No.2936
tankie larping without any connection to reality
No.2940
>>2936>tankiemost hacktivism is actually anarchist, anon
No.2942
>>2941exception. go look at lainchan or w/e its all anarcho transhumanists
No.2943
CEH v10 full course
https://www.youtube.com/watch?v=4DQtZo3RAO0Practical hacking course
https://www.youtube.com/watch?v=3Kq1MIfTWCEPastebin hackback guides
https://www.exploit-db.com/papers/41913 <– A DIY Guide for those without the patience to wait for whistleblowers
https://www.exploit-db.com/papers/41915 <– hackback A DIY Guide
https://www.exploit-db.com/papers/47682 <– A DIY guide to rob banks
Training grounds for first timers
https://pentesterlab.com/bootcamp <– web hacking and training guide
https://tryhackme.com <– beginner hacking courses alot free some paid, alot of handholding
https://www.hackthebox.eu/ <– have to hack your way in ( you can google a walkthough, boxes ranging from easy to hard 10 free boxes a week all retired boxes and networks are pay to hack
https://www.vulnhub.com/ <– all free download a vm to put in personal lab
If you want any more resources or idea's let me know, I'll post more.
No.3001
Has anyone done anything worked on any projects to get better?
No.3014
>>2942Can confirm. A lot more hacktivists (or at least skiddies) are more post-left illegalism types than MLs. But then, that's a gross generalization too, I'm sure there's a few great tankie haxxors.
No.3026
>>2943I can't even code with Python, is there even a point me trying to learn this stuff for counter-awareness (as in, I can't do it per se, but can recognise when it's being done to me and/or take precautions against)?
No.3029
>>3026No. There's nothing useful to learn from the details of these attacks unless you are actually a programmer writing code (or the wannabe attacker).
If you are an "average" user you should instead
1) install GNU/Linux and never touch Windows ever again,
2) install Firefox and never browse the web without an ad-blocker ever again,
3) keep your software up-to-date,
4) separate your online identities (don't reuse passwords, etc.)
5) learn how to recognize phishing,
6) don't visit shady websites and download random shit.
If you are more of a sysadmin, you can start looking into "hardening" GNU/Linux and proper network administration. Even then I don't think knowing the attacks themselves is much help in defending against them.
Of course if you are just interested in it, go on and learn it.
No.3167
>>3032If you want to learn it, just learn it. You don't have to justify it.
No.3170
>>3026You don't need to be a expert coder, im sure not. that being said the pratical hacking course assumes just basic computer usage and is a good beginner guide.
If I had to pick between being a good sysadmin, or a good programmer. The sysadmin is a better background. Knowing how to build systems and how they work together is more important. especially how windows servers works, 90% of corporate systems are windows.
>>3029I disagree far from it, knowing how attackers attack is essential for understanding how to harden, and knowing how to defend is important on how to attack and bypass security systems.
Fundamentally computer security ( or anything really) the most important part is getting started any bit of studying is better than none.
No.3171
>>3170It doesn't really, knowing how to do a ROP attack in no way helps you in turning on ASLR. For a regular user there's very little to gain from understanding the technical details of these attacks.
No.3256
>>3171for a regular user the nitty gritty isn't that important, but knowing how it works you can put settings on your system, my post was more trying to encourage
>>3026 to start trying and start learning.
No.3702
Has anyone practice in their personal lab yet?
No.4278
bump
No.4329
>>2934Did whomever made that pdf do it in Hawaii?
>>3702Been getting back into it yes
No.4336
>>4329Nice, I've been trying to get back into it for awhile. Anything in specifically or general pentesting.
No.4339
>>4336Been going back and trying to learn sql injection by hand, I know there's sqlmap just would like to know how to do it rather than just spamming a database.
what have you been doing?
No.4393
>>4339playing with macro malware and av bypassing.
No.4431
>>4329>Did whomever made that pdf do it in Hawaii? what makes you think that
No.4437
Mods this autist is back. Thanks for the swift clean up last time <3
No.4468
>>4431The timezone of it's creation was UTC-10
No.4489
What's a good tool for anonymization of document files?
No.4495
Does Bunkerchan have a canary set up, btw?
also are the passwords for deletion salted and hashed so they can't be used to identify different posts? with, for example, the post timestamp or post humber?
No.4496
>>2943Would you consider running a Leftypol course on how to hack?
Kind of like a book club, but more focused around hacking?
I know how to pirate books, but that's really just using software thats readily available. I want to learn how to get past paywalls, hack into emails etc
No.4498
>>4496I could do some blog posting about specific topics, but as for a club prob not, my work schedule is all over the place, almost always if you're interested in a specific topic their is a blog about it for free.
No.4513
>>4498Do some blog posting then.
As a priority for me it's:
1) Getting past paywalls, specifically things like the Economist, Financial Times, Jacobin, Catalyst, New Left Review and Tribune.
2) How to hack into individual email accounts.
