0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Comprehensive PowerShell Tutorial
By: nginIzz
February 24, 2016

First, a look at some code: Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010 $header = "<style type='text/css'>n" + "td { width: 200px }n" + "th { text-align: left }n" + "</style>"$d = get-date$nondefault = Get-Mailbox -Database 'Mailbox Db0' | Where-Object {$_.UseDatabaseQuotaDefaults -ne $true} | Select-Object Name,  IssueWarningQuota, ProhibitSendQuota | ConvertTo-html -Title "Mailboxes in Mailbox DB2" -Head $header$emailFrom = ...

Two-Factor Authentication for Online Banking
By: Yash8878
February 24, 2016

This my first post, so I'll start with a serious issue in our day-to-day lives. I'm posting for the purpose of awareness.Millions of people use online services every day. It's crucial that systems prevent users from accessing each other's information. So, they need ways of uniquely identifying each user that prevent users from impersonating each other. This is called ...

How to Translate IP Addresses by Hand
By: Rattar
February 24, 2016

Hey Guys,As promised, I'll describe a way to translate IP's by hand. I'll continue to write more articles about this subject as long as people are interested. What will we learn? You'll learn how to translate IP's (original v4 format), which consists of 4 decimal octets to a 1 decimal octet.  What materials do you need? -1 Pencil-1 Paper-Google Chrome ...

PowerShell: Testing Connectivity of Multiple Workstations on Your Network
By: airmanlacy
February 24, 2016

If you're tasked with pinging a huge list of workstations, look no further. Gone are the days where we must keyboard cram in the command prompt to test connectivity.First off, let's get you started with PowerShell. PowerShell is a free program offered by Microsoft and it's basically a command prompt on steroids.It's easy to find and easy to download. ...

[podcast] Pentesting and Defending a Mainframe and Mainframe Security
By: BrBr
February 24, 2016

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3[/embed]This week's super-sized episode is brought to us thanks to previous guest Cheryl Biswas. You might remember her from our "Shadow IT" ( http:/brakeingsecurity.com/2015-048-the-rise-of-the-shadow-it ) podcast a few months ago. She reached out to us to see if we were interested in doing a podcast on mainframe security with her and a couple of gentlemen that were not unknown to us.Of course ...

Kali Linux Command Lines Part 4 – Man Pages
By: bjacharya
February 23, 2016

Welcome to Kali Linux Command Lines – Part 4. This part will explain the use of Man pages ( also called Manual Pages ) on your Unix or Linux computer. I'll talk about related commands like ' whereis ' & ' whatis '. Man pages can be used to know the use of tools or how to use tools. ...

FCC Rules May Prevent Installing Alternative Software
By: xyberdanpl
February 22, 2016

Where's the honesty? New FCC rules may prevent installing alternative software e.g. OpenWrt/Gargoyle, Tomato on some routers. In Europe, it does not apply. However, companies such as tp-link goes to the sitter and all the utensils for the global market will have this limitation.Many stock firmwares e.g. tp-link and others are insecure and do not allow the ...

Secure Your WiFi in 7 Steps
By: Hemang Doshi
February 22, 2016

Secure Your WiFi in 7 Steps If the first question that comes to mind after reading the topic of this post is ‘Why do I need to secure my WiFi?’, then read on...  What are the risks of using an unsecured wireless network? In simple language, it's like going for a trip without locking ...

Script: Install OpenVAS 8, DB Redis and Debian 8.1 (Jessie) x86_64
By: Mauro Risonho de Paula Assumpção
February 22, 2016

OpenVAS (Open Vulnerability Assessment System, the name of the fork originally known as GNessUs) is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution. All OpenVAS products are Free Software. Most components are licensed under the GPL. The latest version is 8.0, released April 2015. - Source:Wikipedia  #Script install OpenVAS 8, DB Redis ...

A Few Tricks to Manually Pentest a Website (Without Any Tools)
By: Dr3AMCoDeR
February 22, 2016

Dear Cybrary Readers,First, I'd like to say "Thank you" for your enormous support in following and reading my articles. I'll be happy to continue writing new articles related to IT security.Many people have asked me to concisely explain what happens "under the hood" while a pentester is testing a website. You should know that many things happen, on many levels, over a ...