- 35
- 1 149 867
Pentests and Tech
United States
Приєднався 27 гру 2015
I make educational videos on how to use tools, crack certain hashes, and sometimes I do other tech related things. I upload on Thursdays at 3:00pm PST.
Please do not ask me to crack hashes, crack files or "hack" any accounts.
If you would like help on something, my email is listed below and I would be happy to help.
Disclaimer: What I do on my channel is for educational purposes and I always do it to hardware or software that I own and/or have permission to conduct tests on. Hacking into anything you do not own or, do not have permission to use is a federal offense, so don't do it.
Please do not ask me to crack hashes, crack files or "hack" any accounts.
If you would like help on something, my email is listed below and I would be happy to help.
Disclaimer: What I do on my channel is for educational purposes and I always do it to hardware or software that I own and/or have permission to conduct tests on. Hacking into anything you do not own or, do not have permission to use is a federal offense, so don't do it.
A Free AND Open Source XDR/SIEM Solution?
Wazuh is an awesome piece of software and I wanted to share it with all of you!
Check it out: wazuh.com/
Check it out: wazuh.com/
Переглядів: 173
Відео
How to: Edit Protected Excel Workbooks
Переглядів 1,2 тис.10 місяців тому
You could also just copy the data into a new sheet... BUT where is the educational value in that? Please do not attempt anything in this video in networks that you do not own or do not have permission to test. This is for educational purposes only. 7zip download: www.7-zip.org/
Cracking Encrypted Microsoft Office Files
Переглядів 8 тис.10 місяців тому
Encrypted Excel files are much more secure than "protected" office files, but it still very much depends on the strength of the password used. This is for educational purposes only and is only to be used on computers or files that you own or have permission to test. python 2: www.python.org/downloads/release/python-2715/
ISC2 CC: How I got certified for FREE
Переглядів 1,1 тис.10 місяців тому
This video is a showcase of ISC2's Certified in Cybersecurity Cert. They provide online training and free exams. ISC2: www.isc2.org/
How to: Crack Domain Admin passwords with Rubeus
Переглядів 3,4 тис.10 місяців тому
In this video we go through the steps that an attacker may use to move laterally in a network. This is a very short and minimal introduction to kerberoasting and is for educational purposes only. Please do not attempt anything in this video in networks that you do not own or do not have permission to test. This is for educational purposes only. If you liked it, hit the like button so that I can...
How I passed: CompTIA Security+
Переглядів 1,8 тис.2 роки тому
Resources, tips and tricks for taking and passing the Security Exam. If you guys have any additional resources or anything you think I missed, please add it via a comment. (None of these are paid links or sponsors) Professor Messer: @professormesser www.professormesser.com/ CompTIA: www.comptia.org/certifications/security free practice tests: www.examcompass.com/comptia/security-plus-certificat...
How to: Recover your Windows 10 Password (PassFab 4WinKey)
Переглядів 25 тис.2 роки тому
This is for educational purposes only and is only to be used on computers that you own or have permission to test. Link to PassFab 4WinKey: bit.ly/2UfhQFx PassFab 4WinKey is a recovery tool that can reset and remove your windows password, whether it's a local Admin or a Microsoft account. In this video, I show you how to install and set up 4WinKey, as well as reset a Microsoft password, and cre...
How to: Make your own VPN server with a Raspberry Pi
Переглядів 8 тис.2 роки тому
In this video I use PiVpn, wireguard and a Raspberry pi to create a tiny vpn server. I forgot to extend the filesystem and do some other pi set up steps, so look out for another video on setting up a raspberry pi. pi os: www.raspberrypi.org/software/operating-systems/#raspberry-pi-os-32-bit balena etcher: www.balena.io/etcher/ Putty: www.putty.org/ pivpn: www.pivpn.io/ Paid Links: Raspberry Pi ...
DVWA Part Two: Login
Переглядів 6 тис.3 роки тому
In this video we will be using hydra to complete the first task in DVWA, the login page. If you missed the first video where I set up DVWA check it out here: ua-cam.com/video/5PBZJg6-Gd4/v-deo.html This is for educational purposes only and is only to be used on computers that you own or have permission to test. If you guys have any questions make sure to leave a comment below, and if you like m...
