0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Tutorial: Avoid Antiviruses and Compromise Workstations - Part 1
By: JPMinty
March 23, 2017

It's 2017 and traditional Antivirus solutions are becoming more and more obsolete with every passing day. The rise of exploit kits and "do it yourself malware" means that organizations can no longer rely solely on Antivirus solutions to keep them safe. In fact, someone with little experience can now make a unique piece of malware that is capable of ...

Kali Linux - Hacking Tutorials
By: pnp.007
March 22, 2017

Nmap - Network Mapper Network Mapper is an open source and a very versatile tool for Linux system/network administrators. Nmap is used for exploring networks, perform security scans, network audit and finding open ports on a remote machine. It scans for Live hosts, Operating systems, packet filters and open ports running on remote hosts.  OPHCRACK- Windows ...

Tutorial: FTP Automated Shell Scripts
By: Bmsr256
March 22, 2017

In this post, I will show you some Unix shell scripts to automatically work with FTP servers. These are scripts that FTP to a remote server and then close the FTP connection to that server when the file has been transferred.These are the shellcodes for those three script files. CODE: Execute_FTP.sh ./Parser.sh 10.132.207.2 username password /home/cybrary/Documents/OUT DiskAlert.txt /tmp/Alert/VDS ...

Best Resources for Learning Android Programming or Anything Else
By: rcubed
March 21, 2017

This post is a follow-on to the series I began a few weeks back on mobile app development in general and Android coding in particular. It’s also the concluding post in the series. The previous post on getting started with Android development walked you through the steps of installing Android Studio and creating a demo ...

Anatomy of a Ransomware Attack - Part 6
By: AjayRandhawa
March 21, 2017

RANSOMWARE PROTECTION, PREVENTION, MITIGATION We don’t think paying the ransom is the best idea because there’s no guarantee the criminals won’t up the ante, or that they’ll actually follow through on their promise to send you the keys to decrypt your files. And paying the ransom also supports a cyber criminal enterprise that will ensnare more victims. ...

The "Myth" of Confidential Customer Credentials
By: THE CYBER EAGLE (CYBER SECURITY + NETWORK SPECIALIST)
March 20, 2017

Is there such a thing as "Confidential Customer Credentials" anymore? Article By: Jeremy Bannister (CYBER SECURITY EAGLE) Recently there was information released about Google’s G-mail customer user account credentials becoming the latest to be put on sale on the Dark Net, along with numerous Yahoo customer user account credentials that stem from numerous cyber-attack incidents spanning from ...

How to Secure the SSH Service
By: lscianni
March 20, 2017

SSH is considered a secure protocol, and depending on your environment, the default server configuration may work with a little tweaking of the daemon configuration file. Still, as we will go over in this article, there are some options you may want to configure your SSH servers for more security and control. What is SSH? The Secure Shell protocol is ...

Let's Enumerate + Bonus
By: H5p
March 19, 2017

I will be discussing some command line tools which will help the pentesters during their work. Let's cut the talk and get to the meat.1) whoiscommand: whois google.com   2) hostcommand 1: host -hcommand 2: host google.comcommand 3: host -C google.com   3) theharvestercommand 1: theharvestercommand 2: theharvester -d cisco.com -l 20 -b all    4) ...

Anatomy of a Ransomware Attack - Parts 4-5
By: AjayRandhawa
March 19, 2017

ANTIVIRUS FAILS TO STOP RANSOM 4.1 Destroying your hard drive After completing this process and before begins spying on users, Rombertik runs a final check to make sure it is not being analyzed in memory. In case it finds any indication of being analyzed, the spyware attempts to destroy the master boot record (MBR) of the ...

Ethical Hacking and Penetration Testing with Kali - Introduction
By: Priyank Gada
March 18, 2017

What is this course about? This course is mainly focused on Kali Linux and we are going to use Kali Linux as the main operating system. This course also cover some basics of programming knowledge, basics of Linux, Linux terminal commands, etc. What's inside the course? In this course, we are going to use Kali Linux and we ...