0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Bruteforce Login-page Using Hydra and Python Script (DVWA)
By: an0th3rhuman
April 28, 2017

What is DVWA? Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a ...

Creating a post with Juliar
By: Rattar
April 27, 2017

Hello Cybrarians,Today we will be creating a program that stores name into a variable and prints it out!We will be using the new built-in editor for Juliar! You can download the latest version of Juliar from here:  https://juliar.org/downloads.php  First, you want to double-click the jar file to run. An editor should then pop up!Go to File -> NewThis will ...

The "Hell" of an Unsolicited Phone Call
By: njbaker7
April 27, 2017

Just knowing that the notion of a simple three letter word could wreak havoc in my life is scary beyond anything imaginable. I am speaking of a simple “Yes”. Getting a call from an unsolicited number has me screening my calls more than ever before. My thought now is, if it is that important the caller ...

Breaking into the Cybersecurity Field
By: Derek Carlin
April 27, 2017

“I want to get into Cybersecurity, where do I start?” With an estimated One Million job openings in Cybersecurity in 2017 and a shortage of talent, it is easy to see why so many people are drawn to the field. I myself made the switch from traditional IT to the Cybersecurity field within the last year, and when ...

I am "NOT" a Robot ... Using Juliar
By: Rattar
April 26, 2017

Hello Cybrarians and RatTeam-sters,Recently, I've been experimenting with Juliar Hallucinogen module for Juliar to break Google's I am not a robot CAPTCHA.  Juliar HTTP API was used for this experiment.For this experiment, I created a simple registration page with google's captcha. When you click on Google's captcha I am not a robot...there is a chance that you will ...

PowerShell Obfuskation Techniques & How to Detect Them
By: Jinx
April 26, 2017

Introduction: Invoke-Obfuscation is a code obfuscating Framework built on PowerShell by Daniel Bohannon.Attackers are using more and more powerful techniques to obfuscate their scripts and codes. PowerShell script is one such particular way of attack which is very dangerous if used due to few reasons Most of the internet population is on Windows. ...

SQL Injections – Part 1
By: Hari Charan
April 25, 2017

Though there are many vulnerabilities,  SQL injection (SQLi)  has its own significance. This is the most prevalent and most dangerous of web application vulnerabilities. Having this SQLi vulnerability in the application, an attacker may cause severe damage such as bypassing logins, retrieving sensitive information, modifying, and deleting data. Sometimes this costs life when it comes to ...

Foundational Cisco Commands and Tips
By: Tamas Szucs
April 25, 2017

Console settings Protocol: Serial Port: COMx Baud rate: 9600 Flow control: RTS/CTS Basic commands User mode enable Privileged mode configure terminal HW properties show inventory raw HW summary information show inventory oid ...

Pentest WPA / WPA2 Encryption with Kali
By: Klimdy
April 24, 2017

Pentest WPA / WPA2 Encryption with Kali Hello and welcome to this tutorial! Please note: All tests were carried out on the MacBook Air with installed Kali Linux and Wi-Fi Adapter TP-LINK TL-WN722N. Step 1: ...

Non-Repudiation and Irrevocability
By: bytezealot
April 22, 2017

Definitions of the pertinent concepts used in this article: Authenticity : Property that ensures that an identity of a subject or resource is, in fact, the real identity claimed. It applies to individuals (users), but also to other entity (applications, processes, systems, etc.). Integrity: Methods of ensuring that data is real, accurate, consistent ...