Hacking Wordpress with Python in seconds (using Dark Web and Telegram data)
Ғылым және технология
Big thanks to Flare for sponsoring this video. You can track down cybercrime and manage threat intelligence or your own exposed attack surface with Flare! Try a free trial and see what info is out there. try.flare.io/david-bombal/
Your usernames and passwords are out there. So many breaches are happening and passwords are being posted on the Dark Web and Telegram channels. And to make things worse, stealer logs are stealing information from computers using malware.
// Link PDF //
Download here: davidbombal.wiki/flare1
// KZread videos REFERENCE //
Why hack when you can just log in?: • Why hack in when you c...
// David's SOCIAL //
Discord: / discord
X: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZread: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Introduction
00:11 - Demo of Python login to Wordpress
00:25 - Permission when hacking websites
00:36 - How the script works
01:04 - How Harry got hacked
01:51 - Using a password manager
02:13 - Passwords leaked on the dark web
02:37 - Flare Demonstration
03:35 - Your username is probably out there
04:13 - Using Flare API
05:06 - Demonstration
05:35 - Flare notifications
06:02 - PDF guide
06:21 - Beware of Stealer Logs
07:04 - Leaked credentials
07:20 - Flare helps businesses
07:33 - Demonstration of the script
09:42 - Conclusion
10:32 - Outro
tor
telegram
python
wordpress
dark web
deep web
flare
flare io
php
onion
onion websites
malware
haveibeenpwned
stealerlogs
stealer malware
malware analysis
cybersecurity
cybersecurity jobs
hacking
ethical hacking
hacking jobs
cyber security career
cybersecurity
cybersecurity careers
ceh
oscp
cybersecurity job
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#darkweb #hacking #tor
Пікірлер: 175
Big thanks to Flare for sponsoring this video. You can track down cybercrime and manage threat intelligence or your own exposed attack surface with Flare! Try a free trial and see what info is out there. try.flare.io/david-bombal/ Your usernames and passwords are out there. So many breaches are happening and passwords are being posted on the Dark Web and Telegram channels. And to make things worse, stealer logs are stealing information from computers using malware. // Link PDF // Download here: davidbombal.wiki/flare1 // KZread videos REFERENCE // Why hack when you can just log in?: kzread.info/dash/bejne/nKGYpaOroZuzncY.html // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Introduction 00:11 - Demo of Python login to Wordpress 00:25 - Permission when hacking websites 00:36 - How the script works 01:04 - How Harry got hacked 01:51 - Using a password manager 02:13 - Passwords leaked on the dark web 02:37 - Flare Demonstration 03:35 - Your username is probably out there 04:13 - Using Flare API 05:06 - Demonstration 05:35 - Flare notifications 06:02 - PDF guide 06:21 - Beware of Stealer Logs 07:04 - Leaked credentials 07:20 - Flare helps businesses 07:33 - Demonstration of the script 09:42 - Conclusion 10:32 - Outro tor telegram python wordpress dark web deep web flare flare io php onion onion websites malware haveibeenpwned stealerlogs stealer malware malware analysis cybersecurity cybersecurity jobs hacking ethical hacking hacking jobs cyber security career cybersecurity cybersecurity careers ceh oscp cybersecurity job Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #darkweb #hacking #tor
@davidbombal
18 күн бұрын
Thanks! Blurring now.
@ijazshah828Bread-jq1ef
14 күн бұрын
Can you do a video on ANGRYOXIDE PLEASE
David, yes to all of the above questions! This was a great topic, very interesting. Another positive I would add for you to consider is that these shorter format 10 to 15 minute videos are much easier to digest/watch at home or work around a busy schedule. Fantastic amount of info in a very brief video!
@davidbombal
18 күн бұрын
Thank you! Expect a lot more short videos like this :)
YES! We need more Solo David! All love all these types of videos but my top favorite are when you are teaching stuff like this it is always fun to watch. I can't wait to see more stuff like this :D
@davidbombal
18 күн бұрын
Thank you! More to come!
never tough ima say this.. but thank you , i also been watching you for a long while and ive learnd allot especially from OTW , much love from germany
David Bombal is doing wonders for cybersecurity. All for free to us on youtube. Thank you
@davidbombal
18 күн бұрын
Thank you! You're welcome!
Nice to see you again posting useful videos, i prefer to see you more, the interviews you take are nice and useful but personally speaking I prefer watching your videos in various subjects.
