In this article, I will list for you the 10 most valuable gadgets for you as a hacker. These tools are perfect as a distraction when you're bored, or as a birthday or Christmas gift for your white hat friend. Of course, some of the items mentioned in this article may not be suitable for all penetration testers. For example, wireless enthusiasts may be interested in the antenna below because it can capture keystrokes wirelessly, similar to the capture of WPA2 handshake packets. Those interested in quadcopters may focus more on drones, which are capable of flying 1-2 miles without losing signal and can carry add-on hardware such as Wi-Fi Pineapples and Raspberry Pis.
(Please read the original text for relevant links in the article **)**
一、Mousejack Hacking
In 2016, security researchers from security firm Bastille Networks discovered that the communication signals between most wireless mice and receivers were unencrypted. Allows an attacker to take control of a target computer within a hundred meters range without any physical access, and anonymously pair their device to a target computer using a popular wireless keyboard adapter for remote keystroke injection (shown below).
This attack occurs because the keyboard vendors (Logitech and Dell) do not encrypt the data transmitted between the keyboard and the USB adapter or do not properly authenticate the device communicating with the adapter. Although the vulnerability has been disclosed for more than two years, it is reported that more than 1 billion devices worldwide are affected by this vulnerability, so the impact of the vulnerability will be difficult to eliminate in a short time.
For more information about this attack, please visit the official Bastille website for a list of affected devices and technical details.
The "Crazyradio USB Dongle" used in these attacks is a 2.4 GHz bi-directional transceiver that can send and receive radio telemetry. Essentially, this USB Dongle can be used for observation, recording, and the injection of radio waves.
Crazyradio USB Dongle - MSRP $44.99(Amazon)
2. GPU for password cracking
A graphics processing unit (GPU) is typically embedded in an internal graphics card connected to a computer's motherboard and is used to efficiently handle things like graphics, game memory, and more. It can be said that GPU is responsible for all video and image rendering on our electronic devices.
Hackers can use GPU technology to build their own password cracking equipment, which will greatly shorten the blasting time and increase the success rate of blasting. Tokyoneon fully demonstrates the usability of this scheme in his post "Hack 200 Online User Accounts in Less Than 2 Hours". He successfully cracked hashes in a leaked password database via GPU and took over hundreds of Twitter, Facebook and Reddit user accounts.
For those of you who are considering using a GPU to crack passwords, I highly recommend a GeForce graphics card (GeForce GTX 1050 Ti). At just $189, this graphics card is a great entry-level GPU.
EVGA GeForce GTX 1050 Ti - MSRP $219.99(Amazon | Best Buy | EVGA | Walmart)
Of course, if you want your password cracking equipment to be more efficient and powerful, you can choose to buy GTX 1080 Ti or RTX 2080 Ti (it means you should still be a melon-eater~).
EVGA GeForce GTX 1080 Ti - $899.99 & Up(Amazon)
3. The world’s smallest laptop
Billed as the "world's smallest laptop," the GPD Pocket features an Intel Atom X7, 1920 x 1080 resolution, and 8 GB of RAM, packed into a small laptop that's only slightly larger than most modern smartphones ( As shown below).
GPD Pocket - MSRP $599(Amazon | eBay | GPD | Walmart)
It is becoming more and more popular due to its small size, physical keyboard, ability to handle high-performance games, and Intel CPU that is better than Raspberry Pis and smartphones.
Penetration testers can easily install various Linux operating systems on this device, including Ubuntu, Kali Linux, and BlackArch instead of the default Windows 10.
If you want a thinner GPD Pocket with more complete functions, you can buy the newly launched GPD Pocket 2. Compared with GPD Pocket, its thickness is at least half reduced.
GPD Pocket 2 - $799(Amazon | GPD | Indiegogo)
4. The latest Raspberry Pi
The Raspberry Pi 3 Model B+, just launched this year, has a faster CPU, as well as upgraded Wi-Fi and Ethernet modules, and can use the Ethernet port (PoE HAT) to be powered without a traditional power adapter.
There have been many posts about using a Raspberry Pi to build portable hacking devices, so I won’t go into detail here.
