0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

A Missing Piece That’s Hurting Your Company's Cyber Security Efforts
By: ginasilvertree
May 6, 2016

Take a moment to consider your company’s cybersecurity efforts. Do you picture your IT and security teams devising proactive technical solutions and dealing with threats? If so, that’s a typical and valid response. Yet, there’s another key piece that most companies don’t consider: business process. The ins and outs of how your company works affects cybersecurity more than you know. Ken ...

Next Generation Mobile Hacking Techniques
By: StevenE
May 6, 2016

What is Mobile Hacking? With the alarming rate of advances in technology and affordability, a New Wave of Hackers has reached the shores of the infosec world. And the preferred choice of platform for these next generation hackers?The Mobile Phone .The Mobile Platform is ideal since modern phones are easily concealable and heavily spec'ed, ...

Explanation of DDoS Attacks and SQL Injections
By: Antr4ck
May 6, 2016

In most articles about hacking attacks, you usually learn of attacks by groups like Anonymous, LulzSec and AntiSec. And, you've also heard about websites and platforms that have been hacked, including, Sony for example. But, are you aware of the methods used to break down these services? There are many tools and techniques that some hackers ...

Tradecraft Tuesday – COM Scriptlets and the Squiblydoo Attack
By: kylehanslovan
May 3, 2016

What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat . These unrehearsed conversations allow anyone to join in, ask ...

Exchange: How to Hide Disabled Users from the Global Address List (GAL)
By: xyra
May 3, 2016

When a user leaves the company, often the Exchange mail account is deleted and the user account gets disabled.In this way, the former employee can not access corporate data, but he still appears in the Global Address List (GAL) for internal staff. He can still be selected in the address book and is also still visible in the team calendar.The ...

The Unconventional Guide to Network Security 1.4
By: ram
May 2, 2016

Network Security 1.4 Given a scenario, implement and use common protocols.Based on CompTIA’s list of Security + exam objectives (their PDF list of domains is found here: https://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf ) , I’ll go through each one and give details and examples of each so you know what each listed item means.Where I ...

Hacking WPS via Pixie Dust Attack
By: Joshua H.
April 22, 2016

This Cybrary 0P3N submission will cover how to use tools such as aircrack suite, Reaver, Pixiewps, & HT-WPS#B to exploit a WPS vulnerability in certain routers.This attack is carried out on a Machine running Kali Linux. (Kali comes pre-packaged with the mentioned tools aside from HT-WPS#B). Here is a list of vulnerable routers: Spreadsheet of Routers Vulnerable to ...

[PODCAST] Episode 22 The one after the long break
By: CyDefe
April 21, 2016

On this weeks episode we discuss checking for malware in your firmware with Google's VirusTotal, Getting pwned by hearthstone hacking tools, Fake Flash Update Serves OS X Scareware, and the FBI trying to scrub its employees data off of the web.Check out the podcast at https://www.cydefe.com/podcast/2016/4/12/episode-22-the-one-after-the-long-break

A Big Thank You to Joe Taylor!
By: ryan c
April 19, 2016

I just wanted to take a minute to thank Joe Taylor @jbtaylor051 for making a substantial donation today. Joe purchased a huge amount of Cybytes, and the team here at Cybrary would like to say thank you!

The Penetration Testers Framework (PTF)
By: Johan Grotherus
April 15, 2016

The Penetration Testers Framework (PTF) is a framework created by Dave Kennedy at TrustedSec. Dave is the author of many other tools, yet PTF is a bit different as it aims to provide easy installation of other tools. It's written in Python and is available on Github. For people who are familiar with Backtrack and miss the /pentest ...