0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

UNM4SK3D: Ads, Email, and Inflight Entertainment
By: Olivia
December 22, 2016

  #methbot Slow clap for fraud-prevention firm White Ops who discovered the biggest digital ad fraud ever, lovingly dubbed 'Methbot.'  This may sound like a bad dream, or just another episode of Breaking Bad, but Methbot, a 'robo-browser that spoofs all the necessary interactions needed to initiate, carry out and complete ad transactions,' ...

Intro to Common Layer 3, Layer 4 & Layer 7 DoS Attacks
By: baphomet1488
December 21, 2016

Common Layer 3 (network layer) and Layer 4 (transport layer) Attacks: ICMP (  Definition from The Tech Terms Dictionary   ) Stands for "Internet Control Message Protocol." When information is transferred over the Internet, computer systems ...

Write Blockers: A Central Part of a Forensic Analysts Toolbox
By: DaveB135
December 21, 2016

So, you are interested in becoming a digital forensic analyst?  That is great!  It is an exciting and growing field, one filled with many possibilities for the enthusiastic learner.  The purpose of this article is to introduce those interested in the forensics field with one of the most important tools in their toolbox, the hardware write blocker.Any computer ...

Here’s a Toast to Lists: What Skills, Certifications & Technologies are in Demand for 2017
By: Olivia
December 21, 2016

As the clock ticks down to midnight on December 31 st and signals the end of 2016, a year that’s been the center of a slew of ‘worst year ever’ memes and remarks across the internet, it is also a reminder of the predications and resolutions being made around the world. So before you raise a toast, consider what ...

Like to Break Stuff? You May Have a Career in Software Testing
By: rcubed
December 20, 2016

Were you the kind of kid that loved to take stuff apart to see how it worked? As an adult, are you constantly coming up with suggestions for how things could be better-designed and built? Do you have a pit bull-like tenacity for making sure that problems are acknowledged and resolved? If this sounds like you, then ...

How to Detect Spoofed Emails - Simple Techniques
By: Niyaz
December 20, 2016

  Are your customers receiving spoofed emails? Here’s a simple solution.Most of us have heard this term before “E-mail spoofing”. What is this? Why attackers use this? How is spoofing used in social engineering attacks? How can companies address this problem? Let’s explore a simple idea that no one had presented before. Email spoofing is the creation of email ...

Let’s Get Serious: A Discussion on Cyber Attacks
By: Olivia
December 19, 2016

Being that I’m new to cyber security, I can’t help but gape at the number of ‘hacks’ I hear about on an almost daily basis.The other day I read an article on a KFC rewards program in the UK whose members were hacked. There were a lot of corny puns and I thought to myself “not even the chicken is ...

The Power of Hping3
By: bachan
December 18, 2016

Hello, Cybrarians! What's going on?Sometimes you find that the ping command is not working. You get a message "Request timed out" or "Packet lost 100%". There could be many reasons why these messages show up.Ping uses ICMP packets to check whether the site is up or down. Ping is used for network analysis, firewall analysis specifically. Some websites block ICMP packet ...

Brutal: A Toolkit to Quickly Create Various Payloads
By: bachan
December 17, 2016

I was searching for the frameworks where I can create payloads, various types of virus attacks, and PowerShell attacks quickly and easily. Then I got a toolkit, Brutal. There is no need for Human to Keyboard interaction (HID-Attacks).Using it you can take reverse TCP connections, exploit local DDL, read out all the saved passwords.I'll tell you how to use it ...

Pentester's Guide - War Dialing & Port Scanning
By: Rattar
December 16, 2016

When you hear "attack on a computer", what do you think? You probably think it's some guy sitting behind a computer, using the internet to conduct attacks.What people do not realize is that even if a computer is not connected to the internet, it's still vulnerable to an attack through the magic of war dialers. What are war dialers? ...