0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
CyberPop is a quick way to learn definitions, terms and facts about cyber security. Today's Question: What does 'Kill Chain' mean? Kill Chain is a "military-inspired term encompassing the various stages of a cyber attack—reconnaissance, weaponization, delivery, exploitation, installation, command and control, and action. Applies mainly to malware attacks, and was popularized by Lockheed Martin." Never. Stop. Learning. >> Browse ...
Hello folks! Here we go with the 7th part of the CISCO ASA Firewall Commands Cheat Sheet. This part will briefly explain how to control your network traffic and prioritize some traffic over others, using QOS. Also, it will give you a simple way to integrate security service modules with ASA to form an Intrusion Prevention System.Let's begin... ...
The Infosec 101 series is geared towards relatively new members of the information security domain and will include some basic, yet important, concepts. This is the first post in the series. SSH stands for secured shell. It works on TCP port 22 and is used for remote administration. It's an asymmetric cryptographic protocol and, hence, makes ...
Hello Cybrarians, once again,In this article, we'll discuss client-side attacks with Excel files.Client-side attacks are always a fun topic for attackers today. As network administrators and software developers fortify the perimeter, pentesters need to find a way to make the victims open the doors for them to enter the network.Client-side attacks require user interaction, such as enticing victims to ...
Welcome! Let's get started... Changing the MAC Address with the MAC Changer in Kali Linux As a Hacker, you should know that being anonymous is really important. In some great hacking books, they write that hiding yourself is the first step of hacking. Especially when you're attacking a network, you should know that your physical ...
There's lot of buzz around machine learning. The days aren't far when the machine learned data will be like other commoditized security products such as Antivirus, firewalls, etc. What we largely see in today’s landscape allows enterprises to collaborate with various environments through grid computing and on-demand/on-the-fly platforms. While we're enhancing the business productivity, this is simultaneously ...
Why would we need custom payloads? Likely in situations where we launched Metasploit, but no session is created or it seems like the Antivirus software got popped. Being a penetration tester , you have to overcome. It always seems like antivirus software is a hurdle. The best possible way to avoid antivirus software is to use custom payloads.Create your ...
According to the pentest-standard.org website, "The purpose of the Post-Exploitation phase is to determine the value of the machine compromised and to maintain control of the machine for later use. The value of the machine is determined by the sensitivity of the data stored on it and the machines usefulness in further compromising the network. The methods ...
Applying The NIST Risk Management Framework There are a number of approaches to managing risk. I chose to focus on this approach because it's free to use and the supporting documentation is readily available. Managing risk is a complex process and requires the input from the whole organization. There are three tiers associated with the respective portions of ...
Welcome back Cybrarians, In the hacking world, being stealthy and undetectable is the number one priority after anonymity. Creating custom attacks that seem very real is an art that needs creativity and patience. Fooling the user into the hacker’s trap is not easy as the old days.Therefore, new ways are created to cover all ...