- 73
- 404 048
Hox Framework
United States
เข้าร่วมเมื่อ 6 มิ.ย. 2019
I make videos about computers and stuff.
ALL VIDEOS I MAKE ARE EDUCATIONAL. DO NOT USE THINGS YOU LEARN FROM THE VIDEOS ILLEGALY. I DO NOT SUPPORT ANY ILLEGAL ACTIVITIES EVER. I ONLY WANT TO PROMOTE KNOWLEDGE ON HOW TO PROTECT YOURSELF AND KNOWLEDGE ON PENTESTING/E.H./INFORMATION SECURITY TO MAKE OUR ONLINE WORLD A SAFER PLACE FOR EVERYONE.
You can contact me on instagram : HoxFramework
or leave a comment on a youtube video. I dont reply on my email much since its full of spam.
www.hoxframework.com.hr
VISIT MY WEBSITE or FOLLOW ME ON LBRY : @HoxFramework
Discord URL : discord.gg/B3mBXfZSwr
Unpacking UPX in a Debugger | Under 1min
Just a quick video. I did this one in a rush a bit - so expect tiny mistakes - let me know in the comments if you find any.
Visit my website for more stuff: hoxframework.com.hr/
Or for this specific video: hoxframework.com.hr/?p=555
**Disclaimer: this video is for educational purposes, these softwares are purposely created for patching. Nothing in this video is meant to be used illegally, nor promote anything like that. All of my videos are in isolated environments and the goal is to teach better cybersec - both in red and blue teams.**
TAGS:binary patching, reverse engineering, debugger, red team, cybersecurity, easy, simple, tutorial, hoxframework, hox, x32dbg, x64dbg, assembly, assembly language, condition inverting, UPX, upx unpacking, manual unpacking
Visit my website for more stuff: hoxframework.com.hr/
Or for this specific video: hoxframework.com.hr/?p=555
**Disclaimer: this video is for educational purposes, these softwares are purposely created for patching. Nothing in this video is meant to be used illegally, nor promote anything like that. All of my videos are in isolated environments and the goal is to teach better cybersec - both in red and blue teams.**
TAGS:binary patching, reverse engineering, debugger, red team, cybersecurity, easy, simple, tutorial, hoxframework, hox, x32dbg, x64dbg, assembly, assembly language, condition inverting, UPX, upx unpacking, manual unpacking
มุมมอง: 178
วีดีโอ
Even more Binary Patching and Whatnot - Patchin Some "LiCeNsEs" - x32dbg
มุมมอง 1434 หลายเดือนก่อน
More Binary Patchingggg! Its just too fun. Again with some simple examples to keep it simple for beginners - lets get as much people as we can into binary patching/reverse engineering/malware analysis :) Visit my website for more stuff: hoxframework.com.hr/ I'll put up a text version as well here: hoxframework.com.hr/?p=552 Or watch my other videos Disclaimer: this video is for educational purp...
Basic tasks to Recap Splunk - THM
มุมมอง 855 หลายเดือนก่อน
Not dead. Sorry i was offline for a while, here's a splunk vid Nothing advanced - just recaping some basics to remember A very useful blueteam tool. Visit my website for more stuff: hoxframework.com.hr/ Or watch my other videos Rooms: tryhackme.com/r/room/contiransomwarehgh tryhackme.com/r/room/newhireoldartifacts Disclaimer: Nothing in this video is meant to be used illegally, nor promote anyt...
X64DBG Debugging and Binary Patching basic Evasive Binaries !!
มุมมอง 1.5K10 หลายเดือนก่อน
⏩ Wanna use a debugger to debug/binary patch malware or any other software ? ☔ In this video we have covered 3 basic programs that use either debugger detection or any evasion options - To bypass their protections is especially useful in #malware #analysis . With this knowledge you can debug/patch software, malware or even gamez - as long as everything is simple. This is a beginner-level video....
Uncensored AI Assistant - Set up your own for Pwning
มุมมอง 1K11 หลายเดือนก่อน
⏩ Wanna have your own pwning AI buddy ? ☔ In this video we are setting up an uncensored local AI (almost as powerful as chatgpt/gpt3.5 - but way more powerful when it comes to asking the shady questions ;) ). This AI assistant is meant to help you in your pentesting/redteaming adventures and answer all your questions without complaining that "eXpLaiNingG XSS is nOt moRal". Hope you liked the vi...
