0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Machine Learning is Imperative for the Detection and Mitigation of Cyber Threats
By: pankaj1251
June 22, 2016

There's lot of buzz around machine learning. The days aren't far when the machine learned data will be like other commoditized security products such as Antivirus, firewalls, etc. What we largely see in today’s landscape allows enterprises to collaborate with various environments through grid computing and on-demand/on-the-fly platforms. While we're enhancing the business productivity, this is simultaneously ...

Payload Customization with Metasploit
By: S-Connect
June 21, 2016

Why would we need custom payloads? Likely in situations where we launched Metasploit, but no session is created or it seems like the Antivirus software got popped. Being a penetration tester , you have to overcome. It always seems like antivirus software is a hurdle. The best possible way to avoid antivirus software is to use custom payloads.Create your ...

"Done for You" List of Exploit/Exploitation Videos
By: ginasilvertree
June 21, 2016

According to the pentest-standard.org website, "The purpose of the Post-Exploitation phase is to determine the value of the machine compromised and to maintain control of the machine for later use. The value of the machine is determined by the sensitivity of the data stored on it and the machines usefulness in further compromising the network. The methods ...

A Synopsis of the NIST Risk Management Framework
By: Eric
June 20, 2016

Applying The NIST Risk Management Framework There are a number of approaches to managing risk. I chose to focus on this approach because it's free to use and the supporting documentation is readily available. Managing risk is a complex process and requires the input from the whole organization. There are three tiers associated with the respective portions of ...

Windows Hacking 1: Injecting a Backdoor into a PE File
By: Z33MAX
June 20, 2016

Welcome back Cybrarians, In the hacking world, being stealthy and undetectable is the number one priority after anonymity. Creating custom attacks that seem very real is an art that needs creativity and patience. Fooling the user into the hacker’s trap is not easy as the old days.Therefore, new ways are created to cover all ...

Sunday's Cyber Security Fact: The Angler Exploit Kit's Rate of Infection (June 19, 2016)
By: ginasilvertree
June 19, 2016

Angler Manages to Infect more than One Million Workstations a Year "There is a common misconception that a user explicitly needs to download a malicious file in order to get his PC infected. Exploit kits use a technique called drive-by-downloads. With this technique, malicious software can be ran just by opening a website in your ...

Another Powerful Method for Subnetting
By: JBingham
June 17, 2016

Here's something that I learned from my CISCO class that makes things a lot easier.You're given an IP range of 192.168.0.0 and must create a domain that has five subnets - pockets of devices on the network that are separate from each other so that no one can interfere with another departments data or devices. You know ...

An Overview of Identity and Access Management (IAM)
By: foxpro
June 17, 2016

Assets are categorized as information, systems, devices, facilities and personnel. Any entity, whether it's an individual, a group of individuals or a corporation wants to protect these assets from failures, accidents and bad actors by using Identity and Access Management (IAM). In any given IAM situation, there's the concept of subject and object. The subject ...

Is TOR Really Secure?
By: usman47
June 16, 2016

Hello my great geeks on Cybrary. Before anything else, I'd like to thank all of you for the feedback you guys have given. This keeps me motivated and helps me write better content every day.This article about TOR is the last article in my series on different security technologies like Proxies and VPN's. If you want to check my previous ...

How to Build a USB Drive Pentesting Toolkit
By: RoninSmurf
June 16, 2016

In this guide, I'll walk you through setting up a pentesting USB drive that also works well for other IT professionals.Fortunately, the days of carrying around a CD binder full of your various tools are long gone. With the lower prices of USB drives and their increased capacity, you can easily keep a large number of tools ...