion are quite difficult.

>don't do illegal, petty acts

don't give the feds a stupid excuse.

>the >>4565 linked resource is good, even if libby bunch.

>>2943
If anyone is keeping this post for copypasta it would be worth adding:

https://theanarchistlibrary.org/library/anonymous-novelty-of-an-overloaded-transformer &lt– Hacking The System as The Nihilist Approach to Uncaptured Insurrection

File: 1608526246424.jpg (413.07 KB, 1491x1136, htz1.jpg)

>>3170
>90% of corporate systems are windows.
Outside of client machines i have not seen this to be true in my personal experience.

>>3702
>Has anyone practice in their personal lab yet?
It is hard to emulate real world and most vms dont do it well. The only way to really practice is in the wild, anon.

>>4339
>I know there's sqlmap just would like to know how to do it rather than just spamming a database.
Big tip is to turn on verbose mode in sqlmap to easily see what is sending. this helps with types of attacks you not used to and lets be real most sqli still out there is rare your standard in-band basic-bitch vulns anymore.

>>4339
>playing with macro malware and av bypassing.
What tools are you using, anon? And do you care to tell us of your successes? I have not used a windows desktop in a long long time and it is my barrier to doing this.

>>4489
>What's a good tool for anonymization of document files?
exiftool for exif data scrubbing but this entirely depends on your use-case and threat level.

>>4496
>Would you consider running a Leftypol course on how to hack?
>Kind of like a book club, but more focused around hacking?
Not OP but i would potentially be interested in helping do with this. Keyword: Potentially.

>>4329
Did whomever made that pdf do it in Hawaii?
Big Keks.

>>4579
>What tools are you using, anon? And do you care to tell us of your successes? I have not used a windows desktop in a long long time and it is my barrier to doing this.

Luckystrike and Malicious macro msbuild are decent tools to play around with, but get picked up by AV so modifying them, even with some junk code help get past av
https://www.blackhatethicalhacking.com/tools/malicious-macro-msbuild
https://github.com/curi0usJack/luckystrike

If you need a windows env to test on you can try using virtualbox or any other hypervisor

updated and legacy verisons of windows
https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

developer machine and environment, for compiling malware and other tools.
https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/

server 2019 domain, to put this all together
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019

just use the free trials, you can reinstall or use a snapshot before first boot to revert back if you're lazy. Since 90% of business use active directory knowing both how it works and common misconfiguration is important for exploiting networks.

p.s. make sure to go into settings and turn windows defenders auto sample submission off.

File: 1608526260148.jpg (543.99 KB, 576x776, cybercom.jpg)

The Open Source Degree/Reading List in CyberSecurity

This is a reading list of books, based on the syllabuses of two degrees. You can get 80%+ of the value of a degree simply by downloading the syllabus and reading the required textbook. The next 20% is practical/labs work which you can do on your own through practical experience. Both source degrees are “National Centers of Academic Excellence” approved by the NSA, so your knowledge will at least be as much as an average glow in the dark. Gen Ed’s and any courses related to pure math, management, risk compliance etc are skipped since they are irrelevant.

Get all PDFs from libgen and other sources.

Baby Tier Knowledge

- CSEC 101: Intro to Python – Introductory Programming with python. Every hacker should know at least basic coding. BOOK: Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. You can substitute any of the dozens of books and or tutorials and or online courses on Python programming (or the basics of any common language).
https://www.youtube.com/playlist?list=PLRJdqdXieSHN0U9AdnmwD-9QcR9hmw04d

- CSEC 102: Intro to Databases – Basic SQL programming, for use on relational SQL database systems. BOOK: Sams Teach Yourself in SQL in 10 Minutes (Fourth Edition) ISBN: 0672336073. Tons of resources to go with this, such as Stanford’s introductory course on databases. https://www.youtube.com/playlist?list=PLroEs25KGvwzmvIxYHRhoGTz9w8LeXek0

- CSEC 103: Intro to Computer Networks – Basic Computer Networking. BOOK: CompTIA Network+ Study Guide (latest edition). Youtube tutorial: Professor Messer’s Network+ Training Course https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd

- CSEC 104: Intro to Operating Systems/Linux – Basic Linux Knowledge. BOOK: LPIC-1 Linux Professional Institute Certification Study Guide: Exam 101-400 and Exam 102-400 by Christine Bresnahan or CompTIA Linux+ Study Guide. Also Helpful: Linux Bible 10th Edition by Christopher Negus, Christine Bresnahan.

You should also be familiar with virtual machines at this point, using software like virtual box, and installing/using linux.