Raspberry Pi 3 B+ - MSRP $35(Amazon | Walmart)
With power supply - MSRP $47.95(Amazon)
With power supply and case - MSRP $54.99(Amazon)
With power supply, case, 16 GB SD card, etc. - MSRP $74.95(Amazon)
With power supply, case, 32 GB SD card, etc. - MSRP $79.95(Amazon)
With power supply, case, 32 GB SD card, cables, etc. - MSRP $94.95(Amazon)
5. USBarmory
USB armory is an open source hardware designed by Inverse Path. It is a microcomputer the size of a USB flash drive. It is built to support the development of multiple security software and applications while reducing power consumption. According to developer keynote's keynote at FSec 2016, USB Armory can be used for:
File storage with advanced features such as automatic encryption, virus scanning, host authentication and data self-destruction;
OpenSSH client and proxy for untrusted hosts;
Router for end-to-end VPN tunnel;
Password manager with integrated web server;
Electronic wallets (e.g. Bitcoin wallets);
Authentication token;
Portable penetration testing platform;
USB security testing.
USB armory supports Ubuntu, Debian and Android systems. To learn more about USB armory, check out the official website and documentation.
Inverse USB Armory - MSRP $140(Amazon | Crowd Supply | Hacker Warehouse)
6. VPS Subscription
A Virtual Private Server (VPS) is a computer that allows us to remotely control Internet-connected devices from anywhere in the world. Therefore, adding a reliable VPS subscription to your arsenal is crucial for any penetration tester and security researcher. With a remote VPS, penetration testers can:
Host payloads used to attack macOS and Windows 10;
sync files;
Create IRC bots;
hosting phishing websites;
Perform password brute force reuse attacks;
Host USB drop payloads;
Use advanced Nmap scripts;
Create server proxy;
Create an onion site;
Host Metasploit sessions.
I understand that one of the most popular hosting services used by white hats and penetration testers is BulletShield. Because it does not require any personal information when registering or paying, it can fully protect our personal privacy information. For more information, see the VPS buying guide below.
White Hat VPS Buying Guide
7. Hak5 Gear
Hak5 is an award-winning podcast that provides information security training services as well as many well-known penetration testing equipment. Here are some excellent hacking tools provided by Hak5.
USB Rubber Ducky
USB Rubber Ducky is Hak5's USB keystroke injection tool, capable of executing payloads at over 1,000 words per minute. It can hack a macOS device in less than 5 seconds, disable antivirus software or socially engineer it into the target computer.
USB Rubber Ducky - MSPR $44.99(Hak5)
Bash Bunny
Bash Bunny is a multifunctional USB attack tool similar to USB Rubber Ducky (known as the world's most advanced USB attack platform). However, Bash Bunny is a full-featured Linux operating system that has more advantages than USB Rubber Ducky, such as the ability to carry multiple advanced payloads, emulate device combinations, and perform multiple advanced attacks. Penetration testers who need to take their physical attacks to a higher level should value this.
Bash Bunny - MSRP $99.99(Hak5)
Packet Squirrel
Packet Squirrel is a pocket-sized man-in-the-middle attack tool designed for covert packet capture and secure remote access to target networks. There are two interfaces on Packet Squirrel, namely USB and Ethernet interfaces.
**Packet Squirrel - MSRP $59.99(Hak****5)
LAN Turtle
The LAN Turtle looks like a USB-to-RJ45 machine, but it's actually a hacking tool. Basic functions include man-in-the-middle attacks, network scanning, and remote access. In addition, it is equipped with SIM (3G) function and modular frame, which is very easy to use.
LAN Turtle - MSRP $59.99(Hak5)
WiFi Pineapples
WiFi Pineapple and WiFi Pineapple Nano are excellent rogue access point creation and Wi-Fi auditing devices. This tool is designed to help penetration testers quickly and easily perform reconnaissance tasks, man-in-the-middle attacks or wireless network attacks. In addition, in order to facilitate the use of WiFi Pineapple also provides us with a graphical interface, which can be easily accessed through a mobile phone or browser.
