Backtrack Hacking Video Tutorials 'LINK'
Kali Linux has many other unique features, which makes this Operating System the primary choice by Security Engineers and Hackers alike. Unfortunately, covering them all is not possible within this Kali Linux hacking tutorials; however, you should feel free to explore the different buttons displayed on the desktop.
Backtrack Hacking Video Tutorials
Intro and leaving Louisville with Brian. Morgellon talks about hacking the Arduino micro controller platform. Sorteal talks about the LiVes Open Source video editor. AT&T Batman building by night. Mojo-JoJo soldering some stuff for the shooting range. The patron gods of hackerdom. Registration. Con swag overview. Morgellon gets his discreet logic on. AK-47 building with HandGrip and Buttstock. Froggy talks up Notacon, which I plan to go to next year. Skydog explains the Jware chair toss event, and then we compete. Rootwars hacker wargames. I askInt80 about using his nerdcore music in some of my videos. NotLarry explains rootwars. Some iPhone hacking withLee Baird and John Skinner. I do a little Bluecaseing/Warnibbling with the Bluetooth on my Nokia n810. John, Lee, Brian and I go to the German restaurant. I blind DOSman with the light from my camera and check out what folks are doing with theArduinos Droops brought for folks to play with. I check back in on R00tW4rz. I blind Droops. I talk Ettercap filters withoperat0r. USB door key fun with theArduino. More breadboard fun. Nokia n810 + Ettercap Filter + Lemon-part = win. Int80 gets down with his own bad self, and the rest of Phreaknic. I find an energy drink with protein. Folks play with the hardware keyloggers I brought, and we have some epic fail with the IBM Model M + USB adapter + Mac OS 10.5.Winn Schwartau joins in on the keylogger fun. DOSman and Zack use a directional antenna from the 9th floor to search downtown Nashville for WiFi access points. Zoom in on Al. John and Lee eat jerky.Daren and Shannon from Hak5 blind me this time. :) Then they do a quick interview. I interviewTRiP about the legalities of wardriving, sniffing and leaving your access point open so you have plausible deniability of copyright infringement (most likely it won't hold water in court if you are a computer geek). I give Hak5 Daren beef jerky.Ziplock had more con badges than God. I meet up with Iridium. I talk with Nightcarnage about the audio/video setup at Phreaknic. As I predicted, thePotters won the WiFi Race. I say why this was the best Phreaknic ever. Using green lasers on crack dealers. Techno in the dark, the Aiptek action HD does not do well in low light. Nicodemius shows off his Minority Report like multi-touch table. Hula hoop contest. I check back in with Jeff Cotton and his USB keyed door. I strap on my gear to leave the con. Brian and I do a wrap up of our thoughts on Phreaknic 2008. About 1:25:00Blip.tvn/a 10/29/2008 103 Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle" In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP versions 6.0 and later are less susceptible to these attacks because of the verification schemes added, there is still a risk since so many users just click yes to all warning messages. varSWF8.09MB 10/20/2008 102 BeEF: Browser Exploitation Framework XSS FunJohn Strand ofBlack Hills Security sent me another awesome video on using BeEF, cross site scripting and other fun. 6:58Vimeon/a 10/16/2008 101 Using Metasploit to create a reverse Meterpreter payload EXEby John StrandJohn Strand ofBlack Hills Security sent me an awesome video on using Metasploit to create an EXE with the Meterpreter payload that creates a reverse TCP connection outbound, blowing through many NAT boxes and firewalls. This goes great with a previous video I did onEXE Binders/Joiners. 6:26Vimeon/a 10/15/2008 100 Using Cain to do a "Man in the Middle" attack by ARP poisoningI'm creating this video for three reasons:1. While I've done a lot of videos on Cain, most of them are more advanced and assume you know the basics.2. The last video I did on ARP poisoning with Cain was more than four years ago, Cain looks quite a bit different now.3. I wanted a reference for the classes I'll be teaching for the Kentuckiana ISSA. Before you watch this video, read my article "The Basics of Arp spoofing/Arp poisoning"so you will have a better grasp of the concept. varSWF4.63MB 10/14/2008 99 John Strand - "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008John Strand gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. He gives a fascinating talk about why "security in depth" is dead, and lives again. John then goes on to demo Evilgrade, using msfpayload and obscuring it against