@davidbombal
18 күн бұрын
Thank you. I plan to create more of these types of videos 😀
This was a very informational video that was very short and simple. The script was written well as well, I am going through and learning selenium slowly. It is merely a constant "space race" between computational black hats and security researchers that will continue forever. Thank you for what you do to keep the information security community alive.
It is so hard to keep up with this stuff. There is so much info. You make it easier for me to help protect my customers. Things seem to be getting worse. Thank you for your heads up and the info. THANK YOU "Flare" going to your site next!
@davidbombal
18 күн бұрын
Agreed. This is what I love about Flare - makes it so much easier to keep up as otherwise it's just a loosing battle with the number of hacks happening all the time.
Great thanks to you for this video. If you can make a series on how data is hacked (live examples) and how to prevent it that will be great.
OH MY GOD!! David this is both terrifying and amazing at the same time!!! Thank you for being a hero!
@davidbombal
18 күн бұрын
Thank you! 😀
@hazara-index5214
18 күн бұрын
cloud flare or google recaptcha will give you protection against bruteforce attack. be confident. another thing is Session-fixation. that is a little bit scary.
Thanks for the post,Love the videos David 😀😀
@davidbombal
18 күн бұрын
Thank you! 😀
@ToddSweeney341
18 күн бұрын
@@davidbombal 😊🙂
In summary, preventing these cyber attacks can be summarized as follows: - Use the password manager and generate extremely secure passwords - If possible, use passkeys as often as possible - Enable 2FA for an additional layer of security.
@davidbombal
18 күн бұрын
For a business like mine, using Flare has been great. We get notifications if our credentials have been leaked on the dark web or are being talked about in Telegram channels etc. How do I protect myself and my team? Flare.io is one of those ways.
@hazara-index5214
18 күн бұрын
@@davidbombal just install the google recaptcha extension. it prevent the brutefroce attack. 2fa can create second strong security layer.
@trikster.online
17 күн бұрын
What is the difference between a passkey and password? I'm just starting my journey in cybersecurity (more as a hobby than a job at this point) and I'm not understanding the difference between the two.
@xanzut
8 күн бұрын
that's only a very small part of "preventing cyber attacks", just in the area of authentication
@2Fast4Mellow
6 күн бұрын
4) Stay away from the internet! ;-)
Great stuff. Thank you, David.
@davidbombal
18 күн бұрын
You're welcome! Glad you enjoyed it :)
Love your videos!
@davidbombal
18 күн бұрын
Thank you! Glad you like them!
Master, one day I hope to have the same knowledge as you. Greetings from Italy!
“I have given myself permission to hack this website“ said the hacker just before executing the biggest hack in the history of computer hacking
Thanks so much David
@davidbombal
18 күн бұрын
You are very welcome!
Big thanks to you Sir, as always, it was more helpful as it is.☺🙏👍
@davidbombal
18 күн бұрын
You're welcome!
The best cybersecurity chanel on KZread 😊
@davidbombal
18 күн бұрын
Thank you very much! 😀
Thanks David, I'm still curious if and when there will be a better verification method than the ones we know
Was talking to a cyber security analyst at work about David’s channel saying how great it is and he definitely agreed.
@davidbombal
18 күн бұрын
Happy to hear that 😀
Thanks for the video! I already signed up with Flare! I have over 30 WordPress websites and I want to protect these websites. This tool is really helpful. Wondering how much does it cost? I didn't see any pricing on the website.
Thanks, do you have a simple video DIY to check your System if it is compromised? Thanks
I'm curious, the company that provides data leak monitoring services means collecting data where the data is stolen from threat actors. Is that legal?
Nice work , congrats ❤ in what way can AI interact with the deep web?
This is cool to know and learn! Thank you David! Edit: Is there a way to create an anonymous account in Kali Linux to access the internet? I remember over a decade ago that there is a software tool that can do that and leave comments on the website.
@davidbombal
18 күн бұрын
Thank you :) Glad you liked it!
@gamereditor59ner22
18 күн бұрын
@@davidbombal I did!
as always inspiring video tnx dave
I am watching yours vidio day by day i love you and yours vidio from nepal you are very intelligent person in computer science.❤❤
@davidbombal
18 күн бұрын
Thank you 😀
Why doesnt the website recognize that multiple attempts are being made back-to-back to gain access ?
make a video about session fixation and session in user browser stoarge that can be accessable from thirdparty. or is it possible to have access to session that set from another website in users browser ?
One of the best channels on youtube.
@davidbombal
18 күн бұрын
Thank you! I appreciate that 😀
Awesome video, thanks for explaining the python script to us. Did you share it anywhere, or you are gatekeeping it?
