lee/hpr-knowledge-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d68885cff84739d6e564ca4409959ae08cee67ec
hpr-knowledge-base/hpr_transcripts/hpr2149.txt
Lee Hanken 7c8efd2228 Initial commit: HPR Knowledge Base MCP Server 
- MCP server with stdio transport for local use
- Search episodes, transcripts, hosts, and series
- 4,511 episodes with metadata and transcripts
- Data loader with in-memory JSON storage

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-26 10:54:13 +00:00

197 lines
14 KiB
Plaintext
Raw Blame History

Episode: 2149
Title: HPR2149: What is in my Pentesting Bag?
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr2149/hpr2149.mp3
Transcribed: 2025-10-18 14:55:52
---
This in HPR episode 2,149 entitled, What's in My Penta Sting Bag.
It is hosted by Opera Zero R and is about 17 minutes long.
The summary is, I go over some of the items I use for my technical testing.
This episode of HPR is brought to you by An Honesthost.com.
Get 15% discount on all shared hosting with the offer code, HPR15, that's HPR15.
Get your web hosting that's honest and fair at An Honesthost.com.
Hello and welcome to this episode today with a tick.
My name is Robert McCarty, I'm going to go over, it's going to be part of a quick series.
When I quickly go over what's in my bag, I'm kind of a technical vulnerability tester,
Pinterester, computer guy.
So I carry a pretty hefty big foot bag but not too heavy.
So I'm going to go over what's in here.
The first thing I have is a pen testing laptop with a solid state drive and 16 gigs of RAM.
The second thing I have is a MAG magma, a laptop stand or DJ stand.
So if you're looking for a laptop stand to keep your neck from wanting to fall off,
I'll put these in the shadows.
But basically it's a little scissor lift type of stand that you put your laptop on.
And it will keep you from having the old, you know, insino man caveman type of bendover apparatus.
Secondly, you know, we've got an additional power brick course.
Let's see, I've got a display port, which is kind of like HDMI.
Display port to HDMI converter, which I can plug into a TV at the hotel.
So if I put a bunch of stuff on my laptop, I can watch the TV hotel and plug that in.
I also have an additional, don't only have a model number on that.
Really any display port to HDMI dongle you can get and then just plug it into a standard HDMI port.
I have an old, next item here is an old Android phone with DPS on it.
But the important port is it has offline maps with a program called co-pilot.
And also it has the free one, which is called maps.me, I think.
The kind of open source version of that.
The other little thing I like to keep all the time is a...
I want to say it's a...
Basically to plug to network cables into each other.
I don't remember the term.
So essentially you have one really short network cable and you want to make it longer.
Or say you're on site and all they have is like tiny patch cables.
You can plug two patch cables in together and have that.
Or if you find yourself wanting to pull something out of the wall that's short distance and jack into that device,
you don't have to have the laptop sitting, you know, hovering over whatever the hole is.
So you can plug it in from unplug it from whatever device it is that's too short.
That's kind of hanging out of the wall and then you can plug that into the...
A coupler, basically a cat5 coupler.
Of course I've got some of my stickers in here from my website.
Then hand out to Randos.
Some older seats that I should probably throw away.
Gum, of course.
Plenty of Android-style USB mic row, they call it.
Plenty of long ones of those.
Not just a generic part.
What I have here is a monster power to go for outlets.
What's called outlets to go.
Outlets is one word to go for.
And it has four outlets and it kind of wraps around itself.
It's quite compact.
And I think you can also rotate them if I'm not mistaken.
You see here, no, they don't rotate.
But it's four little outlets.
So if you're at an airport or something or you're with some co-workers and there's one hole in the wall
and there's more than two devices, then you're going to need this little guy.
I used to use it a fair amount, but not so much anymore.
The next item here is a phone holder.
And you've probably seen these before.
They go on your air conditioning vent.
And this one is a K-E-N-U.
It's white and it has like a little four-pronged hand.
And there's a small space in between one horizontally.
And if you do it vertically, it's a bigger space.
So what's important about that is that if you have a vent that's too small or too large for the space between your holding apparatus for the phone holder, it's not going to fit.
So this one's cool because it has two different sizes of space you can shove inside of an air vent if it's too big or too small.
Again, that's K-E-N-U and it's a little phone holder that I used for rental cars because there's never anywhere good to put your stuff.
I also have here a bag of random candies and five-hour energy drinks.
Now that's the off-brand Kirkland brand. You can buy a whole box, a giant box of Kirkland brand for nothing.
That's a pretty good thing to have.
And then sometimes, if I'm no longer going to have a long week, I'll bring the little one-ounce bottles of something vodka or whatever in this case.
I'll get some of those. There's actually just one left in there.
Of course, I've got some sunglasses. I've got a nice mouse to go with my laptop stand, which I took a bullet torch to.
I was not really happy with this razor because it didn't work right out of the box.
But it's a decent wired mouse is what I like to do. Nobody likes doing testing.
And then in the middle of testing, you're losing your shit because you don't have no batteries for your thing.
Now here's the one I had before was a little bit better, but this is a wired laptop keyboard that you can put down on the desk while your laptop is elevated.
So if you do get any kind of laptop stand, you're going to need to get a keyboard with it.
So this is a little laptop keyboard. Try to get one that's metal. This one's all plastic.
So like I said, I did like the other one I had. It's some kind of China thing. There's no model number under it at all.
But it's good. And you have to kind of get used to the keys being offset a little bit from the standard stuff.
Let's see what else. Actually, I'm wearing some nice Sony dual driver headphones.
We can do a bit of good bit of googling, but it's nice to have a decent pair of headphones.
And you can make your own using a silicone mix. You can make your own DIY custom earbuds.
I've got some of those. These just shove in my ear so far. Actually that I don't need to do the custom, the custom job on them.
But I'm wearing those in my ears right now to do the recording here.
Of course, basic toiletries and stuff. I do have some earplugs, the custom earplugs.
Essentially that's how you make the custom earplugs is you get custom earplugs with that silicone mix.
And then you shove in the earplugs of your choice. And then you go from there.
Nothing too interesting in here, keys and stuff. I'm going to put all that away.
I generally like to carry a longer maybe 25 foot patch cable.
And then if I know I'm going to be doing testing with somebody else, of course I'll carry a small switch and another patch cable.
So what else I got in here? A auxiliary audio cable for your rental cars and your friends and family.
On a long trip you can plug in that auxiliary cable if they don't have Bluetooth.
They have a USB to car charger. It's a little trashy ones you pick up for free.
Let's see, was there a model number on that thing that I was just talking about?
There's generic, a lot of generic stuff here. USB sticks of course. I got a USB Duckie with the Empire PowerShell payload on it, which is a basically a programmable keyboard you can have it type of stuff.
The other thing I'll say is I got these retractable USB micro things.
They work pretty good. Cricket brand. I think, oh no. L-E-N-M-A-R.
And the model number is C-A-M-C-E-R-E-T.
And they're retractable. One of them is a GIMP because I probably dropped it or something.
The other one works pretty good. I'll let that sit.
Another important one, of course, is my badge. So I got that.
Next here is an umbrella. You want a nice windproof non-plasticy sheet.
Do not get your totes or anything like that. Get you a nice umbrella man.
K-O-L-U-N-B clone. This one's called like windproof or something like that.
So it gets you a nice sturdy, respectable, portable, small thing.
Because the last thing you want is to be running around somewhere in the rain.
And you press the button to do your umbrella.
And it shatters into a billion pieces because it's made out of crappy plastic.
So the last item I'll go on here, which is kind of my shenanigans box.
It's an old box that came, the laser came in.
So it looks like one of those like gun case or something, like a little mini gun case.
Anyways, I bring this with me for wireless assessments or if I'm doing some kind of physical thing.
And this has a pretty set of standard gear, but I'll go through it real quickly.
Here's a U.S. Keychain-based Southern Ordnance Lockpick.
It essentially has three, three or four picks in it.
And then retention wrench. And it's all centered on one little keychain.
Now I wrapped some gaffer's tape around here because I was finding that it's fairly easy to lose that tension wrench because it's kind of slides in there.
But I'm not very good at lockpicking, so I'll leave that up to you guys.
Again, it's a Southern Ordnance Keychain Lockpick.
I have a really crappy net gear wireless repeater in 300 Wi-Fi range extender.
This works if you're doing kind of a physical testing or you've hopped up a wireless access point.
And you can kind of program it to extend before you deploy it.
So for example, if you find a spot where you can drop a wireless access point and you're going to be outside of that area,
you can drop this in between you and the area and it will give you that little wastage you need unofficially.