CSEC 105: Intro to Security. Obviously there should be basic knowledge of security. BOOK: CompTIA Security+ Study Guide. Youtube Tutorial: https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAy

Dimwit Tier Knowledge

- CSEC 200: Secure Programming

“Threat Modeling, Designing for Security” by Adam Shostack

- CSEC 201: Introduction to Proactive System Security

Certified Ethical Hacker (CEH) Cert Guide (latest)
GPEN GIAC Certified Penetration Tester All-in-One Exam Guide (latest)

- CSEC 202: Digital Forensics

Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson, Amelia Phillips, and Chris Steuart Paperback: 752 pages, Publisher: Course Technology; 5 edition (January 15, 2015)ISBN-10: 1285060032, ISBN-13: 978-1285060033

- CSEC 203: Information Security Engineering

Harris, S. (2012). CISSP All In One Exam Guide (6th ed.).

- CSEC 204: Modern Cyber Conflicts

Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners.
Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012

Midwit Tier Knowledge

- CSEC 300: Intermediate Networks

Data Communications and Networking 5th Edition by Behrouz A. Forouzan
CCNA Routing and Switching Complete Study Guide, Todd Lammle, Sybex, 2016, ISBN 978- 1119288282

- CSEC 301: Network Security

CCNA Security Official Cert Guide (latest)
LAN Switch Security – What Hackers Know About Your Switches by Eric Vyncke and Christopher Paggen
Router Security Strategies: Securing IP Network Traffic Planes by Gregg Schudel and David J. Smith

- CSEC 302: Intermediate Offensive Security

Engegretson, P. (2013). The Basics of Hacking and Penetration Testing (Second ed.).
Clark, B. (2013). RTFM: Red Team Field Manual (this is more of a cheat sheet/reference)
Simpson, M. T., Backman, K., & Corley, J. E. (2011). Hands-on Ethical Hacking and Network Defense (Second ed.)
Skoudis, E., & Liston, T. (2006). Counter Hack Reloaded (Second ed.)

I skipped some books on cyber-physical systems security (SCADA hacking). Please LMK if I missed anything. Also please try to use the latest available edition of any given book, if it's higher than what is stated there.

>>4643
I only have a meh thinkpad, not currently the resources for running hypervisor. thx tho. :)


Anons do you want to make a infosec collective?
I am thinking a cross between like old school #leftsec on i2p and 200X hackbloc?

>>4712
>I only have a meh thinkpad
Based

>>4704
- CSEC 101: Intro to Python – Introductory Programming with python. Every hacker should know at least basic coding. BOOK: Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. You can substitute any of the dozens of books and or tutorials and or online courses on Python programming (or the basics of any common language).
https://www.youtube.com/playlist?list=PLRJdqdXieSHN0U9AdnmwD-9QcR9hmw04d

- CSEC 102: Intro to Databases – Basic SQL programming, for use on relational SQL database systems. BOOK: Sams Teach Yourself in SQL in 10 Minutes (Fourth Edition) ISBN: 0672336073. Tons of resources to go with this, such as Stanford’s introductory course on databases. https://www.youtube.com/playlist?list=PLroEs25KGvwzmvIxYHRhoGTz9w8LeXek0

- CSEC 103: Intro to Computer Networks – Basic Computer Networking. BOOK: CompTIA Network+ Study Guide (latest edition). Youtube tutorial: Professor Messer’s Network+ Training Course https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd

- CSEC 104: Intro to Operating Systems/Linux – Basic Linux Knowledge. BOOK: LPIC-1 Linux Professional Institute Certification Study Guide: Exam 101-400 and Exam 102-400 by Christine Bresnahan or CompTIA Linux+ Study Guide. Also Helpful: Linux Bible 10th Edition by Christopher Negus, Christine Bresnahan.

You should also be familiar with virtual machines at this point, using software like virtual box, and installing/using linux.

CSEC 105: Intro to Security. Obviously there should be basic knowledge of security. BOOK: CompTIA Security+ Study Guide. Youtube Tutorial: https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAy


>“Threat Modeling, Designing for Security” by Adam Shostack

http://libgen.rs/book/index.php?md5=D45FAEFD50B7072B97628A32B63EBCAB

>Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson, Amelia Phillips, and Chris Steuart Paperback: 752 pages, Publisher: Course Technology; 5 edition (January 15, 2015)ISBN-10: 1285060032, ISBN-13: 978-1285060033

http://libgen.rs/book/index.php?md5=C3447CB408D570CD68054A7E5E20E7B8

>Harris, S. (2012). CISSP All In One Exam Guide (6th ed.).

http://libgen.rs/book/index.php?md5=9586B84A970FC181E3209D765787B9C2
[8th ed]

>Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners.

Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012
???

