0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

TCPING - NMAP's Cousin
By: kj2015
November 23, 2016

TCPING is a utility that operates similarly to PING; however, it works over a TCP port. This utility can be very useful for troubleshooting network connectivity and performance issue at Layer 3 and Layer 4. TCPING can also speak HTTP. If the '-h' flag is used, tcping will connect and attempt to download the given URL over HTTP in ...

Mobile Malware Now Equals PC Infection Rates
By: rcubed
November 22, 2016

There are currently 2 billion smartphone users in the world. These users have amassed over 268 million downloads. It should then come as little surprise that cybercriminals have turned their attention to attacking mobile devices and the users to which they’re attached. Mobile devices infected with malware currently stands at 1.12% as reported by IBM ...

State of the Art Wifi Security - Attack on WPA / WPA2 Encryption - Part 2
By: siva
November 22, 2016

Introduction: The security weaknesses of WEP led researchers to  design a new standard under the name 802.11i. The main security protocols of the 802.11i standard are the Wireless Protected Access (WPA) and the Wireless Protected Access II (WPA2). Although these protocols provide significant higher security level than WEP they also present serious issues ...

Nerding Out: Top 7 Most Interesting Cyber Crime Books You Should be Reading
By: Olivia
November 22, 2016

My Kindle is my best friend. There I said it.And if you’re like me then chances are you want to soak up every ounce of knowledge you can when it comes to the topics you love. Books are a great source for that, and expanding your interests to the furthest corners of the industry will only help you become a ...

Is a degree in cyber security worth it?
By: Rachel Laura M
November 21, 2016

The following statistics are very sobering and disturbing: More the 80% of US-based companies have been hacked This number includes major companies such as Target, Sony, and Home Depot These incidents caused consumer’s sensitive personal and ...

Cross Site Request Forgery [CSRF-XSRF] Vulnerability
By: MrTaharAmine
November 21, 2016

Cross-site request forgery [CSRF], also known as "one-click attack" or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website (“Web Application”); where unauthorized commands are transmitted from a user that the website trusts. The impact of a successful CSRF attack is limited to the capabilities exposed by the ...

The Ethical Hacker: How to Certify
By: Rachel Laura M
November 20, 2016

A certified ethical hacker is a computer programmer hired by a business to attempt to break into a computer system with the purpose of discovering vulnerabilities and other things a malicious hacker could potentially exploit, resulting in significant damage.Ethical hackers use the same methods and programs as their harmful counterparts but instead of using them to cause ...

Becoming a Software Developer
By: Rachel Laura M
November 20, 2016

According to US News and World Report, software developers enjoy a median salary of $95,510 annually. In addition to this higher than average salary, the unemployment rate is very low (about 2.5%) and people in this field enjoy a nice work-life balance. It is a constantly changing, ever evolving field.Given all the positive aspects surrounding this field, it is ...

Python Guide Part I
By: ziednamouchi
November 20, 2016

Python Guide Python is a programming language that lets you work quickly and integrate systems more effectively. The standard library of python has its documentation which is available, as it the case for tutorials and guides. The source code and installers are available for download for all versions. The latest version is Python 3.5.2. Running Python ...

How to Hack: The Full Penetration Testing Process
By: MrTaharAmine
November 20, 2016

Step 1: Reconnaissance Phase. Prior to an attack, the penetration tester should know as much as possible about the target environment and the characteristics of the system. The more targeted information the penetration tester finds, the better the chances of identifying the easiest and fastest way to succeed. Black-box testing requires more reconnaissance than ...