0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Hacking and Hackers: "See What Others See and What They Hardly See"
By: abmmhasan
July 22, 2016

Introduction A good question that’s asked all around these days is, "What is hacking?" In my opinion, hacking is finding brilliant solutions to interesting problems. Well, that shows how broad the term “hacking” is. Real life hacking is trying all the ways possible to exploit your targets' weak links and/or to get him/her motivated. It's ...

Part 1: Bypass a Web Application Firewall (WAF)
By: S-Connect
July 22, 2016

Methods to Reduce the Threats Directive Approach Software Development Life Cycle (SDLC); «paper security»; organization of high-level processes Detective Approach Black/white-box testing of functions; fuzzing; static/dynamic/manual analysis of program code Preventive Approach Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewall (WAF) ...

"Done for You" - Complete List of DNS Training Videos
By: ginasilvertree
July 21, 2016

Here's a complete list of DNS Training Videos on Cybrary (in alphabetical order by first letter). Explore additional classes and modules here ... Configuring DNS Zone Transfers Length: 12:12 Configuring DNS Zones Length: 21:27 DNS Enumeration Lab Length: 03:58 DNS Overview and Zone Transfers Length: 18:44 DNS ...

Hardware Trojans
By: vishisht13
July 21, 2016

Hey friends,Everyone's familiar with software Trojans, but have you ever heard of hardware Trojans? This article is gonna give you some basic ideas. You can also research the topic further using some keywords I'll provide.Let's start with a fun fact: the term TROJAN HORSE comes from the Ancient Greek story of the wooden horse that was used to help Greek troops invade ...

Affordable, Lightweight and Portable Pentesting Kit
By: yhi
July 21, 2016

Affordable, Lightweight and Portable Pentesting Kit We all love testing networks. It's part of our daily routine. But sometimes, it's a pain because we need to carry our laptop. It can be heavy, we need the laptop bag and using it in a public place may call unwanted attention to our work, which most of us don't like.So, ...

What You Should Know About Hackers and Hacking
By: andrewstevenboima
July 20, 2016

When used in mainstream media, the word “hacker” is usually used in relation to cyber criminals. But, a hacker can actually be anyone, regardless of their intentions, who utilizes their knowledge of computer software and hardware to break down and bypass security measures on a computer, device or network.Hacking itself is not an illegal activity unless the hacker is ...

Tutorial: Exploiting MS SQL Server with Metasploit - Fast Track
By: S-Connect
July 20, 2016

The exploitee's system comprises:  Windows XP Pro Service Pack 2 (unpatched) Firewall and software updates switched off Microsoft Internet Information Services (IIS) (server) and FTP service enabled SQL Server 2005 Express configured A vulnerable web app up and running   Let's begin: Nmap ...

CISCO ASA Firewall Commands Technical Guide (Final Part)
By: Motasem
July 20, 2016

Welcome to the final part of the CISCO ASA Firewall command line technical guides. Previous parts could be found on my profile page. If you want the full-packed version, you could download it from  Research gate. Configuring and enabling failover and redundancy on Cisco ASA Ø ...

Secure Public Key Encryption: Android Key Generation and Server Encryption
By: prometheus
July 19, 2016

Hello everyone!This article depicts a specific problem I encountered on one of my recent projects. The main problem was: ONE of my project modules had a specific functionality, which involved key generation on an Android device. The public key is transmitted to the web server, which then uses public key sent to encrypt the requisite secret and display the encrypted ...

OSINT Tricks - A Quick Guide to Image Research
By: em
July 19, 2016

"Pics" (Photos, Logos, Icons, Maps) can be of great value in OSINT Investigations. This post is a roundup of resources and tricks. It will guide you on how to search, find, get, scrape and analyze digital images. Basic Search If you're searching for images, there is more than Google. All big search engines have an image-search feature: ...