signature based malware detection, dumping SAM hashes with the Metasploit Meterpreter and using a patched Samba client to pass the hash and compromise a system. I'd like to thank John for letting me record his talk. 80:16Vimeon/a 10/11/2008 98 Rohyt Belani - "State of the Hack" from Louisville Infosec 2008Rohyt Belani gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. Rohyt shows new ways to think about hacking, going into how and why simple things work on the people element. Why hack a system when a quick Google search can reveal so much? Rohyt's talk was humorous and informative, and I'd like to thank him for letting me record his it. 52:01Vimeon/a 10/11/2008 97 Adrian Crenshaw - "Intro to Sniffers" from Louisville Infosec 2008I gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. I cover the basics of how network sniffers work, and specifically talk about Wireshark, Cain, Ettercap and NetworkMiner. I came up with the presentation on short order, so please be forgiving of the stumbles. :) You candownload the slides from here. 61:25Vimeon/a 10/11/2008 96 Kevin Beaver - "Staying Ahead of the Security Curve" from Louisville Infosec 2008Kevin Beaver gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. There's a lot of great advice in this video on how to approach an infosec career in the right way. Kevin endorses being a security "renaissance man", expanding your knowledge outside of the tech side to understand the business, people and legal sides as well. At the same time he also points out that sometimes specialization is good, so focus on your strengths. I'd like to thank Kevin for letting me record his talk. 41:00 Vimeon/a 10/11/2008 95 Finding listening ports on your Windows box using Netstat, Fport, Tcpview, IceSword and Current PortsHost based firewalls are fine and dandy, but I'd rather turn off services I don't need than to just block them. Host based firewalls are sort of a bandage, and while they can be useful for knowing what is connecting out (see egress filtering), it's better just not to have unneeded network services running in the first place. This video can be seen as a supplement to my article "What can you find out from an IP?" varSWF11.5MB 10/08/2008 94 Weak Hashing Algorithms: Outlook PST file CRC32 password cracking exampleIn a previous video I explained the basics of cryptographic hashes. Go watch "A Brief Intro To Cryptographic Hashes/MD5" before this video. In this tutorial, I'll be giving an example of why weak hashes are bad. The example I'll be using is the CRC32 hash that Outlook uses to store a PST archive's password with. The CRC32 algorithm as implemented by Microsoft Outlook is easy to generate hash collisions for, so even if you can't find the original password you can find an alternate one that works just as well. varSWF2.02MB 10/01/2008 93 Irongeek's Hacking Lab and a review of the Aiptek Action HD 1080pAn overview of how may lab is set up, as well as a review of the Aiptek Action HD 1080p 4:44Vimeon/a 09/24/2008 92 Teaching Hacking at College by Sam BowneThis was a DefCon 15 presentation (August 3-5, 2007) by Sam Bowne. Sam does a great job explaining how to teach ethical hacking at a university, and since he gave me a shout out in the video I figured I'd post it up here. Definitely a must watch if you are trying to convince your college's administration that it's a good idea to teach such a course. Check out Sam's site at if you want to use his teaching curriculum. 28:16n/aGoogle 09/23/2008 91 How Sarah Palin's Email got "Hacked" This is a quick video reconstruction I did of how Sarah Palin's Yahoo account got "hacked". You will see it's more about insecure design and easy to find information than anything really technical. I made a test account at Yahoo and this video traces the steps the attacker took. I'm hoping it will be useful to journalists who don't really seem to have a grasp on the story. Feel free to link it anyplace you like. var5.23MBSWF 09/18/2008 90 Intro to DD-WRT: Mod your wireless router to do more DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendor's wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT. var12.2MBSWF 09/13/2008 89 Nmap presentation for the ISSA in Louisville KentuckyThis is a presentation I gave for the Kentuckiana ISSA on the security tool Nmap. I've also posted theslides and other media so you can follow along if you like. Topics covered include: port scanning concepts, TCP three way handshake, stealth scans, idle scans, bounce scans, version detection, OS detection, NSE/LUA scripting and firewall logs. Hope some of you can make it to the free class we will be holding at Ivy Tech Sellersburg on Sept 20th, 2008 at 1pm. Contact me to RSVP. The video is about an hour long. Enjoy. 