0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Insights and Trends on Micro Certifications
By: Olivia
February 22, 2017

Linux Academy and Cybrary  survey 6,000 IT professionals on experiences with micro certification. Results offer insight into learning preferences, certification in the workforce, training costs, and trends. To read the full press release, click here.

Tutorial: Extracting Passwords
By: Parichay Rai
February 22, 2017

I want to share one of the ways of extracting the password from a machine even when there is an antivirus agent installed on it.A pentester aims to compromise the domain and become the domain admin. Often I have observed that compromising a domain host is easy. This can be achieved by exploiting a vulnerability in the host using a vulnerability scanner such as ...

Legal Obligations for Backup and Recovery
By: Lawrence King
February 22, 2017

Some organizations that handle sensitive data may have legal obligations to backup and store data using a secure methodology. There also may be retention rates that must be adhered to. Some organizations such as healthcare, financial and accounting organizations may not be aware of the exact rules they must follow. Meeting the requirements can be complicated ...

Introduction to Mobile Development Platforms
By: rcubed
February 21, 2017

It seems the title of the previous post in this series threw a few people. I suppose it serves me right for flirting with a click baity title. The point I was attempting to make was that though mobile app development has a lot of allure as a road to fame and riches, the reality is much starker for ...

Cryptography Part 2: An In-Depth Review
By: bytezealot
February 21, 2017

  Estimated reading time: 6 minutes Cryptography Part 2: An In-Depth Review PKI (Public Key Infrastructure): - CA (Certificate Authority) The CA stores issues, and signs the digital certificates. - RA (Registration Authority) Verifies the identity of entities requesting their digital certificates to be stored at the CA. - ...

Project Management for Beginners
By: leena661
February 21, 2017

Project management is the application of processes, methods, knowledge, skills and experience to achieve the project objectives. A lifecycle defines the inter-related phases of a project; a program or portfolio provides a structure for governing the progression of the work.There are the  seven phases  in the project management lifecycle. Concept phase - an initial idea ...

How to Showcase Certifications on Your Resume and 3 Reasons Why You Should
By: Olivia
February 20, 2017

In my recent post, ‘How to get TCP/IP Certified’ I offered some guidance on how you go about obtaining a certification on Cybrary. I first discussed the three general steps and then turned my focus to the TCP/IP Micro Certification specifically.It made logical sense to then consider what to do with your certification once you’ve earned them. Of course, you ...

Cluster Bomb Type Web Application Attack
By: sranjanbehera
February 20, 2017

This is a web application attack surface where the payloads are permuted to penetrate the Application Server. Before carrying the payloads, the pre-requisite is getting possible map or structure of an application. And the sitemap can be reviewed by either active or passive spidering. There are certain tools available for crawl or spidering of a ...

What to Include in a Penetration Testing Report
By: Mitra94
February 20, 2017

You need to be able to explain the findings, rate the vulnerabilities, and explain how the results will affect the customer in the real world. It's important that the client can understand the end report, reproduce exploitation and effectively implement remediation.Best practices: Rate your vulnerabilities Theoretical vs. Real Findings: do not mark findings as critical ...

Simple Virus Creation
By: Shikataganai
February 18, 2017

Here is a simple tutorial on basic virus creation using Metasploit and msfvenom. More lessons and blog posts with cheat sheets can be found on my website, https://poppoppopanotherserverdrops.com/