0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

CompTIA's New Cybersecurity Analyst (CSA+) Certification
By: erussell
December 26, 2016

In August I had the opportunity to take the CompTIA Cybersecurity Analyst+ (CompTIA CSA+) beta certification exam. CompTIA intends this to be a new vendor-neutral certification path between CompTIA's Security+ and the CompTIA Advanced Security Practitioner (CASP ). Similar to other CompTIA exams, this exam consists of both multiple choice and performance-based questions. My exam had ...

XSS Explained - From Theory to Practice
By: Dr3AMCoDeR
December 25, 2016

Hi there Cybrarians!As always, I should thank you to all of you for your support. I'm really happy that my articles are helpful to most of you, and now I'm back with another article. Let's also greet the moderators which are doing a great job with our contents in Cybrary.I was recently asked to explain how XSS attacks work ...

Password Generating Principles: Method 2
By: Cernyr
December 24, 2016

Hello Cybrarians,In the first article , I showed you a passphrase generating method. In this second article, I would like to introduce you another one, the password matrix. This type is an upgraded version of the ancient SATOR square. The original was used for mythological/mystical purposes and can be viewed in the Pompeii ruins.The advanced version is basically a ...

Server Documentation Tool
By: infosectdk
December 23, 2016

Hello, Cybrarians!“Where is your documentation?”This question can be asked by an auditor, a C-Level manager, your boss or a colleague.If you document everything and are methodical in how you work – well done to you.  But for everyone else, well let’s just say procrastination can set in, or we are distracted, we all know the excuses we could ...

You Say Cyber Security, I Say Cybersecurity
By: rcubed
December 22, 2016

Being it’s the Thursday before Christmas I thought a somewhat less technical post was in order to get us in the Holiday spirit. It would also be a good opportunity to clear up an issue that’s been nagging me for a long time: what is the proper spelling of cybersecurity? I’ve seen it spelled as a single ...

Security Risks of a Cashless Economy
By: indrajeet
December 22, 2016

  November 8, 2016, was a great date for the entire world. On the one hand, U.S. election results were announced and on the other hand, the Prime Minister of India, Shri Narendra Modi announced demonetization in the country ( India ). If you are not from India, you might be thinking ...

Discovering the Operating System Using ICMP
By: ryanshady
December 22, 2016

Ping and Traceroute form a simple pair of tools for operating system recognition. The technique consists of the sum of the jumps and TTL. Firstly, we must be aware of the TTL return value of the various Operating Systems.- Cyclades = Usually 30- Linux = Usually 64- Windows = Usually 128- Cisco = Usually 255- Linux + ...

UNM4SK3D: Ads, Email, and Inflight Entertainment
By: Olivia
December 22, 2016

  #methbot Slow clap for fraud-prevention firm White Ops who discovered the biggest digital ad fraud ever, lovingly dubbed 'Methbot.'  This may sound like a bad dream, or just another episode of Breaking Bad, but Methbot, a 'robo-browser that spoofs all the necessary interactions needed to initiate, carry out and complete ad transactions,' ...

Intro to Common Layer 3, Layer 4 & Layer 7 DoS Attacks
By: baphomet1488
December 21, 2016

Common Layer 3 (network layer) and Layer 4 (transport layer) Attacks: ICMP (  Definition from The Tech Terms Dictionary   ) Stands for "Internet Control Message Protocol." When information is transferred over the Internet, computer systems ...

Write Blockers: A Central Part of a Forensic Analysts Toolbox
By: DaveB135
December 21, 2016

So, you are interested in becoming a digital forensic analyst?  That is great!  It is an exciting and growing field, one filled with many possibilities for the enthusiastic learner.  The purpose of this article is to introduce those interested in the forensics field with one of the most important tools in their toolbox, the hardware write blocker.Any computer ...