NoExecute

If the keyboard is not attached to the dongle along with the mouse, you can't. If it's unify, look into the logitacker project 🙂 or simply just use a software keylogger on the laptop, that will always work. Or, build some kind of mod on the docking station, as someone else suggested. Have fun 😉

Why not go study and build your own ? If you buy it, chance is it wont work, usually it will get detected pretty fast. And why would you want a crypter in the first place ? If it's for bypassing AV, and it's NOT your machine, you have no right to hack it, or bypass AV in the first place. If it's for leaning some kind of C2, simply just turn off AV while you learn, simple as that 😉

I will try to be gentle, but.. a lot of what you're saying doesn't make much sense. Is he in the house (just to clarify), or is he next door ? If he has access to your hardware, well..protect your hardware. Live usb linux, well, if someone has access to the usb drives, and they can write a new os to them (custom made live with a backdoor), game over... As for hacking your phone, as someone else pointed out, if he has a remote exploit, i doubt he would use it to harass you, is worth a pretty penny if he sold it. Resettting the router, it can reset due to a power glitch, or update from your ISP, so nothing alarming there. So, please, a bit more info, and be very specific and clear on what you experience, when, where and how 🙂 /NX

Simple answer, you dont, you cant "embed" anything to an exe file. And why would you want to, for what ?

You can't really. There's so many ways to do that, and so many sizes and shapes of devices, so you have to take apart everything that "could" hold a covert device. Tv, loudspeakers, power sockets, and so on. But is it realistic that someone is watching you or listening ? And, long range video / photo is a thing, so is microphones working long range (from another house), so there's no real way to be sure. But most people don't want to go through the trouble, or use the kind of money something like this would cost, so try not to worry to much about it 😉

It depends on what you're trying to do.. If theres no external ports, and thus, no webgui, it has to be done internally, so attacking wifi / clients could be the way to go. If you get on the internal side, using bruteforce attacks against the admin portal is a way, (owasp ZAP) / HYDRA or Burp-suite can be a way. But again, if it's not your network / your router, DONT !! /NX

What you're saying isn't possible. As others have pointed out, no "hacking device", can do that. And, from that range, NO. But, let me point out. Hearing changes with age, and it can change from minute to minute with PTSD. I'm diagnosed with PTSD, and when i'm not doing computer stuff, working as a sound tech, and my "feeling" of frequencies shifts according to mood, stress, lack of sleep and various other factors. So, check your TV EQ settings, find some mid level settings that work for you, there's no tech solution for this. I hope you find a solution that works for you 🙂 Take care 🙂 /NX

Depends on OS. In Windows you can use encrypted usb storage, on Linux, use a LUKS partioned usb key. For more advanced option, use GPG encryption with a smartcard GPG key 🙂 That should protect you a bit 😉 (if you're trying to protect your dev USB key and files, NOT the Bunny /O.MG itself) Ahh, if it's protecting the bunny if it's lost, sorry no idea, other than, use it, and take it with you. Write the payload to use servers you can afford to burn (one-time-use), and prepare to loose the Bunny / o.mg cable if not a permitted test. But, you really shuldn't run unpermitted tests anyway, so what's the problem ? 😄 /NX

You could try to sign the file, or make a wrapper in autohotkey and "sign" it using AHK compiler directives. Sometimes that works, but it depends.. But, for the most part, loading exe from usb, can be a trigger... /NX

For the scenario you describe, no it can't do that. You need a software keylogger on the phone, / backdoor, that transmits data back to you in realtime. Can you use the omg cable for installing something like that, maybe.. Switch the original charging / data cable with an omg, and remote trigger install of the payload. But the payload is up to you to write, as well as the connect back / c2 endpoint, to get the data. So, it looks like you have a long journey ahead of you 🙂

if it's a complex password, forget it, unless you use a gpu based cluster for cracking. You could try crunch with custom password masks. Mid level GPU..hmm. My cracking rig is a sixteen core ryzen, and and a highend GPU, and even that kind of system breaks a sweat when trying to go up against complex passwords, that's totally unknown. so, go for a GPU based cluster, those can be rented at linode. Good luck, and happy cracking 😉