3) How to not get caught and improve my security. Cause I know nothing about that
No.4523
>>4495>Does Bunkerchan have a canary set up, btw?no and that would be a good idea
No.4528
WATCH OUT FOR ANONYMOUS
HE DOES NOT FORGIVE
No.4543
HE DOES NOT FORGET
No.4565
>>4513>1) Getting past paywalls, specifically things like the Economist, Financial Times, Jacobin, Catalyst, New Left Review and Tribune.https://www.online-tech-tips.com/computer-tips/12-ways-to-get-past-a-paywall/2) How to hack into individual email accounts.
https://www.phishing.org/phishing-techniqueshttps://getgophish.com/3) How to not get caught and improve my security. Cause I know nothing about that
https://ssd.eff.org/en/module/your-security-plan No.4576
>>4513>script/cookie blockersome of those Demsucc sites require credential login, so those typical measures for evasion are quite difficult.
>don't do illegal, petty actsdon't give the feds a stupid excuse.
>the >>4565 linked resource is good, even if libby bunch. No.4578
>>2943If anyone is keeping this post for copypasta it would be worth adding:
https://theanarchistlibrary.org/library/anonymous-novelty-of-an-overloaded-transformer <– Hacking The System as The Nihilist Approach to Uncaptured Insurrection
No.4579
>>3170>90% of corporate systems are windows. Outside of client machines i have not seen this to be true in my personal experience.
>>3702>Has anyone practice in their personal lab yet?It is hard to emulate real world and most vms dont do it well. The only way to really practice is in the wild, anon.
>>4339>I know there's sqlmap just would like to know how to do it rather than just spamming a database.Big tip is to turn on verbose mode in sqlmap to easily see what is sending. this helps with types of attacks you not used to and lets be real most sqli still out there is rare your standard in-band basic-bitch vulns anymore.
>>4339>playing with macro malware and av bypassing.What tools are you using, anon? And do you care to tell us of your successes? I have not used a windows desktop in a long long time and it is my barrier to doing this.
>>4489>What's a good tool for anonymization of document files?exiftool for exif data scrubbing but this entirely depends on your use-case and threat level.
>>4496>Would you consider running a Leftypol course on how to hack?>Kind of like a book club, but more focused around hacking?Not OP but i would potentially be interested in helping do with this. Keyword: Potentially.
>>4329Did whomever made that pdf do it in Hawaii?
Big Keks.
No.4643
>>4579>What tools are you using, anon? And do you care to tell us of your successes? I have not used a windows desktop in a long long time and it is my barrier to doing this.Luckystrike and Malicious macro msbuild are decent tools to play around with, but get picked up by AV so modifying them, even with some junk code help get past av
https://www.blackhatethicalhacking.com/tools/malicious-macro-msbuildhttps://github.com/curi0usJack/luckystrikeIf you need a windows env to test on you can try using virtualbox or any other hypervisor
updated and legacy verisons of windows
https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/developer machine and environment, for compiling malware and other tools.
https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/server 2019 domain, to put this all together
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019just use the free trials, you can reinstall or use a snapshot before first boot to revert back if you're lazy. Since 90% of business use active directory knowing both how it works and common misconfiguration is important for exploiting networks.
p.s. make sure to go into settings and turn windows defenders auto sample submission off.
No.4704
The Open Source Degree/Reading List in CyberSecurity
This is a reading list of books, based on the syllabuses of two degrees. You can get 80%+ of the value of a degree simply by downloading the syllabus and reading the required textbook. The next 20% is practical/labs work which you can do on your own through practical experience. Both source degrees are “National Centers of Academic Excellence” approved by the NSA, so your knowledge will at least be as much as an average glow in the dark. Gen Ed’s and any courses related to pure math, management, risk compliance etc are skipped since they are irrelevant.
Get all PDFs from libgen and other sources.
Baby Tier Knowledge
- CSEC 101: Intro to Python – Introductory Programming with python. Every hacker should know at least basic coding. BOOK: Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. You can substitute any of the dozens of books and or tutorials and or online courses on Python programming (or the basics of any common language).
https://www.youtube.com/playlist?list=PLRJdqdXieSHN0U9AdnmwD-9QcR9hmw04d- CSEC 102: Intro to Databases – Basic SQL programming, for use on relational SQL database systems. BOOK: Sams Teach Yourself in SQL in 10 Minutes (Fourth Edition) ISBN: 0672336073. Tons of resources to go with this, such as Stanford’s introductory course on databases.
https://www.youtube.com/playlist?list=PLroEs25KGvwzmvIxYHRhoGTz9w8LeXek0- CSEC 103: Intro to Computer Networks – Basic Computer Networking. BOOK: CompTIA Network+ Study Guide (latest edition). Youtube tutorial: Professor Messer’s Network+ Training Course
https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd- CSEC 104: Intro to Operating Systems/Linux – Basic Linux Knowledge. BOOK: LPIC-1 Linux Professional Institute Certification Study Guide: Exam 101-400 and Exam 102-400 by Christine Bresnahan or CompTIA Linux+ Study Guide. Also Helpful: Linux Bible 10th Edition by Christopher Negus, Christine Bresnahan.
You should also be familiar with virtual machines at this point, using software like virtual box, and installing/using linux.
