Hak5 is packed and ready for Def Con 2011! This year, Darren, Paul, and I will be in Las Vegas all weekend- from Wednesday night through Sunday- compiling a delightful Hak5 episode for you to enjoy. We hope to get some good coverage and photos, so show off your Hak5 tshirt! If you see us, […]

Read more

WIFI PINEAPPLE VERSION 2 ONLY. THIS WILL NOT WORK WITH THE WIFI PINEAPPLE VERSION 3. Whether your new to Jasager or you’ve made a configuration change you wish you hadn’t, doing a fresh WiFi Pineapple install is a breeze. This guide walks you through the steps required to flash compatible WiFi Pineapple hardware with the […]

Read more

In this segment Darren talks about Session Hijacking and demonstrates a tool from Errata Security called Hamster and Ferret that, in conjunction with a WiFi Pineapple, an ICS’d 3G connection and Tftpd32 we’re able to “sidejack” with our little man-in-the-middle setup. Lesson learned? Be suspicious of any wifi. Check for signatures of trusted networks and […]

Read more

So you’ve built, borrowed or bought a WiFi Pineapple and you’re new to OpenWRT and Jasager. Hopefully this guide will familiarize you with the many aspects of the the WiFi Pineapple. If you have specific questions please leave a comment or email feedback@hak5.org and we’ll try to keep this page updated. This article will guide […]

Read more

This guide builds on the Auto-Rickroll payload for the WiFi Pineapple. Following this guide you will be able to create a self-contained WiFi Pineapple or similar OpenWRT based wireless access point serving up faux websites to capture login credentials. The purpose of this article is to point out the simplicity of a phishing attack using […]

Read more

Turn your WiFi Pineapple or any OpenWRT based Wireless Accesspoint into a self contained Auto-Rickrolling device!

Read more

This segment, Shannon demonstrates some protecting from Firesheep using; BlackSheep.

Read more

This segment with Darren he demos a couple of tools for us linux folks.

Read more

In this Haktip Darren shows how to detecting ARP Cache Poison Attacks in Windows and Linux using XARP

Read more

In this haktip Shannon shows us the setup and use of the cookie steeling tool Firesheep to hijack Darren’s twitter session.

Read more

Shannon shows us how to perform arp cache poisoning attacks with ease.

Read more

Hping3 is a TCP/IP packet assembler. It’s modeled after the unix ping command

Read more

If you’ve ever used a USB storage device and wondered how stealthy you can be with them, you’re in for a scare. Windows XP logs pretty much everything you’d want to know about that USB key in the registry each time it’s plugged in and written to.

Read more

Rob Fuller and Raphael Mudge talk about Armitage; a cross-platform GUI front-end for Rapid7′s Metasploit. Mudge demonstrate setting up the software, scanning for targets, attacking hosts with client side attacks or remote exploits, and finally pivoting throughout the network using pass-the-hash techniques.

Read more

This demonstration Mubix joins us to add persistance to our penetration testing with a little Metasploit, Microsoft, and IP version 6.

Read more

This segment Darren goes over some of the tools to do some interesting things with DNS and hak6.org.

Read more

Shannon after hijacking someone else’s set brings us the Stoned Bootkit.

Read more

Jason and Darren check out the latest Magic Lantern firmware for the Canon 550D.

Read more

As expected the Motorola Droid has been rooted. That is to say there’s a hack that’ll unlock SU, or super user privileges on the phone. The hack is essentially su bundled in an unsigned update that can be run from the SD card. The unlocking process, which has changed since introduction, is outlined at this […]

Read more

Darren demonstrates a little man-in-the-middle attack using SSLStrip, an epic tool for removing that pesky encryption from your victims browsing session. Go from secure site to clear-text passwords in one simple step.

Read more

After much request we’ve dedicated an episode to every hackers favorite framework, Metasploit. Room362.com’s very own Rob Fuller (aka Mubix) joins us in studio to show us the basics of exploiting and the power of auxiliary modules.

Read more

Darren demonstrates cracking Microsoft VPN tunnels using the MS-CHAPv2 authentication protocol using Joshua Wright’s tool ASLEAP and talks about the theory behind the attack.

Read more

The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it’s really freaking easy. In […]

Read more

Never again have your curious Google searching or social networking adventures be thwarted by your school or office firewall. Darren show off free and easy ways to bypass the filters using SSH or your own homegrown web proxy.

Read more

The Zipit Z2 is an inexpensive wireless handheld instant messaging device by Zipit Wireless. It sports WiFi, a color 320×240 display, backlit keyboard and similar CPU and memory to that of a last-gen smart phone. It’s also a prime candidate for some hacking. In this segment we’ll unlock the device and install Debian, X, and […]

Read more

Darren Kitchen, hacker and host of tech show Hak5, says why hacking isn’t the same thing as cyber crime. Jorge Ribas sits down with him to find out the difference. Read on to watch the video.

Read more

Adding a touch screen to a LCD is pretty straight forward and fairy inexpensive. There are a few different places to get the touch screen kit, we got ours from ebay for around 80 bucks + shipping. Dealextreme.com has a small selection of smaller touch screen kit perfect for netbooks, because they come with a […]

Read more