0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

A-Z Kali Linux: Useful Commands Everyone Should Know
By: 5kYp01n7
August 4, 2016

a apropos  Search Help manual pages (man -k) apt-get  Search for and install software packages (Debian) aptitude  Search for and install software packages (Debian) aspell  Spell Checker awk  Find and Replace text, database sort/validate/index ...

CyDefe Cyber Security Podcast Episode 23
By: CyDefe
August 3, 2016

On this weeks episode we are joined by Ben0xA who works for https://www.trustedsec.com you can follow him on twitter @Ben0xA . This week we discuss Macs and iPhones have a Stagefright-style bug, Android banking malware blocks victims’ outgoing calls to customer service, Hidden 'backdoor' in Dell security software gives hackers full access, and Companies failing to plan for many cyber dangers. ...

Zero-Knowledge Techniques and the Fiege-Fiat-Shamir Identification Scheme
By: maggiee
August 3, 2016

Imagine that you've been selected to be a member of a secret society. You're given the password to enter the clubhouse, and thus have all the information you need to prove your membership. However, unbeknownst to you, there's an eavesdropper at the door who overhears you whisper your password to the guard. The society's meetings are now compromised, because ...

Drag and Drop: A Common Problem - Resolved
By: infosectdk
August 3, 2016

Introduction: One of the tenants of information security is CIA – Confidentiality, Integrity and Availability.The following is an example of how integrity and availability of data is compromised, and an example of how to lessen the impact. I know some people will make suggestions on best practices. Bear in mind, that there are some brilliant examples ...

Collection of Penetesting Lab Notes, 0P3N Posts, Courses and More
By: ginasilvertree
August 3, 2016

“Penetration Testing or Pentesting refers to techniques for actively testing an organization’s computer or network security, usually by identifying potential vulnerabilities and weak spots and trying to exploit those and/or break in.”Below, you'll find information about penetration testing, pentesting labs and tutorials. The information was compiled from Cybrary's 0P3N posts, classes, forums, notes, S3SSI0NS and CH4NN3LS content.  0P3N Posts: ...

Using Wireless Evil Twin and BeEF to Compromise Target Machines
By: entropy1337
August 2, 2016

Hello all, I'm the author of  Infernal Wireless Suite. T oday, I'd like to teach you how to perform an Evil Twin attack, along with utilizing the BeEF Framework to ...

Medical Devices Remain Vulnerable to Cyber Attacks
By: virgaonkara
August 2, 2016

When we talk about vulnerability, usually computing devices come to mind. Now, the scenario of threat is changing. Even the medical industry can be a new target of attackers. Wide use of medical instruments which are directly connected to the internet can work as a free path for attackers. These kind of attempts can cause serious damage to ...

How to Exploit a Poorly Configured SMB
By: Kl4us
August 1, 2016

What's an SMB? SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports and communications abstractions such as named pipes and mail slots between computers. SMB is a client-server, request-response protocol. The only exception to the request-response nature of SMB (that is, where the client makes requests and the server sends back ...

What You Should Know about MAC and IP Addresses
By: nishan8583
August 1, 2016

MAC and IP addresses are two important topics that a person involved in the Computer Networking   and Computer Security fields should know about.These topics are discussed below.  1.MAC Address A MAC address is a address that is burned into the hardware itself during the manufacturing period and it cannot be changed. MAC addresses are 48 ...

How To Read Email Headers and Find Internet Hosts
By: S-Connect
July 31, 2016

Now, some of you may think headers are too simple or boring to waste time on. However, a few weeks ago I asked the 3000+ readers of the Happy Hacker list if anyone could tell me exactly what email tricks I was playing in the process of mailing out the Digests. But, not one person replied with a complete ...