0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
Estimated reading time: 1 minute This article is about creating a reverse shell session over TCP using Python Sockets. Let me explain what happens in a general sense.First, the server binds its IP address and a PORT to a socket [note that I implemented a fixed solution for other people whose routers change IPs whenever they ...
Estimated reading time: 4 minutes Are there any employees who work in their own little bubble in your organization where nobody else is aware of what they do, where they keep files or important documents? How much data do they have access to? Does anybody audit their access to the network, bank accounts or inventory? ...
Scams! Some hackers are good at them. Hackers who create phishing schemes often create documents that are realistic and convincing enough to look legitimate; causing even some of the most technologically savvy users to fall for them. That is a "good" scam.Netflix was recently the target of such a scam. Unsuspecting users were sent a link via e-mail which ...
Background Information that we need during footprinting . In this post, I'll tell you how to get the background technology or services that a website is running. This will be helpful in gaining some information during the Information Gathering process and footprinting. How do you get the information you need ...
Estimated reading time: 9 minutes Hello, fellow Cybrarians! Way back in December…umm…checks own page 12th - yeah I knew that - December 12th I wrote an article for C programming, an intro to C called ‘ Let’s “C” How this Goes: Programming Introduction to C ’. Recap from the previous article: Skip to new content ...
Estimated reading time: 3.5 minutes Hello Leaders,Today I'm going to talk about the second part of the SQL Injection article. First, I want to explain the purpose of Error-based SQL injection. Don't worry, it's very simple.RETRIEVING DATA FROM THE DATABASEToday, we mostly use SQL injection for bypassing the login form or gaining access into an ...
Estimated reading time: 1 minute I found a really good toolset which may come in handy when it comes to doing things remotely. This may help admins and other IT staff that need to do things remotely.Download the PS tools, which can be found easily and downloaded from the internet. 1) PsExec The below command will give ...
Awhile back, I said that passing a micro certification exam is ‘ so easy a caveman could do it .’ And in a sense that still holds true. However, I know many of us have test anxiety, and for some, obtaining a certification is a matter of job security. That’s a lot of pressure. I’d like to think test taking ...
#filesharing Recently, Dropbox earned itself a new nickname, 'Dropbug,' also synonymous with 'restore files.' The crowd-favorite file sharing company implemented a bug fix which had corrupted the metadata of their files. This resulted in the files being “quarantined” rather than deleted. So while you may have thought your folder containing embarrassing love letters ...
Estimated reading time: 6 minutes Hello everyone and welcome to what I hope will be an “Agora” for security enthusiasts and to all people wishing to share a discussion and learn from what we discuss, or better, teach us and share with us their knowledge. In the first ...