>Data Communications and Networking 5th Edition by Behrouz A. Forouzan

http://libgen.rs/book/index.php?md5=F90841D02431AF5010FB9CEA31665E4E [4th]

>CCNA Routing and Switching Complete Study Guide, Todd Lammle, Sybex, 2016, ISBN 978- 1119288282

http://libgen.rs/book/index.php?md5=55C5C9D3F3DED4413FB59B22CBF7EB47

>CCNA Security Official Cert Guide (latest)

http://libgen.rs/book/index.php?md5=A5863B64330931EFD2BD21A5A92D764F [2015]

>LAN Switch Security – What Hackers Know About Your Switches by Eric Vyncke and Christopher Paggen

http://libgen.rs/book/index.php?md5=81C735356FD4267FE269B578F3CB93BB

>Router Security Strategies: Securing IP Network Traffic Planes by Gregg Schudel and David J. Smith

http://libgen.rs/book/index.php?md5=70B8B62F1E07DAD41D14A4A906B6F60F

>Engegretson, P. (2013). The Basics of Hacking and Penetration Testing (Second ed.).

???

>Clark, B. (2013). RTFM: Red Team Field Manual (this is more of a cheat sheet/reference)

http://libgen.rs/book/index.php?md5=51E0448CE4F9757F6939D74508BFEE6D

>Simpson, M. T., Backman, K., & Corley, J. E. (2011). Hands-on Ethical Hacking and Network Defense (Second ed.)

http://libgen.rs/book/index.php?md5=CB0AA1E04C92DA05A1FD36A2CEE816C3 [3rd]

>Skoudis, E., & Liston, T. (2006). Counter Hack Reloaded (Second ed.)

http://libgen.rs/book/index.php?md5=E86552E60B0708BAB56C0AD6C790152B

>>4714
>Engegretson, P. (2013). The Basics of Hacking and Penetration Testing

this is that

http://libgen.rs/book/index.php?md5=F9EDC62C559F1C3D610348C55157A969

>>4714
also this:
http://libgen.rs/book/index.php?md5=3A1A8BEEB074DF75F7F577D54B5719F0

is
>Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners.

>>4714
>Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012
PDF request for this, book details the history of cyber warfare. Hard to find pdf

also request tutorial, pdf, or youtube tut on how to make a cyber range/pen testing lab


>>4720
local lab
https://resources.infosecinstitute.com/how-to-make-your-own-penetration-testing-lab/

remote lab ( other lab )
https://www.hackthebox.eu/
https://tryhackme.com/
https://www.cyberseclabs.co.uk/

There was this big russian lab, like an actual AD network with 11 machines you had to piviot, if I can find it ill post it

I also recommend looking at walkthoughs of machines and taking notes if your a beginner and still learning, that's what I've been doing.

Why is this guy so based?!

>DEF CON Safe Mode - Christopher Wade - Beyond Root

https://youtu.be/aLe-xW-Ws4c?list=PL9fPq3eQfaaBk9DFnyJRpxPi8Lz1n7cFv

>>2934
Are botnets communism
?

>>4730
Skid shit, do CTFS and find/exploit n-days (not just downloading from metasploit)
By far the best ctf wargame for linux systems: https://pwnable.tw/
More newbie friendly game: https://www.microcorruption.com

Project Zero is an amazing resource as well for finding targets you may be interested in attacking: https://googleprojectzero.blogspot.com/
https://bugs.chromium.org/p/project-zero/issues/list

>>5115
Also word of warning that every public target in the last ten years has become FUCKING HARD to exploit

bump

>>5115
>Skid shit,
bs. your little games are as skiddy as ops little games.
Learn in the wild or gtfo.

>>2943
>CEH v10 full course
https://www.youtube.com/watch?v=4DQtZo3RAO0
been following this course and it's decent

