0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

[podcast] Software Restriction Policies and Applocker
By: BrBr
May 24, 2016

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-018-softwarerestrictionpolicy-applocker.mp3[/embed]Windows has all the tools you need to secure an OS, but we rarely use them.  One example of this is 'Software restriction policies' or the use of Windows Applocker. It assists IT organizations by allowing you to block certain files from being saved anywhere, what file types can be executed in a directory, and can even whether or not ...

CISCO ASA Firewall Commands Cheat Sheet [Part 4]
By: Motasem
May 24, 2016

CCNP Security Firewall CISCO ASA Firewall Commands Cheat Sheet – Part 4 The sheet, and its previous parts, assumes you have the required knowledge of CCNA, CCNA Security, CCNP and it could be handy if you’re already enrolled in CCNP Security pathway. Let’s begin…   ...

Pentesting Routers - Dictionary Attack with Burp Suite
By: Z33MAX
May 23, 2016

  Welcome Back Cybrarians!!! Today, we're going to talk about pentesting a home router's web interface. When you break into a network (as pentester/hacker), you need to know how to access the web interface to gather more information about how to escalate your privileges within the system. But, ...

Updated Tutorial: Using Juliar's Encryption Module
By: Rattar
May 20, 2016

Welcome to the second version of my Juliar Encryption Module tutorial... The Juliar language has matured a lot since my last tutorial, so I decided to update it.In this tutorial, we'll be learning several new security commands recently introduced to the Juliar Encryption Module. In order to follow this tutorial, you must have the latest version ...

"Done for You" - List of Hacker Training Videos
By: ginasilvertree
May 20, 2016

Here's a concise list of offensive Hacker Training Videos on Cybrary (in alphabetical order by first letter). Enjoy!   Google Hacking Length: 3:24 Google Hacking Lab Length: 25:40 Hacking Web Servers (Whiteboard) Length: 19:36 Info Gather (part 1) – An Activity in Post Exploitation Hacking ...

CyberPop - Name the 7 Stages of an APT Attack
By: ginasilvertree
May 20, 2016

CyberPop from Cybrary aims adds to your knowledge as an Infosec pro.  Today's Question: Name the 7 Stages of an APT Attack  According to Wired.com, the 7 stages are:1. Reconnaissance2. Intrusion into the network3. Establishing a backdoor4. Obtaining user credentials5. Installing multiple utilities6. Privilege escalation7. Maintaining persistence Read more...

CISCO ASA Firewall Commands Cheat Sheet [Part 3]
By: Motasem
May 18, 2016

CCNP Security Firewall CISCO ASA Firewall Commands Cheat Sheet – Part 3 This sheet, and its previous parts, assume you have the required knowledge of CCNA, CCNA Security, CCNP and could be handy if you’re already enrolled in CCNP Security pathway. Let’s begin…    Configuring Dynamic NAT NAT inside 1 networkip  subnetmask         ...

CISCO ASA Firewall Commands Cheat Sheet [Part 2]
By: Motasem
May 16, 2016

CCNP Security Firewall CISCO ASA Firewall Commands Cheat Sheet - Part 2 The sheet, and its previous part, assume you have the required knowledge of CCNA, CCNA Security, CCNP and could be handy if you’re already enrolled in CCNP Security pathway.Let's begin...  Configuring host name and domain name to create FQDN for the ASA: Hostname ...

Sunday's Cyber Security Fact: Education and Awareness (May 15, 2016)
By: ginasilvertree
May 15, 2016

According to a recent survey, some 42% of survey respondents said security education and awareness for new employees played a role in deterring a potential [cyber] criminal. — “US cybercrime: Rising risks, reduced readiness; Key findings from the 2014 US State of Cybercrime Survey,” PwC

How to Cultivate an Info Sec Mindset
By: foxpro
May 13, 2016

Do you have an information security mindset?   Consider these scenarios: Yesterday, I received a PDF form to fill out from a mortgage company that required me to provide my social security number and send the document as an email attachment. The other day, I downloaded an ISO file over an HTTP connection and ...