Stop Being a Skid ! Can You Hack a WebApp With an Exploit You Made ? 💬 PoC Scripting - RCE | THM
มุมมอง 2.6Kปีที่แล้ว
🌧 Today I'm showing you an Awesome and easy example of Exploit-writing I've picked this example to make sure that I give you a soft introduction into exploit writing by using a web-app exploit instead of a classic buffer overflow or examples as complex as it - as other people do. This is what got me into exploit and vuln research and writing, so Im hoping it will get you interested too; 🌧 Note/...
🔥 Capturing HTTPS Traffic and Viewing it in PLAIN TEXT with MITMProxy 🔥
มุมมอง 12Kปีที่แล้ว
Thank you so much for watching! 👨💻 🌧 Today I'm showing you probably the best way today to capture HTTPS traffic and see EVERYTHING in plain text (decrypted). 🌧 The method isn't flawless, but is very close to perfection and definitely amazing. I use it for malware analysis and so can you (or for your redteam ops). 👉🏻 Visit my website for more : hoxframework.com.hr/?p=534 (transcript) 👉🏻 Or join...
[Stream] Chatting with viewers and Learning some GOlang
มุมมอง 254ปีที่แล้ว
Yesterday's stream reupload, some gaps cropped out. Thanks for watching :) New video comming soon enough. Visit my website for more : hoxframework.com.hr or follow me on insta or message me on discord or comment on my videos Ill try to reply as soon as I can
Wanna learn how to analyze MALWARE ? Have a seat. We are covering the basics.
มุมมอง 403ปีที่แล้ว
In this video I'm covering an incident response scenario: Malware analysis. This video should cover the basic knowledge about analysis of different types of malware and things you might face when handling malicious files or compromised systems. If you have any questions leave them down in the comments. TIMESTAMPS: 0:00 Gathering information 2:39 Analysis of malicious traffic (Wireshark) 4:08 Ja...
Radare2 - Easy Binary Patching | Make Software do what You Want!
มุมมอง 1.8Kปีที่แล้ว
A quick tutorial on binary patching and some surface of reverse engineering - all with Radare2 and some binaries! I hope you learned something new and had fun! Disclaimer: I'm not an expert on this, i learned this, and some more stuff some time ago and i wanted to revisit this cause i think its awesome. Visit my website for the code and the "writeup": [ ] hoxframework.com.hr/?p=530 Or follow me...
USING And HАСкING IDS SYSTEMS !! - Bypass stuff easily or Protect Your Systems? Up to you. 💻
มุมมอง 1.9K2 ปีที่แล้ว
♛ Thank you so much for watching! ♛ ☕ Visit my Website for more : hoxframework.com.hr/ ☕ Or visit the specific post for this video : hoxframework.com.hr/?p=528 (Text version of the video / writeup) In this video we take a look into how to pwn/bypass an IDS system, how to use it and we learn the theory behind it all. If you have any questions feel free to leave them down in comments! My instagra...
Powerful OSINT Weapon! Info Gathering with MALTEGO - HowTo + Custom Addons (OSINT tool)
มุมมอง 1.3K2 ปีที่แล้ว
Today we are reviewing an awesome OSINT tool called Maltego. This tool has been used by information security experts (OSINT specifically) for ages and i've used it for some time so i assumed it would be useful if i made a video on it. ☕ Thank you so much for watching and have a nice day! ☕ ⭐ Visit my website for more !!! hoxframework.com.hr (There is a post about this video here too - hoxframew...
How Are Factories HACKED? Let Me Show You. (ICS - THM)
มุมมอง 5K2 ปีที่แล้ว
⌜ Hello everyone and welcome back! ⌝ In this video I will go trough TryHackMe's Challenge on Hacking ICS systems. We will show how the system works, find out how the scripts for attacks work, as well as go trough it all in detail. Visit my website for a textual write-up of sorts : 🔗 hoxframework.com.hr 🔗 Thank You so much for watching and have a nice day :) ⌚⌚⌚⌚⌚⌚⌚ #ethicalhacking #TryHackMe #E...
Some Vulnhub Machines Pwn time & QnA with The Viewers (Livestream)
มุมมอง 1592 ปีที่แล้ว
In march 2022 we did a livestream where i answered your questions, as well as did some ethical hacking aginst the Gigachad Vulnhub machine. Thanks to everyone for visiting and watching! Hope you guys learned something and had fun :) #vulnhub #hoxframework Sorry if the stream quality isnt the best, its technically my first stream with you guys so Im still fixing stuff up (video quality, audio a ...
Making A BOT That Changes IP Every Time He Does His Task (Selenium, Python, Psiphon)
มุมมอง 27K2 ปีที่แล้ว
Hello everyone and welcome back! Today we are taking a break from cybersecurity (kinda, you'll see useful stuff here too for the cybersec world) and covering the basics of Selenium. In the previous video i've shown some simple mouse and keyboard usage without selenium, but now i've shown a more real-world-practical example as well as added a little special thing: A VPN. The VPN starts to change...