>>4576
>>2943
>>2934
This entire thread is gay and OP is a giant faggot for posting it. I might even go as far as to say he is a fedposter.
In fact, this hacktivist shit is retarded fedposting. Look at all the shit Jeremy Hammond put himself through, and also Snowden, Manning and Assange. Anyone worth their salt knew about mass NSA surveillance that they exposed LONG BEFORE official documents were published/leaked. Look up Jam ECHELON Day ffs. You want to feed more young impressionable college students into the criminal-justice meatgrinder? Literal professional spies have been caught, and you think you will do better?
What happened to Hammond was him literally asking for it: He has a track record of being a retarded smashie since the early 2000s, and Lulzsec/Antisec were running on publicly accessible IRC servers WITH NO AUTHENTICATION OR ANY VETTING. They also let in fucked-in-the-head megalomaniacs like Laurelai Bailey who posted dox on the entire crew, and consequently Sabu turned snitch, with Hammond getting ten years, and Commander X going innawoods in Canada. Smashie shit has no long-term perspective, and they literally just spent themselves like retarded coomers. Wasted lives all around that chapter.
Assange's involvement with Manning was retarded but important enough to expose the plans of the globalist neoliberals with the diplomatic cables. Snowden was just the cherry on top concerning the NSA/Military/Industrial/Contracting complex. Insofar as he redpilled normies on surveillance, most of those fuckers don't really care, and just get on with their lives and consoom more product off Amazon and happily trade their security and lives in for immediate convenience. All their lives, effort and skills wasted.
>So what am I supposed to do?
Two words: "something constructive"
Your job should be learning how choose the right characteristics of computer and how to harden your computer against access by corporate and state actors, and then apply them religiously. The various /g/ boards have info on how to do this, as well as any jinteki.industries mirror and especially this guy:
https://digdeeper.neocities.org/
https://digdeeper.neocities.org/ghost/botnet.html
and this guy:
http://tripcodeq7.xyz/8/8.html
and his youtube channel.
This means an old-model 2005-2012 thinkpad (not all will work, do pay attention) and learning how Linux works, from basic utils to the kernel. Learn to use it from the shell, and how to access system calls. Then basic webdev/scripting to understand web vulnerabilites and then learn how to flash its bios to eliminate the IME/hardware whitelists. This will enable you to use whatever wifi adapter you want to deal with hardware fingerprinting.
IMO don't even begin unless you have at least 3-4 trannybooted xx00-series thinkpads with either gentoo, trisquel, arch or heads, and know how to flash new MAC addresses and know how to use aircrack-ng/airsnort and know basic tradecraft. None of you are Snowden, and are out of your respective depths compared to him, and he had intelligence training.
The next thing to do is learning how to use and build/maintain encrypted infrastructure like the original cypherpunks.
This means religious use and in-depth knowledge of public-key encryption, PGP encryption of mailing, rolling your own proxy, Tor, i2p, the works, and also making sure that you are changing your browsing habits. This means no "fun" on those laptops, either: packet inspection to browsing habits are easy fingerprints, and I can assure you that any person who has accessed torproject.org, a chan, or a booru EVER is on a list. That means YOU right now. This is your fair warning: never mix business and pleasure, so you don't get doxed or framed. The FBI is the biggest purveyor of cp for a reason.
Then the next thing to do is to make sure that your work that you are doing is positive: you should be figuring out how to build computer networks for rural areas and co-ops using AX.25 packet radio for starters, and even using SDR modules to build computer network nodes and links that are beyond corporate control. The point is to build usable people-based alternatives to corporate-owned and administrated technology so that you are no longer beholden to them. Once you can find an ISP that can peer with you, you can create dead zones in the corporate surveillance network. Then you go out and evangelize this to people who also would like this: there are plenty of old curmudgeonly paranoid boomers who would like to join this if given the chance.
The point is to have a constructive program towards a usable alternative to capitalism, not merely sabotage it. Hacktivism doesn't do that, and in light of recent events, it is a fool's errand.

>>5854
>and then apply them religiously
This is where I fuck up, but doing anything at all to stop exposing myself to the botnet is better than nothing… right?

>>2934
>>5856
>doing anything at all to stop exposing myself to the botnet is better than nothing
Either do it all or don't bother. This means a totally libre software stack from bios to apps, connecting to the internet through a VPN that accepts crypto, preferably Monero. Also, you will have to connect from somewhere that isn't connected to a surveilled isp that has your name on it, preferably from some chain restaurant or public library. In a pinch, an ethernet hardline will work from your university if they still haven't removed that yet, but that is pushing it. They mostly omit auth on that, but you don't want to be anywhere near that when they come to call.

>>5857
>connecting to the internet through a VPN that accepts crypto, preferably Monero
Is this really necessary? VPNs can't be trusted more or less than ISPs.

>>5857
>>5854
>you either use a modern intel cpu with windows and google chrome or a librebooted old computer with tails and tor browser through a no logs(tm) vpn, absolutely no in betweens
come on now

>>5859
>>5858
>Is this really necessary? VPNs can't be trusted more or less than ISPs.
That is why you build your own lol. I'll leave how to do so up to your own imagination. The one clue I will give you is this: learn how to set up diy reverse tunnels and use sbcs, and also learn how to use different radio technologies.
>>5859
>come on now
Either go big or go home

>>5874
>Either go big or go home
I agree but not everyone can do this, sadly.

>>5859
VPNs are retarded for hacking. use tor and your own proxies.

>>5116
False.

>>5854
Ignore this fed.

>>5875
>I agree but not everyone can do this, sadly.
Why? Cam only learn!