59:41n/aVimeo 09/06/2008 88 Ironkey High Security Flash Drive: Use and ReviewThe Ironkey is a high security thumb drive designed to provide strong AES encryption, tamper resistance and other security services. 17.6MBSWF 07/07/2008 87 Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea (The "Sticky" Honeypot and IDS)A network Tarpit, sometimes know by the German word Teergrube, is a service or set of hosts that deliberately try to slow malicious network connections down to a crawl. The idea is to put up unused hosts or services on the network that respond to an attacker, but do things to waste their time and greatly slow their scanning (or spreading in the case of Worms). For this video I'll be using a package called LaBrea by Tom Liston and tarpitting unused IP addresses on my home LAN. var23.4MBSWF 06/26/2008 86 Compiling and Configuring DHCPD from SourceDevil2005 has created a video on compiling and configuring dhcpd from source. He's using the Fedora 9 distro of Linux for the video, but the lessons learned should be applicable to other distros. For that matter, even if you are not interested in installing dhcp in this way it's still a good lesson on how to download and compile various applications from source. var18.7MBSWF 06/22/2008 85 Using Data Execution Prevention (DEP) in Windows XP and Vista:Fighting back against buffer overflows and memory corruptionI've recently become interested in measures that modern CPUs can take to prevent various types of memory corruption attacks. One such feature is the NX bit (as AMD calls it, XD is Intel's term), which allows for memory pages to me marked as not executable. Microsoft Windows started using this ability with XP SP2 as part of their Data Execution Prevention (DEP) feature. Unfortunately, to get most out of DEP you have to configure it. This video will show how to configure DEP protection in Windows XP and Vista. var6.67MBSWF 06/08/2008 84 DNS Spoofing with EttercapIn my previous two videos I showed how to use Ettercap plugins for various pen-testing and security evaluation functions. In this video I'll show how to use the Ettercap plugin dns_spoof to set up DNS spoofing on the local area network. var6.70MBSWF 06/07/2008 83 More Useful Ettercap Plugins For Pen-testingIn my previous video I showed how to use Ettercap plugins to find sniffers on the network. In this video I'll show three more useful Ettercap plugins: find_ip, gw_discover and isolate. var6.49MBSWF 05/29/2008 82 Finding Promiscuous Sniffers and ARP Poisoners on your Network with EttercapMost of you are familiar with using Ettercap for attacking systems, but what about using it to find attackers? This tutorial will cover using Ettercap to find people sniffing on your network. The plug-ins we will be using are search_promisc, arp_cop and scan_poisoner. var9.68MB SWF 05/20/2008 81 A Brief Intro To Cryptographic Hashes/MD5A cryptographic hash function takes an input and returns a fixed size string that corresponds to it, called a hash. Cryptographic hashes have a lot of uses, some of which are: detecting data changes, storing or generating passwords, making unique keys in databases and ensuring message integrity. This video will mostly cover detecting file changes, but I hope it gets your mind going in the right direction for how hashes can be used. Specifically covered will be tools for creating MD5 hashes in Windows and Linux. var5.40MBSWF 05/10/2008 80 Text to Speech to MP3 with the freeware program DSpeechThis video is on Dspeech, a freeware tool that uses Microsoft's SAPI (Speech Application Programming Interface) to convert text to spoken word. What's special about it is it lets you make an MP3 of the text, so you can listen to it on your computer, in you car or on your MP3 player. It's great for listening to notes. var3.74MBSWF 03/24/2008 79 Hardware Keyloggers In Action 2: The KeyLlama 2GB USB KeyloggerThis video will demonstrate one of the USB KeyLlama brand of hardware keyloggers in action. var6.38MBSWF 03/18/2008 78 Encrypting The Windows System Partition With Truecrypt 5.0Truecrypt 5.0 adds many new features, most importantly Windows system partition encryption. To put it in slightly inaccurate layman's terms, this means encrypting your entire C: drive. Even if you already write your sensitive data to an encrypted space, files are sometimes squirreled away in unencrypted temp space or in the page file where they may be recovered. Using Truecrypt to encrypt your Windows XP system partition will help eliminate this problem. var6.85MBSWF 02/11/2008 77 Hardware Keyloggers In Action 1: The KeyLlama 2MB PS/2 