0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Basic File Hashing Using Native Tools on Linux, OSX, and Windows 10
By: junkwerks
August 5, 2016

Wikipedia defines a cryptographic hash as “a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash function) which is designed to also be one-way function, that is, a function which is infeasible to invert” (1). In fact, hashing is so cool that Wikipedia has a second page devoted to hashes ...

Randomness and Security: A Primer on Entropy and DRBGs
By: badfilemagic
August 5, 2016

Randomness and Security: A Primer on Entropy and DRBGs When it comes to systems security engineering, randomness is everything. So many exploit mitigation technologies and cryptographic primitives rely on reliable, statistical randomness that getting it wrong is detrimental to the system as a whole.  That said, ...

Linux is Fun in Terminal (Really)!
By: 5kYp01n7
August 4, 2016

Linux is fun! Huhhh? OK, so you don’t believe me. Meet me at the end of this article and you'll believe that Linux is actually a fun box. 1. Command: sl (Steam Locomotive) You might be aware of command ‘ ls ‘ - the list command - and use it frequently to view the contents of ...

Pokémon GO and Your Privacy
By: cedwardsmedia
August 4, 2016

This post originally appeared on my blog: Offensive Privacy . I have cross-posted it here for the benefit of Cybrary users. On July 5, 2016, Pokémon GO was released in the United States for iOS and Android. Since launching, it has quickly become to most successful mobile app on both platforms, beating out the likes ...

A-Z Kali Linux: Useful Commands Everyone Should Know
By: 5kYp01n7
August 4, 2016

a apropos  Search Help manual pages (man -k) apt-get  Search for and install software packages (Debian) aptitude  Search for and install software packages (Debian) aspell  Spell Checker awk  Find and Replace text, database sort/validate/index ...

CyDefe Cyber Security Podcast Episode 23
By: CyDefe
August 3, 2016

On this weeks episode we are joined by Ben0xA who works for https://www.trustedsec.com you can follow him on twitter @Ben0xA . This week we discuss Macs and iPhones have a Stagefright-style bug, Android banking malware blocks victims’ outgoing calls to customer service, Hidden 'backdoor' in Dell security software gives hackers full access, and Companies failing to plan for many cyber dangers. ...

Zero-Knowledge Techniques and the Fiege-Fiat-Shamir Identification Scheme
By: maggiee
August 3, 2016

Imagine that you've been selected to be a member of a secret society. You're given the password to enter the clubhouse, and thus have all the information you need to prove your membership. However, unbeknownst to you, there's an eavesdropper at the door who overhears you whisper your password to the guard. The society's meetings are now compromised, because ...

Drag and Drop: A Common Problem - Resolved
By: infosectdk
August 3, 2016

Introduction: One of the tenants of information security is CIA – Confidentiality, Integrity and Availability.The following is an example of how integrity and availability of data is compromised, and an example of how to lessen the impact. I know some people will make suggestions on best practices. Bear in mind, that there are some brilliant examples ...

Collection of Penetesting Lab Notes, 0P3N Posts, Courses and More
By: ginasilvertree
August 3, 2016

“Penetration Testing or Pentesting refers to techniques for actively testing an organization’s computer or network security, usually by identifying potential vulnerabilities and weak spots and trying to exploit those and/or break in.”Below, you'll find information about penetration testing, pentesting labs and tutorials. The information was compiled from Cybrary's 0P3N posts, classes, forums, notes, S3SSI0NS and CH4NN3LS content.  0P3N Posts: ...

Using Wireless Evil Twin and BeEF to Compromise Target Machines
By: entropy1337
August 2, 2016

Hello all, I'm the author of  Infernal Wireless Suite. T oday, I'd like to teach you how to perform an Evil Twin attack, along with utilizing the BeEF Framework to ...