0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

OpenVAS
By: Tamas Szucs
March 12, 2017

The system The OpenVAS is Linux-based vulnerability management system with web GUI. Install the system Default settings of operation system The OpenVAS can be installed in any Linux systems, e.g. Ubuntu. 1. Upgrade operating system: apt-get update && apt-get dist-upgrade 2. Set hostname with file: ...

Technology in Travel
By: Rachel Laura M
March 11, 2017

Gone are the days when frequent travelers for business and/or pleasure were in for a tedious, drawn out process of phone calls and prolonged research to book plane tickets, hotel rooms, and rental cars. Today’s travelers no longer need to make an appointment with a travel agency or rely on a tour operator to see the world. Rather, our ...

UNM4SK3D: CIA, Headphones, and Consumer Reports
By: Olivia
March 10, 2017

#wikileaks True or false? That's the question being asked by millions of Americans after Wikileaks released a series of 8,761 documents titled 'Vault 7,' which detail the CIA's cyber spying techniques and capabilities. Big news. Some people are questioning the validity, others are questioning their personal privacy.  The documents, which ...

Using No Redirect Plugins to Defeat 302 Redirect Headers
By: baphomet1488
March 10, 2017

Naturally, the first question you may have would be WHY would you want to Defeat a 302 Redirect Header?A 302 Redirect header is designed to direct a browser away from locations on a website that the Administrators do not want you to access. These can be things such as configuration files that contain sensitive data, or even the CMS ...

Kerberos Authentication on Linux
By: Tamas Szucs
March 10, 2017

Description of the solution Kerberos authentication can log in to the Linux host with Samba, Winbind and Kerberos client. Configure Linux host 1. Install K erberos client , Winbind, samba, sudo and ntp ...

The WikiLeaks Just Keep Dripping
By: rcubed
March 9, 2017

Table of Contents: 1.  What's in the vault? 2.  Hacking the endpoint is where it's at. 3.  Who done it? 4.  Ethical issues.  This past Tuesday (March 7, 2017), the internet’s online library of cool stuff, WikiLeaks, published the first of what it promises to be many more materials related ...

Using CMS Upload and Tamper Data to Obtain Administrative Access to a Webserver
By: baphomet1488
March 9, 2017

So, you've done it. You have either successfully bypassed a CMS login or used SQL injection to obtain usernames and password hashes to the CMS and have decrypted the hashes.You are inside the system.What do you do now?The next logical step is privilege escalation .I like to use the WSO.php backdoor to obtain further access. (Shell is located ...

How to Block Websites and Proxy Bypasses
By: Suminder Singh
March 9, 2017

Hello guys!This tutorial is intended for Network Engineers and Administrators on small computer networks.I'm back again with new tricks and tutorial. In this tutorial, I'm going to show you how to block a social website and adult website on your network. I know you have many techniques to block it, but there is more than one way ...

How to get Secure Coding Certified
By: Olivia
March 8, 2017

Hopefully the answer to the question, “How do I get _ certified?” is becoming clearer with each post I write. You may or may not have realized that the certification catalog is continuing to grow, with some of the newest certifications, SQL Injection and Cross-site Scripting, falling into the category of vulnerability specific certifications. ...

Role Technology: Healthcare
By: Rachel Laura M
March 8, 2017

When dealing with a health problem, gone are the days when we had to make many phone calls, ask a lot of questions and then wait for a doctor or other medical professional to follow up with us. Today, when it comes to managing our health, the Internet is our number#1 source of information. Consider this: in a 2004 ...