0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
![Cross Site Request Forgery [CSRF-XSRF] Vulnerability](https://images.ctfassets.net/kvf8rpi09wgk/3tpSXLMbs6D0bXlTw8UucK/2d648c6dd1981c3fca93f5c03ea36bc7/blog-default.jpg?w=800&fm=webp)
Cross-site request forgery [CSRF], also known as "one-click attack" or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website (“Web Application”); where unauthorized commands are transmitted from a user that the website trusts. The impact of a successful CSRF attack is limited to the capabilities exposed by the ...
A certified ethical hacker is a computer programmer hired by a business to attempt to break into a computer system with the purpose of discovering vulnerabilities and other things a malicious hacker could potentially exploit, resulting in significant damage.Ethical hackers use the same methods and programs as their harmful counterparts but instead of using them to cause ...
According to US News and World Report, software developers enjoy a median salary of $95,510 annually. In addition to this higher than average salary, the unemployment rate is very low (about 2.5%) and people in this field enjoy a nice work-life balance. It is a constantly changing, ever evolving field.Given all the positive aspects surrounding this field, it is ...
Python Guide Python is a programming language that lets you work quickly and integrate systems more effectively. The standard library of python has its documentation which is available, as it the case for tutorials and guides. The source code and installers are available for download for all versions. The latest version is Python 3.5.2. Running Python ...
Step 1: Reconnaissance Phase. Prior to an attack, the penetration tester should know as much as possible about the target environment and the characteristics of the system. The more targeted information the penetration tester finds, the better the chances of identifying the easiest and fastest way to succeed. Black-box testing requires more reconnaissance than ...
Introduction Socat (SOcket CAT) is a networking tool which transfer s data between two locations . Thes e locations can be sockets such TCP, UDP, IPv4, ssl-sockets or even an ...
Introduction This guide contains the Windows commands most used by attackers as shown by a study of the Japanese National CERT and explains how to defend against these attacks . It also suggests more Windows commands that can also be interesting for potential attackers. Windows Commands The most used ...
Hello, Cybrarians!As always, I'm grateful that I still get your support on my articles and I'm really glad that I'm part of this great community and platform.As you may know, I'm writing different IT-SEC articles from time to time and will continue to share my experience with all of you.Today I would like to discuss the Power of Automation Testing which is ...
Updated August 2018 You probably opened this blog because you thought I’d be making a lot of drug references. Sorry, but I’m fresh out of Adderall. In all seriousness though, I do want to talk to you about addiction, and not as a disappointed parent.If I’m lucky, by now you’ll have read my blog on CPE. Hopefully, ...
With today’s modern and sophisticated technology such as slim and fast laptops, smartphones, tablets and programs such as Skype and FaceTime, today’s employees are no longer married to the five day, 40 hours a week of being in the office, working at a desk. Rather, they can have the flexibility of working from home, sometimes even as a full ...