0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

CISCO ASA Firewall Commands Cheat Sheet [Part 5-B]
By: Motasem
June 14, 2016

Welcome to the latest installment of the CISCO ASA Firewall Commands Cheat Sheet. In this part, we'll explain Packet inspection and filtering on 5-7 OSI layer in addition to ICMP inspection. This part depends on the previous part to be easily understood.Let's begin...  Configuring ICMP Inspection policy-map globalpolicyclass inspectiondefaultinspect icmpinspect icmp errorexit ...

[Product Update] Introducing My Notes
June 13, 2016

We're very excited to launch My Notes on Cybrary. My Notes was developed after spending a good deal of time speaking with Users and learning what we could provide to help improve the experience on the site. Researchers found that if important information was contained in notes, it had a 34 percent chance of being remembered. Information not ...

SQL Injection Using SQLmap - [PART 1]
By: tyga-tyga
June 13, 2016

SQL , Structured Query Language, is a programming language that allows the user to manage data in a relational database management system (RDBMS) through the use of specially crafted strings. Although great for functionality, it can be disastrous if configured/crafted incorrectly. We can exploit this using the pentesting tool SQLmap.SQLmap is a penetration testing tool that automates the ...

4 Cyber Security Training Sites - Plus a Bonus
By: djbobka
June 13, 2016

I've always had a big interest in the IT field, but never knew how to get started or what to study . Over the past two weeks, I've used four websites: Cybrary Professor Messor Testout Transcender  Going ...

Hacking NetBIOS
By: Chilico
June 13, 2016

Hi there,In today's guide, we'll talk about hacking NetBios.  What is NetBIOS? NetBIOS stands for Network Basic Input Output System. In basic terms, it's responsible for managing the internal share of files and printers - but it's not limited to these functions. For the purpose of this guide, let's keep it simple. For anyone wanting more information ...

Sunday’s Cyber Security Fact: Vulnerability of Web Apps (June 12th, 2016)
By: ginasilvertree
June 12, 2016

" A staggering 98% of tested web applications were vulnerable to attack. Web apps are everywhere now, and it's essential that updates and patches are installed so known vulnerabilities are addressed." – 2015 Trustwave Global Security Report

Ping of Death (PoD): Protect Yourself Against an ICMP - Ping Flood Attack
By: Bl4CksPId3r
June 11, 2016

Ping of Death (PoD) Ping of Death is a type of DoS attack in which an attacker attempts to crash, disrupt, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command. PoD attacks exploit legacy weaknesses, which may have been patched ...

Nmap Scanning Techniques and Algorithms
By: uknin35
June 10, 2016

Nmap allows system administrators and individuals to scan networks to determine which hosts are up and what services they're offering. Nmap supports a large number of scanning techniques including: UDP TCP connect() TCP SYN (half open) FTP proxy (bounce attack) ICMP (ping sweep) ...

Powershell Empire Stagers 2: Controlling the Victim's Machine
By: Z33MAX
June 10, 2016

Hello fellow Cybrarians, In the last tutorial, Powershell Empire Stagers 1: Phishing with an Office Macro and Evading AVs , we covered creating a malicious macro and sending it to the victim. Today, we're going to learn how to move around the system, once the connection is made, and gather some ...

Google Dorking Guide
By: Bl4CksPId3r
June 8, 2016

This is just a little Google Dorks Hacking Guide I created. Google can really help you out a lot when you are doing your reconnaissance! Thanks Google for the great help LOL  You may even find credentials as well as other secret documents and data this way. I think it is neat that Google just makes it easier for ...