>>5115
What kinda programming knowledge/languages do you need to play these games? Do you use python for them or something?

>>5858
>>6026
>Ignore this fed.
Lol at this smashie. Enjoy getting tortured at some CIA blacksite to expose shit that we already know you retard.

>>6030
Nah, you're usually just running tools and simple bash commands.

>>6101
Except i aint gon to jail yet no matter how many times my doors been kicked in, so do fuck off, armchair.

>>6141
>Except i aint gon to jail yet no matter how many times my doors been kicked in, so do fuck off, armchair.
Suicidal motherfucker, ain't you? Go larp as Johnny Silverhand somewhere else.

>>6144
Why isn't PhinPhisher in jail? why aint the thousands of carder kids in jail? why aint the kids rootin boxes for lulz in jail? you are delusional or you glow.

>>6153
Since they are not Bunkerchan users, they can actually use their brains.

>>6153
whonix, opsec, actual skill.

>>6153
>Why isn't PhinPhisher in jail? why aint the thousands of carder kids in jail? why aint the kids rootin boxes for lulz in jail? you are delusional or you glow.
This isn't the point. There are enough both political and technological solutions to neutralize you:
https://crimethinc.com/2018/06/05/hackback-talking-with-phineas-fisher-hacking-as-direct-action-against-the-surveillance-state
>In May 2016, after watching the documentary “Ciutat Morta,” Phineas thought about trying a simple attack on the Catalan Police Forces. Ciutat Morta is a film about the 4F case, a famous case in the history of the Spanish state in which repressive forces tortured and imprisoned several young people from South America as an act of revenge after a policeman was put into a coma by the impact of a stone following a police charge in downtown Barcelona.

>As a result of this new hacking action, using a well-known vulnerability, Phineas defaced the website of the union of the Catalan police with an ironic manifesto declaring that the organization “was refounded as a union in favor of human rights.” A data dump with personal details of some 5000 police accounts appeared, along with a 40-minute video tutorial on the techniques used in the hack.


>Shortly afterwards, the police carried out several raids on social centers and hacklabs in Barcelona, then claimed to have caught the famous hacker. Only hours later, journalists reported that the same person had contacted them to say that “he was alive and well” and that the police forces had only imprisoned a scapegoat who happened to have retweeted the info in the dumps.

The point isn't that he wasn't arrested and still tweeting. The point is, nobody knows who he truly was, and that because of this, the police could say they got him and that it is only a copycat or confederate tweeting. In the meantime, the arrestee is held in indefinite pre-trial detention in the vein of Assange until he gives up and agrees to confess that he did it or get his friends framed or some other shit. Phineas is free only because some other idiot is taking the heat for him, and terrorism and pedoshit will get anything justified nowadays. You are a faggot who simply wants to provoke police terrorism and get kids fed to cops.
Also
>rooting boxes for lulz
Don't think for a second that they haven't been trapped and tagged. Who's to say that your VPN isn't feeding your traffic on the side to the NSA? The FSB? The PLA? or the Mossad? You can also forget about using the Tor network, either as a user or as a host: The Naval Research Laboratory has documented a structural vulnerability to the tor, the "Sniper Attack":
http://www.nrl.navy.mil/itd/chacs/biblio/sniper-attack-anonymously-deanonymizing-and-disabling-tor-network
Further info from Nachash's 2600 article:
https://rmusser.net/docs/Rants&Writeups/Opsec_rant2-nachash.html
Nobody's becoming your idiot martyr here.

>>6220
So we shouldn't do anything because the corps and the State are going to use someone else as a meat shield? This is cuck reasoning, same garbage you see some idiots bring up when the topic is stuff like looting, shoplifting, or even regular rioting.

>>6224
You can do far more outside of prison than inside it.
Also
>cuck reasoning
How stupid do you think we are? You have no power here.

>>6246
Just don't get caught. :^)

bump

>>6220
if you are using vpn or tor, no rank and file nsa agent is going to be following you.
you must have already done something other than posting online or shoplifting for the feds to bother enough to pay someone to track you, specificallyak-47AK-47

>>6220
im not clicking on that .mil link

TOR deanonymization is high effort and would probably take the NSA 1-2 months even with extreme motivation to get someone like Osama or w/e. doubt the skids have anything to worry about

>>6220
plus the "sniper attack" is literally just ddosing tor exit nodes you don't own so theres a higher chance of directing to nodes you do own. again, this isnt reliable and also it requires you to degrade the performance of the whole tor network

bump

bump

>>4719
this looks interesting

>>3029
mike is gay

>>6427
It also implies that the person your trying to identify isn't using ssl.

