Welcome back, my aspiring cyberwarriors! In this tutorial, we will examine what happens if that update or upgrade is hijacked by a malicious entity. All of our systems, periodically download upgrades and updates trusting that these are coming from the software developer. What if they were not? What if these updates/upgrades were coming from a […]

Welcome back, my aspiring automobile hackers! Now that we laid out the basics of the most common protocol used in automobiles, the Controller Area Network or CAN, we can now proceed to installing the can-utils. can-utils is a Linux specific set of utilities that enables Linux to communicate with the CAN network on the vehicle. […]

Welcome back, my fledgling hackers! Hacking has a long and storied history in the U.S. and around the world. It did not begin yesterday, or even at the advent of the 21st century, but rather dates back at least 40 years. Of course, once the Internet migrated to commercial use in the 1990s, hacking went […]

Welcome back, my aspiring car hackers! In the previous tutorial in this series, we learned how to use the CAN utilities or can-utils to capture and send CAN packets. Now, with those tools we can begin to isolate and reverse engineer the CAN packets to take control of the vehicle! Step #1: Use the Controller […]

Welcome back, my aspiring cyberwarriors! Email is one of the most important services and protocols in our daily digital life. Without it, most of us would be non-functional. Despite this criticality, many vulnerabilities still exist in these systems. The key protocol for email is SMTP or Simple Mail Transfer Protocol running, by default, on port […]

Welcome back, my aspiring cyberwarriors! In recent weeks I’m certain you have heard about the SolarWinds/Sunburst hack. Just to review, Russian state-sponsored actors hacked into the SolarWinds update server and installed malware into the software updates. As a result, everyone who received the March 2020 update, now has a Russian backdoor on their system. This […]

Welcome back, my aspiring web app hackers! In this series on Web App Hacking, we are exploring the multitude of ways of hacking web applications. Here, we are delving into the most widely used Web App Hacking tools, BurpSuite (BurpSuite is on my essential hacking tools list here). In an earlier post here at Hackers-Arise, […]

Welcome back, my aspiring cyberwarriors! Cross Site Scripting or XSS is one of the most problematic vulnerabilities in web applications. It ranks among the OWASP Top 10 website vulnerabilities nearly every year. For more on cross-site scripting, check out my post here. In this tutorial, I will demonstrate how to use the BurpSuite to test […]