0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

How to Secure the SSH Service
By: lscianni
March 20, 2017

SSH is considered a secure protocol, and depending on your environment, the default server configuration may work with a little tweaking of the daemon configuration file. Still, as we will go over in this article, there are some options you may want to configure your SSH servers for more security and control. What is SSH? The Secure Shell protocol is ...

Let's Enumerate + Bonus
By: H5p
March 19, 2017

I will be discussing some command line tools which will help the pentesters during their work. Let's cut the talk and get to the meat.1) whoiscommand: whois google.com   2) hostcommand 1: host -hcommand 2: host google.comcommand 3: host -C google.com   3) theharvestercommand 1: theharvestercommand 2: theharvester -d cisco.com -l 20 -b all    4) ...

Anatomy of a Ransomware Attack - Parts 4-5
By: AjayRandhawa
March 19, 2017

ANTIVIRUS FAILS TO STOP RANSOM 4.1 Destroying your hard drive After completing this process and before begins spying on users, Rombertik runs a final check to make sure it is not being analyzed in memory. In case it finds any indication of being analyzed, the spyware attempts to destroy the master boot record (MBR) of the ...

Ethical Hacking and Penetration Testing with Kali - Introduction
By: Priyank Gada
March 18, 2017

What is this course about? This course is mainly focused on Kali Linux and we are going to use Kali Linux as the main operating system. This course also cover some basics of programming knowledge, basics of Linux, Linux terminal commands, etc. What's inside the course? In this course, we are going to use Kali Linux and we ...

Anatomy of a Ransomware Attack - Part 3
By: AjayRandhawa
March 18, 2017

COMMON TYPES OF RANSOMWARE 3.1 CryptoLocker Ransomware has been around in some form for over a decade, but came to prominence in 2013, with the rise of the original CryptoLocker malware. While the original was shut down in 2014, the approach has been widely copied. So much so, in fact, that the word CryptoLocker has become ...

5 Best Entry-Level IT Certifications
By: jrinehard
March 17, 2017

In today’s fast-paced and highly connected tech industry, seeking out the most relevant and useful career insight into the industry can seem like an intimidating task, especially when innovation in the tech field can change the name of the game overnight. Most newcomers coming into the tech field have little to no experience but are desperately seeking the right ...

Need a FUD: What about Shellter?
By: bytezealot
March 17, 2017

Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE (portable executable) infector ever created. It can be used in order to inject shellcode into native 32-bit Windows applications. It takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user ...

Anatomy of a Ransomware Attack - Part 2
By: AjayRandhawa
March 17, 2017

ANATOMY OF RANSOMWARE How it works : A ransomware attack goes through five stages from the time it installs on your computer to the appearance of the ransom warning on your screen 2.1 Five Stages of Crypto Ransomware 2.1.1 INSTALLATION After a victim’s computer is infected, the crypto-ransomware installs itself, and sets keys in the ...

Cybercrime and Punishment: Who’s Actually Paying the Price?
By: rcubed
March 16, 2017

It seems that a week doesn’t go by where there isn’t news of a major data breach or intelligence dump. Yesterday gave us something slightly different, but still a variation on the same theme. On Wednesday March 15, 2017 the Justice Department indicted four defendants – all with ties to Russia – for an array of computer and hacking ...

Aireplay Vs Mdk3: Wireless Deauthentication
By: Invoron 'norovni'
March 16, 2017

I am pretty sure anyone who has ever tried to hack wireless network should have come across aireplay-ng (one among aircrack-ng suite), very few may have heard about mdk3. Similar to aireplay-ng, mdk3 can be used to Jam a wireless network exploiting IEEE 802.11 protocol weakness. In this article lets talk on how to use them and jump to some ...