Best products from r/blackhat

We found 28 comments on r/blackhat discussing the most recommended products. We ran sentiment analysis on each of these comments to determine how redditors feel about different products. We found 30 products and ranked them based on the amount of positive reactions they received. Here are the top 20.

14. The Smart Girl's Guide to Privacy: Practical Tips for Staying Safe Online

    Features:
  • LOOK FOR SOLD BY GMACS, THE ONLY ORIGINAL HERE - OUR SLEEP MASK WILL GET YOU TO SLEEP FAST - The most obvious benefit of our sleeping mask is that they’ll help you get to sleep and stay asleep. They block out any and all light from inside/outside the room. Let the night owl stay up reading or watching TV You won’t be able to tell. Insomnia is the worst thing and we solved it. For women it won’t touch your eyelashes either and gives total blackout, allowing you to rest in peace, great gift
  • OUR BLACKOUT BLINDFOLDS ARE EASY TO TRAVEL WITH - you can stuff them into your carry-on with ease. Whether you’re travelling by bus, plane or train, our eye shades are a perfect accessory when you leave your blackout curtains at home. They mold to the shape of your face allowing you to enjoy total darkness day or night, Plus our eye mask is a polite signal to your neighbours I’m not interested in talking.
  • THESE CONTOURED EYE PILLOWS AND EAR PLUGS ARE AFFORDABLE - While many sleep accessories are considered luxury items with a high price tag, you don’t have to spend a lot to get a great product here, they are comfortable too for every type of sleeper leaving no lines on your face like most other masks will.
  • SPEND MORE TIME IN A STATE OF DEEP SLEEP WITH OUR EYE MASK - nurses have found that their patients slept significantly better when they wore mask to cover their eyes, if sleep masks work for hospital patients, it’s likely they’ll work for you too. They will keep you from waking up throughout the night
  • A COMMON COMPLAINT AMONG SLEEP MASK WEARERS - is that their masks let in light when they’re loose, but hurt the eyes when they’re tight, our answer is a sleep mask with a cup design so no pressure on the eye sockets themselves. That means you can blink freely plus they are machine washable unlike most weighted sleeping masks just throw into the washing machine once a week keeping them clean and oil free. You’re looking at your solution, why not try ours today, you have nothing to lose.
The Smart Girl's Guide to Privacy: Practical Tips for Staying Safe Online
▼ Read Reddit mentions

Top comments mentioning products on r/blackhat:

u/root_pentester · 3 pointsr/blackhat

No problem. I am by no means an expert in writing code or buffer overflows but I have written several myself and even found a few in the wild which was pretty cool. A lot of people want to jump right in to the fun stuff but find out rather quickly that they are missing the skills to perform those tasks. I always suggest to people to start from the ground up when learning to do anything like this. Before going into buffer overflows you need to learn assembly language. Yes, it can be excellent sleep material but it is certainly a must. Once you get an understand of assembly you should learn basic C++. You don't have to be an expert or even intermediate level just learn the basics of it and be familiar with it. The same goes for assembly. Once you get that writing things like shellcode should be no problem. I'll send you some links for a few books I found very helpful. I own these myself and it helped me tremendously.

Jumping into C++: Alex Allain

Write Great Code: Volume1 Understanding the Machine

Write Great Code: Volume2 Thinking Low-Level, Writing High Level

Reversing: Secrets of Reverse Engineering

Hacking: The Art of Exploitation I used this for an IT Security college course. Professor taught us using this book.

The Shellcoders Handbook This book covers EVERYTHING you need to know about shellcodes and is filled with lots of tips and tricks. I use mostly shells from metasploit to plug in but this goes really deep.

.

If you have a strong foundation of knowledge and know the material from the ground-up you will be very successful in the future.

One more thing, I recently took and passed the course from Offensive Security to get my OSCP (Offensive Security Certified Professional). I learned more from that class than years in school. It was worth every penny spent on it. You get to VPN in their lab and run your tools using Kali Linux against a LOT of machines ranging from Windows to Linux and find real vulnerabilities of all kinds. They have training videos that you follow along with and a PDF that teaches you all the knowledge you need to be a pentester. Going in I only had my CEH from eccouncil and felt no where close to being a pentester. After this course I knew I was ready. At the end you take a 24-long test to pass. No questions or anything just hands on hacking. You have 24 hrs to hack into a number of machines and then another 24 hours to write a real pentest report like you would give a client. You even write your own buffer overflow in the course and they walk you through step by step in a very clear way. The course may seem a bit pricey but I got to say it was really worth it. http://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

u/misconfig_exe · 2 pointsr/blackhat

I feel compelled to lead with this:

> I'm sorry, but you really should have been asking this question a year ago, not now as a graduate.

> Other readers: have a career plan in development while you're in school - otherwise you may find yourself left behind when you graduate.

But anyway, I'm a current student, and here's what advice I can give you based on what I have learned.

If you want to learn offensive security, you can take a certification course that includes Lab Sim like PWK for OSCP, but they are an expensive proposition and intimidating to someone without experience.