>>9559
No U

>>9600
What's everyone's opinion on kirtaner going full anarcho-hackerman and hacking myanmar, parlor, etc.
https://www.youtube.com/channel/UC-igeMJ4Azc1HgRqeK4Rn-QpunkPunk

>>9655
who ?

>>9666
admin of 420chan and one of the original og anon's during chanology.

>>9655
based and red

>>9655
based

bump

File: 1631724544205.jpeg (80.37 KB, 1280x719, (me).jpeg)

>there are other ‘Red Swarm’ manuals

>>11574
AFAIK It was a planned series that never got beyond book 1

Is there anyone here that would contribute to a zine?

>>11597
depends what about. hacking i guess?

>>3026
I know this post is old as fuck, but if you're still interested: basic programming, especially in python, is way easier than it may seem from the outside. Just read "automate the boring stuff with python" and you'll be good to go in like two weeks or so of afternoon study.

Cool little blog on kernel stuff
https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/

>>11599
Yes. Thought its be nice to drive revolutionary interests into the scene.


Any updates? Idea's for a group project?

>>12537
>Any updates? Idea's for a group project?
We should start an IRC channel. A space to actually organize projects and infrastructure. I recomend libera.chat, how about #redtech?

>>3029

> install Firefox


get that insecure shit outta here

https://madaidans-insecurities.github.io/firefox-chromium.html

>>12538

I too agree, but who should make the channel?

>>12553
irc.libera.chat #redtech I have made it. :)
>>12552
Stop being a dumb faggot. All browsers are insecure.

>>12556
you should make a matrix channel, there's already a leftpol community there.

>>12557
>you should make a matrix channel, there's already a leftpol '"community"' there.
If i thought matrix was a not shit idea it's what I would have recommended, anon.
I have been to the leftypol matrix, with this I am interested in doing some things, not hanging around with a bunch of lonelies desperately trying to find a faximiie of community and disruptive shitposters.

>>12558
irc is dead, boomer. Get with the times.

>>12559
It's not dead among hackers.

>>12559
I'm a Matrix advocate and your post is stupid.

>>12558
>I have been to the leftypol matrix, with this I am interested in doing some things, not hanging around with a bunch of lonelies desperately trying to find a faximiie of community and disruptive shitposters.
no one wants to download/install irc though but whatever just b urself

File: 1639759620891.jpg (44.58 KB, 680x382, ab0[1].jpg)

>>12559
>he doesn't know jabber or onion irc

>>3014
>Can confirm. A lot more hacktivists (or at least skiddies) are more post-left illegalism types than MLs. But then, that's a gross generalization too, I'm sure there's a few great tankie haxxors.
Marxist-Leninists place a tremendous emphasis on meeting people where they at and attaching themselves to popular struggle, building a mass movement through the good deeds of working with others. The emphasis is on building a movement through material means. Hacktivism is just a grouping of related tricks and tactics conducive in bringing down information systems, but these tactics are not conducive in building a mass movement. It's like talking about the use of rifles as if they alone, without theory and material analysis, would be capable of bringing about communism.

>>3026
>>3029
Both of these posts completely miss the point of building a mass movement. The technology you use DOES NOT MATTER. "The Capitalists will sell us the rope that we will hang them with." - Lenin
THIS BEING SAID:
Use whatever technology is useful for whatever direct action is necessary, but seriously do not overthink this shit. Revolutionary orgs will use Signal or PGP or ProtonMail but I guarantee none of them are such fucking nerds that they would demand their members use GNU/Linux and learn proper network administration.

>>12571
would a modern maoist style peoples war utilize cyberwarfare and then have a cyber war unit?

+1 on matrix channel.

nobody wants to use jabber mucs or ircs.

matrix is easier to use and safer

>>12574
Yes, definitely. Especially as we have to reorient more and more into an increasingly urbanized environment.
>At the turn of the 20th century, just 15% of the world population lived in cities. According to the UN, the year 2007 witnessed the turning point when more than 50% of the world population were living in cities, for the first time in human history.

>>12566
no one wants to download/install matrix though but whatever just b urself
>>12574
>would a modern maoist style peoples war utilize cyberwarfare and then have a cyber war unit?
I imagine so, yes. It is a form of action that has become integrated with the wider bag of tricks we are used to.
>>12597
>matrix is easier to use
false
>and safer
false
Why are you lying though?

>>12602

Take a step back from your perspective as someone whose been using IRC for 20 years and think about the average person (even the average technically apt person).

Matrix is easier to use than IRC, like objectively.

And yes, it is safer. Not the perfect security tech, but its better than the… lets see… NO ENCRYPTION and no security that IRC offers.

