0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.


Neal Stephenson said in a novel of his called Cryptonomicon:“How long do you want these messages to remain secret?[…] I want them to remain secret for as long as men are capable of evil.”One cannot underestimate the importance of cryptology nowadays. As the need for studying and implementing secure communication techniques rise, in the ...


Reverse Engineering: https://www.cybrary.it/wp-content/uploads/2017/11/cheat-sheet-reverse-v6.png Linux commands: https://linoxide.com/images/linux-cheat-sheet-612x792.png Penetration Testing: https://highon.coffee/blog/cheat-sheet/ SQL Injection: http://pentestmonkey.net/category/cheat-sheet/sql-injection NMAP: Professor Messer+s Quick Reference Guide to NMAP Hacker Target: Nmap Cheat Sheet XSS: ...


#zeroday Participants in the Mobile Pwn2Own 2017 competition recently produced exploits for exploits for the iPhone 7, Samsung Galaxy S8, and other mobile devices. Nothing like a little friendly competition, right? For those unfamiliar, this competition is a two-day event hosted by Trend Micro's Zero Day Initiative (ZDI) and promotes the disclosure of vulnerabilities during ...


While listening to a recent episode of Security Now , Steve Gibson discussed that help is on the way for securing websites and services. I have not seen much mention of it anywhere else but I feel that it is definitely something worth noting.When it comes to identifying security risks in websites and services a major problem in the ...


As we have all heard, there is a group calling themselves The Shadow Broker. They hacked into the NSA's (National Security Agency) server and stole a disk full of secrets last summer. This stunt pulled by shadow brokers publicly mocked the NSA for their vulnerable security and lack of information gathering skills. Despite this, they also ...


Maintenance Accounts (English Version) Here is a mistake where many server owners and site admins leave their maintenance accounts in the default mode. The hacker can guess account credentials in a simple way.For example:If we target (router) we will extract (IP), we will use any Rang IP extraction program. For example, IP Range - Angry IP. After we extract many ...


Hackers can be extremely creative at getting around various types of security, but there may be some ways that are so far out there and crazy that many security professionals have not even heard of them. Some of these hacks are pure genius and they show us how someone with enough determination can get through nearly any type of ...


If you love Linux, you're not alone! Your fellow Cybrarians are enjoying lots of cool Linux training, tools, posted content, etc. The links below include training and supplemental study tools.Plus, here are a few interesting thoughts on Linux from Linux.com : "From smartphones to cars, supercomputers and home appliances, the Linux operating system is everywhere. It’s been around ...


#ransomware Bad Rabbit ransomware, which involves the downloaded file named 'installflashplayer.exe,' has hit approximately 200 businesses in multiple countries including the US, Russia, Ukraine, Germany and Turkey. According to researchers as Kaspersky, the outbreak is spreading from drive-by download attacks via legitimate news sites where the host sites are infected with a ...


You may have heard the term OSINT(“Open Source Intelligence”). The basics are that you can use public sources to get information about a target during your recon. There are many tools that are available to perform this task such as Google, Maltego, SHODAN etc, one of the tools that really puts a perspective not only on what can be ...