- Installing Social Engineering Toolkit (Page 12)
- Saving Custom Password Lists (Page 10)
- Start Metasploit (Page 7)
- Changes with PeepingTom
- Huge list of optional tools
- bypassuac update
- Nishang has moved (page 16)
- SMBExec Update (Page 8)
- PowerShell Invoke-Shellcode (Meterpreter)
- Obscure System's post-exploitation (Page 121)
- Index for The Hacker Playbook
- Free Radius update (Page 205)
- Mimikatz Binary Update
- Get in touch
- Document info
It looks like there was a change to SET on page 12. Here is the updated GIT Command:
git clone https://github.com/trustedsec/social-engineer-toolkit.git set/
It looks like the old link is now dead
Try these other links:
- https://mega.co.nz/#!VIwSmYhL!Q_u0io3nSxIeVnquONJcfb7D7aO0_fpi9SxSchR1mTM
- http://www.filedropper.com/crackstation-human-onlytxt
- https://www.dropbox.com/s/ucreldsa3qt1rms/crackstation-human-only.txt.gz?dl=0
Thanks Andreas!
Editors note: I recommend using 10 million passwords instead of trying to find a link through Mega. I assume the content within is probalby similar to the original mega file.
cd ~/Desktop/password_list
wget https://github.com/danielmiessler/SecLists/raw/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt
If you have the space, you can choose to download and unzip the aboslutely MASSIVE RockYou2021.
To give you an idea of just how massive this list is, I tried to expand my VM instance by an additional 70GB in addition to the free space I already had, and I still ran out of space to unzip the first of TWO files. This package is a combination of several other projects and previous works.
Download the torrent: https://anonfiles.com/daLbwb0eu5/rockyou2021TXT_Wordlist_torrent
cd ~/Downloads/directory/path/here
7z e RockYou2021.txt.7z.001
7z e RockYou2021.txt.7z.002
service Metasploit start
Should be replaced with
service metasploit start
Thanks John!
I have included the old version here: On your Kali Linux Box, run the following commands from a terminal:
cd /opt/
wget http://thehackerplaybook.com/Download/peepingtom.zip
unzip peepingtom.zip
cd peepingtom
chmod +x *
On your Kali Linux Box, run the following commands from a terminal
mkdir /opt/gitlist/
cd /opt/gitlist
git clone https://github.com/macubergeek/gitlist.git
cd gitlist
chmod +x gitlist.sh
The book points to:
wget http://www.secmaniac.com/files/bypassuac.zip
to download the bypassuac files, but the updated link should be:
Thanks Patrick!
Nishang has moved over to github. Instead of:
Thanks Don!
SMBExec updated and has a new Git Repo. So instead of:
git clone https://github.com/brav0hax/smbexec.git
git clone https://github.com/pentestgeek/smbexec.git
If you've been hard coding your Invoke-Shellcode.ps1
files to download and execute from github (Originally found here: https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke-Shellcode.ps1), make sure you grab the newest one, as the original is not working (on purpose). As stated by mattifestation, you should NOT blindly run a remote powershell script from github. If you need to, fork it!
Link fix
Thanks Joe!
Thanks to Joe, he put together an index for The Hacker Playbook!!!
It looks like Free Radius changed their website.
wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.12. tar.bz2
wget ftp://ftp.freeradius.org/pub/freeradius/old/freeradius-server-2.1.12.tar.bz2
Thanks Jason!
If you would like to get in touch with the author or have general inquiries about the book
Note: This document was forked and transcribed on 30 JUN 2022. The orginial information was written on/around 2 MAY 2018.
Metasploit is not implemented as a service any longer.
If you have already run service postgresql start
, then all you need to do is run msfconsole
. You can also search through the taskbar for metasploit framework