0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Cross Site Request Forgery [CSRF-XSRF] Vulnerability
By: MrTaharAmine
November 21, 2016

Cross-site request forgery [CSRF], also known as "one-click attack" or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website (“Web Application”); where unauthorized commands are transmitted from a user that the website trusts. The impact of a successful CSRF attack is limited to the capabilities exposed by the ...

The Ethical Hacker: How to Certify
By: Rachel Laura M
November 20, 2016

A certified ethical hacker is a computer programmer hired by a business to attempt to break into a computer system with the purpose of discovering vulnerabilities and other things a malicious hacker could potentially exploit, resulting in significant damage.Ethical hackers use the same methods and programs as their harmful counterparts but instead of using them to cause ...

Becoming a Software Developer
By: Rachel Laura M
November 20, 2016

According to US News and World Report, software developers enjoy a median salary of $95,510 annually. In addition to this higher than average salary, the unemployment rate is very low (about 2.5%) and people in this field enjoy a nice work-life balance. It is a constantly changing, ever evolving field.Given all the positive aspects surrounding this field, it is ...

Python Guide Part I
By: ziednamouchi
November 20, 2016

Python Guide Python is a programming language that lets you work quickly and integrate systems more effectively. The standard library of python has its documentation which is available, as it the case for tutorials and guides. The source code and installers are available for download for all versions. The latest version is Python 3.5.2. Running Python ...

How to Hack: The Full Penetration Testing Process
By: MrTaharAmine
November 20, 2016

Step 1: Reconnaissance Phase. Prior to an attack, the penetration tester should know as much as possible about the target environment and the characteristics of the system. The more targeted information the penetration tester finds, the better the chances of identifying the easiest and fastest way to succeed. Black-box testing requires more reconnaissance than ...

SOCAT as a Polymorphic Networking Tool
By: synthesis
November 19, 2016

Introduction Socat (SOcket CAT) is a networking tool which transfer s data between two locations . Thes e locations can be sockets such TCP, UDP, IPv4, ssl-sockets or even an ...

Windows Commands Most Used by Attackers
By: toxicptr
November 19, 2016

Introduction This guide contains the Windows commands most used by attackers as shown by a study of the Japanese National CERT and explains how to defend against these attacks . It also suggests more Windows commands that can also be interesting for potential attackers. Windows Commands The most used ...

The Power of Automation Testing in IT Security
By: Dr3AMCoDeR
November 18, 2016

Hello, Cybrarians!As always, I'm grateful that I still get your support on my articles and I'm really glad that I'm part of this great community and platform.As you may know, I'm writing different IT-SEC articles from time to time and will continue to share my experience with all of you.Today I would like to discuss the Power of Automation Testing which is ...

TCP/IP: The Next Gateway Drug? Transform Your Tech Addiction into a New Career Path
By: Olivia
November 18, 2016

Updated August 2018 You probably opened this blog because you thought I’d be making a lot of drug references. Sorry, but I’m fresh out of Adderall.  In all seriousness though, I do want to talk to you about addiction, and not as a disappointed parent.If I’m lucky, by now you’ll have read my blog on CPE. Hopefully, ...

Is teleworking creating a greater security risk for companies?
By: Rachel Laura M
November 18, 2016

With today’s modern and sophisticated technology such as slim and fast laptops, smartphones, tablets and programs such as Skype and FaceTime, today’s employees are no longer married to the five day, 40 hours a week of being in the office, working at a desk. Rather, they can have the flexibility of working from home, sometimes even as a full ...