0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Tutorial: BlackArch Full Install on USB 3.0
By: ReK2
October 25, 2016

Necessary tools: One USB 3.0 stick with at least 100G to be able to install all your tools and personal scripts Another USB any type or DVD/CD, this is for the install Laptop or desktop computer Latest blackarch live cd iso file  HERE ...

By: bachan
October 25, 2016

Hello, Cybrarians !It's time to gain some information about man-in-the-middle attack. Most of you people ever heard about the attack KARMA which I am going to explain here. So, let us start. What is KARMA ? KARMA stands for Karma Attacks Radio Machines Automatically. A radio machine could simply be a smart-phone, tablet, laptop or any wi-fi ...

A Holistic and Risk-based Approach to Cybersecurity
By: Zoran L.
October 25, 2016

Introduction : In the 1990’s, hackers’ motivation was typically about fame and recognition. Upon the realization that they can profit from their hacking skills, they started shifting their focus towards illegal activities. Back in those days, your typical organization had a firewall implemented to protect their perimeter, but as the bad guys were becoming more sophisticated, additional security ...

Text Injection in Error Pages - Rainforest
By: vinothpkumar
October 20, 2016

Hi Readers, Probably, this is one of the easiest security issue (missing best security practices) one can find in any web application. Whenever you try to access any url which is not in the server, you get 404 page. But sometimes, the error message will be displayed like as shown below. URL : rainforestqa.com/ ...

Pentesting vs. Vulnerability Assessment in Typical Application Scenarios
By: Joul Kouchakji
October 20, 2016

Pentesting vs. Vulnerability Assessment in Typical Application Scenarios: Analogies, Differences, Failures & Opportunities 1. Introduction The increase of internet connectivity brought a kind of confusion to several e-commerce industries as many vital vulnerabilities that have caused them a huge damage in their systems, have been identified as a web application vulnerabilities. These security breaches found by conducting ...

Ransomware Protection
By: mysticman2k
October 20, 2016

I recently wrote a post in the forums regarding ransomware prevention, I'd like to highlight some good practices that can help you out with the prevention of Ransomware being executed against your /clients servers.After attempting to develop our own in-house solutions to prevent the automatic encryption of files we found that the process was cumbersome due to the MS Windows Operating ...

Apache Guide to Running *Juliar * on a Webserver
By: Rattar
October 19, 2016

  This guide will teach you how to run Juliar on a WebServer. For those of you who haven't heard, Juliar is actively being developed to work as a server side language.You might ask: Why should I use Juliar to run a webserver? Besides being quick and easy to use. Juliar provides nice commands that allow ...

Practicing for the CCNA Using Cisco Packet Tracer
By: NGNSkull
October 19, 2016

Welcome to this quick guide on how to create small labs to practice routing, switching and more with the help of Cisco Packet Tracer.This is Cisco's network simulation software, which is used in instructor-led courses.It's fairly quick to learn and really easy to use.  It'sgot a lot of Cisco equipment ready for you to play with. You ...

Windows USB Forensics
By: Charanjeet Singh
October 19, 2016

Today, I’m going to tell you about windows usb and removable media forensics. Whenever we connect some external removable media device to a laptop or pc,  generates registry entries which contains a lot of information like device name, device type, its manufacturer name as well as information about the last  device connected to the pc. This type of information is ...

NoobSecToolkit V3 - A Security Students Playground
By: Krintoxi
October 18, 2016

NoobSecToolkit is a Python Based Tool kit that brings together powerful security and anonymity tools and scripts with predefined security configurations and modifications. Making it very simple for students to get started with offensive security! I have made articles  showing  you how to enhance your Linux Security and facilitate basic penetration testing using version 2 ...