0P3N Blog

Hello Friends, Today, I'm gonna start series of how to do Practical Web Application Penetration Testing  on an online website in black box mode.  For pentesting a website, we need to perform the following steps: Find the technology and the programming language used.  ...

All the hardwork has finally paid off. Passed the exam 2 weeks ago. Took me about 1.5 months to study (rushed it quite the bit) but it shows it is achievable. Study Materials ISC2 Official CBK 2015 book - This was my initial study book Ditched it after my ...

SQL injection inside UPDATE query [Tutorial] This tutorial will help you with SQLi inside UPDATE query.  SQLi is located in profile settings.Picture of settings panel:[caption id="" align="aligncenter" width="217"] click image to enlarge[/caption]Vulnerable parameter is "E-mail format: " value.  We use Temper data to intercept and change values.Picture of intercepted values: After we click ...

In a day and age where everything is online, it makes sense to use email; but why is it “a dying media”? Before I answer this question, have you ever wondered why people don’t use email? Well, one reason is all the junk or “spam” as people call it. No, not the food popular in American culture, but ...

Introduction to MTR My Traceroute (mtr) merges the services and performance of the ping and traceroute programs into one networking tool.  Upon starting this diagnostic tool,  mtr investigates the network connection. This typically happens between the host that the mtr runs on, and the (user-specified) destination host. After determining the address of each network hop, a sequence of ICMP ECHO requests is ...

On this episode we discuss password leaks from Last.FM and Opera browser. You can check it out on our website www.cydefe.com or on youtube [embed]https://www.youtube.com/watch?v=ltThUDGopMM&feature=youtu.be[/embed]We are also doing a Qwertycards giveaway which can be found here https://www.cydefe.com/giveaway/

Welcome back Cybrarians! Section 9: Obtain PHP Cookie 1. SQL Injection Menu Instructions:1. Select “SQL Injection” from the left navigation menu. 2. Select Tamper Data Instructions:1. Tools –> Tamper Data 3. Start Tamper Data Instructions:1. ...

In the last tutorial, we learned how to use optionals correctly: https://www.cybrary.it/0p3n/part-2-creating-modules-juliar-python/In this tutorial we will learn how to make modules and have juliar only load certain commands.We do this by creating a def commands(): Please NOTE that we are not doing def commands(content,optionals); This is a special exception, since it's technically not a command, but rather ...

Nowadays, Facebook "hacking"  is not easy. But, I am here to help you by teaching  some methods of Facebook hacking . Today, I'm going to teach you how to hack a  Facebook account using Kali Linux . I  will teach you some more easy methods of "hacking" Facebook accounts later. ...

When I had just finished grade 12, I needed a job for the summer. A subsidiary of the Toronto Star had hired me to distribute flyers advertising student jobs at the subsidiary.  Distribution of flyers was often done through questionable means, such as distributing flyers on school grounds, malls, and apartment buildings. I knew at the time it was wrong ...