0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

OSINT Investigations
By: ex0xpl0it
December 8, 2016

I am sure many people that use OSINT are aware of these tools and links; however, information, and acquiring that information from all sources, is relevant and should never be overlooked. Hopefully, this will come in handy for OSINT investigations.I have listed some resources that are known within the hacker community in acquiring information on many entities, this includes ...

Using Python to Send Emails: Terminal Sendmail Command
By: cavete
December 7, 2016

This is a Python script I wrote to send emails to email accounts or cellular devices. It can be used to send a single message or multiple copies of the message to the recipient. It is a very crude and my first python script I work. The script uses the send email terminal command and prompts for the address of the ...

I Passed My First Skill Certification Test: So Easy a Caveman Could Do It
By: Olivia
December 7, 2016

Do you remember the Geico marketing campaign from a few years ago featuring cavemen with the slogan, “So easy a caveman could do it”? The driving message of this snarky humored campaign was that getting insurance is so, so easy, why wouldn’t you do it?My message is the same.And while I’m not calling you a caveman, I am saying that ...

Data Recovery/Computer Repair: Tools & Applications
By: bigcode1991
December 7, 2016

Let me start with a basic introduction. I go by "Bigcode"  as you see on my profile, and I am a newbie to Cybrary; however, as a curious and ambitious kid, I learned by my mistakes (3 crashed computers).Anyway, on to the reason we're here! Data Recovery & Computer Repair: Tools & Applications The most important step for any ...

Cloud-Based Application Penetration Testing
By: Hari Charan
December 6, 2016

Most of the applications these days are on  Cloud . Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more. But most of the organizations are in a notion that security is a service providers job. Yea, I ...

What's the deal with IPV6?
By: rcubed
December 6, 2016

Not long after the Internet and World Wide Web were unleashed on the public, plans were already underway to increase the potential pool of IP addresses available for allocation. The version of the IP protocol standard most in use today, IPv4, was released way back in 1981 and deployed in 1982. This version is a 32-bit protocol ...

Pentester's Guide - MD5 Hash a Website Page
By: Rattar
December 5, 2016

Have you ever wanted to calculate an MD5 Hash of a web page? Well, now you can.Before we begin, you might be asking why would I ever need to use an MD5 Hash on a web page? The reason is simple: Check to see if a web page changes. Why can't I just compare two files? You ...

CREATING AN SSL VPN WITH SOCAT
By: synthesis
December 4, 2016

Introduction Socat is a multi-purpose networking tool which can be used to accomplish various networking tasks (refer to SOCAT as a Polymorphic Networking Tool which gives an overview on the many uses of Socat). In this article, Socat will be used to setup an SSL VPN tunnel between two endpoints, which could be separated over a large ...

SQL Injections and Countermeasures
By: Hari Charan
December 3, 2016

These days, all we hear about  hacktivists  took down a website and retrieved thousands of user’s data. One of the techniques to get unauthorized access to a database is by performing SQL injection . SQL injection is a basic technique a hacker might use to take over unauthorized access to the database or maybe to enumerate the ...

SSMA - Simple Static Malware Analyzer
By: Jimakoch
December 3, 2016

SSMA is a simple malware analyzer written in Python 3. Features: Searches for websites, e-mail addresses, IP addresses in the strings of the file. Looks for Windows functions commonly used by malware. Get results from VirusTotal and/or upload ...