CSEC 105: Intro to Security. Obviously there should be basic knowledge of security. BOOK: CompTIA Security+ Study Guide. Youtube Tutorial:
https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAyDimwit Tier Knowledge
- CSEC 200: Secure Programming
“Threat Modeling, Designing for Security” by Adam Shostack
- CSEC 201: Introduction to Proactive System Security
Certified Ethical Hacker (CEH) Cert Guide (latest)
GPEN GIAC Certified Penetration Tester All-in-One Exam Guide (latest)
- CSEC 202: Digital Forensics
Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson, Amelia Phillips, and Chris Steuart Paperback: 752 pages, Publisher: Course Technology; 5 edition (January 15, 2015)ISBN-10: 1285060032, ISBN-13: 978-1285060033
- CSEC 203: Information Security Engineering
Harris, S. (2012). CISSP All In One Exam Guide (6th ed.).
- CSEC 204: Modern Cyber Conflicts
Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners.
Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012
Midwit Tier Knowledge
- CSEC 300: Intermediate Networks
Data Communications and Networking 5th Edition by Behrouz A. Forouzan
CCNA Routing and Switching Complete Study Guide, Todd Lammle, Sybex, 2016, ISBN 978- 1119288282
- CSEC 301: Network Security
CCNA Security Official Cert Guide (latest)
LAN Switch Security – What Hackers Know About Your Switches by Eric Vyncke and Christopher Paggen
Router Security Strategies: Securing IP Network Traffic Planes by Gregg Schudel and David J. Smith
- CSEC 302: Intermediate Offensive Security
Engegretson, P. (2013). The Basics of Hacking and Penetration Testing (Second ed.).
Clark, B. (2013). RTFM: Red Team Field Manual (this is more of a cheat sheet/reference)
Simpson, M. T., Backman, K., & Corley, J. E. (2011). Hands-on Ethical Hacking and Network Defense (Second ed.)
Skoudis, E., & Liston, T. (2006). Counter Hack Reloaded (Second ed.)
I skipped some books on cyber-physical systems security (SCADA hacking). Please LMK if I missed anything. Also please try to use the latest available edition of any given book, if it's higher than what is stated there.
No.4712
>>4643I only have a meh thinkpad, not currently the resources for running hypervisor. thx tho. :)
Anons do you want to make a infosec collective?
I am thinking a cross between like old school #leftsec on i2p and 200X hackbloc?
No.4713
>>4712>I only have a meh thinkpadBased
No.4714
>>4704- CSEC 101: Intro to Python – Introductory Programming with python. Every hacker should know at least basic coding. BOOK: Guttag, John. Introduction to Computation and Programming Using Python: With Application to Understanding Data Second Edition. MIT Press, 2016. ISBN: 9780262529624. You can substitute any of the dozens of books and or tutorials and or online courses on Python programming (or the basics of any common language).
https://www.youtube.com/playlist?list=PLRJdqdXieSHN0U9AdnmwD-9QcR9hmw04d- CSEC 102: Intro to Databases – Basic SQL programming, for use on relational SQL database systems. BOOK: Sams Teach Yourself in SQL in 10 Minutes (Fourth Edition) ISBN: 0672336073. Tons of resources to go with this, such as Stanford’s introductory course on databases.
https://www.youtube.com/playlist?list=PLroEs25KGvwzmvIxYHRhoGTz9w8LeXek0- CSEC 103: Intro to Computer Networks – Basic Computer Networking. BOOK: CompTIA Network+ Study Guide (latest edition). Youtube tutorial: Professor Messer’s Network+ Training Course
https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd- CSEC 104: Intro to Operating Systems/Linux – Basic Linux Knowledge. BOOK: LPIC-1 Linux Professional Institute Certification Study Guide: Exam 101-400 and Exam 102-400 by Christine Bresnahan or CompTIA Linux+ Study Guide. Also Helpful: Linux Bible 10th Edition by Christopher Negus, Christine Bresnahan.
You should also be familiar with virtual machines at this point, using software like virtual box, and installing/using linux.
CSEC 105: Intro to Security. Obviously there should be basic knowledge of security. BOOK: CompTIA Security+ Study Guide. Youtube Tutorial:
https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAy
>“Threat Modeling, Designing for Security” by Adam Shostackhttp://libgen.rs/book/index.php?md5=D45FAEFD50B7072B97628A32B63EBCAB
>Guide to Computer Forensics and Investigations, Processing Digital Evidence by Bill Nelson, Amelia Phillips, and Chris Steuart Paperback: 752 pages, Publisher: Course Technology; 5 edition (January 15, 2015)ISBN-10: 1285060032, ISBN-13: 978-1285060033http://libgen.rs/book/index.php?md5=C3447CB408D570CD68054A7E5E20E7B8
>Harris, S. (2012). CISSP All In One Exam Guide (6th ed.).http://libgen.rs/book/index.php?md5=9586B84A970FC181E3209D765787B9C2[8th ed]
>Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners.Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012
???
>Data Communications and Networking 5th Edition by Behrouz A. Forouzanhttp://libgen.rs/book/index.php?md5=F90841D02431AF5010FB9CEA31665E4E [4th]
>CCNA Routing and Switching Complete Study Guide, Todd Lammle, Sybex, 2016, ISBN 978- 1119288282http://libgen.rs/book/index.php?md5=55C5C9D3F3DED4413FB59B22CBF7EB47
>CCNA Security Official Cert Guide (latest)http://libgen.rs/book/index.php?md5=A5863B64330931EFD2BD21A5A92D764F [2015]
>LAN Switch Security – What Hackers Know About Your Switches by Eric Vyncke and Christopher Paggenhttp://libgen.rs/book/index.php?md5=81C735356FD4267FE269B578F3CB93BB
>Router Security Strategies: Securing IP Network Traffic Planes by Gregg Schudel and David J. Smithhttp://libgen.rs/book/index.php?md5=70B8B62F1E07DAD41D14A4A906B6F60F
>Engegretson, P. (2013). The Basics of Hacking and Penetration Testing (Second ed.). ???