You could do what I'm doing, and build your own lab. Interview people in the industry that you have made connections with (and if you haven't made those connections by now, get on it!), and learn a bit about what their network environments look like. Then, emulate them, learn to set them up, and then use that lab as a shooting gallery to follow an online penetration testing guide and other self-learning resources such as The Hacker Playbook.

If you can find some in your area, I would highly suggest taking any in-person pentesting courses you can find. I'm lucky enough to live in the LA area to take Peter Kim's training classes. He's the author of the book mentioned above.

Get involved in local groups! Other people in your area are passionate about security too, and they may be learning or teaching exactly what you're interested in. I've had good luck with meetup.com.

u/dud3z · 18 pointsr/blackhat

The dark side has lot of facets, it depends on what you want to achieve.

If you are already working on web applications and web in general, then you may want to start with the Web Application Hackers Handbook by Dafydd Stuttard and Marcus Pinto.

This is a very valid book and with your existent knowledge it will be a very interesting read: i may also advise you to read The Tangled Web by Michal Zalewski, this instead will give you a very in-depth look of browsers' quirks and their inner working, quirks you'll learn to exploit.. for science!

Then there is the world of binary reverse engineering and exploitation, my preferred literature on this is Hacking: the art of exploitation: keep in mind that the techniques there may be outdated, but the reasoning and much of the concepts are still valid. It's a very specific book with very detailed information and you are required to know a bit of assembler, C and very low-level stuff.

Happy hunting and good luck!

u/Jethro_Tell · 2 pointsr/blackhat

u/Waffle_bastard below is right on. You might check out the smart girls guide to privacy which walks you through the things that he's talking about. It's basically designed for this.

And I think other people are right here, it's probably time to change your number, get the police involved, collect evidence. . .. Best of luck, feel free to PM if you need additional help cleaning things up.

edit: https://www.amazon.com/Smart-Girls-Guide-Privacy-Practical-ebook/dp/B013HA1V4S

u/dilbertmouse · 1 pointr/blackhat

I think Bender(Bending)Rodriguez was referring to this one:

https://www.amazon.com/Rootkits-Subverting-Windows-Greg-Hoglund/dp/0321294319/

I would also offer my recommendation for that book as well. It's definitely dated, but an excellent starting point on how to build your own rootkit.

That said, I'm not sure that really answers your "where do I get rootkits?" question. In answer to that, I'll offer a few tools that are heavier on the "post-exploitation agent", but still worth checking out:

u/j3toler · 13 pointsr/blackhat

How comfortable are you with python in general? There are some sites out there like codesignal.com that offer many small Python challenges you can do reasonably quickly. As far as "Black Hat Python" drills, not many that can be finished in 20 mins. but you can always follow the Violent Python chapters while at work. That's what I did, and it seems to go pretty smoothly.

u/Kurcide · 1 pointr/blackhat

http://www.amazon.com/gp/aw/d/B00DMCVKMU/ref=ox_sc_act_image_1?ie=UTF8&smid=A3G4Z7JJ34B7QN

Is that the wireless card you are talking about? Will that card fully support Kali tools? I also have an external TP Link card I use with my Pwnpad which I like a lot.



My plan was to upgrade to a 128GB SSD (does the x140e support sata 6gb/s?) And at some point upgrade to better ram.

My biggest aversion to getting the C720 is that I picture it being a pain to get everything working. I have a MBP 2011 13" that I tried dual booting with Kali and while I got it working it was a mess. The Thinkpad is rugged, easy to upgrade and from what I can see well suited for Linux.

u/Kfalz · 5 pointsr/blackhat

I'm not sure the wireless on the Mac can be put into monitor mode. The easiest way that I can think of is to purchase a USB network card that supports monitor mode and packet injection and then in VirtualBox pass that USB device to the guest OS. Link is a good one to start with.

​

Alfa-AWUSO36NH-Wireless-Long-Rang-Network Adapter

u/telchii · 4 pointsr/blackhat

You should really read Brian Krebs' book, Spam Nation (non-affiliate amazon link). Whether you like Krebs' stuff or not, his book covers essentially all of this. He talks a lot about these sorts of things while telling his story with some notorious Russian individuals. Such as private hosts or hosts that are known as "safe" to generally unwanted customers. Even common tactics for how the services/hosts are paid for (stolen credit cards, bitcoins, etc).

As for how, anyone with some programming experience and determination can make a lightweight server and client program to do what they need. Having many clients report to a server program (or three) is a good topic to study if you're into programming. Others find open-source programs and modify them to do what they need. Obviously distributing a client program is a very different topic, that I won't discuss here

u/zkilling · 2 pointsr/blackhat

I really enjoyed Python Crash Coarse and Black hat Python for learning scripting

Also any ting from No Starch Press. They have some great books.

u/telnetrestart · 19 pointsr/blackhat

I'm taking it right now. The books I read through or started before the OSCP in no particular order: