Search
Exploit Development
Mastering exploit development allows hackers to create custom tools to bypass modern defenses, especially when standard exploits are ineffective.
NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298
Welcome back, my aspiring cyberwarriors! Over the years, Microsoft Windows operating system, the world's most widely used OS, has been...
3 min read
3,784 views
Exploit Development: Fuzzing with American Fuzzy Lop++ (AFL++) to Find Zero-Day Vulnerabilities
Welcome back, my aspiring cyberwarriors! Finding vulnerabilities in applications and services is the first step toward developing your...
5 min read
1,460 views
Exploit Development: Building Your Own Fuzzer with BASH
Welcome back, my aspiring cyberwarriors! In the digital battleground of cybersecurity, web application fuzzing stands as a critical...
5 min read
1,215 views
Using the Brand New ( CVE-2024-38063) IPv6 Exploit to DoS a Windows System
Welcome back, my aspiring cyberwarriors! Recently, security researchers discovered a critical vulnerability in the Windows IPv6 packet...
4 min read
1,531 views
Privilege Escalation: The Dirty Pipe Exploit to Escalate Privileges on Linux Systems
Welcome back, my aspiring cyberwarriors! Often, after successfully compromising a system, we are limited to the privilege's of the...
3 min read
5,669 views
Building a Honeypot to Capture Zero-Day Exploits, Part 1
The Holy Grail of any hacker is to develop a zero-day exploit—an exploit that has never been seen by antivirus (AV) or intrusion...
4 min read
4,684 views
Working with Exploits: Using Exploit-DB to find Exploits
I. Introduction This section of this course is designed to help you find and use exploits that will work against known vulnerabilities....
5 min read
7,146 views
SCADA Hacking: Developing Zero-Day SCADA Exploits
As white-hat hackers, ultimately we want to be able to develop exploits for SCADA/ICS systems. In this way, we can find vulnerabilities...
5 min read
6,645 views
Metasploit Basics, Part 13: Exploiting Android Mobile Devices (Updated)
Welcome back, my budding hackers! The growth of the mobile device market has been dramatic over the past 10 years. From its birth in 2007...
5 min read
70,715 views
Network Forensics, Part 2: Packet-Level Analysis of the NSA's EternalBlue Exploit
Welcome back, my aspiring cyber warriors! In April 2017, a nefarious group known only as the Shadow Brokers, released to the world a...
4 min read
19,948 views
Hack like the NSA: The New Shadow Brokers Exploits
Recently, Shadow Brokers--that mysterious group that has been trying to sell stolen NSA zero-day exploits over most of the last...
1 min read
8,065 views
Bluetooth Hacking, Part 3: The BlueBourne Exploit
When BlueTooth was first introduced in 1994 by Ericcson Corporation of Sweden, it was very insecure. Hackers could steal information and...
3 min read
53,410 views
Snort Basics for Hackers, Part 5: Testing your Snort IDS Against Known Exploits
Welcome back, my greenhorn cyber warriors! In my previous posts in this series, we installed Snort, configured Snort, set up Snort to...
4 min read
14,074 views
Metasploit Basics, Part 22: Exploiting and Controlling a System When You Have Physical Access
Welcome back, my aspiring cyber warriors! Much of what we have done here in this Metasploit Basics series enables us to exploit and...
4 min read
3,721 views
Exploit Development, Part 1: Anatomy of Buffer Overflows
Introduction Buffer Overflows Buffer overflows are probably the most insidious type of attack. A buffer overflow is basically when a...
6 min read
8,095 views
How to Exploit Nearly Any Windows System Using CVE-2017-8759
On September 12, 2017, FireEye revealed that they had found malware in the wild that exploited CVE-2017-8759. This malware exploits a...
3 min read
10,563 views
Metasploit Basics, Part 15: Post- Exploitation Fun (Web Cam, Microphone, Passwords and more)
Welcome back, my fledgling hackers! As we have progressed through this series on Metasploit Basics, we have used numerous techniques to...
7 min read
39,888 views
SCADA Hacking: Exploiting SCADA/ICS Systems with the Command Line Tool, modbus-cli
For those of you who have been following my series on SCADA hacking, you are aware that SCADA/ICS systems do NOT use the usual protocols...
5 min read
14,793 views
Hack Like the NSA:The EXTRABACON Zero-Day Exploit on Cisco ASA Firewalls
As most of you know, recently an entity within the NSA--or very close to the NSA--was hacked. This NSA associated group, often referred...
5 min read
9,122 views
Exploiting SNMPv1 for Reconnaissance
As you know, the Simple Network Management Protocol uses UDP ports 161 and 162 to manage network devices. Network devices use this...
5 min read
14,364 views