>Clark, B. (2013). RTFM: Red Team Field Manual (this is more of a cheat sheet/reference)http://libgen.rs/book/index.php?md5=51E0448CE4F9757F6939D74508BFEE6D
>Simpson, M. T., Backman, K., & Corley, J. E. (2011). Hands-on Ethical Hacking and Network Defense (Second ed.)http://libgen.rs/book/index.php?md5=CB0AA1E04C92DA05A1FD36A2CEE816C3 [3rd]
>Skoudis, E., & Liston, T. (2006). Counter Hack Reloaded (Second ed.)http://libgen.rs/book/index.php?md5=E86552E60B0708BAB56C0AD6C790152B No.4717
>>4714>Engegretson, P. (2013). The Basics of Hacking and Penetration Testingthis is that
http://libgen.rs/book/index.php?md5=F9EDC62C559F1C3D610348C55157A969 No.4718
>>4714also this:
http://libgen.rs/book/index.php?md5=3A1A8BEEB074DF75F7F577D54B5719F0is
>Andress, J., & Winterfeld, Steve (2011). Cyber Warfare Technique: Tactics and Tools for Security Practitioners. No.4719
>>4714>Healey, Jason (2013). A fierce Domain: Conflict in Cyberspace, 1986 to 2012PDF request for this, book details the history of cyber warfare. Hard to find pdf
No.4720
also request tutorial, pdf, or youtube tut on how to make a cyber range/pen testing lab
No.4730
>>4720local lab
https://resources.infosecinstitute.com/how-to-make-your-own-penetration-testing-lab/remote lab ( other lab )
https://www.hackthebox.eu/https://tryhackme.com/https://www.cyberseclabs.co.uk/There was this big russian lab, like an actual AD network with 11 machines you had to piviot, if I can find it ill post it
I also recommend looking at walkthoughs of machines and taking notes if your a beginner and still learning, that's what I've been doing.
No.4778
Why is this guy so based?!
>DEF CON Safe Mode - Christopher Wade - Beyond Roothttps://youtu.be/aLe-xW-Ws4c?list=PL9fPq3eQfaaBk9DFnyJRpxPi8Lz1n7cFv No.5113
>>2934Are botnets communism
?
No.5115
>>4730Skid shit, do CTFS and find/exploit n-days (not just downloading from metasploit)
By far the best ctf wargame for linux systems:
https://pwnable.tw/More newbie friendly game:
https://www.microcorruption.comProject Zero is an amazing resource as well for finding targets you may be interested in attacking:
https://googleprojectzero.blogspot.com/https://bugs.chromium.org/p/project-zero/issues/list No.5116
>>5115Also word of warning that every public target in the last ten years has become FUCKING HARD to exploit
No.5670
bump
No.5671
>>5115>Skid shit,bs. your little games are as skiddy as ops little games.
Learn in the wild or gtfo.
No.5853
>>2943>CEH v10 full coursehttps://www.youtube.com/watch?v=4DQtZo3RAO0been following this course and it's decent
No.5854
>>4576>>2943>>2934This entire thread is gay and OP is a giant faggot for posting it. I might even go as far as to say he is a fedposter.
In fact, this hacktivist shit is retarded fedposting. Look at all the shit Jeremy Hammond put himself through, and also Snowden, Manning and Assange. Anyone worth their salt knew about mass NSA surveillance that they exposed LONG BEFORE official documents were published/leaked. Look up Jam ECHELON Day ffs. You want to feed more young impressionable college students into the criminal-justice meatgrinder? Literal professional spies have been caught, and you think you will do better?
What happened to Hammond was him literally asking for it: He has a track record of being a retarded smashie since the early 2000s, and Lulzsec/Antisec were running on publicly accessible IRC servers WITH NO AUTHENTICATION OR ANY VETTING. They also let in fucked-in-the-head megalomaniacs like Laurelai Bailey who posted dox on the entire crew, and consequently Sabu turned snitch, with Hammond getting ten years, and Commander X going innawoods in Canada. Smashie shit has no long-term perspective, and they literally just spent themselves like retarded coomers. Wasted lives all around that chapter.
Assange's involvement with Manning was retarded but important enough to expose the plans of the globalist neoliberals with the diplomatic cables. Snowden was just the cherry on top concerning the NSA/Military/Industrial/Contracting complex. Insofar as he redpilled normies on surveillance, most of those fuckers don't really care, and just get on with their lives and consoom more product off Amazon and happily trade their security and lives in for immediate convenience. All their lives, effort and skills wasted.