How to: Crack Passwords Faster
Переглядів 2,9 тис.3 роки тому
Ever wondered why passwords take so long to crack? In this video I talk about why some passwords take longer than others, and how you can speed up the process. This is for educational purposes only and is only to be used on computers that you own or have permission to test. My PC: CPU: amzn.to/35CsCsO GPU: amzn.to/33uLB5E (RTX 2080) Ram: amzn.to/2ZzNfBQ SSD: amzn.to/32uDiHW Motherboard: amzn.to...
How to: Set Up DVWA
Переглядів 18 тис.3 роки тому
In the first video in this series we will install and configure DVWA (Darn Vulnerable Web App). Later in the series we will go through each challenge one by one. This is for educational purposes only and is only to be used on computers that you own or have permission to test. DVWA github: github.com/digininja/DVWA DVWA website: www.dvwa.co.uk/ (Paid Links) My setup: CPU: amzn.to/35CsCsO GPU: am...
How to: Use Burp Suite
Переглядів 47 тис.3 роки тому
Burp Suite is a compilation of Web Exploitation tools, and is used by industry professionals and amateurs alike. This is for educational purposes only and is only to be used on computers that you own or have permission to test. Burp Download: portswigger.net/burp Burp Suites UA-cam: @PortSwigger My setup: CPU: amzn.to/35CsCsO GPU: amzn.to/33uLB5E Ram: amzn.to/2ZzNfBQ SSD: amzn.to/32uDiHW Mother...
How to: Use Wireshark
Переглядів 20 тис.3 роки тому
In this video I go over how to capture and analyze network packets with Wireshark. This is for educational purposes only and is only to be used on computers that you own or have permission to test. Wireshark: www.wireshark.org/#download Files: wiki.wireshark.org/SampleCaptures My setup: CPU: amzn.to/35CsCsO GPU: amzn.to/33uLB5E Ram: amzn.to/2ZzNfBQ SSD: amzn.to/32uDiHW Motherboard: amzn.to/2Rqg...
A new way to Hack The Box: PWNBOX
Переглядів 14 тис.3 роки тому
Hack The Box has been doing a lot of updates, and recently they released PWNBOX. PWNBOX is an online Parrot virtual machine with all of the tools that you need. This is for educational purposes only and is only to be used on computers that you own or have permission to test. HTB: www.hackthebox.eu Best HTB channel: ua-cam.com/users/ippsec
Top 10: Best Books For Hackers
Переглядів 70 тис.3 роки тому
The internet is a good way to learn, but will never replace books. This is for educational purposes only and is only to be used on computers that you own or have permission to test. Paid links to the books shown: 1. Network Guide to networks 7th ed: amzn.to/3k0bFge 2. Security Guide to Network Security: amzn.to/3iQEcDq 3. Linux Bible: amzn.to/33W9y7y 4. Kali Linux revealed: amzn.to/2ItpVA8 5. P...
Lynis: How to find vulnerabilities and harden a system
Переглядів 11 тис.3 роки тому
Lynis: How to find vulnerabilities and harden a system
How to find social media accounts with Sherlock (OSINT Investigation)
Переглядів 16 тис.3 роки тому
How to find social media accounts with Sherlock (OSINT Investigation)
Testing the best Wifi cards for Hackers
Переглядів 6 тис.3 роки тому
Testing the best Wifi cards for Hackers
How to: Crack Bitlocker encrypted drives
Переглядів 311 тис.3 роки тому
How to: Crack Bitlocker encrypted drives
10 Windows 10 tips and tricks (2020)
Переглядів 1,4 тис.4 роки тому
10 Windows 10 tips and tricks (2020)
How to: Crack Password Protected PDF files
Переглядів 254 тис.4 роки тому
How to: Crack Password Protected PDF files
How to create a windows 10 Virtual Machine
Переглядів 36 тис.4 роки тому
How to create a windows 10 Virtual Machine
How I passed the Comptia Network+ Exam
Переглядів 11 тис.4 роки тому
How I passed the Comptia Network Exam
Securing Ubuntu Linux (CyberPatriot)
Переглядів 37 тис.4 роки тому
Securing Ubuntu Linux (CyberPatriot)
Hacking The Invite Code (hackthebox.eu)
Переглядів 2,9 тис.4 роки тому
Hacking The Invite Code (hackthebox.eu)
didn't work with hash cat: [s]tatus [p]ause [b]ypass [c]heckpoint [f]inish [q]uit => , how about using JTR? do I move hash txt and rockyou file to JTR folder?