Hats off ❤ for sir David Bombal
@davidbombal
18 күн бұрын
Thank you!
You inspire me Sir. I would love to ask you this question. Do you teach hacking and cyber security?
@davidbombal
18 күн бұрын
You can learn a lot from my KZread channel. Otherwise look for my collaborations on Udemy and my website: davidbombal.com
@mbeb9037
18 күн бұрын
@@davidbombalI've been following your channel for years now and it has helped me. What i need is structured and organized knowledge. Step-by-step
so amazing what u are offering David thx this peice of code will make people aware about the danger
@davidbombal
18 күн бұрын
Thank you! So important that people realize what is happening out there.
I would really love to learn.
there is a double conundrum here if flare is not intended for individuals, yet there is a free trial and learning about a product most individuals can’t use.
@davidbombal
18 күн бұрын
A lot of people who watch my videos work for companies including small businesses. How would small businesses like mine protect ourselves? Using Flare as part of our cybersecurity defenses. You may not use this at home, but you may look into it for the company you work for. A lot of blue team products are aimed at businesses including Flare. I think it's important that you learn even as an individual what options are out there for the blue team.
@ferny2141
11 күн бұрын
Was thinking the same, seems like this video is for businesses only ..
Scary stuff. It's seems it's all fair game. What about biometric data, are our finger, voice and eyeballs on the dark Web?
Nice python script. I had some ideas about extending the functions of the python script. I developed mine using the python library mechanicalsoup utilizing the Statefulbrowser function so I don't have a predefined time to sleep to detect that html elements or strings have changed on the webpage, also allow you to avoid issues with html elements being changed as well. Extended the login function by adding checking if the user has admin access if True Inject a php reverse shell into 404.php file, so that if anyone searches for an unknown resource it will send a reverse shell connection to the attacker. In addition to protecting the apikey I used optparse to create an argument to add --apikey which I think inputting key value when script is called is better than storing in an environment variable.
bro, superb indeed.
is it legal to look at scary link on the dark web just to be curious?
Guess who's birthday is coming
@davidbombal
18 күн бұрын
Time for a giveway maybe??
@khanabdulmuhammad5625
18 күн бұрын
@@davidbombal yeah lessss gooooo
@Lector4789
18 күн бұрын
@davidbombal Private lessons? Could have a "giveaway" for some lucky viewers to have an opportunity to learn from a true professional. I wouldn't mind having someone instructing me to implement the knowledge gained. To use it properly in the real world setting. The basic information they give you in college is great for understanding how all of this works together, i want to apply to more modern issues not the virtual attempts at old outdated attacks. Finally, to become among the top in the industry with proper guidance.
@vinu3541
17 күн бұрын
David Bombal a Gemini?
@Chudagbit
15 күн бұрын
@@vinu3541yeah
I`m learnig PYthon by myself but/and I`d like to learn from you Dave!
@Dimzy-Boy
11 күн бұрын
I've learnt python and I'm using it for cyber security, I've created a backdoor, ransomware, keylogger,we can learn together if you don't mind
But what if you use a login limiet of 3 attemps then to wait a hour
why does the flare api give you peoples passwords?
Python is David's pet snake!
@davidbombal
18 күн бұрын
😂
Hello Me David. I have been doing research on puppy linux and would love it if you do a video for us that can afford a low end pc and also want to practice using something light like puppy
What if I use hash as my password? Is it safe .?
If the credentials were already leaked, is it still a hack?
@jdrex5039
14 күн бұрын
Ye double hack
good to know !!
@davidbombal
18 күн бұрын
Hopefully you learned something new 😀
Wow really amazing thanks sir
@davidbombal
18 күн бұрын
Glad you enjoyed the video 😀
I want add USB ARSENAL in nethunter mobile but how?
Flare looks fantastic. it sucks they hide their pricing though (not shown on their website) and force people to give private information (name, email address, etc) just to find out Flare pricing. what a contradiction of transparency...
@saysoco
17 күн бұрын
i just tried signing up for Flare but they don't allow you to use a Proton email address either. wtf's with that?
@ferny2141
11 күн бұрын
@@saysoco Was also confused by that
Hey Bro......My name is Biswadeb Mukherjee from India & I really love your demonstrations.....can you please demonstration live packet injections on a wifi network....please
A friendly reminder to Always keep your public facing passwords over 50 unique characters
Hello sir am having a very strange wording in terminal can i send you a mail plz
Can you pls ask OTW to explain chapter 15 of Linux basics for hackers🙏🙏🕯️
@davidbombal please host Orange Tsai. I really need to see him
Thank you but for me it's difficult to understand because I'm beginner in technology i don't understand some word English but thank you for your help i like this course
Sir android hacking video please
@davidbombal
18 күн бұрын
Coming soon - already recorded and now being edited 😀
@offensiveredteam
18 күн бұрын
@@davidbombalcan't wait to see them David please 😊
We need some Blue Team videos teaching defensive strategies too.