Automating a Boring Game To Get the Highest Score - Python Bots
มุมมอง 6762 ปีที่แล้ว
Automating a Boring Game To Get the Highest Score - Python Bots
How Honeypots work and how can we break them ? #TryHackMe #HoxFramework
มุมมอง 6302 ปีที่แล้ว
How Honeypots work and how can we break them ? #TryHackMe #HoxFramework
Extracting Information from RAM? Memory Dump analysis with VOLATILITY (Digital Forensics- THM)
มุมมอง 7K2 ปีที่แล้ว
Extracting Information from RAM? Memory Dump analysis with VOLATILITY (Digital Forensics- THM)
Taking over Absolutely Everything On an iPhone ! iOS Digital Forensics Challenge (TryHackMe-Easy)
มุมมอง 7682 ปีที่แล้ว
Taking over Absolutely Everything On an iPhone ! iOS Digital Forensics Challenge (TryHackMe-Easy)
Digging Trough Computer's HDD/SDDs Easily with this CHAD Tool | review & tutorial - basics
มุมมอง 4152 ปีที่แล้ว
Digging Trough Computer's HDD/SDDs Easily with this CHAD Tool | review & tutorial - basics
Basic PenTesting Tools in Java | Java programming for RedTeam's basics | HOXFRAMEWORK
มุมมอง 8823 ปีที่แล้ว
Basic PenTesting Tools in Java | Java programming for RedTeam's basics | HOXFRAMEWORK
Testing Slow-HTTP-test and Slow Loris on an Apache Server - Testing your server - HOXFRAMEWORK
มุมมอง 1.8K3 ปีที่แล้ว
Testing Slow-HTTP-test and Slow Loris on an Apache Server - Testing your server - HOXFRAMEWORK
Tracking Down Information On The Web | Open Source Intelligence Challenges - THM/HTB | HOXFRAMEWORK
มุมมอง 9283 ปีที่แล้ว
Tracking Down Information On The Web | Open Source Intelligence Challenges - THM/HTB | HOXFRAMEWORK
Photo Editing - GIMP tutorial - Make Thumbnails, Memes or Edit photos | HOXFRAMEWORK
มุมมอง 1.2K3 ปีที่แล้ว
Photo Editing - GIMP tutorial - Make Thumbnails, Memes or Edit photos | HOXFRAMEWORK
Shopping Website's DATABASE Dumped!! +PrivEsc to ROOT using systemctl ! (THM challenge)
มุมมอง 3.2K3 ปีที่แล้ว
Shopping Website's DATABASE Dumped!! PrivEsc to ROOT using systemctl ! (THM challenge)
Basics of using the Beef-XSS To Advanced + Bettercap!!
มุมมอง 122K3 ปีที่แล้ว
Basics of using the Beef-XSS To Advanced Bettercap!!
Regular USB? No, a Dangerous (but simple) Keystroke Logger- 10min. Python Code - HOXFRAMEWORK
มุมมอง 37K3 ปีที่แล้ว
Regular USB? No, a Dangerous (but simple) Keystroke Logger- 10min. Python Code - HOXFRAMEWORK
I Found A SECRET KEY On A Website And Used It To Take Over The WHOLE SERVER ! (THM Challenge)
มุมมอง 1.5K3 ปีที่แล้ว
I Found A SECRET KEY On A Website And Used It To Take Over The WHOLE SERVER ! (THM Challenge)
Scrape TOR/Onion sites with Python !! Easy, quick and efficient - HOXFRAMEWORK
มุมมอง 15K3 ปีที่แล้ว
Scrape TOR/Onion sites with Python !! Easy, quick and efficient - HOXFRAMEWORK
if it's transparent proxy, then we dont need to install cert and still can see the https right?
So,what all the people search or login somewhere you are able to see it ofc if ur in the same network
Yeah - but not every site
I'm working on this topic for my graduation project, but there are different features, I need someone who has a good experience with web crawlers, please !!
I dont have a good experience with web crawlers sadly
When I turn on the proxy in the windows settings as you showed at 1:30 I can't access any websites like I'm not connected to wifi. What did I do wrong?
You probably entered a wrong IP Or your victim cannot reach your attacker machine Keep in mind there are differences: local : 127.0.0.1 - noone can reach that except your pc internal : 192.168.x.x - usually devices in the same network can reach that external : anyone can reach that but you need to open your ports What you are aiming at is Internal - (it doesnt have to be 192.168 - check it with ifconfig)
When i launch beef the site cant open and says cant connect to this , ehat can i do?
huh, are you using WSL? a bunch of ppl have problems with WSL If you arent, then just make sure to visit beef's panel from the machine you ran the command from, since it runs only on localhost - meaning its visible only to your machine (which you can change ofcourse)
I think, this was a while ago
why the admin panel dont open ?