Lean to be clear in what you want, what you ask doesnt make much sense. Wtf is a "portable text expander" ? And why keycrock..read the manual 😉

Hehe, Much Happy Hacking 🙂 Looking forward to hear how you're getting on with your new toys 😉

As Dark_Pyrro pointed out, that's a tall order. I would say, start out with a Bash Bunny, a Rubber Ducky, depending on what your equipment is, some O.MG cables, and a O.MG prorammer. And, Payload Studio Pro is worth the money. if you're into wifi, get a good alpha wireless card, and you're good. But, this gear is not a magic bullet, it won't help you to get that sweet shell. For that, look into powershell, Python, and other programming languages. read books on pentesting, look at youtube. This type of gear, will only be of any help to you, if you know programming, Av evasion and stuff like that. You need to know the ins and outs of the platform you're targeting, it's defenses and weaknesses, that's the only way. BTW, Learn Linux, you'll need it 🙂 And, when you're done, look into a ProxMark3, a Flipper Zero, and a HackRF One, for some fun with software defined radio, and RFID. For good measure, throw in some lockpicking (always fun to do over a cup of tea and some Netflix 🙂 ) Much Happy Hacking

Forget it, it can't be used in that way. And, what about all the other wifi signals in the area ? You're saying it's to "stop intruders..". How do you mean ? One good start is to look at your wifi coverage (antenna design, buildings, site plan, materials and so on). And simply stop people from using smart devices in the area.. A very (ILLEGAL), way would to use a cellphone / WIFI jammer, to simply knock their devices offline.. What you wan't cant be done, not in an easy way anyway 🙂 /NoExecute

I would say, it depends a lot... Are we talking about a vulnerability test, or a penetration test ? Running a scan for vulns, missing patches, or weak passwords are one thing, running a full test, is quite different. And,what is the scope for a test, how "far" are you allowed to go ? When it comes to equipment,a good laptop, running Kali, some Alfa Wireless cards, and you've got the basic gear you'll need. Everything else,is just "nice to have", not "need to have". But for "nice to have". A rubber ducky / Bunny, and a Odroid C2 and some lockpicks 😄 (and a veeeery patient Boss) /Kent

Hi guys 🙂 Got somewhat of a rookie problem. Rented a new VPS, based on debian 9, and hooked it up to my DNS. My primary site / domain is www.labet.dk, the server is downloads.labet.dk. The strange thing is, if I try to ping it on downloads.labet.dk, I get a response from the right IP, but DNS , it shows up as mail.darrenmusic,com. When I log in, and run a netstat -a, this is the output root@downloads:~# netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:webmin 0.0.0.0:* LISTEN tcp 0 172 mail.darrenmusic.c:2222 80-197-123-156-ca:44938 ESTABLISHED tcp 0 0 mail.darrenmusic.:50180 m2420.contaboserve:http TIME_WAIT tcp6 0 0 [::]:2222 [::]:* LISTEN udp 0 0 0.0.0.0:10000 0.0.0.0:* Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ] DGRAM 13824 /run/systemd/cgroups-agent unix 2 [ ACC ] STREAM LISTENING 13828 /run/systemd/private unix 2 [ ACC ] STREAM I cant seem to find any services configured to mail.darrenmusic.com, so right now, Im really lost. Any thoughts would be really welcome... Sorry for asking rookie questions 🙂

