₦airaland Forum

SherUnlock:
I have 5 clubhouse invites to give out for free, if anyone's interested kindly quote this post.

Interested

Bahat:
These are all interesting topics to me but these people will it interest them? People that has understanding of these topics are high level players

There should be a way to make it interesting to newbies. Start from scratching the surface then gradually move up.

Cryptography and privacy
AppSec
IoT
Social Engineering
Red/blue teaming
Exploit dev

Signal is pretty solid. As for "getting out of hand", I quite get your point, which is why I won't include "ToS" in my threat model. As far as I can tell, they are fiction... ToS doesn't stop them from eavesdropping on your calls/sessions, but E2EE does. No ToS ever created prevents eavesdropping.

So what type would you have delivered?

Bahat:
Yes sir. How have you been doing? Great I guess

Yeah I'm good. Looking to finally publish a writeup on an app I hacked so bad it's going to start advertising as shitapp on steroid.
How are you?

Akanimoh113:
Please is there anyway one could boost Instagram followers

Yeah. There is.

Bahat:
You want to give it a trial, you have those soft copies of said software?

If yes, you will fund the project. Am talking about option 2

For the first option there must be an algorithm for that which I don’t know except you want a bad rating(feedback) for the software . 99.9% couldn’t be earned except you owned the platform and this is a worldwide game doing the prediction will be like next to impossible. Bust based on their previous games and ratings you should get a 50/50 chance.

Question 3, will also need the soft copy of the product.
These are works of reversers not just Devs and am not sure we have such pple around that’s because I haven’t met with one. I confirm we have such pple when I clearly meet and work side by side with one of them.

My conclusion is before you can do anything about this there must be serious reversers on ground. Who has the toolset to make it possible after discussing on it.

Cc EvilSec what you say about those points i outlined?

Yes, you're right.

Btw, anyone got Whiskey recommendations?

Was about opening my second bottle of bourbon for the day, when I thought about writing a quick guide to communicating securely in Nigeria (a country that detests free speech).

It's no longer news that the Nigerian government can track you down and lock you up if you speak against them. I would like to explain how to secure your communications (but I guess this will be more useful for activists) and the methods I recommend.

The tldr is simple: Use Tor, use Signal -- unless your life depends upon them.

If your life depends upon the security of your communications, then there is no substitute for learning how these things work. Experts might also use Tor and Signal -- but not in the ways naive users would that would expose their privacy. Experts might use something else... If you wait until your life depends upon it (such as when you've suddenly decided to take up arms against the Nigerian government), then it's probably too late. The government will already have access to all the communications records up to that point.

"But EvilSec, how are you sure they have access to comm records up to that point??"
Well it's simple. The phone company keeps a record of all SMS messages and calls indefinitely. Even if both sides delete the messages or calls from their phones, all SMS messages and calls are preserved and searchable by the government and they don't even need a warrant.

Thus, you should be using privacy protecting technologies now, such as the Brave browser (when not using Tor), Signal/WhatsApp/iMessage for routine communications, and so on. Signal (and some others) use end-to-end encryption, meaning it's impossible for anybody in between to eavesdrop on your messages/call -- not even Signal itself. But this does not protect the ends. If you've been tricked into installing malware on your phone, the malware is on the "end" and thus can eavesdrop on anything that end does. Nor does it protect metadata. Eavesdroppers can't know the contents of a phonecall, but will know that you are using Signal, and will often know who it is you are calling.

Also remember that your phone is a GPS tracker. Your phone keeps a log of its own location to an accuracy of a few feet. The nearby celltowers keep records of your location with varying accuracy which can often be less than 20 feet, but is usually more like 500 feet. Your phone updates its log every few minutes, so if they get your phone from you and run forensics, they can draw map where you've been. Celltower records update much less frequently.

So stay safe out there everyone and I hope you learnt a thing or two from this.

If you’re talking about programming and hardware support, yes, it is mostly Nigerian men. Guys on average have more interest in things and how they work, while women on average have more interest in people and relationships.

That engineering and IT are mostly male does not mean women are oppressed any more than medicine and teaching being predominantly female means men are oppressed. If some professions are mostly female, then by definition, some professions will be mostly male.

If you include roles like assembling the circuit boards, working in a call center doing tech support, the gender ratio is closer to one to one.

callme9mm:
Lol. In a century where the only thing that makes the world go weird is money.
Are you an hacker ?

Yeah. I break into stuff for money. What do you wanna do?

callme9mm:
If you’re a good computer hacker and you’re sure of your work. Your service is highly needed. . Kindly send an email. Let’s talk .

