0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

SQL Injection Lab Part 3 – Extracting/Obtaining PHP Cookie
By: bjacharya
September 13, 2016

Welcome back Cybrarians! Section 9: Obtain PHP Cookie 1. SQL Injection Menu Instructions:1. Select “SQL Injection” from the left navigation menu. 2. Select Tamper Data Instructions:1. Tools –> Tamper Data 3. Start Tamper Data Instructions:1. ...

Part 3: Creating Modules for Juliar in Python
By: Rattar
September 13, 2016

In the last tutorial, we learned how to use optionals correctly: https://www.cybrary.it/0p3n/part-2-creating-modules-juliar-python/In this tutorial we will learn how to make modules and have juliar only load certain commands.We do this by creating a def commands(): Please NOTE that we are not doing def commands(content,optionals); This is a special exception, since it's technically not a command, but rather ...

Social Engineering A Facebook Account Using Kali Linux
By: tauqeerniazi
September 12, 2016

Nowadays, Facebook "hacking"  is not easy. But, I am here to help you by teaching  some methods of Facebook hacking . Today, I'm going to teach you how to hack a  Facebook account using Kali Linux . I  will teach you some more easy methods of "hacking" Facebook accounts later. ...

Tailgating (following someone into a building) 101
By: ProgrammerE
September 11, 2016

When I had just finished grade 12, I needed a job for the summer. A subsidiary of the Toronto Star had hired me to distribute flyers advertising student jobs at the subsidiary.  Distribution of flyers was often done through questionable means, such as distributing flyers on school grounds, malls, and apartment buildings. I knew at the time it was wrong ...

CIA - Quick Guide
By: infosectdk
September 9, 2016

A colleague – who is quite "techie", had no idea what CIA meant. People may laugh at this, but to be honest until a few years ago I was the same. It is easy, as say a desktop support guy, to concentrate on your job and not look at data risk, techies like techie stuff, and information security and ...

SQL Injection Lab Part 2 – DVWA Login + Low Security Level Submit
By: bjacharya
September 9, 2016

Welcome back Cybrarians ! …in SQL injection lab PT.2Let’s start part 2. Open Console Terminal and Retrieve IP Address 1. Open a console terminal Instructions:Click on the console terminal 2. Get IP Address Instructions:1. ifconfig -a Notes(FYI):  As indicated below, my IP address is192.168.1.105. ...

RECON: TheHarvester
By: KnightsCode
September 8, 2016

You read the title, you may have heard of this interesting add-on for any pentester. If you haven't, read on. It's certainly worth it. Reconnaissance is the key first part to any pentest and any pentester worth their salt will tell you it's the most important part. Why? Because this part gives you the opportunities to get ...

Cracking CEH - The Comprehensive Guide in a Nutshell
By: GodSpeed
September 8, 2016

EC- Council’s Certified Ethical Hacker , currently version 9, is one of the most in demand certificate out there. People mostly have a varying viewpoint on how good is CEH and if anyone should do it at all.  But in any case it does not change the fact that the certification is valued around the world and is ...

Active Directory Security Checks
By: manishp
September 7, 2016

Active Directory Security Checks So Again a recreation of work with little modification from recent blackhat event by Sean Metcalf (@Pyrotek3) which talks in detail about the AD Security checks to be performed to increase the security level of the complete setup. i just collaborated all the points to one place to make it ...

Frequently Used Acronyms, Expanded!
By: 3rgis
September 7, 2016

Hello Cybrary.it! This is my first time writing here, so if I make any mistakes, correct me in the comments. Some of these acronyms aren't used daily, but they're still good to know. CCTV / CLOSED CIRCUIT TELEVISION CPU / CENTRAL PROCESSING UNIT DDoS / DISTRIBUTED DENIAL OF SERVICE ...