hey bro can u help me out
hey bro can u help me out
Thank you bro, your video actually makes sense versus all the others confusing the hell out of me. Got yourself a new fan🎉
Thank you! Glad you enjoyed it
If only password is required then what the cmd?
i would like to know if their is any methode for windows 11 pro
Not that I’ve seen, TPM has made it much harder to do.
what if every try have diffrent result and password still is incorrect
This is called a false positive. Hydra needs help knowing when a password is correct. There’s a way to tell it what the websites response is to an incorrect password. Check the documentation
how about when the gateway is different, how to find the gateway? that is my problem
You can run a scan of your network or look in your network settings on your device (phone/computer) and it will tell you your gateway IP
How to find password without requiring device? My device is too weak :(
There are sites online that will crack your hash for you, but you usually have to pay. Sometimes you can post it on Reddit r/hashcracking and they might help
Wow, that's so cool, i would love to see more in depth video
How long does it take to show password after it says "please be patient...."
It depends on the actual password. More complex passwords will take longer. Also depends on your hardware.
@@PentestsandTech I've been waiting for about 20mins, is that normal/expected? I'm at the "initializing backend runtime for device #1. please be patient....
@gurbanidaily9974 oh that sounds like it has not started yet. I would make sure you have the latest drivers installed for your chipset and graphics card. Sometimes initializing can take a while, but not more than 20 mins
I'd really love a more in depth look. Not only how to use it from the dashboard, but also things like how many resources are used by the agents. Can this be run on a hot production server?
Can definitely take a look at that. Are we taking like a domain controller, Database, website? It dosen’t require any reboot from the agent so there would be no downtime and i haven’t seen any noticeable performance impact on my gaming PC or my Linux containers.
@@PentestsandTech In my case it's a database server + application server that has high load as is. Can't split the db and appserver because shared memory is so much faster than doing queries via the network. Any scanning/reporting agents need to be very lightweight, not only in cpu but especially i/o.
Gotcha, I will definitely take a look
ITS TRYING TO GET YOUR COOKIE TO STEAL YO ACCOUNT DO NOT RUN
What are you talking about?
hey bro when you write cd Nmap/ it puts you in the directory to me it says no such files ore directories
I created that directory to put my scans inside, it’s just a folder i made
How do I do this on linux
You can install John the ripper on Linux, so it’s the same process
What password list ?
Any password list you want, or create your own. It’s just a text file with a list of potential passwords.
Explained in a very simple way, tnx for that liked it ❤
Super bien explicado y funciona. Gracias!
10:00
So you’re worried about all that lost time typing the 64 on the end? When you could have just renamed it to hashcat.exe Or h.exe Of failing that just made a batch file to run it? 😂 Funny guy.
Wasn't enough lost time for me to worry about it, but it is a nice change
i need it much
can i send the pdf to you and do it for me i am a medical student and i am not good with this codes... the file send to me by the university and i need it much just give me your email or any of your social media accounts and i will send it please help me
I tried this and it gave me the password but when I go to login, I still cant get in. Says Incorrect username or password
ftp is not shown. I have a spectrum router btw. that's probably why
reality this is a peace
What does this mean?
Thanks!
Thank you!
How on earth have I not seen this until now?!?!?! Thanks!
You’re welcome, just so you know, it dosen’t work on windows 11 anymore
Does this method work on the entire workbook "the excel file itself" ? or on an excel worksheet ?
