0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Think Outside the Server: Copiers and Medical Equipment May be at Risk
By: Lawrence King
April 5, 2017

In my experience working in IT, I have seen many organizations who leave peripheral devices on the network with internet access and they leave the passwords at the default settings. The servers and workstations are secured. Network switches, wireless access points, and routers are locked down as well. For some reason, people do not see printers, scanners, and copiers ...

Anonymously Scan a Remote Website Using Nmap
By: binel
April 4, 2017

4 SIMPLE STEPS TO ANONYMOUSLY SCAN A REMOTE WEBSITE USING NMAP Here are the materials required to successfully follow this tutorial: A laptop with an access to the internet A remote website that you own or that you have ...

Hacking the Hacker
By: systemrestore
April 4, 2017

This story begins in the fall of my first-year cyber security class. We were put into groups during our "cyber spookhouse" the point of the activity was to show and inform our fellow students, from different industrial fields, to coerce them into hardening their security. I was placed into the MITM group with four others and we decided to ...

Don’t be Nervous Your New Co-Worker Could be a Robot
By: Olivia
April 3, 2017

In the past, I’ve written with a mixture of excitement and hesitation on the topic of Artificial Intelligence (AI). AI is defined as: the theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages.My post ‘A Buzzword to Rattle your Brain’ explored ...

[Part 2]$~Metasploit for Beginners
By: spiritedwolf
April 3, 2017

Metasploit for beginners So, hello friends. This is my 2nd post on Metasploit for beginners if you haven't checked the previous post then it is here. https://www.cybrary.it/0p3n/part-1metasploit-beginners/ So, today we will discuss " Metasploit ...

A Penetration Testing Checklist For Linux Machine – Intrusion Discovery
By: gurubaran
April 3, 2017

Since we already discussed  A Penetration Testing Cheat Sheet For Windows Machine – Intrusion Detection , here we will see the most important Linux machine pen testing checklist on an occasional premise (day by day, week by week, or each time you log on to a framework you oversee) gone through these anomalous behaviours  to search ...

Escaping Linux CHROOT Jail
By: chiheb chebbi
April 1, 2017

Introduction Isolation is a security approach provided by many computer systems. It is based on splitting the system into smaller independent pieces to make sure that a compromised sub-system cannot affect the entire entity. This approach is present in every modern operating system (e.g User accounts, process address spaces etc..). Chroot Jail is a way to separate a ...

Web Server Penetration Testing Checklist
April 1, 2017

Web server pen testing performing under 3 major category which is identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relation vulnerabilities. "Conduct a serial of methodical and repeatable tests"  is the best way to test the web server along with this to work through all of the different application vulnerabilities. ...

HTML Injection Introduction
By: Hari Charan
March 31, 2017

  What is HTML injection? As you know,  HTML  is used to design web pages. Yes, you’re right. But what happens if a developer forgets to sanitize the user input. What happens if developers don’t predict when a hacker use the application. Do you know what all could be done if this vulnerability exist? To inject you don’t even need a toolkit. You may ...

UNM4SK3D: FCC, WhatsApp, and GiftGhost
By: Olivia
March 31, 2017

#privacyrules Ladies and gentlemen, start your VPNs. As of March 28th, the House of Representatives and the Senate agreed to repeal the FCC's recent privacy rules. And while those rules still need President Trump's likely signature, many are rushing to Google 'Private network how-tos,' with VPN subscriptions in the US surging by 239% ...