0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Don't Get Scammed by An e-mail about A Parcel
By: prezzio
October 5, 2016

During last few months you might have observed an  increase in phishing and scam attacks. So… read the guidelines below and don’t get caught. Be a little skeptical of the following: Treat outlandish email offers as junk mail.  If they look too good to be true, then they probably are. ...

Personnel Security – Adjudication of the Human Resource and the “Whole Person” rule.
By: J.
October 3, 2016

     Personnel Security is of course concerned with the people that have access or management is considering for access to the company, government or other institutions resources. It is therefore important that, like any other security consideration, a risk based approach be taken to the determination of hiring or retaining employees, contractors, vendors or others (including visitors) ...

National Cybersecurity Awareness Month 2016
By: rcubed
October 3, 2016

The National Cybersecurity Awareness Month 2016 is entering its 13 th year this October. Founded in 2004, it is co-sponsored by the United States Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA) to put the focus on the threats that exist online and the vigilance we all must assume to protect ...

Practical Web Application Penetration Testing Series - Chapter 3a
By: Babak Esmaeili
September 30, 2016

Burpsuite Scanner Tutorial Hello Cybrarians, We are gonna divide this chapter into 3 sections: A brief intro of burp scanner,configuration and installing add-ons and plugins to it and engaging it with explorer  Keep going on pentesting ...

Practical Web Application Penetration Testing Series - Chapter 2
By: Babak Esmaeili
September 29, 2016

In the first chapter we saw how to detect and recon the technology of a website. Now, in chapter 2 we are going to use https://viewdns.info/ website or google.com for detecting the sub-domains of a website and information gathering. In Google, we use the query site:*.targetsite.com ...

How to Create a Mobile Pentesting Environment
By: GREYART
September 28, 2016

Smartphone users are exposed to numerous threats after they use their phone. These threats can disrupt the operation of the smartphone, and transmit or modify user information. For these reasons, the applications deployed there must guarantee privacy and integrity of the data they handle. Mobile security involves protecting each personal and business data keep on and ...

Basic DHCP Configuration
By: cybern4
September 28, 2016

DHCP is the dominant way of providing end user devices with the information required to connect to your network.In small or midsize environments DHCP is usually provided through the ISR Router. Steps needed to deploy DHCP   Define which addresses are going to be excluded.  Statically configure addresses on Servers ...

Do You Use Password Haystacking?
By: Jennifer
September 27, 2016

How can we make passwords memorable AND uncrackable, it is password haystacking. You know the phrase it’s like trying to find a needle in a haystack; well the same method applies by hiding your password with a prefix and suffix pattern.  We know length is the most important ...

Using FTK Imager on CLI – Challenging new disks technologies
By: andresBello
September 27, 2016

Hi Cybrarians. Day by day, the profession of digital forensics implies a challenge about changes of technologies, here I’m going to explain how to acquire a forensic image using FTK Imager in command line interface (CLI) and Linux. Traditional procedure The way to get ...

Prep Guide for Offsec's PWK/OSCP
By: Tulpa
September 26, 2016

Hello everyone!They say you should write what you want to read. Before starting my ‘Penetration Testing with Kali Linux’ training course, I wish I could have read a how-to-prep guide. The course does a wonderful job at getting you ready for the exam, but I feel that I could have better utilized my lab time if I had a better foundation of knowledge ...