i see a hack the clown video, i simply click, and watch on repeat, for entertainment purposes only of course haha, just finished the google cyber security certificate and have a few others under my belt, on to the comptia wagon next, love the videos. best on youtube in my humblest opinion. much respect sir
I mean, it's going to cost you money, right? I understand that useful knowledge about something should and will cost you money. But is this really the case? I mean, it's like paying a girl for sex instead of getting it for free. Or, more precisely, paying not even for sex, but for some kind of certificates from authorities claiming that you can potentially fk someone. And the gap between "knowing" how to do something vs actually being able to do it is somewhat similar in these cases. So what's the point?
@@Andy-c6r1c Its not always true that things you learn from doing certifications can just be learn from free resources in the internet. For example in OSCP, they provide you a very good methodology in enumerating a target. I can’t think of a better free alternative than what they provide in the course material. But there are also topics that you can easily learn somewhere else for free. Example would be in CEH practical - there are topics there that teaches you how to use certain tools but on a very basic level which has better free alternatives (i.e. nmap). Certs are expensive. If your employer can cover it for you then just take the opportunity. You won’t lose anything other than the time you invest in studying. It can also be an added plus factor on your resume when looking for a job.
@@hacktheclown I like both not necessarily one over another, but yea neovim is kinda more famous bcs of it's customizability ig. edit: i use windows now days but, neovim/notepad++ for text editor.
Just found your channel and I’m loving it wow. This video is great! The explanation and the demo was very well executed and you definitely have the voice and tenacious for this type of content and teaching. Much appreciated for the content best of luck
Great content. It seems like github elegantly solves a lot of issues w/ c2. Time to break out the wireshark and figure out why I have an open link to Github hahaha j/k
I made something similar but not with github as c&c even tho that is 1 way to do it they could then control your things! i made mine use onion links and can add as many as i want for tor networked c&c that github cant seize lol also mine uses ssh so its more secure and commands can be sent that dont exists on the system so its more powerful, plus i got other things like scheduling remote monitoring event triggering etc.
thanks for this PoC of a C2. I wonder what is the best way to define the GitHub token and user. we don't want a github token lying around in the wild...
@ modules are hosted in github. The implant also can be hosted, but that is optional. You can put the implant somewhere safe as an added protection. I just put all of them in one repo for simplicity.
Hi, I just sent out a post in my channel having the link to the repo. You may check it out. As for obfuscation, I don’t have good experience but I’m considering creating a video about this after I read more about that topic.
i see a hack the clown video, i simply click, and watch on repeat, for entertainment purposes only of course haha, just finished the google cyber security certificate and have a few others under my belt, on to the comptia wagon next, love the videos. best on youtube in my humblest opinion. much respect sir
@@A1.4graffix thank you for your support! Goodluck on your comptia journey!
What's the point of these certificates?
@ it depends on the person. But in general certs teach you something different from what you normally do at work. It broadens your knowledge.
I mean, it's going to cost you money, right? I understand that useful knowledge about something should and will cost you money. But is this really the case? I mean, it's like paying a girl for sex instead of getting it for free. Or, more precisely, paying not even for sex, but for some kind of certificates from authorities claiming that you can potentially fk someone.
And the gap between "knowing" how to do something vs actually being able to do it is somewhat similar in these cases. So what's the point?
@@Andy-c6r1c Its not always true that things you learn from doing certifications can just be learn from free resources in the internet. For example in OSCP, they provide you a very good methodology in enumerating a target. I can’t think of a better free alternative than what they provide in the course material.
But there are also topics that you can easily learn somewhere else for free. Example would be in CEH practical - there are topics there that teaches you how to use certain tools but on a very basic level which has better free alternatives (i.e. nmap).
Certs are expensive. If your employer can cover it for you then just take the opportunity. You won’t lose anything other than the time you invest in studying. It can also be an added plus factor on your resume when looking for a job.
A person using neovim is always aware what they are doing lol. ( nice video!! i could understand at properly and easly )
Thanks bro! I’m a vim user before but amazed on how fast neovim is compared to vim. It made my development workflow 5x faster.
@@hacktheclown I like both not necessarily one over another, but yea neovim is kinda more famous bcs of it's customizability ig.
edit: i use windows now days but, neovim/notepad++ for text editor.
Just found your channel and I’m loving it wow. This video is great! The explanation and the demo was very well executed and you definitely have the voice and tenacious for this type of content and teaching. Much appreciated for the content best of luck
Thank you! Will create more video like this!
Great content. It seems like github elegantly solves a lot of issues w/ c2. Time to break out the wireshark and figure out why I have an open link to Github hahaha j/k
@@CorEsan yeah! Hackers are finding different ways to leverage these trusted sites. They are becoming sneaky!
I love your videos bro.
I made something similar but not with github as c&c even tho that is 1 way to do it they could then control your things! i made mine use onion links and can add as many as i want for tor networked c&c that github cant seize lol also mine uses ssh so its more secure and commands can be sent that dont exists on the system so its more powerful, plus i got other things like scheduling remote monitoring event triggering etc.
@@JNET_Reloaded interesting!
Do you have like a discord server or something like that? Would be cool to have :D
I still don't have it. But I see people asking about it. This is something I'm looking forward to setup next year when time permits.
@hacktheclown awesome 😎 can't wait, is there any other socials we are allowed to follow?
I’m fairly active in reddit. I have a facebook account but I don’t use it often. You can search hacktheclown and it should show up.
thanks for this PoC of a C2. I wonder what is the best way to define the GitHub token and user. we don't want a github token lying around in the wild...
Thanks bro. The implant code should be obfuscated atleast.
@ ok, so in this case, the modules are hosted on github but the implant doesn’t ? is still confused…
@ modules are hosted in github. The implant also can be hosted, but that is optional. You can put the implant somewhere safe as an added protection. I just put all of them in one repo for simplicity.
@ do you have some sort of samples repos with a full mockup?
and also any recommendations / tools to obfuscate the implant
Hi, I just sent out a post in my channel having the link to the repo. You may check it out. As for obfuscation, I don’t have good experience but I’m considering creating a video about this after I read more about that topic.
can you share your VIM config?
Hi bro, yes I will create a separate video about my setup