Cybrary Pro Day is here!

0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

SQL Injection Using SQLmap - [PART 1]
By: tyga-tyga
June 13, 2016

SQL , Structured Query Language, is a programming language that allows the user to manage data in a relational database management system (RDBMS) through the use of specially crafted strings. Although great for functionality, it can be disastrous if configured/crafted incorrectly. We can exploit this using the pentesting tool SQLmap.SQLmap is a penetration testing tool that automates the ...

4 Cyber Security Training Sites - Plus a Bonus
By: djbobka
June 13, 2016

I've always had a big interest in the IT field, but never knew how to get started or what to study . Over the past two weeks, I've used four websites: Cybrary Professor Messor Testout Transcender  Going ...

Hacking NetBIOS
By: Chilico
June 13, 2016

Hi there,In today's guide, we'll talk about hacking NetBios.  What is NetBIOS? NetBIOS stands for Network Basic Input Output System. In basic terms, it's responsible for managing the internal share of files and printers - but it's not limited to these functions. For the purpose of this guide, let's keep it simple. For anyone wanting more information ...

Sunday’s Cyber Security Fact: Vulnerability of Web Apps (June 12th, 2016)
By: ginasilvertree
June 12, 2016

" A staggering 98% of tested web applications were vulnerable to attack. Web apps are everywhere now, and it's essential that updates and patches are installed so known vulnerabilities are addressed." – 2015 Trustwave Global Security Report

Ping of Death (PoD): Protect Yourself Against an ICMP - Ping Flood Attack
By: Bl4CksPId3r
June 11, 2016

Ping of Death (PoD) Ping of Death is a type of DoS attack in which an attacker attempts to crash, disrupt, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command. PoD attacks exploit legacy weaknesses, which may have been patched ...

Nmap Scanning Techniques and Algorithms
By: uknin35
June 10, 2016

Nmap allows system administrators and individuals to scan networks to determine which hosts are up and what services they're offering. Nmap supports a large number of scanning techniques including: UDP TCP connect() TCP SYN (half open) FTP proxy (bounce attack) ICMP (ping sweep) ...

Powershell Empire Stagers 2: Controlling the Victim's Machine
By: Z33MAX
June 10, 2016

Hello fellow Cybrarians, In the last tutorial, Powershell Empire Stagers 1: Phishing with an Office Macro and Evading AVs , we covered creating a malicious macro and sending it to the victim. Today, we're going to learn how to move around the system, once the connection is made, and gather some ...

Google Dorking Guide
By: Bl4CksPId3r
June 8, 2016

This is just a little Google Dorks Hacking Guide I created. Google can really help you out a lot when you are doing your reconnaissance! Thanks Google for the great help LOL  You may even find credentials as well as other secret documents and data this way. I think it is neat that Google just makes it easier for ...

PowerShell Reference Guide
By: Bl4CksPId3r
June 8, 2016

Here's a guide for PowerShell. Hope that you enjoy it! PowerShell is very powerful. If you have any questions about it, just send me a message here on Cybrary. Save

IPv4 + IPv6 NAT64 Information and Setup Guide
By: Bl4CksPId3r
June 8, 2016

Hope that you enjoy this guide on Nat64 and how to set it up! How can you access an IPv4 ONLY Website from an IPv6 ONLY Host? Technically, IPv6 and IPv4 are two different and incompatible protocols. IPv6 ONLY machines can speak IPv6 language and IPv4 ONLY machines know only the IPv4 language.How do they talk to each other? ...