0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

A Synopsis of the NIST Risk Management Framework
By: Eric
June 20, 2016

Applying The NIST Risk Management Framework There are a number of approaches to managing risk. I chose to focus on this approach because it's free to use and the supporting documentation is readily available. Managing risk is a complex process and requires the input from the whole organization. There are three tiers associated with the respective portions of ...

Windows Hacking 1: Injecting a Backdoor into a PE File
By: Z33MAX
June 20, 2016

Welcome back Cybrarians, In the hacking world, being stealthy and undetectable is the number one priority after anonymity. Creating custom attacks that seem very real is an art that needs creativity and patience. Fooling the user into the hacker’s trap is not easy as the old days.Therefore, new ways are created to cover all ...

Sunday's Cyber Security Fact: The Angler Exploit Kit's Rate of Infection (June 19, 2016)
By: ginasilvertree
June 19, 2016

Angler Manages to Infect more than One Million Workstations a Year "There is a common misconception that a user explicitly needs to download a malicious file in order to get his PC infected. Exploit kits use a technique called drive-by-downloads. With this technique, malicious software can be ran just by opening a website in your ...

Another Powerful Method for Subnetting
By: JBingham
June 17, 2016

Here's something that I learned from my CISCO class that makes things a lot easier.You're given an IP range of and must create a domain that has five subnets - pockets of devices on the network that are separate from each other so that no one can interfere with another departments data or devices. You know ...

An Overview of Identity and Access Management (IAM)
By: foxpro
June 17, 2016

Assets are categorized as information, systems, devices, facilities and personnel. Any entity, whether it's an individual, a group of individuals or a corporation wants to protect these assets from failures, accidents and bad actors by using Identity and Access Management (IAM). In any given IAM situation, there's the concept of subject and object. The subject ...

Is TOR Really Secure?
By: usman47
June 16, 2016

Hello my great geeks on Cybrary. Before anything else, I'd like to thank all of you for the feedback you guys have given. This keeps me motivated and helps me write better content every day.This article about TOR is the last article in my series on different security technologies like Proxies and VPN's. If you want to check my previous ...

How to Build a USB Drive Pentesting Toolkit
By: RoninSmurf
June 16, 2016

In this guide, I'll walk you through setting up a pentesting USB drive that also works well for other IT professionals.Fortunately, the days of carrying around a CD binder full of your various tools are long gone. With the lower prices of USB drives and their increased capacity, you can easily keep a large number of tools ...

Post Exploitation Hacking Techniques
By: Chilico
June 15, 2016

Hello there,This is my first OP3N submission and we'll talk about post exploitation hacking techniques you can use after having a meterpreter shell on a remote system. You'll see things like: Privilege Escalation Maintaining Access Data Harvesting Weak Password Cracking NOTE: Don't take this ...

Remove the "Shortcut Virus" from Your Pendrive in 7 Steps
By: Adhisen Chiniven
June 14, 2016

Hi Cybrarians,Have you ever come across the "Shortcut Virus" on your device while connecting it to a computer? Did you get scared? Of course, it's scary.Follow these steps to remove the virus and use your files again: Go to Start and search for "cmd" Right-click on cmd Click ...

"Done for You" - The Complete List of Information Security Governance and Risk Management Training Videos
By: ginasilvertree
June 14, 2016

 Information Security Governance and Risk Management professionals maintain and enforce policies to ensure the preservation of information security and build plans to account for applicable risks. Watch these videos to learn more!  Information Security Governance & Risk Management (part 1) Length: 06:03 Information Security Governance & Risk Management (part 2.1) Length: 10:59 Information Security Governance & Risk Management (part ...