0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Frequently Used Acronyms, Expanded!
By: 3rgis
September 7, 2016

Hello Cybrary.it! This is my first time writing here, so if I make any mistakes, correct me in the comments. Some of these acronyms aren't used daily, but they're still good to know. CCTV / CLOSED CIRCUIT TELEVISION CPU / CENTRAL PROCESSING UNIT DDoS / DISTRIBUTED DENIAL OF SERVICE ...

A Beginner's Guide to Juliar Module Creation in Python - Part 1
By: Rattar
September 6, 2016

Juliar Alpha 10 has just been released and there is a huge update that came with it.Juliar now allows import of modules created using python. That's right, you can now easilycreate your own modules in python and easily use them in Juliar .(This tutorial assumes you know how to run and execute Juliar commands. If you ...

SQL Injection Lab Part 1 – Lab Setup
By: bjacharya
September 6, 2016

Hello Cybrarians ! ! ! Welcome to:  SQL injection lab PT.1 – Intro/Lab setup In this lab, We’ll begin the series of  SQL Injection . This will be  Part-Wise Article/Guide  to learn SQL Injection . *Skill/Experience : Before proceeding to this series, you must know basics on setting up VM ...

Part 2: Creating Modules for Juliar in Python
By: Rattar
September 3, 2016

clearThis tutorial is continuation of Part 1: Creating Juliar Modules in Python.If you have no idea what's going on check out the previous part. https://www.cybrary.it/0p3n/part-1-creating-juliar-modules-python/ Pre-requisites: You must have read first part of tutorial You must have PythonDevKit downloaded You must be able to work your brain ...

Tutorial: Local File Inclusion to Command Execution
By: Chilico
September 2, 2016

Some information from this article has been used from the InfoSec Institute As you probably know , LFI attack's allow the attackers to view local files on a server but is not limited to that. With LFI we can also get a shell (sometimes) . There is several ways to manage that and here i will focused on ...

Simulating A Real Lab Environment for Pen Testing (Part 1)
By: jahankohan
September 1, 2016

Hi Guys,Today I'm going to show you how to build a real lab for pen testing.As all of you know, pen testing in the real world is not just dealing with 2 vms, one for an attacker and the other for the victim. In the real world, we should deal with a network, and in standard networks there are ...

The Guessability of Passwords
By: maggiee
September 1, 2016

Recently, over a family dinner, my aunt asked me how she could choose passwords that are secure. I responded with the usual advice: no words, especially not names; use a long passphrase, length really does matter; and so on. Until yesterday, though, I was unfamiliar with a formal metric for password “guessability”. In the course of ...

How to Test and Exploit SQL Injections in URL Rewrite Rules
By: Babak Esmaeili
August 31, 2016

First of all, what is URL rewrite?You've likely seen sites with this schema in URLs: https://victim.com/?id=1 Most everyone knows how to test for SQL injection in this situation ---> http://mysite.com/?id=1' or http://mysite.com/?id=1 and 2.5=2.5 or http://mysite.com/?id=1 and 3.4=3.5 and etc.But, in URL rewrites, this UR http://victim.com/?id=1 will become http://victim.com/1 ,{id ...

Part 1: Creating *Juliar * Modules in Python
By: Rattar
August 30, 2016

With the release of Juliar Alpha 10 , you can now make modules for Juliar in any language! This means that you can use your favorite language to create modules.This tutorial assumes you know basics of Juliar . If you don't, check out the following tutorials: https://www.cybrary.it/0p3n/programming-with-juliar/ https://www.cybrary.it/0p3n/programming-with-juliar-part-2/ https://www.cybrary.it/0p3n/using-juliars-encryption-module/ At the time ...

Remove Users from Your Network Using Airmon-ng
By: Tomislav Balabanov
August 30, 2016

Today, I'll demonstrate to you how you can remove someone from your network. This article is for educational purposes only.I will separate this tutorial into steps, so it's simple to understand.Let's start...  STEP 1: Put our WiFi card in monitoring mode: Open terminal Type: airmon-ng start wlan0 That's ...