0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Sniffing Your Way through Snort NIDS
By: rcubed
December 15, 2016

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are currently hot topics in the cyber security space and for good reason. Threats and exploits aren’t slowing down and the pressure is ramping up on organizations to do a better job in securing their IT infrastructure. This is a good thing. Too many organizations have been asleep at the ...

Practical Web Application Penetration Testing Series - Chapter 4
By: Babak Esmaeili
December 15, 2016

Scanning Web Applications for URL Rewrite Injection with Burpsuite Hello Cybrarians, As I was very busy last month, I couldn’t write this last chapter until now. In this chapter (chapter 4) I will show you how to test a website for URL rewrite injections with BurpSuite.  Then in the next chapter, (chapter ...

Understanding Variable Labels/Values in BASH: The "Newbie" Guide
By: dedeij
December 15, 2016

(Note: This article assumes you know what a terminal is, and are familiar with some basic CLI commands.) Hello Everyone,In this topic, I am going to distinguish between Variable labels and Variable Values. This is a very basic fundamental concept. However, thinking back to my first BASH scripting class, many of my fellow students had trouble understanding the ...

[podcast] Amanda Berlin, the art of the sale, and Malware droppers
By: BrBr
December 15, 2016

 [embed]https://traffic.libsyn.com/brakeingsecurity/2016-049-amandaberlintheartofthesaledecisionmaking_trees.mp3[/embed]"Always Be Closing" is the mantra that Alec Baldwin's character "Blake" intones in the movie "#GlenGarry#Glen #Ross". Ironically, the film about 4 men selling was a failure in the theaters.A lot of times as#blue #teamers, we find ourselves in the sights of a #sales person, or often enough, we are inviting them into our conference rooms to find out how ...

Human Hacking: Social Engineering 101
By: Zoran L.
December 14, 2016

Human Hacking: Social Engineering 101  Typically, people are the weakest link in a security chain lifecycle; therefore, they – not technology – become the priority of a hacker.  In the most of high-profile data breaches, hackers used some form of social engineering.Companies may spend millions of dollars to protect their data with ...

Here’s How to Get Hired: 7 Resume Must Do’s for the IT Professional
By: Olivia
December 14, 2016

Once upon a time, I worked as a recruiter for a telecommunications company.And I believe that while your interview skills are incredibly important, one’s resume is truly the ‘key to the kingdom’ of sorts. After all, if you can’t get through the door at a company, then your interview skills are essentially useless. Trust me when I say having looked ...

Linux Smackdown: Which Distro Reigns Supreme for Pentesting?
By: rcubed
December 13, 2016

There are some things in life that were simply meant for each other: peanut butter and jelly, snow and Christmas, and Friday night and pizza. In the case of pizza, it goes well with pretty much anything, especially cold beer. When it comes to the art of pentesting, the first ingredient is a target loaded with vulnerabilities. ...

CEH vs. OSCP: A Modern Analysis for the Career-minded Professional
By: jrinehard
December 13, 2016

Rising to the surface in a sea of cybersecurity hiring candidates demands more than mere skill. Employers demand stronger assurances, and the best guarantees of employee talent come in the form of certifications.Choosing between obtaining Certified Ethical Hacker and Offensive Security Certified Professional credentials may seem difficult to the uninitiated. Here's some vital clarification on which ...

So You Have a Virus …. Now What? - An End User's Guide
By: RoninSmurf
December 13, 2016

The intention of this document is to help the end user (normal non IT professionals) with how to deal with a computer virus. While this is intended for the end user. IT professionals may find it useful for some tips or help with dealing with the everyday user that finds themselves in a bad situation. So you ...

Let's "C" How this Goes: Programming Introduction to C
By: jnox
December 12, 2016

Hello there fellow Cybrarians! Let me start out by saying thank you! Thank you to all the people willing to take the time to help us learn about the IT world and willing to lend a helping hand to others, so thank you to everyone on Cybrary! ^_^ Ghost hug (you don’t feel it but ...