It's not very good at all. I actually had it kicking me off the internet locally here at the house.
So I had to tear everything down and get some real wireless, got some of the ubiquity or not the ubiquity stuff with the open mesh stuff here.
Just one of those. They're more expensive AP.
That's that. And let's see what else is the more basic stuff I have in here.
It's pretty much a small patch cable that goes with this thing.
So here's a TP link.
What is the model number?
TL-MR3040.
And this is the Pintest Dropbox known as MiniPoner.
It's also known as Rootabaga spelled funny.
We can pick it up at AceHackware.
The cool thing about the AceHackware Rootabaga is that it comes with an eight gig USB boot.
It has the image on there and it's all idiot proof and you can actually turn it into a pineapple.
Or it has a pineapple mode and it has a standard MiniPoner mode.
I found that the MiniPoner mode was more for the hardcore guy that wants to whatever.
You can actually add full support for the pineapple.
Full plug and support by changing a few config items out of the box.
So it's pretty nice.
Again, it's got different Wi-Fi switches you can set to.
It's basically an idiot proof MiniPoner slash pineapple that you can get from AceHackware.
And of course that comes with a Wi-Fi on board and a battery and also an ethernet port on it.
Power and network for that.
Now let's see.
The next thing I have is the Ubertooth, which I haven't been able to do much with.
I've been doing some reconnaissance and there's also a Bluetooth sifting.
There's also a basically an analyzer, a base level analyzer called, I think it's called a GDK scan or something like that.
But it's all part of the on the notes for the Ubertooth one that has a scanner, like a Wi-Fi scanner.
And it basically, it'll show you graphical view of the Wi-Fi.
Let's see.
USB to USB to USB micro converter.
Here's the SDR stuff.
It's the really cheap one that will do the lower frequency for basic SDR.
DVB dash T plus DAB plus FM.
And you can do, I don't know what the frequency is up to.
But there's hacks where people are like overclocking it and like rub putting like putting heat sinks on it and making it do the higher frequency stuff.
And it comes with like a really shitty antenna.
I was actually able to pick up the trucking line for our local police department and kind of sort of halfless into some conversations.
Let's see.
We have the crazy radio PA dongle that is used for a program called, well essentially it's a part of the mouse jack.
If you haven't googled that, it's pretty interesting.
But there's a piece of software called Jacket which essentially automates the injection of wireless keyboards or mouse dongle for that.
So essentially what it does is it injects keyboard commands into your mouse dongle which is kind of ridiculous, right?
So the idea is there you use, you run this and you sniff packets from all the wireless mice and you kind of go in an S pattern.
And then you stand in the middle of the cubes and launch your payload like two or three times and make it an empire payload or maybe a passive payload that says just email this person at the company.com and you can get a pretty decent hit based on that.
That's kind of outside of the standard wireless spectrum you would think of.
And then I have really old alpha here, the AWUS036H card.
I actually had a coworker buy a new one, this new hotness and it had two, you had to have two input for it, I guess because of the end or the dual band or something.
Anyways, it needed two extra power and it was actually kind of wonky.
So I enjoy the original old school alphas because excuse me, still early in the morning here.
Original old school alphas because everything works and I can use air crack and it actually just works out of the box.
I don't have to worry about a whole lot.
So that's all my goodies inside of there. I don't think there's much that I'm missing. There might be a few key items that I don't have put in here that I should.
But the main one is that laptop stand keyboard mouse and the display port down below. Those are the big ones because you don't want to have your neck getting out and blown out and being hunched over the keyboard for hours on it.
But anyways, if you have a spare minute and have something to contribute or something, anything, record an episode, it's not hard.
You get to do it through the phone and have a horrible quality just like this. Have a good one.
You've been listening to Hecker Public Radio at HeckerPublicRadio.org.
We are a community podcast network that releases shows every weekday Monday through Friday.
Today's show, like all our shows, was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast, then click on our contribute link to find out how easy it really is.
Hecker Public Radio was founded by the Digital Dove Pound and the Infonomicon Computer Club and is part of the binary revolution at binrev.com.
If you have comments on today's show, please email the host directly, leave a comment on the website or record a follow-up episode yourself.
Unless otherwise stated, today's show is released under Creative Commons, Attribution, ShareLife, 3.0 license.
Reference in New Issue View Git Blame Copy Permalink