0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Tradecraft Tuesday – COM Scriptlets and the Squiblydoo Attack
By: kylehanslovan
May 3, 2016

What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat . These unrehearsed conversations allow anyone to join in, ask ...

Exchange: How to Hide Disabled Users from the Global Address List (GAL)
By: xyra
May 3, 2016

When a user leaves the company, often the Exchange mail account is deleted and the user account gets disabled.In this way, the former employee can not access corporate data, but he still appears in the Global Address List (GAL) for internal staff. He can still be selected in the address book and is also still visible in the team calendar.The ...

The Unconventional Guide to Network Security 1.4
By: ram
May 2, 2016

Network Security 1.4 Given a scenario, implement and use common protocols.Based on CompTIA’s list of Security + exam objectives (their PDF list of domains is found here: https://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf ) , I’ll go through each one and give details and examples of each so you know what each listed item means.Where I ...

Hacking WPS via Pixie Dust Attack
By: Joshua H.
April 22, 2016

This Cybrary 0P3N submission will cover how to use tools such as aircrack suite, Reaver, Pixiewps, & HT-WPS#B to exploit a WPS vulnerability in certain routers.This attack is carried out on a Machine running Kali Linux. (Kali comes pre-packaged with the mentioned tools aside from HT-WPS#B). Here is a list of vulnerable routers: Spreadsheet of Routers Vulnerable to ...

[PODCAST] Episode 22 The one after the long break
By: CyDefe
April 21, 2016

On this weeks episode we discuss checking for malware in your firmware with Google's VirusTotal, Getting pwned by hearthstone hacking tools, Fake Flash Update Serves OS X Scareware, and the FBI trying to scrub its employees data off of the web.Check out the podcast at https://www.cydefe.com/podcast/2016/4/12/episode-22-the-one-after-the-long-break

A Big Thank You to Joe Taylor!
By: ryan c
April 19, 2016

I just wanted to take a minute to thank Joe Taylor @jbtaylor051 for making a substantial donation today. Joe purchased a huge amount of Cybytes, and the team here at Cybrary would like to say thank you!

The Penetration Testers Framework (PTF)
By: Johan Grotherus
April 15, 2016

The Penetration Testers Framework (PTF) is a framework created by Dave Kennedy at TrustedSec. Dave is the author of many other tools, yet PTF is a bit different as it aims to provide easy installation of other tools. It's written in Python and is available on Github. For people who are familiar with Backtrack and miss the /pentest ...

Manual WPA/WPA2 Hacking & Cracking [Evox]
By: Joshua H.
April 14, 2016

Manual WPA/WPA2 Hacking & Cracking   (This is by no means meant to be followed and actually used unless you have the time and resources. Please use this as an informative post. This method is obsolete as there are tools mentioned at the bottom of the post to automate this process. I ...

Registry Hacking Against Sysprep Errors
By: xyra
April 14, 2016

NOTE: This article is meant for system administrators only. DO NOT CHANGE YOUR REGISTRY if you administer your PRIVATE PC! If you want to create images and execute Sysprep, sometimes you may see the following error message displayed when the computer is restarted: The computer restarted unexpectedly or encountered an ...

What You Should Know About the OSI Reference Model and Layers
By: uknin35
April 13, 2016

The OSI Reference Model is not a physical model. It is a logical model. It has seven different layers, divided into two groups. The top three layers define how the applications within the end stations will communicate with each other and with users. The bottom four  define how data is transmitted, end-to-end. Layer 7 Application – Provides a user ...