0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Quiz: Micro Certification Placement
By: Olivia
April 11, 2017

You won’t pass or fail. You’ll just get some direction.In previous blogs, I offered tips on how to earn specific Micro Certifications, and how to determine which Micro Certifications were best for your career goals. And while making career decisions is a serious matter, I thought of a fun way I could go about offering more help.I’m sad to admit ...

Set up Your Penetration Testing Lab for Web Application Security Testing
By: Hari Charan
April 11, 2017

To excel at penetration testing , you need to have your lab for practice/research. I would suggest you to use virtual machines which are free in the market. I would go with  VMware Workstation  rather than Virtualbox, it’s just my personal option. You can choose any one. Downloads 1. VMware Workstation Click  ...

Bypass Anti-Virus with ShellCode Injection (Part II)
By: S-Connect
April 11, 2017

Welcome back! To continue with the previous article, here we will learn to create a shell code with Metasploit and PE infector via Shellter into a Win32 application. For those who have not read part I, you can read it here . We have several ways to do that but keep ...

The 12 Steps of Good Vulnerability Management
By: virtualsweatervest
April 11, 2017

Step#1 – Admit That You Have a Problem Many IT professionals live in a world of denial. Assumptions are made about the security of systems and risks are often ignored. These stances are not taken out of ignorance or irresponsibility but are instead often-pragmatic decisions based on the number of resources available and the number of hours ...

Hacker, YouTube Star, and Cybrary’s New Course Contributor: Priyank Gada
By: Olivia
April 10, 2017

If you are an avid reader of 0P3N, chances are you’ve seen a post or two from avid contributor Priyank Gada ( @groupflexi ).Priyank, who has experience as a forensics expert and penetration tester, frequently makes YouTube videos to share his knowledge.One area he’s extremely knowledgeable in is Kali Linux, which inspired his new Micro Course, now ...

Pharming Attack
By: bachan
April 10, 2017

Hello, Guys!I hope you are enjoying my posts. Here I will tell you about an attack which is very hard to detect.The pharming attack.When you type in a URL (www.example.com) into your browser, it then goes to the DNS server to convert it into an IP address. After resolving the domain name into an IP address, you can communicate to the desired ...

Pretexting: Social Engineering "Success" Story
By: CybrarySupport
April 10, 2017

I <3 Social Engineering! Here's my story about how easy it can be to get contact information.So about 3 months ago, I was on the bus going home from school. I ended up getting a text message from an unknown number that was in my area code. It read the following,"Hey man, the people texted me asking about the walls. They are ...

Hacking Android Phones
By: Priyank Gada
April 8, 2017

Did you ever think of hacking into anyone's phone and getting all the data like they do in the movies? Well, that's not actually hacking but it's called spying. Spying is a term in hacking but not considered as hacking. A hacker can remotely install Spyware to spy on others. Ever wonder what would happen if a hacker gained physical access to ...

By: H5p
April 7, 2017

[/{REGEX} + /{PYTHON}] Regex or regular expressions can be used to identify a particular pattern in a large dump of data. This comes handy when there is a requirement to extract/identify a particular pattern of data from a heap of data. USAGE: Log files contain a ...

UNM4SK3D: CIA, Dark Web, and China
By: Olivia
April 7, 2017

#wikileaks (they just keep coming). You know that feeling you get when your favorite artist continues dropping singles but doesn't release an album? The same can be felt for Wikileaks, but instead of anticipation, their releases cause anxiety. The latest series of documents from the Vault7 project was released on March 31st.  These documents detail ...