When you’re hunting for vulnerabilities, you jump between three different websites. NVD for CVE data. Exploit-DB for working exploits. GitHub for proof-of-concept code.

That’s annoying. You lose time. You miss things.

I built Exploit Eye to fix that.

The Problem

Here’s what happens when you research a vulnerability. You find a CVE number somewhere. CVE-2025-1234, for example.

First, you check the National Vulnerability Database. You find details there. Severity scores. Affected versions. The description tells you what’s vulnerable.

Your router protects your home network from the internet. Or it’s supposed to. Two major vendors just proved it doesn’t. 😅

ASUS: CVE-2025-59367 (CVSS 9.3) TP-Link: CVE-2025-7850 + CVE-2025-7851 (CVSS 9.3 + 8.7)

Both disclosed November 2025. Both critical. Both letting attackers walk right in.

ASUS routers: No password required.

The vulnerability affects ASUS DSL-AC51, DSL-N16, and DSL-AC750 routers. Authentication bypass.

If your router’s management interface is exposed to the internet, an attacker can connect remotely without any credentials. No username. No password. Direct admin access.

Nearly every modern Smart TV has ACR technology. You’ve probably never heard of it. (Most people haven’t. Stick with me…) It’s there. On almost every Smart TV. And it’s tracking everything on your screen.

Not just Netflix. Not just YouTube. EVERYTHING.

→ Playing PlayStation? Tracked. → Watching cable TV? Tracked. → Using Chromecast or Fire Stick? Tracked. → Private security camera footage? Tracked.

If it appears on your screen, your TV is watching it, recording it, and sending that data somewhere else.

Your Docker container? It just walked right out the front door. 😏

Three vulnerabilities just got patched. November 5th. CVE-2025-31133, CVE-2025-52565, CVE-2025-52881.

Docker, Kubernetes, AWS, Google Cloud. All of them.

Here’s what happened:

→ Attackers can break OUT of your container
→ Get root access on your HOST system
→ Bypass every security layer you thought was protecting you

Let me show you how bad this really is.

The Vulnerabilities

CVE-2025-31133 - Replace one file with a fake link. RunC thinks it’s mounting something safe. Instead? You’re writing directly to the system kernel. Container escape. Done.

Your Windows Kernel has a race condition. You’ve probably never thought about race conditions. (Most people haven’t. But stick with me…) It’s there in EVERY Windows version currently supported. And it’s being actively exploited right now. ⚡🎯

CVE-2025-62215. CVSS score 7.0. Confirmed exploitation in the wild.

Here’s what that actually means:

When multiple processes try to access the same kernel resource at the exact same time, there’s a tiny window where things can go wrong. An attacker who already has access to your system can exploit that split-second timing gap to escalate privileges.

Ethical Hacking Complete Course Zero to Expert

When I first successfully hacked a system years ago, I had to step away from my computer. It blew my mind… what was this power I had in my hands? That moment changed everything for me.

No, I didn’t learn this from books. I learned by doing. And that’s exactly how you’ll learn in this course.

Are you ready to push the limits, break down the walls?

DarkWebEye

Welcome to DarkWebEye. Explore the unseen depths of the internet with DarkWebEye, a powerful and intuitive tool crafted by Jolanda de Koff. Designed for ethical hackers, cybersecurity enthusiasts, and researchers, DarkWebEye offers a secure and efficient way to search the dark web through the Ahmia search engine.

Your Gateway to the Hidden Web

DarkWebEye:

Where Curiosity Meets the Hidden - Journey Through the Dark - Seeking Secrets in the Shadows

Introduction

Welcome to DarkWebEye. This tool, crafted by me, Jolanda de Koff, is designed to help you explore the hidden parts of the web safely and efficiently. DarkWebEye uses the Ahmia search engine to provide a streamlined way to find specific content on the dark web. It’s perfect for cybersecurity enthusiasts, ethical hackers, and researchers.

Hands-On Guide to Wireshark and Tshark: A Deep Dive into Network Analysis

Introduction

Introduction

Wireshark and Tshark: two names that anyone in network analysis, ethical hacking, or cybersecurity will know well. These aren’t just tools; they’re like gateways to understanding the complex web of network communications that underpin our digital world. In this guide, we’re going deep into the heart of these tools, starting with the basic features that make them so valuable and gradually working our way up to the more sophisticated and nuanced aspects of their use.

Before we delve into this critical topic, let me emphasize the gravity of DNS settings in the realm of ethical hacking. Whether you’re a seasoned professional or just starting out, understanding the nuances of DNS settings is pivotal to your career.

In the world of ethical hacking, there are several key factors that can determine your success or failure. However, one aspect that’s often overlooked, even by seasoned professionals, is the Domain Name System (DNS). Before we explore the labyrinthine nuances of hacking, security, and online anonymity, it’s imperative to address the elephant in the room: the critical importance of your DNS settings.

Ethical hacking techniques with SSH: Secure tunnels and data transfers

Introduction

Welcome to this comprehensive guide on Ethical hacking techniques with SSH: Secure tunnels and data transfers. In this easy-to-follow guide, you’ll get the inside scoop on why secure tunnels and data transfers are the unsung heroes of ethical hacking. Plus, you’ll learn how to up your cybersecurity game with the help of Secure Shell (SSH).

Why is Ethical Hacking Important?

Ethical hacking, often termed as ‘white-hat hacking,’ is the practice of intentionally probing systems for security vulnerabilities. The primary purpose is to discover weaknesses from a malicious hacker’s viewpoint to better secure systems.

Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web pages and applications on the Internet or other awesome info that is picked up by Google’s search bots. You can save the output in a file so that you can view it at a later time. You can determine the number of searches yourself. The number of websites to display

Twitter Eye is a Twitter Information Gathering Tool With Twitter Eye, you can search with various keywords and usernames on Twitter. Then the data you get is saved in a .csv file. This is to make it easy to read. You can then open these files in Excel, LibreOffice or etc. Twitter Eye is WITHOUT an API Key that you need with most tools for Twitter.

“Let’s make everything easy”..

Ghost Eye New Release. Ghost Eye is an Information Gathering, Footprinting, Scanner, and Recon Tool I made in Python 3. Since the last release of Ghost Eye, I’ve tweaked, removed, and added some new features. So that Ghost Eye would become more of a whole. For me, it remains a game of options so that together you get a complete overview of your target.

Ghost Eye Options

In the previous version of Ghost Eye, one of the the option was, “Have I been pwned” Since you need here now (a paid API) for this, I have removed this tool.

MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. This is such as telephone numbers, data leaks, related domain names and much more.

Information Gathering

Information Gathering is the act of gathering different kinds of information against the targeted victim or system. There are various tools, techniques, and websites, including public sources such as Whois, nslookup that can help gather information. MOSINT is very helpful to gather information about all kinds of emails.

The Purpose of Maigret - collect a dossier on a person by username only, checking for accounts on a huge number of sites.

This is a sherlock fork with cool features under heavy development. Don’t forget to regularly update source code from this repo.

Currently supported more than 2000 sites (full list), by default the search is launched against 500 popular sites in descending order of popularity.

Clear Your Tracks on Linux

In this article and video, I show you how to clear your tracks in Linux. This is very important if you are a penetration tester, an ethical hacker, or a cyber security expert.

Clear Your Tracks The Final Step

It is one of the biggest mistakes an attacker makes to let a track behind.

If you see the biggest attacks in the past years, most of the detection was made really easy from the malware that the black hat hacker(s) have left, which they didn’t clear. Many of the “best hackers” got caught this way.