Wow bro you and the tool is amazing!
hey a question if i execute js on the webpage victim is it gona have a high previlige like the previlege of extensions? fake user interaction and still the browser counts it as a istrusted event
javascript executes in the browser, if you get a shell - then yes probably you are on a user-level
@@HoxFramework what do you mean if i get a shell?
U do not have any idea to tech anything ....
okay man
Too fast, not easy to follow up
Sorry to hear that bro, but you can slow down the vid with the playback speed button tho I usually talk faster :/
Hes just slow in his brain its really simple@@HoxFramework
Pozdrav Hox Svaka cast na videu, pravo dobar content. Da li mozda znas kako zaobici Content Security Policy koristeci <script src="ip_addr:port/hook.js></script> Uspio sam da hookam web browser, da bude online jedno vrijeme, ali poslije nikako ne mogu, nece hook jer me blokira ovaj CSP, ne da mi da okinem skriptu. Imas kakvu ideju? Hvala unaprijed😊
Hvala! Mislim da imas na beefu opciju da ti se migrira na ostale tabove od žrtve pa to što prije stisneš I takve neke funkcije pokreći - probaj što prije uploadat neki .exe, ne valja ni previše beefu vjerovat :) A ako ti neda da okines skripte to ti je isto normalno nekad ak je content sec policy dobro uspostavljen s beefom prakticki nemos nista jbga Sve ovisi jel Ali isprobaj si uvijek prvo na svojoj mašini i chainaj si par funkcija ako mozes
when i type set http.proxy.injectjs <ip address> and press enter nothing happens. like there are no errors or anything but there are no updates about it even if i enter an http site with another device on the same network. could you please help?
Unable to see other connected browsers at Beef-UI in a WAN
Unable to see other connected browsers at Beef-UI in a WAN
Oh man, much appreciated. Didn't know how to change my assembly code lines, but when I watched how you did that I could finally finish my uni project in two secs.❤
How do you allow BeEF to access devices outside of your LAN?
Havent tried, probably requires some port forwarding or a DDNS or whatever But bettercap is focused on your network anyway so this doesnt make much sense, unless you wanna run beef on its own
Yes i ve been trying to run beef on its own@@HoxFramework
Bro I want to ask that I made a website to get adsense approvel so will this works or I just thought money glitch 😅
It probably wont work as you might think You would need a lot of different parameters with every visit, and if google notices anything they'll block you off
@@HoxFramework so can you tell me any money earning thing like if you can make a bot that can do captcha and skip the ads ? It would be great 😃
@@Husk947 I havent done stuff like that, ideally just earn money in a legit way
security lesson #1: Don't click random zip file installations for things that are fully and freely available from the top google result!
Sure, that being said id caution of using the first result in google searches since they can be paid ads from scammers - has happened before so just saying But yes i agree
Its saying this: System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down and the my browser its showing this: This site can’t be reached 127.0.0.1 refused to connect. Try: Checking the connection ERR_CONNECTION_REFUSED I tried to post this to beef issues in github idk my os is mobile I use UserLAnd to boot up kali
Yeah that means you arent using SystemD - which is usually behind most debian-based systems im assuming u've modified your kali not to use systemD?=
Hey Hox, beef-xss is the same with beef?
beef xss and beef are the same thing yes, i just say "beef" cause i dont wanna have to say xss every time
i love this channel
Tryiing to Capture Netflix Tv Apk on Andriod Studio Tv Emulator. rooted the emulator iinstalled mitm magisk module Certificate. ran Frida wiith ssl unpin script still getting "Client TLS handshake failed. The client does not trust the proxy's certificate (tlsv1 alert unknown ca)" and " Client TLS handshake failed. Client and mitmproxy cannot agree on a TLS version to use. You may need to adjust mitmproxy's tls_version_client_min option." I even used apk-mitm to patch any ssl pinning but even after that the app doesnt accept the mitm CA. even tried changing the client tls min/max. no result. it seems netflix is rejecting any system/user CA or some advanced kind of SSL pinning.
give your operating system dot files
Great video mate 😊
jesi iz hrvatske, iz tvojih starih videa sam vidio hrvatski ko glavni jezik?
rođen u Hr
@@HoxFramework gg
I love my debuggers as I like my veggies... I know they're very healthy and important 4 my growth as a kid (IT kid) but ... anyways, great vid Hox. Thx
Eeey docc man how are you Hahhahahahh true xD Except I like debuggers xDDD
Hello, I did the same thing, but when I type "http.proxy on", it gives me the following error: [err] open proxy-script-test.js: so such file or directory
Something is wrong with your installation, it didnt unpack the way it should have try deleting it and reinstalling it again (bettercap)
Thank you so much for this!