KeyloggerThis video will demonstrate one of the KeyLlama brand of hardware keyloggers in action, specifically the 2MB PS/2 model. I hope this video will give the viewer a better grasp of how these hardware keyloggers work. var14.1MBSWF 02/05/2008 76 Encrypting VoIP Traffic With Zfone To Protect Against WiretappingSome people worry about the easy with which their voice communications may be spied upon. Laws like CALEA have made this simpler in some ways, and with roaming wiretaps even those not under direct investigation may lose their privacy. Phil Zimmermann , creator of PGP, has come up with a project called Zfone which aims to do for VoIP what PGP did for email. var5.02MBSWF 01/28/2008 75 Using GPG/PGP/FireGPG to Encrypt and Sign Email from GmailThis tutorial will show how to use GPG and the FireGPG plug-in to encrypt and decrypt messages in Gmail. GPG is an open source implementation of OpenPGP (Pretty Good Privacy) , a public-key-encryption system. With public key encryption you don't have to give away the secret key that decrypts data for people to be able to send you messages. All senders need is the public key which can only be used to encrypt, this way the secret key never has to be sent across unsecured channels. var10.6MBSWF 01/14/2008 74 WebGoat 1: SQL Injection DemonstrationSQL injection is a common web application attack that focuses on the database backend. WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of installing WebGoat and doing two of its SQL injection lessons. var10.1MBSWF 11/14/2007 73 XAMPP: an easy to install Apache daemon containing MySQL, PHP and Perl By devil2005 var9.87MBSWF 10/25/2007 72 RFID Show and Tell with Kn1ghtl0rd and lowtek mystikWhile at PhreakNIC I got a chance to interview Kn1ghtl0rd and lowtek mystik about their research into RFID, its hackabilty and other information. If you want to lean more information about RFID check out their video from last year at . Video for their new talk this year should be up in the coming months. 9:38 YouTube 10/22/2007 71 Using Metagoofil to extract metadata from public documents found via GoogleAs many of my viewers know, I have an interest in metadata and how it can be used in a pen-test. Thanks to PaulDotCom I found out about a tool called Metagoofil that makes it easy to search for metadata related to a domain name. var5.58MBSWF 10/15/2007 70 Creating An Auto Hack USB Drive Using Autorun and Batch Files. By Dosk3nDuring 2005 Sony BMG was discovered to be including Extended Copy Protection (XPC) and MediaMax CD-3 software on music CDs. The software was automatically installed in the background onto users computers systems that used the autorun function to start running the CD. The software could hide itself from the computers process list in the same way a rootkit would. There was over 100 titles in total that included this "rootkit". Using similar techniques we are going to use the autorun feature with a USB drive to run multiple hacking tools. var5.59MBSWF 10/12/2007 69 How To Burn An ISO Image To A Bootable CDFans of my site will think this is a silly video, but I've seen the question asked so many times in forums that I feel I should make a video. Now I'll have something on hand to point people to when they email me, feel free to link to this video if you get the same question. I'll be burning BackTrack with the freeware tool CDBurnerXP, but it would work the same way with Ubuntu, Knoppix or Helix. var1.47MBSWF 10/09/2007 68 Wardrive Mapping With IGiGLE And WiGLEMap out your WiFi finds with IGiGLE and WiGLE. It's great for users of Netstumbler and Kismet. var7.10MBSWF 10/01/2007 67 Nokia 770/800 Pen-Testing Setup (Nmap, Kismet, Dsniff and other fun stuff)This video introduces the viewer to using a Nokia Internet Tablet as a pen-testing device. var7.58MBSWF 09/26/2007 66 Forensic Metadata in Word Docs and Jpegs supporting ExifMetadata is data about data. Different file formats store extra data about themselves in different ways. This video will cover metadata that can be used during a forensic investigation, namely MS Word doc metadata and the metadata stored in a Jpeg's Exif data. var4.81MBSWF 09/20/2007 65 Remote Password Auditing Using THC-HydraTHC-Hydra is a remote dictionary attack tool from The Hacker's Choice group. It's a well made tool that supports a lot of protocols and options. The following protocols are supported: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA. var3.15MBSWF 08/08/2007 64 Using Darik's Boot and Nuke (DBAN) to totally wipe a driveAnother continuation of my file carving video and selective file shredding (DOD 5220.22-M) to thwart forensics tools video, this video shows how to use