>So what am I supposed to do?Two words: "something constructive"
Your job should be learning how choose the right characteristics of computer and how to harden your computer against access by corporate and state actors, and then apply them religiously. The various /g/ boards have info on how to do this, as well as any jinteki.industries mirror and especially this guy:
https://digdeeper.neocities.org/https://digdeeper.neocities.org/ghost/botnet.htmland this guy:
http://tripcodeq7.xyz/8/8.htmland his youtube channel.
This means an old-model 2005-2012 thinkpad (not all will work, do pay attention) and learning how Linux works, from basic utils to the kernel. Learn to use it from the shell, and how to access system calls. Then basic webdev/scripting to understand web vulnerabilites and then learn how to flash its bios to eliminate the IME/hardware whitelists. This will enable you to use whatever wifi adapter you want to deal with hardware fingerprinting.
IMO don't even begin unless you have at least 3-4 trannybooted xx00-series thinkpads with either gentoo, trisquel, arch or heads, and know how to flash new MAC addresses and know how to use aircrack-ng/airsnort and know basic tradecraft. None of you are Snowden, and are out of your respective depths compared to him, and he had intelligence training.
The next thing to do is learning how to use and build/maintain encrypted infrastructure like the original cypherpunks.
This means religious use and in-depth knowledge of public-key encryption, PGP encryption of mailing, rolling your own proxy, Tor, i2p, the works, and also making sure that you are changing your browsing habits. This means no "fun" on those laptops, either: packet inspection to browsing habits are easy fingerprints, and I can assure you that any person who has accessed torproject.org, a chan, or a booru EVER is on a list. That means YOU right now. This is your fair warning: never mix business and pleasure, so you don't get doxed or framed. The FBI is the biggest purveyor of cp for a reason.
Then the next thing to do is to make sure that your work that you are doing is positive: you should be figuring out how to build computer networks for rural areas and co-ops using AX.25 packet radio for starters, and even using SDR modules to build computer network nodes and links that are beyond corporate control. The point is to build usable people-based alternatives to corporate-owned and administrated technology so that you are no longer beholden to them. Once you can find an ISP that can peer with you, you can create dead zones in the corporate surveillance network. Then you go out and evangelize this to people who also would like this: there are plenty of old curmudgeonly paranoid boomers who would like to join this if given the chance.
The point is to have a constructive program towards a usable alternative to capitalism, not merely sabotage it. Hacktivism doesn't do that, and in light of recent events, it is a fool's errand.
No.5856
>>5854 >and then apply them religiouslyThis is where I fuck up, but doing anything at all to stop exposing myself to the botnet is better than nothing… right?
No.5857
>>2934>>5856>doing anything at all to stop exposing myself to the botnet is better than nothingEither do it all or don't bother. This means a totally libre software stack from bios to apps, connecting to the internet through a VPN that accepts crypto, preferably Monero. Also, you will have to connect from somewhere that isn't connected to a surveilled isp that has your name on it, preferably from some chain restaurant or public library. In a pinch, an ethernet hardline will work from your university if they still haven't removed that yet, but that is pushing it. They mostly omit auth on that, but you don't want to be anywhere near that when they come to call.
No.5858
>>5857 >connecting to the internet through a VPN that accepts crypto, preferably MoneroIs this really necessary? VPNs can't be trusted more or less than ISPs.
No.5859
>>5857>>5854>you either use a modern intel cpu with windows and google chrome or a librebooted old computer with tails and tor browser through a no logs(tm) vpn, absolutely no in betweenscome on now
No.5874
>>5859>>5858>Is this really necessary? VPNs can't be trusted more or less than ISPs.That is why you build your own lol. I'll leave how to do so up to your own imagination. The one clue I will give you is this: learn how to set up diy reverse tunnels and use sbcs, and also learn how to use different radio technologies.
>>5859>come on nowEither go big or go home
No.5875
>>5874>Either go big or go homeI agree but not everyone can do this, sadly.
No.6025
>>5859VPNs are retarded for hacking. use tor and your own proxies.
No.6026
>>5116False.
>>5854Ignore this fed.
No.6027
>>5875>I agree but not everyone can do this, sadly.Why? Cam only learn!
No.6030
>>5115What kinda programming knowledge/languages do you need to play these games? Do you use python for them or something?
No.6101
>>5858>>6026>Ignore this fed.Lol at this smashie. Enjoy getting tortured at some CIA blacksite to expose shit that we already know you retard.
No.6141
>>6030Nah, you're usually just running tools and simple bash commands.
>>6101Except i aint gon to jail yet no matter how many times my doors been kicked in, so do fuck off, armchair.
No.6144
>>6141>Except i aint gon to jail yet no matter how many times my doors been kicked in, so do fuck off, armchair.Suicidal motherfucker, ain't you? Go larp as Johnny Silverhand somewhere else.
No.6153
>>6144Why isn't PhinPhisher in jail? why aint the thousands of carder kids in jail? why aint the kids rootin boxes for lulz in jail? you are delusional or you glow.
No.6159
>>6153Since they are not Bunkerchan users, they can actually use their brains.
No.6214
>>6153whonix, opsec, actual skill.