No problem at all bro <3 Another one comming up soon enough
how to make /war/www/html directory
mkdir /var/www/html if you dont have it you might not have apache installed tho - not sure
@@HoxFramework thank you brother
you talk too freaking FAST !!
Sorry bro Feel free to slow down the vid :)
@@HoxFramework dont worry, can you tell me how to get the python files and the tor service?
Hi, came across this helpful video. Would it be posible to generate a automation for a timer game. For example, you have to click on a certain time, and try to be as close to it. Like 10 seconds on a clock, 10,001 second.. Thanks!
Probably Shouldnt be too hard
would maybe include image recognition (openCV for example) depending on the design of the webpage you are talking about
not working anymore latest verison of pyinstaller does not include modules by default
I mentioned that - and ofcourse it doesnt you install your own modules. Pyinstaller gets detected now.
bro can you make a tutorial of a usb that grabs malware of a RAT and also how can i hack someone with a local network focused on facebook or gmail
Your comment confuses me, im not sure you expressed what you meant to say correctly
For me it's not working on Windows 11. It's not write text file on my USB.
Im not sure what that could be try changing up the code - or maybe your AV is picking it all up
King is back… 🔥🔥🔥 keep going man we miss your videos
This comment means a lot, thanks man!
Your better cap method is cool but won't work I'm a real sanario not that we would want it to buy for the purpose of testing. This won't work remotely of course. If your on the same network you might be able to force http but usually it doesn't work anymore even if you gain access to the router and change the settings to use http instead of HTTPS it just defaults to HTTPS on every website like Facebook etc
I mentioned all of that in the video I didnt mention going worldwide with this But good of you to point out, thanks
The beef is command
what do you mean with that comment
You need a server to combine the msfvenom to control😊
what
Is this detectable by a end point mcAfee security
today yes
@@HoxFramework is there a new way
@@sithumgimhan7650 well im not sure, maybe not with python - try other programming languages with python its like anything compiled by pyinstaller, py2exe or nuitka gets flagged
@@HoxFramework but end point security have behavioral analysis. So it can detect the key logger behaviour. What about a hardware keylogger, do you know how to make one
@@sithumgimhan7650 i havent tried making a hardware keylogger, but there are some hardware keyloggers - you can buy them online, but they can be a bit pricy You plug them into the PC and you plug the keyboard in them
arp.spoof just turns my wifi off lol
Bro , step by step vid plz, i dont know python
Sorry bro but you cant make a malware in python if you dont know python xD You gotta learn it first
is there a way I can put this on a custom domain so if anyone clicks that custom domain link they get hooked?
bettercap works within your network but beef - probably idk
@@HoxFramework nvm I deployed beef using ngork and I pasted the beef script into the custom domain and I hooked my friend
@@belkYT Do keep in mind that thats illegal, i hope you had permission from your friend
@@HoxFramework It doesnt even really hack your web browser, all it does is "hack" the tab that youre on. The worst thing that it does is setting up a phishing site that someone can fall for, and steal all info relating to your device including your IP Address. It is really only damaging if youre injecting the script into websites, maybe via XSS (Cross-site scripting). Also Man in the middle attacks where youre injecting the script onto every website for the person, and stealing all the cookies. But thats it, it doesn't do a whole lot of damage lol. All you have to do is simply exit out of the tab.
@@HoxFramework It doesnt even really hack your web browser, all it does is "hack" the tab that youre on. The worst thing that it does is setting up a phishing site that someone can fall for, and steal all info relating to your device including your lP Address. But thats it, it doesn't do a whole lot of damage lol. All you have to do is simply exit out of the tab.
Super good bro
Also like in the other comment I made, you can do all these installations with Rubber Ducky :D! Maybe you can make a video about that?
Everything worked !!! Amazing bro!!!!
Any reason why adding beef script injection doesn’t work but all the scripts in this video work? Maybe it’s because the beef hook needs to also be a js file instead? If yes what should the js file have? Thank you~
bro u dont have to thank us we need to thank you becuase some people cant afford buying thm premium to access rooms since some of them are free and some are premium and the way your teaching us is fast and like your tutorials make like your executing sudo su like very easy i love your teaching thank you.❤
sure bro no problem whatsoever <3
GREAT VIDEO TNYHX
earned a sub :)
I cant find the source code