Enter stage left, grumpy old man , MUPPET SHOW THEME PLAYING... Young man...listen up, and listen veeeery carefully. Since RKiver gave you the short version, and right now, you're wondering why, I'll give it a try. Since you haven't gotten permission, dont do anything to those machines. just bypassing login restrictions, would be a crime. Launching any kind of exploit, botnet, or malware is a crime. Since you dont know what you're doing, its a real dissaster waiting to happen..period. Go do your learning on a virtual lab, or private lab network, not on your schools gear. But you could try and ask the network staff if you can give them a hand, because you want to learn, and maybe someday be an admin yourself. Some of them might actually think it's cool, and start you in the right direction. Exit stage right, grumpy old man

Sorry for posing a stupid question... but why ? You can setup the client, to not connect if server is not in known_hosts, but as far as I see it, SSH wont function properly without sending servers public key. I'm not sure, but I really can't see the point in it either ;) If it' a matter of security, set key auth only, and disable ordinary password login. throw some fail2ban in front of it, and you should be fairly safe :)

just some quick thoughts ? For demo purposes, i would recommend a laptop running dual alfa wifi cards, as it's easier to use a laptop if something goes wrong, or you need to adapt. I usually do it that way, and keep the HAK5 stuff for easy depployment on field tests if need be. But, as for showing the dangers of wifi, i would say you're on the right track, if you can demonstrate deployment of malware, capturing credentials, dns spoofing, java-script injection and stuff like that. Just simple stuff, but with an impact none the less. It really shows why you shouldn't be using the network on McD or Starbucks without a VPN ? Something like DNSchef, Beef-Xss, Metasploit and Blackeye captive portal comes to mind ? As far as using videos, I think you're right. Better to make mistakes "live" than using a video. It better demonstrates what can be done and the tech behind it. Even though I failed at a demo, and had to try a second time, it gave everybody an opportunity to talk about the tech behind it, why it failed, what to do about it, and so on. So what could have been a dissaster, ended up begin a really nice talk with the people present about a lot of stuff related to security, and the ides and technologies behind the demo.

A solution could be to setup your own openVPN server. Isn't that hard to do and it could give you some time to confirm it works as it should. I've testet a private VPN solution based on OpenVPN, from Linux workstations, and see no leaks from it. But, as with any kind of VPN solution, it's possible to sniff the traffik at the gateway, if not encrypted from that point forward. But it should get you through the Chinese firewall. As for phones, hmm. Anything on a GSM network, could possibly be monitored by the government. Something like Jitsi IM and encrypted videochat through VPN comes to mind, depending on your situation. But, as Digininja pointed out, it depends on what resources they want to spend on it, and would they bother for an ordinary bussinessman, conducting legal bussiness in China ? I guess you would be fine, just with an ordinary VPN solution, combined with some kind of encrypted messenger / videocall.

How do you mean, "relates to companies" ? OSINT - Open Sources Intelligence gathering (Collecting info from open / public sources) HUMINT - Human Intelligence Gathering (info from people on the ground / human sources) CYBINT - Cyber intelligence SIGINT - Signal Intelligence gathering TECHINT - Analysis of technical capabillities of an enemy MEDINT - Medical records / information FININT - Financial information So OSINT is just the CIA's catchy term for gathering date from publically available sources ? Directed at a person, it would be using every public know source to gather info on that person or group. <Stalkerish mode ON> Websites, social media, phonebooks, public records, News sites / magazines and papers. <Stalkerish mode OFF> For keeping track of these records, and building a picture of how it relates, I would suggest "maltego" and "casefile", they were made for this, and really is a great help in organising the information in a logical order. Start thinking on yourself yourself an an example. What information is out there on you ? What kind is it (phone number, email, medical, address and so on) Who has this information, and who can access it ?, and access it under what circumstances ? How do you get to it ? Because it will help you to start thinking about whats out there on you, and how to protect it. But, more important, it will help you build a list on most types and sources of information that applies to everyone else If it were me, that had to start launch an operation into someone, it would most likely go something like this. OSINT PHASE (Passive phase) Phonebooks, websites, social media, professional networks, public records of ownership of buildings, and placement of buildings Public listed address Public listed phonenumber Public listed email & messenger handles Get photos, known whereabouts / favourite places they visits Job / education, what and where Have they published anything (books, papers, assignments and the like) HUMINT (Active recon Phase) Friends ?, coworkers ?, relatives ? Gossip at the places they visit ? Directed Social engineering attacks Photo, video. Audio gathering if necessary TECHINT Technical equipment they have access to (laptops, phones, workstations) Where do they use it and for what ? CYBINT Closer look at websites / Social Media profiles When done, all of this should provide you with information, that can help you to build a profile, and find out where to direct you attention next. Direct attack campaings if that is to your liking, which I really wouldn't recommend ? But if you're working in an efficient directed manner, you would be amazed of what info is actually out there, if you go about getting it, in an coordinated effective manner. If not anything else, it's a fun task. "Good luck double o seven, and do try to bring the gadgets back home to Q branch safely :D"

