Search results

When BlueTooth was first introduced in 1994 by Ericcson Corporation of Sweden, it was very insecure. Hackers could steal information and send unsolicited messages to the unsuspecting. In recent years, additional security has been built-in to the protocol and much of the IT security industry has...

The beauty of Bluetooth hacking is that it gives you a clear window into the world of the target. Nearly every device has Bluetooth capabilities now, and people store a great deal of personal information on their phones and tablets. If we can hack their Bluetooth connection, we can access all of...

Welcome back, my aspiring cyberwarriors! Today, Bluetooth is built into nearly all our devices and gadgets. These include our computers, smartphones, iPods, tablets, speakers, game controllers, keyboards, and many other devices. In this series, we will be focused on hacking mobile devices...

This section of Hackers-Arise is dedicated to hacking the Bluetooth protocol. Bluetooth is the pico-net that extends at least 10m around our devices and enables us to connect headsets, speakers, and other devices to our mobile devices. If one can hack the Bluetooth protocol, you can potentially...

We recently began an exploration of ways to hack using the Bluetooth protocol. As you know, Bluetooth is a protocol that connects near field devices such as headsets, speakers, and keyboards. Its minimum range is a 10-meter radius (~33 feet) and maximum is at 100 meters (~328 feet). I already...

Welcome back, my aspiring cyberwarriors! Bluetooth is a nearly ubiquitous protocol used to communicate between devices in close proximity or a piconet, such as speakers, headphones, and cellphones. If an attacker can exploit Bluetooth, it may be able to take control of or eavesdrop on any of...

Welcome back, my aspiring cyberwarriors! Bluetooth is the most underappreciated attack vector into all your devices. Nearly all our devices have a bluetooth adapter and connection that is vulnerable to attack. This includes our cellphones, laptops, Smart Home devices, ICS devices and our...

Those of us who use the BASH shell regularly, love the fact that our history can be recovered simply by using the up and down arrows. This saves us significant time in re-writing our commands. The BASH or Bourne Again Shell saves the command history is a file called bash_history. At the same...

Pentesting is not just clicking on keys and feeling like a hacker from Hollywood movies. It is serious work, where a lot of time is spent on routine: scanning networks, brute-forcing passwords, analyzing web applications or digging into open data (OSINT). These tasks, although important...

Want to protect your data, find an old friend or check any information online? Master OSINT for yourself - it is the key to the world of open sources, available to everyone! IntroductionWith the advancement of technology and the increasing volume of information available on the Internet, the...

Introduction SQL Injection is one of the most dangerous and widespread vulnerabilities in web applications. Despite the fact that it has been talked about for more than 20 years, thousands of sites still remain vulnerable. In this article we will discuss: How SQL injection works using a...

Your Python API may be leaking customer data right now! It's not a hoax: 7 out of 10 leaks over the past year (as of 2024 and current trends) are APIs' fault. We'll show you how to patch the biggest holes in the OWASP Top 10 and sleep soundly. You will learn: What vulnerabilities are included...

You write code. It works. Features execute, customers are happy. But what if, right now, your app has holes hidden in it that could allow an attacker to steal data, take control of your server, or simply destroy everything you've worked so hard to build? The OWASP Top 10 is not just a list of...

Welcome back, aspiring cyberwarriors! While many security professionals are familiar with popular frameworks like Metasploit or Burp Suite, there’s a powerful Python library that often flies under the radar despite being one of the most versatile and essential tools in any red teamer’s arsenal...

Welcome back, my aspiring cyberwarriors! We are living on the cusp of one of the most exciting eras in the history of technology! Artificial Intelligence (AI) is about to change everything we do and change the way the world operates. This change will likely be more dramatic and consequential...

Welcome back, my aspiring cyberwarriors! In recent posts, I have emphasized the risks inherent in VPN’s. Virtual Private Networks or VPN’s are designed to keep us safe and secure but in recent years they have failed us miserably. In highlighting these failings, we have encountered a lot of...

Welcome back, my aspiring cyberwarriors! The cybersecurity industry is dependent upon a few developers to produce routers and VPN’s to keep our data safe. Unfortunately, many of these developers have failed to provide products that take into account even the most rudimentary cybersecurity...

Active Directory (AD) is the heart of the corporate infrastructure, which is why it is so attractive to intruders. There is one "BUT": manually parsing AD is long, difficult, and inefficient. Ldeep is a tool that automates the collection of critical information from LDAP, helping to find...

In 2024, a database with 1.2 billion stolen passwords appeared on the Darknet. In 2023, hackers broke into the 23andMe genetic testing service and leaked the data of 7 million users. In 2022, the usernames and passwords of 500 million WhatsApp users leaked. Your email or password could...

Hi. I've never written anything like this, but I read the chat in Telezhka and decided to touch on this topic. I'll try to keep it short, the topic is serious and huge. For those who are waiting for copy-paste to work and everything to start - I'll say right away - try and maybe you'll get...