Vulnerabilities – Hackers Arise

Vulnerability Scanning: Automatic Search For Known CVEs With CVEScannerV2

February 24, 2025February 24, 2025Occupy The Web

Welcome back, aspiring cyberwarriors! During reconnaissance, our goal is to identify vulnerable services within our target’s network. To streamline this process, CVEScannerV2 was developed – a powerful Nmap script that bridges the gap between network scanning and vulnerability assessment. This tool enhances the capabilities of the widely-used Nmap scanner, offering security professionals a comprehensive […]

VPN Hacking: How VPN’s Work and How They Break Our Security

February 18, 2025February 18, 2025Occupy The Web

Welcome back, my aspiring cyberwarriors! In recent posts, I have emphasized the risks inherent in VPN’s. Virtual Private Networks or VPN’s are designed to keep us safe and secure but in recent years they have failed us miserably. In highlighting these failings, we have encountered a lot of confusion and misconceptions regarding how VPN’s […]

NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298

February 3, 2025February 3, 2025Occupy The Web

Welcome back, my aspiring cyberwarriors! Over the years, Microsoft Windows operating system, the world’s most widely used OS, has been riddled with security vulnerabilities. As the years have gone by and Microsoft has become more security conscience, the number of critical vulnerabilities has waned, but every so often we find another that make the […]

Wi-Fi Hacking, Part 17: Wi-Fi Hacking with Bettercap

January 11, 2024January 30, 2024Occupy The Web

Welcome back my aspiring cyberwarriors! In this series on Wi-Fi (802.11) hacking, we have examined a multitude of approaches to Wi-Fi hacking including; Wireless Hacking Strategies Getting Started with aircrack-ng Hacking WPA2-PSK Continuous DoSing of a Wireless AP Hacking WPS with Reaver Hacking WPA2-PSK without Password Cracking Evading Wi-Fi Authentication Evil Twin Attack to Spy […]

Database Hacking: Common SQL Injection Commands

December 15, 2023December 15, 2023Occupy The Web

Welcome back, my aspiring cyberwarriors! According to the Open Web Application Security Project (OWASP), command injection is perennially one of the most serious and numerous attacks against web applications. In addition, these attacks usually involve serious financial damage to the companies and other institutions as they are attacks against the database, the repository of so […]

Android Hacking: The libwebp Vulnerability (zero-day/zero-click)

December 15, 2023December 15, 2023Occupy The Web

Welcome back, my aspiring cyberwarriors! In recent days, a new and severe vulnerability has been found among the Android ecosystem that puts all Android devices, and even Apple iOS devices, at risk. It enables the attacker to send images via SMS and take control of the device with no user interaction! This vulnerability was first […]

Open Source Intelligence (OSINT): Finding Vulnerable Systems Across the Internet with Netlas.io

December 15, 2023January 5, 2024Occupy The Web

Welcome back, my aspiring cyberwarriors! Oftentimes, as cyberwarriors, we need to check to see whether our systems or others’ are vulnerable to various known vulnerabilities and attacks. Whether a penetration tester, security engineer or other malicious actors, such information can be critical to the success of your mission. There are number of other websites that […]

Building a Honeypot to Capture Zero-day Malware, Part 2

December 15, 2023December 15, 2023Occupy The Web

The Golden Fleece of hackers is to develop a zero-day exploit, an exploit that has not been seen by antivirus (AV) software or and intrusion detection system (IDS). A zero-day exploit is capable of skating right past these defenses as they do not contain a signature or another way of detecting them. Developing a zero-day […]

Building a Honeypot to Capture Zero-Day Exploits, Part 1

December 15, 2023December 15, 2023Occupy The Web

The Holy Grail of any hacker is to develop a zero-day exploit—an exploit that has never been seen by antivirus (AV) or intrusion detection systems (IDS) developers. In that way, the hacker can exploit systems with their newly discovered vulnerability without detection! To get a zero-day, you have at least two choices: (1) develop your […]

Crashing (DoS) Russian Servers with the Bluekeep Vulnerability

December 13, 2023December 13, 2023Occupy The Web

Welcome back, my aspiring cyberwarriors! Putin’s brutal invasion of Ukraine must be stopped. While the Ukrainian people are having bombs dropped on their heads and are living without heat and electricity, those of us with the skills and knowledge are obligated to do what we can from our warm, cozy offices and homes. Remember, Putin […]

Category: Vulnerabilities

Vulnerability Scanning: Automatic Search For Known CVEs With CVEScannerV2

VPN Hacking: How VPN’s Work and How They Break Our Security

NEW No-Click Critical Vulnerability in Microsoft Windows: CVE-2025-21298

Wi-Fi Hacking, Part 17: Wi-Fi Hacking with Bettercap

Database Hacking: Common SQL Injection Commands

Android Hacking: The libwebp Vulnerability (zero-day/zero-click)

Open Source Intelligence (OSINT): Finding Vulnerable Systems Across the Internet with Netlas.io

Building a Honeypot to Capture Zero-day Malware, Part 2

Building a Honeypot to Capture Zero-Day Exploits, Part 1

Crashing (DoS) Russian Servers with the Bluekeep Vulnerability

CYBER WEEK SALE

35% OFF EVERYTHING

USE CODE jjt8vpmput1d

ENDS 12/6 AT MIDNIGHT!

Excludes books, but everything else is fair game!

THE WORLD'S BEST CYBERSECURITY TRAINING BUNDLE JUST GOT BETTER

Each month one lucky purchaser will be selected to

35% OFF EVERYTHING

USE CODE jjt8vpmput1d

ENDS 12/6 AT MIDNIGHT!

Excludes books, but everything else is fair game!