>>12610
>all IRC is clear text
Many IRC servers allow connecting over SSL/TLS on port 6697. Authentication may be done using nickserv, optionally using SASL. For reference see https://freenode.com/kb/all for reference.
There is also work being done on a decentralized chat protocol with strong encryption resembling a subset of IRC http://pest.bitdash.io/

>>12611
TLS is very weak in comparison to the encryption on secured Matrix rooms. The older chat protocol that is up to par with Matrix on this is XMPP with specifically OMEMO, but IRC with TLS is way weaker to be quite clear.

>>12610
element is kinda janky, and the matrix bullshit about your keys every time you log out basically makes it impossible to have multiple accounts (tho i think i saw a thing that advertized u could be logged in to multiple acconts at the same, time, idk if nheko or some cli matrix bullshit)
i used to use it n got all my anarchist friends to use it, but its just not that great

i use xmpp now p much exclusively and i dont get the hype of matrix when this shit has existed forever lmao. Shit's more polished (not shiny, but works well and is stable), and you can use it over tor easily so wtf matrix??

the only thing is that omemo might not work in mucs? or is difficult at least? idk

>>12612
can u do omemo in group chats?

File: 1644965129528.png (461.36 KB, 800x388, ClipboardImage.png)

https://www.vice.com/en/article/k7wpax/freedom-convoy-givesendgo-donors-leaked?utm_source=reddit.com

>Early last week TechCrunch revealed that security researchers had discovered 50GB of unsecured GiveSendGo data including scans of passports and driver’s licenses. The crowdfunding platform said it fixed the issue, but the Daily Dot reported Thursday that the data was still accessible.


Fucking lol

>>5854
I think a lot of what you said here is interesting and a good injection of reality into this thread. A few comments
>https://digdeeper.neocities.org/
He's ok I think, I think I read his blog on "freetardism" which left a bad taste in my mouth, because it was stupid. Only other problem is that we have no idea who he is and whether his cybersecurity background is. Looking at his stuff now most of it seems to be informed, detailed, and mostly not cringe.
>tripcodeq7
Based.
>IMO don't even begin unless you have at least 3-4 transhumanistbooted xx00-series thinkpads with either gentoo, trisquel, arch or heads, and know how to flash new MAC addresses and know how to use aircrack-ng/airsnort and know basic tradecraft.
Libreboot with "insert le epic super duper hard linux distro here" may be going a bit far in terms of baseline (speaking as a libreboot user), but the overall point is valid because all modern computers have hardware vulnerabilities in the IME and starting to switch over to linux generally is valid (but you don't need to use, literally mint or ubuntu is fine to start and then work your way up to a more hardened system, whoonix, tails, trisquel, whatever.). If anyone is interested in libreboot/old thinkpad stuff, start here:
https://thonkpeasant.xyz
https://vid.puffyan.us/watch?v=Fs4GjDiOie8&autoplay=0&continue=0&dark_mode=true&listen=0&local=1&loop=0&nojs=0&player_style=youtube&quality=dash&thin_mode=false
You can also just buy one on ebay but the prices have gone up in the past little while.

File: 1646771931996.png (225.34 KB, 326x643, jobhereisdone.png)

>>5854
"yeah bro the nation state is omnipotent, there's nothing you can do, so anyways just mindlessly fetishize cryptography and proxying and LARP as cypherpunk. btw i hate trans people" thanks, i guess

>>12556
holy shit libera is the worst
>ur using tor, go to this page to see how to connect over tor
>you have to use sasl with a cert
>"to use saslt you have to register with NickServ"
>to register with nickserv you have to connect
>to connect over tor you should probably use tls
>to use sasl external you MUST connect over tls
>there are two ports you can use to connect to the onion, 6667 and 6697 (corresponding to plaintext and tls)
>try connecting using onion w/ cert over the tls port
>instantly disconnected, no message even like over plaintext

wtf is is libera, jesus christ
im gonna have to set up rdp just to log in because it REQUIRES a clearnet IP linked to you to connect to its servers

Can anyone tell me: is that irc even used, or is it totally dead? please please save me some time

>>18169
It's pretty active, and I understand your pain. I just connect to it using Matrix, the bridge works perfectly.

>>12553
does this channel still exist?

>>2936
bruh why do random ass posters just be shittin on any and all praxis as ULTRA/TANKIE LARPING!1!!!!11!! thats actually bad for the movement

File: 1678812370380.png (1.23 MB, 800x600, ClipboardImage.png)

>>18564
bruh this thread as over 100 posts and not a single thing has been done, sure some information has been exchanged but you all were not even able to set up an communication channel which is the simplest most basic thing to even think about group hacktivism.