No.6220
>>6153>Why isn't PhinPhisher in jail? why aint the thousands of carder kids in jail? why aint the kids rootin boxes for lulz in jail? you are delusional or you glow.This isn't the point. There are enough both political and technological solutions to neutralize you:
https://crimethinc.com/2018/06/05/hackback-talking-with-phineas-fisher-hacking-as-direct-action-against-the-surveillance-state>In May 2016, after watching the documentary “Ciutat Morta,” Phineas thought about trying a simple attack on the Catalan Police Forces. Ciutat Morta is a film about the 4F case, a famous case in the history of the Spanish state in which repressive forces tortured and imprisoned several young people from South America as an act of revenge after a policeman was put into a coma by the impact of a stone following a police charge in downtown Barcelona.
>As a result of this new hacking action, using a well-known vulnerability, Phineas defaced the website of the union of the Catalan police with an ironic manifesto declaring that the organization “was refounded as a union in favor of human rights.” A data dump with personal details of some 5000 police accounts appeared, along with a 40-minute video tutorial on the techniques used in the hack.
>Shortly afterwards, the police carried out several raids on social centers and hacklabs in Barcelona, then claimed to have caught the famous hacker. Only hours later, journalists reported that the same person had contacted them to say that “he was alive and well” and that the police forces had only imprisoned a scapegoat who happened to have retweeted the info in the dumps.The point isn't that he wasn't arrested and still tweeting. The point is, nobody knows who he truly was, and that because of this, the police could say they got him and that it is only a copycat or confederate tweeting. In the meantime, the arrestee is held in indefinite pre-trial detention in the vein of Assange until he gives up and agrees to confess that he did it or get his friends framed or some other shit. Phineas is free only because some other idiot is taking the heat for him, and terrorism and pedoshit will get anything justified nowadays. You are a faggot who simply wants to provoke police terrorism and get kids fed to cops.
Also
>rooting boxes for lulzDon't think for a second that they haven't been trapped and tagged. Who's to say that your VPN isn't feeding your traffic on the side to the NSA? The FSB? The PLA? or the Mossad? You can also forget about using the Tor network, either as a user or as a host: The Naval Research Laboratory has documented a structural vulnerability to the tor, the "Sniper Attack":
http://www.nrl.navy.mil/itd/chacs/biblio/sniper-attack-anonymously-deanonymizing-and-disabling-tor-networkFurther info from Nachash's 2600 article:
https://rmusser.net/docs/Rants&Writeups/Opsec_rant2-nachash.htmlNobody's becoming your idiot martyr here.
No.6224
>>6220So we shouldn't do anything because the corps and the State are going to use someone else as a meat shield? This is cuck reasoning, same garbage you see some idiots bring up when the topic is stuff like looting, shoplifting, or even regular rioting.
No.6246
>>6224You can do far more outside of prison than inside it.
Also
>cuck reasoningHow stupid do you think we are? You have no power here.
No.6249
>>6246Just don't get caught. :^)
No.6346
bump
No.6373
>>6220if you are using vpn or tor, no rank and file nsa agent is going to be following you.
you must have already done something other than posting online or shoplifting for the feds to bother enough to pay someone to track you, specifically
ak-47AK-47 No.6426
>>6220im not clicking on that .mil link
TOR deanonymization is high effort and would probably take the NSA 1-2 months even with extreme motivation to get someone like Osama or w/e. doubt the skids have anything to worry about
No.6427
>>6220plus the "sniper attack" is literally just ddosing tor exit nodes you don't own so theres a higher chance of directing to nodes you do own. again, this isnt reliable and also it requires you to degrade the performance of the whole tor network
No.6985
bump
No.8442
bump
No.9512
>>4719this looks interesting
No.9597
>>6427It also implies that the person your trying to identify isn't using ssl.
No.9655
>>9600What's everyone's opinion on kirtaner going full anarcho-hackerman and hacking myanmar, parlor, etc.
https://www.youtube.com/channel/UC-igeMJ4Azc1HgRqeK4Rn-QpunkPunk No.9835
>>9666admin of 420chan and one of the original og anon's during chanology.
No.10883
bump
No.11582
>>11574AFAIK It was a planned series that never got beyond book 1
No.11597
Is there anyone here that would contribute to a zine?
No.11599
>>11597depends what about. hacking i guess?
No.11665
>>3026I know this post is old as fuck, but if you're still interested: basic programming, especially in python, is way easier than it may seem from the outside. Just read "automate the boring stuff with python" and you'll be good to go in like two weeks or so of afternoon study.
No.11880
Cool little blog on kernel stuff
https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/>>11599Yes. Thought its be nice to drive revolutionary interests into the scene.
No.12537
Any updates? Idea's for a group project?
No.12538
>>12537>Any updates? Idea's for a group project?We should start an IRC channel. A space to actually organize projects and infrastructure. I recomend libera.chat, how about #redtech?
No.12553
>>12538I too agree, but who should make the channel?
No.12556
>>12553irc.libera.chat #redtech I have made it. :)
>>12552Stop being a dumb faggot. All browsers are insecure.
No.12557
>>12556you should make a matrix channel, there's already a leftpol community there.
No.12558
>>12557>you should make a matrix channel, there's already a leftpol '"community"' there.If i thought matrix was a not shit idea it's what I would have recommended, anon.
I have been to the leftypol matrix, with this I am interested in doing some things, not hanging around with a bunch of lonelies desperately trying to find a faximiie of community and disruptive shitposters.
