[User0193847]

I have been learning hacking and tech for a while now, I want to start to get into hacking companies... For some reason I keep on seeing people recommending proxychains/privoxy for black hat etc, however I don't usually find those options do be really reliable.

Now im not big into blackhat hacking because its merely a hobby for me but if you're serious about it and you want to poke the hornet's nest then ideally what you can do is first find a public a wifi and use a long range wifi antenna to connect to it using a long range antenna is ideal because you can maintain distance if ur connecting to a wifi that isnt yours and u dont want to be seen. 

realistically those wont be anywhere near you unless u manage to capture a handshake of a nearby network and crack the password then connect to it when people arent around to actively monitor and block you off in the middle of your session (probably late at night).

your choice of device should always be something that you dont use personally, and you can get rid of, go for a laptop that is cheap, bought with cash and can get your job done.

ALWAYS practice your exploit before attacking, its esstential that you do research on your desired target and set up a pentesting lab (use VM's), try to replicate the exploit you found out so you know what to expect when it comes to firing the shot, dont go in there running, you will certainly not be prepared and probably mess up or be flagged immedietly if to go for too many attempts.

After you're done, make sure there isnt traces left behind, pruge ur pentesting lab and the  laptop you used, do some research into digital forensics, it should give you an idea on how to properly leave nothing behind.

Bonus points if you use a hacked RDP computer, you can easily find some computers using shodan that are easily exploitable using metasploit, you can log into these ordinary computers and execute an attack on your target and it will seem like it came from the RDP computer u had access to.

And Obviously if you achive success, dont brag about it, dont tell anyone, i dont need to mention how many people got caught just by bragging lol.


Thats it really, i dont know if i forgot something or i was wrong about something here, pentesting is merely a hobby for me and im in no way a professional but thats what i could think of at this moment.

[i_o]

You can also rent a VPS from services where you dont have to register and can pay with crypto (preferably monero). Combine that with an antenna, cheap laptop, and anothers wifi connection (as already mentioned). And you should be good

[302]

I have been learning hacking and tech for a while now, I want to start to get into hacking companies... For some reason I keep on seeing people recommending proxychains/privoxy for black hat etc, however I don't usually find those options do be really reliable.

Windows with Recall + Microsoft Edge + NordVPN way to go lul

MS Edge ain't THAT bad is it!?

never used so cant say from experience, but done buy microsoft and it's ALWAYS installed by default, do i'd suppose it's spyware at least to some extent

[Hallow]

I think that only one VPN can be used with very few risks : Mullvad VPN is a good solution and very anonymously. Futhermore, ur ISP will can't know ur activities on the darknet...
(Sorry if my english isn't correct ^^)

[toujours]

by not being braindead lol

[ssafsdafs]

Using TOR mostly, that's pretty much it. Avoid VPN's

I understand that tor is the best way, however how do you wrap tor around all your traffic? As I stated my experience with proxychains has been very disappointing, as all the tests I have done on it were leaking my real ip. Do you have any tips for forwarding your traffic through tor?

You don't need to configure routing through Tor yourself. Just use Tails

[endless]

Start reading the theory about qubes, whonix and VMs.

https://www.whonix.org/wiki/Documentation

You don't need Qubes, but it helps a lot to read about the theory around it to see why it works, and then just make a gnu/linux host system running whonix VMs.

It's a must you use linux (in theory can be any open source OS), and not windows or mac as your host. Why? because if your host is compromised, your real local IP and all your computer and network activity is leaked to the compromiser. Windows and mac are propietary, meaning they are not open source, and you have to treat everything propietary as already being malware/compromised/botnet. Windows is a botnet zombie out of the box. this is your mentality from now on; You will only use propietary systems and software when they are compartimentalized in both their network and computation. I will explain this later on.

Wrapping all the traffic around Tor is important, but even more important is compartimentalization.

Once you understand whonix, you will see that you use both a workstation and gateway VM. This makes it so that all the networking from the workstation only goes through the gateway, and the gateway routes everything through tor. this means that even if you install malware/compromise your workstation, it's still okay, because the workstation machine itself does not know and can not know it's own IP, so it can not "betray" you. Contrast this with using tor browser on your normal machine; even if all your hacking/secret activity is through tor browser, if somehow your machine is compromised, it can simply cancel the tor routing and betray all your network activity and computer activity.

For obvious reasons, simply don't do anything personal on your host system as well. get a new laptop. even if your host is compromised, and thus all your guest actiivty, files, and host activity and files, is leaked, plus your local IP; you still have a grain of plausible deniability that it is someone else who is using your network without your permission.

And it goes without saying, use full disk encryption and an uncrackable password for the whole system.

______________________

Using propietary software:

Like i said, ONLY use propietary software when they are compartimentalized in both their network and software, I.E. on a whonix workstation VM.

why? because you don't know what the code does under the hood; this means you HAVE to assume it's already compromised/malware. It can betray your IP by making network calls to it's master server, and/or try and compromise your entire operating system, including files etc.
NEVER trust any software; all software that you use should be compltely checkable (open source) so you know that it's not compromised. This doesn't mean you have to check all the GNU and linux code, and all the other open source software code that you will use; that would be impossible. Other people will check it for you (audit), because it is public. This means you should only use stable ("older") open source software that is well known, so you know for sure that it is well audited by the community and there is no malware. stable software is also better protected against security exploits. Contrast this with "rolling release" software and linux distributions like Arch, that offer the newest updates for all their software packages; this has no use for our use case. since we want security.

A good example of this is the XZ utils exploit from last year; someone tried to sneak in RCE malware in the XZ utils package that would have almost made it to most rolling releases and was already on some. They used genius obfuscation techniques and SE'd the XZ maintainers to get in. This is what I mean with open source code should be well audited; it can in theory still contain malware.

---

hacking on VPS/RDP is NOT the same as routing your network through it. You're actually doing computational work on it which means it's visible to the VPS owner and in extension LE.

[Vapulame]

My grandma is 92 and struggles with her computer.
One day, while I was helping her out, I secretly installed malware to access her computer remotely
Ever since then, I've been using her computer for all my hacking activities.
If I ever get caught, she’ll be the first one to take the fall!

hahahahahhah love this one lol that's one way to do it i guess

[endless]

You don't need to configure routing through Tor yourself. Just use Tails

This is not a good idea, since a compromised Tails OS is able to betray your real IP.

---

My grandma is 92 and struggles with her computer.
One day, while I was helping her out, I secretly installed malware to access her computer remotely
Ever since then, I've been using her computer for all my hacking activities.
If I ever get caught, she’ll be the first one to take the fall!

W shitpost

send us the ssh pw so we can also use it

[termit]

Ready-made recipes work until they become public knowledge.