The excel file itself
Thanks for the great video! VeryPDF PDF Password Remover is excellent for removing PDF passwords. Enjoy using it!
thanks for the video, I have some questions since keep getting errors. First, my exported hash only had two hashes, the first started with $bitlocker$2$ and the second started with $bitlocker$3$, not $bitlocker$1$ like yours in the video. If I put either of my hash lines in the hashcat directory and run, I always get "salt-value exception - no hashes loaded" and the program terminates. If I change my hash from $bitlocker$2$ to $bitlocker$1$, then it proceeds to run. However, it then fails after running the hashcat self test "device #1: attention! HIP kernel self test failed...your device driver installation is probably broken." aborting session due to kernel self test failure. If I override the self test, it generates another error "read timeout in stdin mode" and eventually fails. also, it appears you manually placed a "rockyou.txt" file in the root directory, but you didnt discuss how you made/got this, and what it really does. There are you some other files in the hashcat 6.2.6 folder that are called "rockyou******.*" but not sure if these are the same. I am using hashcat 6.2.6 (latest), amd x5800 cpu, amd x7100 gpu (cuda enabled) with adrenaline driver 22.5.1 as noted in the requirements. I went through the faq about the broken driver issue, and cannot seen to resolve this. Would really appreciate any help with this.
Hi Ad,If I delete old windows and reinstall new windows, can I still open bitlocker on drive D?
As long as you know the password it should be fine
Does that work on mac??
Yes it should
How do you get and install Bitlocker2john on Windows 10? I cannot seem to find any info on it.
John works for me, thank you.
Device #2: Kerne1 ./OpenCL/m09600-pure.c1 build failed
Does this method work on usb?
Yes
PS C:\Users\AISHA HARMIRA\OneDrive\Documents\hashcat-6.2.6\hashcat-6.2.6> .\hashcat.exe .\hash.txt . ockyou.txt hashcat (v6.2.6) starting in autodetect mode OpenCL API (OpenCL 3.0 ) - Platform #1 [Intel(R) Corporation] ============================================================= * Device #1: Intel(R) Iris(R) Xe Graphics, 1504/3133 MB (783 MB allocatable), 80MCU OpenCL API (OpenCL 3.0 D3D12 Implementation) - Platform #2 [Microsoft] ====================================================================== * Device #2: Intel(R) Iris(R) Xe Graphics, 1920/3917 MB (489 MB allocatable), 1MCU * Device #3: Microsoft Basic Render Driver, skipped Autodetecting hash-modes. Please be patient... PS C:\Users\AISHA HARMIRA\OneDrive\Documents\hashcat-6.2.6\hashcat-6.2.6> this is my result :(((
great video and easy to follow. Thanks!
where shud i place the rockyou.txt and the hash txt file inside the john ripper folder? and what wud be the first .exe name for the john ripper?
you can put the wordlist anywhere you want, you just have to specify the file path when you write the command. I believe it is either "john" or "john.exe"
Also getting: Hashfile "file.txt" on line 1 Salt-value exception No hashes loaded.
Did you name your hash file “file.txt”
@@PentestsandTech I did, I fixed it somehow, but I can't remember how since it was 3 weeks ago. I just did a bit of googling.Needless to say I didn't crack the password 😅
Hey i am kinda new to these sort of stuff, where can i find the rockyou txt file?
github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt
when I type "hashcat -m 22100 hash.txt ?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d" I get Invalid argument, any thoughts?
Hello , I understand until Hashcat , i have ran Bitlocker and i got these hashes , but now i m stuck Hash type: Recovery Password fast attack $bitlocker$2$16$29ffb2f531f44c1d71c7588cc04182f8$1048576$12$f01658ce4814d80111000000$60$62a07bc7ec27ac35e024c5a97bf4bf680716992c43807cc4a055cede139922366263be2af71e3dac7c54c4c8a570a597e8cf0f029ab7540368745413 Hash type: Recovery Password with MAC verification (slower solution, no false positives) $bitlocker$3$16$29ffb2f531f44c1d71c7588cc04182f8$1048576$12$f01658ce4814d80111000000$60$62a07bc7ec27ac35e024c5a97bf4bf680716992c43807cc4a055cede139922366263be2af71e3dac7c54c4c8a570a597e8cf0f029ab7540368745413 What do i need to do now? Because i have no ROCKYOU.TXT file like in the video... Can somebody help me what i need to type in CMD (in hashcat) ? Thanks
STUPID VIDEO EVER
can't believe i'm gonna need a VM because of vanguard. fuck you riot games
that really worked thankss!
Thanks Bro ..Very informative video
Lots of love from india btw dude u look similar as jordan barret ❤
Luv man ❤️
Thank you so much!! Works like a charm ♥ >>Subscribed<<