Hmm, there would have to be a waveform of some sort. As i see it, it would be something like talkvoice ----> mic ---> Encryption PCB --->transmitter -------->AIR <------- Reciever ----> Decryption PCB --> speaker ---> Ear ? As far as I understand it, in some cases, the encryption function is just a base tone, some modulator function, and the transmission of the generated signal. It should / could be possible to reconstruct the signal from the base, and figure out what kind of modulation it is, apply it to the transmitted signal, and recover the clear voice signal. https://www.midians.com/specs/voice-scramblers-motorola-mototrbo-radios/vs-1000-mt1 Here is some encryption pcb's for Motorola truncated radios. They use, as far as i can tell, "just" some kind of filtration and modulation as encryption. I would imagine, as least theorethically, the encrypted voice from these can be recovered through trial and error, and massive computing power maybe ? If I understand the description of these correctly, they simply just run the base voice through some kind of known modulation filter, remove the sum, and transmit the difference in frequencies. If that's understood correctly, maybe it could be recovered by finding the base frequency, applying filters, until you have clear audio again. Just my thoughts on this. If I'm correct or not, I cant say ?

Practically, no it's not possible to crack the system keys on truncated radio. The simplest way, would simply be to get hands on a radio you know is operating within the radio group / organisation you want to monitor, or bribe someone who know what it is. Finding it with bruteforce will cost a lot of time and special / custom software. And even in situation one, most radios is locked / protected from reading and changing the encryption keys & channel info, so no luck there. Depending on what radio system it is, some radios also employ key / authentication services, so unkown devices will never be approved on the system, and lost systems will get locked out from the radio network, so no lock there either. I know it sounds fun, but i should mention it's illegal in most countries to monitor police / fire department radios when they are encrypted or try to crack the encryption. Some info on truncated radio security mechanisms. https://www.rrmediagroup.com/Features/FeaturesDetails/FID/812 I would imagine it's impossible to recreate the transmission without the encryption / scrambler key, the same radio model, running on the same frequencies, and with the correct keys programmed into the scrambler /encryption module. Sorry, didn't wanted to spoil your day, but from what i've found out, it's simply to costly and to much work, to bother with it ? /Kent

Yes there is. You simply post a sign saying "no cellphones", and confiscate them if they have them, and give them back after the event is over. If you don't want them to send data out, don't give them a hotspot to begin with. As far as blocking cellphone comms, forget it. Just trying to do so, is illegal (Think personal / micro GSM Cell site tower routing data and calls to a black hole in the ground.) If they use your wifi, you can try and log the data in transit, and only IF you tell them you do so, and they accept some form of monitoring in the case they are using your wifi. But, even so, it's wrong to do so, and it's easy for them to bypass (VPN anyone?) It can be done, but not legally. I would highly suggest you think of another way all in all, and your boss does the same. Easier to forbid the use of cellphones under the event. But for corporate espionage into the competition, well, thats another game, something you have to research for yourself. Just dont come crying here, when both of you end up behind bars ? /Kent