0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Mobile Security Framework MobSF
By:
January 1, 2016

Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing. https://github.com/ajinabraham/Mobile-Security-Framework-MobSF https://www.youtube.com/watch?v=VNU7uuMHUOw Thanks for sharing. You’re welcome! Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing. https://github.com/ajinabraham/Mobile-Security-Framework-MobSF

Mikrotik Hack ?
By:
January 1, 2016

hi all can any one help me to hack winbox admin user in (mikrotik) ??? hi all can any one help me to hack winbox admin user in (mikrotik) ???

Mgl-instagram-gallery Xss
By:
January 1, 2016

\# Exploit Title:wordpress Instagram Photo & Video Gallery Multiple vulnerabilities # Google Dork: inurl:wp-content/plugins/mgl-instagram-gallery/single-gallery.php?media= # Date:28/03/2016 # Author: khan 404 # Software Link: https://codecanyon.net/item/instagram-photo-video-gallery-wordpress/5281312 # Version: v2 # Category: webapps # CVE : NA # Tested on: xp,Firefox #Details: wordpress Instagram Photo & Video Gallery is vuln to xss and RFI vuln file:/mgl-instagram-gallery/single-gallery.php Vuln GET PARAMETERs : media= is vuln ...

Meterpreter Session Not Starting
By:
January 1, 2016

Hallo , first , my English is very slow ..... I am working with the book from Georgia Weidman, "Penetration Testing: A Hands-on Introduction to Hacking". On page 182 "Exploiting WebDAV Default Credentials". My host : Kali Linux My guest : Windows XP 64 bit with Service Pack 2 , install an VMware in another computer . Build my Payload ...

Metasploit Pro Certified Specialist
By:
January 1, 2016

Has anyone tried this certification? https://www.rapid7.com/services/training-certification/certification/metasploit-pro-certified-specialist-exam/ Trying to find out how questions are on this exam. I email rapid 7 but they weren't very helpful. They sent me a link to there help pag which provides no information. I just took this course and exam. What questions do you have?

Metasploit (Post/Payload/Exploit/Auxiliary)
By:
January 1, 2016

Hello guys, Ive started learning metasploit a few days ago,Its really a great framework! What I didn't completely understand is the exact difference between a POST,PAYLOAD,EXPLOIT and AUXILIARY and in which specific cases we use the above mentioned. Thankyou-in-advance. ls

Metasploit LHOST With Dynamic IP Address
By:
January 1, 2016

My ISP provides me with a dynamic IP address. So the LHOST option for meterpreter will be meaningless since my IP changes every time I reboot my router. From what I have been able to gather is: 1. Use no-ip\[dot\]com to set up a DNS server that links back to me 2. Use /reveres\tcp\dns and set it to my domain ...

Metasploit Cheat Sheet
By:
January 1, 2016

Thanks to the Null-Byte user OccupyTheWeb( AKA : OTW ) here is an ultimate cheat sheet on Metasploit's Meterpreter in Kali Linux ( or any other Pentesting OS ). At its most basic use, meterpreter is a Linux terminal on the victim's computer. As such, many of our basic Linux commands can be used on the meterpreter even if it's ...

Metasploit And CVE
By:
January 1, 2016

how do you do to exploit the CVE-2017-3167 with msf , because i can't find it in the database exploit of msf , can you help me ? According to the CVE database there is no module within Metasploit related to 2017-3167. You would need to design your own exploit for it at this time. Feel free to write your own and ...

Make Your Own Ransomware
By:
January 1, 2016

Hi guys, I recently wrote an article for my blog about a new service that lets you create your own ransomware. Due to Cybrary policies, this article was rejected from Cybrary OP3N, but I still think it would be interesting to some people, so I will write about it here. A new type of ransomware is being freely distributed on ...