WiFi Pineapple Tetra Basic - MSRP $199.99(Hak5)
WiFi Pineapple Nano - MSRP $99.99(Hak5)
WiFi Pineapple Terta Tactical - MSRP $299.99(Hak5)
WiFi Pineapple Nano Tactical - MSRP $129.99(Hak5)
8. A must-have router for wireless hackers
Wireless attack technology has always been one of the hotly discussed topics among penetration testers, and it can be said that it is also a necessary security skill. Therefore, it is natural to have a dedicated router for wireless penetration, preferably a router compatible with Kali. Here are some routers I recommend:
ALFA AWUS036NHA - $39.99(Amazon)
ALFA AWHUS036NH - $34.99(Amazon)
ALFA AWUS036NEH - $31.45(Amazon)
Panda PAU05 - $13.99(Amazon)
TP-Link TL-WN722N v1 - $9.99(Amazon)
9. Remote wireless hacker antenna
If standard wireless antennas aren't up to the task, you can also choose to use larger antennas to increase the range of your signal, allowing you to penetrate your router at greater distances.
The standard coverage range of the Tupavco TP512 Yagi Wi-Fi Directional Antenna is about 100 meters, but some online reports claim that its maximum range can be as high as nearly 2 kilometers. There are other vendors selling similar Yagi antennas as well as bundled products. ALFA's Yagi antenna, for example, includes an ALFA chipset and the necessary cable adapters.
Tupavco TP512 Yagi - $25(Amazon)
ALFA Yagi Antenna - $91(Amazon)
10. Drones
As drone technology continues to improve and become more popular, drones are becoming more and more popular. If you are a DIY hacker, a drone will be your first gadget.
Project Cuckoo is a test drone created by a hacker known as "Glytch." This 3D-printed drone features an attached WiFi Pineapple Nano that can perform man-in-the-middle attacks and inject malicious JavaScript into Wi-Fi hotspots, as well as sniff Wi-Fi activity without being connected to a router.
Video demonstration:
Amazon's (good quality) 3D printers start at about $299, and with materials, individual drone components, and a remote control - building a drone from start to finish should cost around $500. This is a considerable expense for the average person. Here is a preview. In the upcoming article, I will provide you with a drone construction plan that we can afford.
The DJI Spark drone is a small, lightweight drone that costs $399 including a remote control. With a battery life of up to 15 minutes, a maximum remote control range of 2 kilometers and a 12 MP 1080p camera, this may be the best and most affordable small drone on the market right now.
If you have enough budget, then the "DJI Mavic Drone" may be a better choice for you. It has a higher-resolution camera, a remote control range of nearly 4 kilometers, 8 GB of memory space (for video recording), and more than 20 minutes of battery life.
DJI Spark Controller Combo-MSRP $399(Amazon|Best Buy|DJI|Walmart)
Mavic Air Combo-MSRP $999(Amazon|Apple|Best Buy|DJI|Walmart)
Recommended e-books and related learning materials
The Hacker Playbook 3: A Practical Guide to Penetration Testing
CompTIA Network+: Certification Integrated Exam Guide, Seventh Edition
CompTIA CySA+: Certified Cybersecurity Analyst All-in-One Exam Guide
CEH: Ethical Hacking Exam Materials, Third Edition
CompTIA PenTest+: Certification All-in-One Exam Guide
CISSP: Integrated Examination Guide, 8th Edition
Hash Crack: Password Cracking Manual
Kali Linux Web Penetration Testing Cookbook: Identify, exploit, and prevent web application vulnerabilities with Kali, 2nd edition
` How to learn hacking & network security
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can complete them, you will have no problem getting a job or taking on a private job.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is an Internet security video tutorial I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above.
The content covers the study of network security laws, network security operations and other security assessments, penetration testing basics, detailed explanations of vulnerabilities, basic computer knowledge, etc. They are all must-know learning contents for getting started with network security.
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF, and digging SRC vulnerabilities. There are more than 200 e-books. Due to the sensitivity of the content, I will not display them one by one.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
There is also the case source code and corresponding toolkit mentioned in my video, which you can take away if needed.
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click on the link below to obtain it.