Cybrary Pro Day is here!

0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Part 2: XSS Code Analysis and Exploitation
By: Chilico
July 24, 2016

Hello Cybrarians, once again,In this article, we continue our code analysis and exploitation of XSS from Part 1 . If you haven't already read it, please do .  Let's begin... Example 6: As we see, our code is now completely different for the previous examples. In this one, our code running inside JavaScript so in ...

Sunday's Cyber Security Fact - Collaboration is Key (July 24, 2016)
By: ginasilvertree
July 24, 2016

According to a 2016 survey by PwC: 65% of businesses surveyed are "embracing a more collaborative approach to cybersecurity, one in which intelligence on threats and response techniques is shared with external partners. Internally, organizations are rethinking the roles of key executives and the Board of Directors to help create more resilient and proactive security ...

The Integrated Guide to Network Security 1.5
By: ram
July 22, 2016

Network Security 1.5 Given a scenario, troubleshoot security issues related to wireless networking... As you read about each of these methods and protocols, realize that there are security implications and weaknesses to each, and diligence and vigilance are your two most powerful attributes. Anyone with the right gear can see all of the ...

Report: Healthcare Under Attack – Cybercriminals Target Medical Institutions
By: ginasilvertree
July 22, 2016

InfoArmor has identified a group of bad actors performing targeted cyberattacks on healthcare institutions and their IT infrastructure, including connected medical devices such as Magnetic Resonance Imaging systems (MRI), X-ray machines and mobile computing healthcare workstations.This group of bad actors has performed at least four successful attacks against US-based organizations of varying size, compromising a significant number ...

Hacking and Hackers: "See What Others See and What They Hardly See"
By: abmmhasan
July 22, 2016

Introduction A good question that’s asked all around these days is, "What is hacking?" In my opinion, hacking is finding brilliant solutions to interesting problems. Well, that shows how broad the term “hacking” is. Real life hacking is trying all the ways possible to exploit your targets' weak links and/or to get him/her motivated. It's ...

Part 1: Bypass a Web Application Firewall (WAF)
By: S-Connect
July 22, 2016

Methods to Reduce the Threats Directive Approach Software Development Life Cycle (SDLC); «paper security»; organization of high-level processes Detective Approach Black/white-box testing of functions; fuzzing; static/dynamic/manual analysis of program code Preventive Approach Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewall (WAF) ...

"Done for You" - Complete List of DNS Training Videos
By: ginasilvertree
July 21, 2016

Here's a complete list of DNS Training Videos on Cybrary (in alphabetical order by first letter). Explore additional classes and modules here ... Configuring DNS Zone Transfers Length: 12:12 Configuring DNS Zones Length: 21:27 DNS Enumeration Lab Length: 03:58 DNS Overview and Zone Transfers Length: 18:44 DNS ...

Using the CUPP Tool to Generate Powerful Password Lists
By: doctorX
July 21, 2016

Welcome, CYBRARIES! We're going to look at a very nice tool called CUPP (The Common User Password Profiler).   What is CUPP, exactly? CUPP is powerful tool that creates a wordlist, specifically for a person. CUPP is cross platform and written in Python. CUPP asks you questions about the target (name, wife's name, pet's name, ...

Hardware Trojans
By: vishisht13
July 21, 2016

Hey friends,Everyone's familiar with software Trojans, but have you ever heard of hardware Trojans? This article is gonna give you some basic ideas. You can also research the topic further using some keywords I'll provide.Let's start with a fun fact: the term TROJAN HORSE comes from the Ancient Greek story of the wooden horse that was used to help Greek troops invade ...

Affordable, Lightweight and Portable Pentesting Kit
By: yhi
July 21, 2016

Affordable, Lightweight and Portable Pentesting Kit We all love testing networks. It's part of our daily routine. But sometimes, it's a pain because we need to carry our laptop. It can be heavy, we need the laptop bag and using it in a public place may call unwanted attention to our work, which most of us don't like.So, ...