@davidbombal
18 күн бұрын
Flare is a blue team defensive product. I'm showing what hackers can do with leaked credentials. But, how do companies protect themselves. Well, Flare can help you with that as they have a great Threat Intelligence Platform.
@markandrews1219
18 күн бұрын
@@davidbombal Checking out the PDF now. Any chance the Python script will be available? Currently doing the Python Basic for Hackers via OTW but we’re not up to anything that complicated so far.
Maybe the way the passwords were leaked was hacking but I don't count logging in with leaked credentials 'hacking'.
@dawidvanstraaten
17 күн бұрын
But you consider bruteforcing hacking?
@TheWalrus_45
17 күн бұрын
@@dawidvanstraaten Nope.
Also a friendly reminder your password or 2FA doesn’t matter if you click a phishing link and they get your session tokens… thanks to Microsoft for weird domain names confusing the shit out of people!!!
Obfuscate the wordpress admin URL. Use an IP allowlist for admin login. Use a IP blocker tool for incorrect login attempts.
@michaeljackson62509
17 күн бұрын
That’s what I’ve done and change the default admin username.
Is completely download for kali linux
Thank you sir
@davidbombal
18 күн бұрын
You're welcome!
plz can you buy for me flipper zero
where is the pf file for this program
@alinalopez1941
11 күн бұрын
pdf*
Please don't tell everything you know. some things should stay secret
Even with the "sleep", you can brute force forever? Don't you get blocked after number of failed attempts? Where's the logic here? 😅
Forgot to blur out email address at 4:22
can i get script ?
wow what a clever way of getting your subscribers e-mail adress so you can send campains
@davidbombal
18 күн бұрын
What are you talking about? I don't have my subscribers e-mail addresses. KZread has that information. If you referring to Troy Hunt's website - haveibeenpwned, please do some more research before making a comment like this.
dear david can you give me the script😇😇😇
can this script bypass google recaptcha ?
@davidbombal
18 күн бұрын
Not this specific one.
@hazara-index5214
18 күн бұрын
@@davidbombal is it even possible to bypass the google recaptcha or similar security layer? i think it need advanced AI tools or know how to write it, right? do you any of them ?
Hello sir, I want that python script. :)
Make a video with chuck
@davidbombal
18 күн бұрын
Network Chuck? Go here: kzread.info/dash/bejne/dWehy9WNdZWroqQ.html
So basically everything online is like Swiss cheese ?😂
@davidbombal
18 күн бұрын
Unfortunately it seems like that ☹️
why do you always have a clean shaven face. i think a beard looks very nice on you
@davidbombal
18 күн бұрын
lol... my wife doesn't' want me to have a beard. Happy wife = happy life.
Yes more python !! Also like gave myself permission to hack my website
Wordfence mitigates this
can you do Cpanel crack using Telegram data?
@davidbombal
18 күн бұрын
You could write a script to hack anything including cpanel etc using leaked credentials. This is one of the biggest issues at the moment - as Tom explained in the Cisco Live video. Why try really difficult hacks when you can just login using usernames and passwords that have been leaked.
@najidinojadi6877
18 күн бұрын
@@davidbombal i didnt think thank you my bad😅
Thank you for all the information you provided, leave a like here ❤❤❤❤❤❤❤❤❤❤❤❤
@davidbombal
18 күн бұрын
Thank you ❤️
@DB - 😳
❤
WordPress is a public toilet
Wow❤
@davidbombal
18 күн бұрын
I hope you enjoy the video!
oh wow, let's create a product for businessess and youtubers and never give access to it to people, so that the youtubers and businesses could protect themselves, but not the normal users. Just goes to show who they care the most about.
Hi❤
@davidbombal
18 күн бұрын
Hello!
Bullshits, strong passwords cannot be hacked.
day One
First
@davidbombal
18 күн бұрын
Very close!
Who runs wordpress sites in 2024 lol?
@michaelkasede1489
15 күн бұрын
Which content management system or website builder do you recommend?
@albertochichon7231
11 күн бұрын
Half of the websites of the world
Just another paid promotion video. Nothing to learn.
@galloe
18 күн бұрын
This is the stupidest comment I've seen lately.😂
Thank you sir