What if there was a social media network that couldn't ban you? Imagine if Twitter couldn't delete your post history and … [Read More...]
Featured Articles
Stealing passwords from browsers
Few users really understand just how much secret data is hiding in their web browsers. Think about it, when you login to … [Read More...]
Mobile Application Penetration Testing Basics
Mobile penetration testing is like a security check for your phone and apps. It helps find and fix any weak points that … [Read More...]
Editorial Picks
How Hackers Steal PGP Keys
Learn how hackers steal your PGP keys. What may seem secure is not always so and hackers stealing PGP keys happens all … [Read More...]
Automate Your Own CTF Solution
Learn how to code your own solution to CTF (Capture The Flag) exercises. After you manually solve a part of the capture … [Read More...]
How To Create A Social Media Keylogger
Learn how to create your own social media keylogger and by extension how to defend yourself from this kind of invasion … [Read More...]
Latest Blog Updates
Fediverse coding with JavaScript
What if there was a social media network that couldn't ban you? Imagine if Twitter couldn't delete your post history and social graph, sometimes built over decades, over a single post they disagree with. If the idea of decentralized social media intrigues you, then you need to try the Fediverse. Basically, it's a network of different social media apps that let you create your own server and link up with other servers. Sort of like how email lets you create an account on any service, but you can still message with users on the other services. In this article, we're going to teach how you can start coding Fediverse … [Read More...]
Stealing passwords from browsers
Few users really understand just how much secret data is hiding in their web browsers. Think about it, when you login to a site and the browser offers to auto-fill your password, that means your browser is storing your password somewhere on your file system. Same thing for your credit card data, cookies, and so on. One of the easiest ways to pwn a number of a target's account is stealing passwords from browsers. In this article, we'll show you how to write a script that automatically steals a target's passwords from their browsers and sends them to you, the attacker. We'll also link to other resources for … [Read More...]
Mobile Application Penetration Testing Basics
Mobile penetration testing is like a security check for your phone and apps. It helps find and fix any weak points that hackers could use. This is important because as we use smartphones more, we want to make sure our personal information is safe. The testing looks for problems, like where data is stored or how it's protected, and helps fix them before bad guys can take advantage. Doing these checks regularly is like keeping our phones' security up-to-date to stay safe from online threats. Let's discuss the steps involved in penetration testing of mobile applications Extracting application details and … [Read More...]
Phishing on social media
We've talked about phishing quite a bit in previous HackingLoops posts. Still, when most people they think of phishing, think of an image from the distant past. Even in the infosec world, the word "phishing" evokes Nigerian prince scams offering millions of dollars to gullible email recipients. While these threats still exist, the phishing world has advanced quite a bit since those days. In particular, phishing on social media now represents the main attack vector for this genre of attacks. In this article, we'll give you a sample of what modern phishing looks like on Twitter. Hands-on learning matters much … [Read More...]
Social engineering for red teamers
When you think of hacking, what picture comes to mind? For me, it's a young guy in a hoodie, typing commands into a green and black terminal. Of course, this Hollywood hallucination couldn't be farther from reality. So what does a hacker really do? If you look up guides to hacking, you'll likely find hundreds of articles about exploits, programming languages, networking, crypto, and so on. But there's one link in the tech stack that will always be vulnerable: the human mind. That's why social engineering for red teamers is indispensable. Pentesting a company is hard. Thus, knowing how to get what you want from … [Read More...]