If people are serious there are various IRC servers with .onions but people here are clearly not serious. they like the idea of hacktivism, the nostalgia of anonops perhaps, not the reality of doing the work.

>>18806

Which IRC servers you recommend?

>>18817
NTA, but i looked into irc and there are several lightweight, relatively simple to configure daemons.
For something like this you could host a tor hidden service at home. Such a setup is vulnerable to traffic correlation with your regular internet activity if you don't set bandwith caps on everything, but personally i think paying for a server is a far greater liability.

>>18818
can you explain why paying for a server is more of a liability? assuming you're paying anonymously and with monero over tor

>>18828
Third parties, contracts, loss of control, federal law, and a whole lotta other shit.

>>18818
I agree, for good measure I would connect it to a cracked wifi point too.

>>18817
other leftypol has a tor accessible irc server.
anarchyplanet.org has a irc accessible tor server and like everything anarchyplanet project (a.nti.social, theanarchistlibrary.org, anarchistnews.org, etc) has an .onion address.

>>18829
contracts aren't a thing for any servers i've rented, you just pay and get access. They ask for PII but you just feed fake shit… on the other points, its basically one point? That the company owns the computer and can see everything that goes on in the server on it. That's fair, but isn't it best practice anyways to not say anything personally incriminating and assume you're being watched, because you don't know who other anons are or if they'll snitch eventually? So it's not like much is lost there. If they decide to take a chat down, we have backup communication here on leftypol and could just spin up another server. Subpeonas typically take a while to serve too if the gov was really involved, so it would be more of a cat and mouse thing than crippling to communication. Not that we'd get that kind of attention most likely. And encrypted communication is always better.

But fr i dont think those worries are well-founded

>>12552
This link was last updated a year ago. Are these Firefox exploits still relevant?


>>18833
if only more people did what this pic shows

>>18939
Cameras around me are often dome.
Have good starts against these?

Protip: networked camera if u can access are a good way in to a commercial network from the outside that is underutilized. Some are even powered over Ethernet (ppoe).

File: 1679848206060.jpeg (1.32 MB, 2304x4096, DYK-w-HXUAAngq4.jpeg)

anyone got more of these civil disobedience infographics targeted for the man on the street?

>>19030
spraypaint.

>>19031
I have an old small print radical graffiti book that had this in as well as a few other things, i will look for it.
I had this idea of making stencils to do graffiti that goes around ATM machines i would like to do, like anti capitalist agitprop above the part the money comes from or between the letters, which i think could be quite cool and will only require taking measurements of a machine.
>>19032
>>19046
Yea, I was thinking more long-term Is there anything that if sprayed on to the plastic dome would melt or deform the plastic a little, enough to ruin the image probably?
There has to be some methods we can brainstorm and test between us.

>>18806
That being said, I was thinking about running a CryptBB forum but for leftist (as pretty much all leak forums are filled with the worst of the worst). Would only serve it over I2p, maybe for.

>>21801
You need to give out keys/accounts to people for them to access the forum. Unless you do it in-person, you still have to trust strangers on the internet. Giving people IRL accounts with a number of invites is one way of building a semi-trusted forum, as long as every person giving out invites takes good care in choosing who they invite.

>>18806
>bruh this thread as over 100 posts and not a single thing has been done
lol imagine people would post shit here if they did anything so the glow in the darks can van them faster

>>18806
Yes, officer. My favorite website to discuss all the leftist hactivism I do is www.iadmitttocommittingacrime.com

File: 1696360054251.jpeg (17.24 KB, 479x267, Fw7WaQhXoAAMKsc.jpeg)

Ok anons, here's a subject we should discuss without glowing all over ourselves: What would you recommend a third year CS uni student (not me btw) to get on to the path of becoming le hackermmanzz? Is knowing a lot about Computer Networking useful? Cause I've put a lot of focus points into that as of late…

>>21808
1 - take a networking class if your university cs program has one as an elective
2 - You usually cant get into hacking right away, usually that happens after being a cybersecurity analyst or something first.
3 - Certifications: You have to get some cybersecurity (and possibly general IT) certifications. OSCP is a good one. You have to do your own research here as there are a ton of cybersec certifications and there are new ones being made. Try to focus on the ones you see most commonly in job postings

>>21809
addendum: you probably need to learn scripting/coding to an extent as well, usually bash/linux shell and python

>>19031
>>19054
https://theanarchistlibrary.org/library/crimethinc-recipes-for-disaster
kind of a grab bag of different stuff, but includes a lot of public propaganda stuff


Unique IPs: 36

[Return][Go to top] [Catalog] | [Home][Post a Reply]
Delete Post [ ]
[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / edu / siberia / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / tv / twitter / tiktok ] [ GET / ref / marx / booru ]