What do you wanna do? Hack your gf's whatsapp or...?

nullbyte:
I am hoping to bond with like minds in these field. Is there a group I can be a part of? Holla and lets compare notes.

No script kiddies pls!!!!!

I mostly stick with discord and irc for serious security conversations.
But maybe we can spin up another group from scratch here or elsewhere.

gurunlocker:
This has to be the craziest and shortest thread on NL..... Make seun give the person award

Haha thanks. I'm glad you finally know how to hack your girl's facebook account with that simple trick.

stanliwise:

Don't.

Hamzasaid:
My advice: before diving in to cyber security
learn some networking basics or better still take a course with Cisco or any other courses out there that teaches you about networking. Trust me it will do u good in the long run, you may think it's a waste of time and might not see the picture am trying to paint in here till u go in deep.
my 2bit advice �

first of all u need to have a knowledge on some programing language like python c,c++ javascript...
then learn Network programing with any of these languages

some videos:

https://www.freetutorialsus.com/cyber-security-go-from-zero-to-hero-2020-udemy-course-free-download/

https://www.freetutorialsus.com/the-information-security-masterclass-course-zero-to-hero/

Burp suite:
https://www.youtube.com/watch?v=97VDqGp9g5w

Owasp top ten: https://youtube.com/playlist?list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

PDFs:
Blackhat python..
The easiest metasploit guide.
Fuzzing:Brute force vulnerability discovery by Micheal Sutton.

Nmap Network Scanning by Gordon lyon

As an ethical hacker you need to have good social engineering skillzzz. This book says it all on how to improve on that skills .

Social engineering:The art of human hacking by christopher hadnagy


OS:
Kali linux (most preferred, comes pre-installed with tools)
Parrot os
Ubuntu
Mint os
fedora.

this are just my few of my input.
and stand to be corrected though
but pros like Evilsec and the rest could add up to my 2cents

You've made great points.

Ovo200:
I know certificate does not equal competence but your certificate can give you edge any where in the world.

In your case, you seem to be more interested in getting certs.
i am HIGHLY SUSPECT of people who:
- put certs in their last name field on linkedin
- start every bio with their certs
- start every convo with their certs
- put their certs in email sigs

it suggests they want you to look at their certs and nothing else.
which is shady. I’ve got certs myself, but it’s never been a pro title of mine or desire. Common sense and raw skillset has always gotten me further than I’d ever wanted to go.

How many times do we have to preach to skids that certifications != competence.
Here's my reply to someone who once thought the same.

EvilSec:
I wasn't hired because of a degree or certs. I taught myself hacking, made a free page to post about it, which eventually got me noticed. I even got offered a job by GCHQ after submitting a CV which consisted only of blog posts.
If you can't afford hundreds of naira for certs, don't let people convince you it's the only way. Certs are a way to prove you know at least something, but there are many ways to do that.

.

sreamsense:
Stop wasting your energy in ethical hacking by running backwards. Channel your energy into positive programming by running forward in the right direction. Stop, deceiving yourself, you start ethical hacking today and ends up in Yahoo related tomorrow and the following day EFCC will be chasing you here and there. Be wise!

There's always that guy
Ethical hacking != fraud
There's a misconception that to be an ethical hacker, you must dabble in the dark side. It's not true. You can learn everything you need to know legally. Stick to the good side.
The further back in time you go, the harder it becomes to learn certain skills without crossing paths with the wrong people. The best thing we can do today is to continue sharing knowledge in an environment where we can steer people in the right direction.

numtums:
What's your opinion?

Online courses, google, youtube "although kinda crap lately", a private tutor who knows shit.

You'd be burning your money learning archaic hacking methodologies.

"Dos attack to loot databases"
Skids these days.

Backdooring my own life with anxiety.

escena:
Somebody please point me in the direction of ethical hackers.
Where is the best place to study and practice ethical hacking.

The best place to study is your room, with a screen and a sh!t ton of caffeine and alcohol staring at you.

Mykolazki:
While using Google map, I mistakenly turn on my location while VPN is on , since then my VPN stops been effective, browser is showing my physical location while VPN still connect fine , please what can I do

Spoof GPS.

This is like asking "Is using condoms a crime?"

tensazangetsu20:
No one is gonna employ someone in cybersecurity without certifications.

I wasn't hired because of a degree or certs. I taught myself hacking, made a free page to post about it, which eventually got me noticed. I even got offered a job by GCHQ after submitting a CV which consisted only of blog posts.
If you can't afford hundreds of naira for certs, don't let people convince you it's the only way. Certs are a way to prove you know at least something, but there are many ways to do that.

Sometimes when you don't pay for the service, you are the product.
Maybe try switching to Telegram or Signal.