No.12559
>>12558irc is dead, boomer. Get with the times.
No.12560
>>12559It's not dead among hackers.
No.12561
>>12559I'm a Matrix advocate and your post is stupid.
No.12566
>>12558>I have been to the leftypol matrix, with this I am interested in doing some things, not hanging around with a bunch of lonelies desperately trying to find a faximiie of community and disruptive shitposters.no one wants to download/install irc though but whatever just b urself
No.12571
>>3014>Can confirm. A lot more hacktivists (or at least skiddies) are more post-left illegalism types than MLs. But then, that's a gross generalization too, I'm sure there's a few great tankie haxxors.Marxist-Leninists place a tremendous emphasis on meeting people where they at and attaching themselves to popular struggle, building a mass movement through the good deeds of working with others. The emphasis is on building a movement through material means. Hacktivism is just a grouping of related tricks and tactics conducive in bringing down information systems, but these tactics are not conducive in building a mass movement. It's like talking about the use of rifles as if they alone, without theory and material analysis, would be capable of bringing about communism.
No.12572
>>3026>>3029Both of these posts completely miss the point of building a mass movement. The technology you use DOES NOT MATTER. "The Capitalists will sell us the rope that we will hang them with." - Lenin
THIS BEING SAID:
Use whatever technology is useful for whatever direct action is necessary, but seriously do not overthink this shit. Revolutionary orgs will use Signal or PGP or ProtonMail but I guarantee none of them are such fucking nerds that they would demand their members use GNU/Linux and learn proper network administration.
No.12574
>>12571would a modern maoist style peoples war utilize cyberwarfare and then have a cyber war unit?
No.12597
+1 on matrix channel.
nobody wants to use jabber mucs or ircs.
matrix is easier to use and safer
No.12600
>>12574Yes, definitely. Especially as we have to reorient more and more into an increasingly urbanized environment.
>At the turn of the 20th century, just 15% of the world population lived in cities. According to the UN, the year 2007 witnessed the turning point when more than 50% of the world population were living in cities, for the first time in human history. No.12602
>>12566no one wants to download/install matrix though but whatever just b urself
>>12574>would a modern maoist style peoples war utilize cyberwarfare and then have a cyber war unit?I imagine so, yes. It is a form of action that has become integrated with the wider bag of tricks we are used to.
>>12597>matrix is easier to use false
>and saferfalse
Why are you lying though?
No.12610
>>12602Take a step back from your perspective as someone whose been using IRC for 20 years and think about the average person (even the average technically apt person).
Matrix is easier to use than IRC, like objectively.
And yes, it is safer. Not the perfect security tech, but its better than the… lets see… NO ENCRYPTION and no security that IRC offers.
No.12611
>>12610>all IRC is clear textMany IRC servers allow connecting over SSL/TLS on port 6697. Authentication may be done using nickserv, optionally using SASL. For reference see
https://freenode.com/kb/all for reference.
There is also work being done on a decentralized chat protocol with strong encryption resembling a subset of IRC http://pest.bitdash.io/ No.12612
>>12611TLS is very weak in comparison to the encryption on secured Matrix rooms. The older chat protocol that is up to par with Matrix on this is XMPP with specifically OMEMO, but IRC with TLS is way weaker to be quite clear.
No.12627
>>12610element is kinda janky, and the matrix bullshit about your keys every time you log out basically makes it impossible to have multiple accounts (tho i think i saw a thing that advertized u could be logged in to multiple acconts at the same, time, idk if nheko or some cli matrix bullshit)
i used to use it n got all my anarchist friends to use it, but its just not that great
i use xmpp now p much exclusively and i dont get the hype of matrix when this shit has existed forever lmao. Shit's more polished (not shiny, but works well and is stable), and you can use it over tor easily so wtf matrix??
the only thing is that omemo might not work in mucs? or is difficult at least? idk
>>12612can u do omemo in group chats?
No.14078
>>5854I think a lot of what you said here is interesting and a good injection of reality into this thread. A few comments
>https://digdeeper.neocities.org/He's ok I think, I think I read his blog on "freetardism" which left a bad taste in my mouth, because it was stupid. Only other problem is that we have no idea who he is and whether his cybersecurity background is. Looking at his stuff now most of it seems to be informed, detailed, and mostly not cringe.
>tripcodeq7Based.
>IMO don't even begin unless you have at least 3-4 transhumanistbooted xx00-series thinkpads with either gentoo, trisquel, arch or heads, and know how to flash new MAC addresses and know how to use aircrack-ng/airsnort and know basic tradecraft.Libreboot with "insert le epic super duper hard linux distro here" may be going a bit far in terms of baseline (speaking as a libreboot user), but the overall point is valid because all modern computers have hardware vulnerabilities in the IME and starting to switch over to linux generally is valid (but you don't need to use, literally mint or ubuntu is fine to start and then work your way up to a more hardened system, whoonix, tails, trisquel, whatever.). If anyone is interested in libreboot/old thinkpad stuff, start here:
https://thonkpeasant.xyzhttps://vid.puffyan.us/watch?v=Fs4GjDiOie8&autoplay=0&continue=0&dark_mode=true&listen=0&local=1&loop=0&nojs=0&player_style=youtube&quality=dash&thin_mode=falseYou can also just buy one on ebay but the prices have gone up in the past little while.
