0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Find a DNS Zone Transfer Misconfiguration
By: Arjun C Shekar
December 29, 2016

How to find a DNS Zone Transfer Misconfiguration manually using CMD in Windows and Terminal Console in Linux - Before starting with the article, I want to describe the DNS zone transfer misconfiguration flaw in a web server. A misconfigured DNS Zone Transfer will lead to leaks of user names and relevant IP addresses. And it can also lead ...

No More "Ransom" Gives Global Power Against the Ransomware Battle
By: gurubaran
December 29, 2016

We are at the end of 2016, hope everyone aware of Ransomware and its impact on business. One reason that ransomware is so effective is that the cyber security field is not entirely prepared for its resurgence.Attacks are more successful when effective countermeasures are not in place.  Security firms are consistently developing and releasing anti-ransomware applications and decryption tools ...

10 Questions You Need to Ask Yourself Before Deciding if a Technical Project Management Role is Right for You
By: Olivia
December 29, 2016

In light of recent recognition of the Technical Project Management Skill Certification test’s popularity, I decided it may be wise to provide a closer look at how someone in a role such as this functions, and if making a transition into a similar position is right for you.Likewise, a recent post of mine listed project management ...

Chapter 5 - Practical Web Application Penetration Testing Series - Bypass Web Applications Firewalls
By: Babak Esmaeili
December 28, 2016

Chapter 5 - practical web pentesting - Bypass Web Applications Firewalls   As it is illegal to test a website without permission, and I could not find a test site with WAF(web application firewall) enabled I decided to carry on this section theoretically. A WAF ...

A Brief on Python
By: ushi04
December 28, 2016

Python is a scripting language and can be easily understood by everyone as it uses simple language. Its basic syntax is like all other languages such as C, C++, Java etc.. But there is something which attracts everyone to learn this language. It provides extra ordinary libraries and modules to ease work. I personally use python the most.Python comes ...

Be a Learn-a-holic: Using Webinars as Supplemental Learning Tools
By: Olivia
December 27, 2016

I’d like to propose an idea. I want the title of ‘Cybrarian’ to become synonymous with the term ‘learn-a-holic.’ What’s a learnaholic? As the name implies, it’s someone addicted to learning.But not just learning in a general sense, rather someone who is so utterly excited by the idea of gaining new wisdom and imparting it on others or using that ...

Biometrics: Not the Promised Silver Bullet
By: rcubed
December 27, 2016

Remembering passwords has become a necessary annoyance in the Digital Age. We resort to using birth dates, pets’ and children’s names, and easily-remembered numeric sequences like ‘1234’ or ‘666’ (if you have a Satanic bent). The more creative among us will combine the aforementioned strategies into passwords that would take even the most determined hacker eons to ...

Career Path for a Forensic Investigator
By: Divya Lakshmanan
December 27, 2016

Do you enjoy exploring how things work? Do you have a knack for interpreting the basic skeletal structure of any system with ease? Then digital forensics might be for you. So how do you develop the skills needed? You need to give yourself a great deal of theoretical and practical training before you are ready to step ...

Docker Containers Security
By: chiheb chebbi
December 27, 2016

  Docker container  is an open source project (Apache License 2.0). Containers allow developers to package up their applications without worrying about libraries and dependencies, a headache, allowing them to ship their applications among any system running Linux operating system.You can look at them like Virtual machines but without the need for creating a whole virtual operating system. ...

Suricata IPS: A Deep Inspecting of Your Traffic
By: Abhishek Puranam
December 27, 2016

Hi Cybrarians,I recently integrated Suricata tool into our application to block malicious traffic. Here are my 2 cents in this article on why Suricata is a great engine to be installed to mark your traffic prior communicating to the world. About Suricata   Suricata is a signature based system, built to perform Intrusion Detection, Prevention, and Network Monitoring along with ...