No.18169
>>12556holy shit libera is the worst
>ur using tor, go to this page to see how to connect over tor>you have to use sasl with a cert>"to use saslt you have to register with NickServ">to register with nickserv you have to connect>to connect over tor you should probably use tls>to use sasl external you MUST connect over tls>there are two ports you can use to connect to the onion, 6667 and 6697 (corresponding to plaintext and tls)>try connecting using onion w/ cert over the tls port>instantly disconnected, no message even like over plaintextwtf is is libera, jesus christ
im gonna have to set up rdp just to log in because it REQUIRES a clearnet IP linked to you to connect to its servers
Can anyone tell me: is that irc even used, or is it totally dead? please please save me some time
No.18179
>>18169It's pretty active, and I understand your pain. I just connect to it using Matrix, the bridge works perfectly.
No.18562
>>12553does this channel still exist?
No.18564
>>2936bruh why do random ass posters just be shittin on any and all praxis as ULTRA/TANKIE LARPING!1!!!!11!! thats actually bad for the movement
No.18806
>>18564bruh this thread as over 100 posts and not a single thing has been done, sure some information has been exchanged but you all were not even able to set up an communication channel which is the simplest most basic thing to even think about group hacktivism.
If people are serious there are various IRC servers with .onions but people here are clearly not serious. they like the idea of hacktivism, the nostalgia of anonops perhaps, not the reality of doing the work.
No.18817
>>18806Which IRC servers you recommend?
No.18818
>>18817NTA, but i looked into irc and there are several lightweight, relatively simple to configure daemons.
For something like this you could host a tor hidden service at home. Such a setup is vulnerable to traffic correlation with your regular internet activity if you don't set bandwith caps on everything, but personally i think paying for a server is a far greater liability.
No.18828
>>18818can you explain why paying for a server is more of a liability? assuming you're paying anonymously and with monero over tor
No.18829
>>18828Third parties, contracts, loss of control, federal law, and a whole lotta other shit.
No.18833
>>18818I agree, for good measure I would connect it to a cracked wifi point too.
>>18817other leftypol has a tor accessible irc server.
anarchyplanet.org has a irc accessible tor server and like everything anarchyplanet project (a.nti.social, theanarchistlibrary.org, anarchistnews.org, etc) has an .onion address.
No.18839
>>18829contracts aren't a thing for any servers i've rented, you just pay and get access. They ask for PII but you just feed fake shit… on the other points, its basically one point? That the company owns the computer and can see everything that goes on in the server on it. That's fair, but isn't it best practice anyways to not say anything personally incriminating and assume you're being watched, because you don't know who other anons are or if they'll snitch eventually? So it's not like much is lost there. If they decide to take a chat down, we have backup communication here on leftypol and could just spin up another server. Subpeonas typically take a while to serve too if the gov was really involved, so it would be more of a cat and mouse thing than crippling to communication. Not that we'd get that kind of attention most likely. And encrypted communication is always better.
But fr i dont think those worries are well-founded
No.18840
>>12552This link was last updated a year ago. Are these Firefox exploits still relevant?
No.18939
>>18833if only more people did what this pic shows
No.19030
>>18939Cameras around me are often dome.
Have good starts against these?
Protip: networked camera if u can access are a good way in to a commercial network from the outside that is underutilized. Some are even powered over Ethernet (ppoe).
No.19054
>>19031I have an old small print radical graffiti book that had this in as well as a few other things, i will look for it.
I had this idea of making stencils to do graffiti that goes around ATM machines i would like to do, like anti capitalist agitprop above the part the money comes from or between the letters, which i think could be quite cool and will only require taking measurements of a machine.
>>19032>>19046Yea, I was thinking more long-term Is there anything that if sprayed on to the plastic dome would melt or deform the plastic a little, enough to ruin the image probably?
There has to be some methods we can brainstorm and test between us.
No.21801
>>18806That being said, I was thinking about running a CryptBB forum but for leftist (as pretty much all leak forums are filled with the worst of the worst). Would only serve it over I2p, maybe for.
No.21802
>>21801You need to give out keys/accounts to people for them to access the forum. Unless you do it in-person, you still have to trust strangers on the internet. Giving people IRL accounts with a number of invites is one way of building a semi-trusted forum, as long as every person giving out invites takes good care in choosing who they invite.
No.21804
>>18806>bruh this thread as over 100 posts and not a single thing has been donelol imagine people would post shit here if they did anything so the glow in the darks can van them faster
No.21805
>>18806Yes, officer. My favorite website to discuss all the leftist hactivism I do is www.iadmitttocommittingacrime.com
No.21809
>>218081 - take a networking class if your university cs program has one as an elective
2 - You usually cant get into hacking right away, usually that happens after being a cybersecurity analyst or something first.
3 - Certifications: You have to get some cybersecurity (and possibly general IT) certifications. OSCP is a good one. You have to do your own research here as there are a ton of cybersec certifications and there are new ones being made. Try to focus on the ones you see most commonly in job postings
No.21810
>>21809addendum: you probably need to learn scripting/coding to an extent as well, usually bash/linux shell and python
Unique IPs: 36