0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Same-Site Scripting: The Lesser-Known Vulnerability
By: vinothpkumar
February 9, 2016

Hi Readers,It's quite possible that a sub-domain has a "loop back" address, i.e. Many security researchers and developers may not be aware of this lesser-known vulnerability.Imagine a scenario where a user has to access "subdomain.example.com". If the sub domain is configured with address and, if the user is already running a service on their localhost (Eg. Xamp/Wamp ...

The Complete Alphabetical List of Kali Linux Commands
By: Harold Finch
February 9, 2016

The Complete Alphabetical List of Kali Linux Commands   a apropos Search Help manual pages (man -k) apt-get Search for and install software packages (Debian) aptitude Search for and install ...

Basic Hacking with Firefox (Part 2): Data Intercepting
By: Hacker542
February 9, 2016

In Part 1 , we saw how to view and collect different information about websites using HttpFox, User-Agent Switcher, RefControl. In this session, we'll learn how to use this information to exploit and perform a simple hack of a website.The basic aim is to intercept the data to hack the websites using different tools and extensions of the ...

Social Engineering Targets People Rather than Computer Systems
By: ruparaj
February 9, 2016

Today, social engineering attacks can happen through electronic means such as email, websites etc. and in person (the old-fashioned way).  In-Person Approaches In-person social engineering attacks could include an attacker impersonating co-workers, police, financial authorities, insurance investigators etc. The social engineer might ask the target for important information, like passwords. "The finance manager asked ...

A Quick Breakdown of the OSI Model Layers and Services
By: Wings
February 9, 2016

Open System Interconnection (OSI) is a protocol and set of rules for communication.In order to get data over the network - such as an email from your computer to some computer at the other end of the world - lots of different hardware and software needs to work together.All these pieces of hardware and the different software programs speak ...

Intro to Win64 Assembly and Process Dumping
By: current_user
February 4, 2016

Recently I've checked out the "Intro to Malware Analysis and Reverse Engineering" course by Sean Pierce. Inspired by his contribution and taking a rest from my current activities, I also decided to share something with you. What I noticed is that Sean references rather outdated tools in his videos. Windows XP? Really? Well, it's a pretty good debugger, I can't ...

Windows 8/8.1 Password Reset with a Windows 8/8.1 DVD and CMD
By: Pieter J.
February 4, 2016

Today I'd like to share what I have learned in a in a sticky situation. I was busy with a customer's laptop and it turned off due to a low battery. When I turned it back on after connecting the charger, I discovered the laptop had a password, which I forgot to ask the customer for. So, following ...

[podcast] Dropbox Chief of Trust and Security Patrick Heim!
By: BrBr
February 1, 2016

[caption id="" align="alignnone" width="478"] Patrick Heim, Chief of Security and Trust at Dropbox[/caption]Brakeing Down#Security had the pleasure of having Patrick Heim join us to discuss a number of topics. What stops many traditional#companies from moving into #cloud based operations? What hurdles do they face, and what are some pitfalls that can hamper a successful #migration?We touched briefly on#BYOD ...

Encrypting the Net: Use "Let’s Encrypt" SSL to Set Up Secure Website Traffic
By: Krintoxi
February 1, 2016

Hello,This guide comes out of inspiration from the Course offered here not too long ago: SSL Traffic: The Cyber Criminal’s Best Friend Instructed By Darrin Coulson. I'll start with a bit of basic background knowledge you should have on what SSL (Secure Sockets Layer) Encryption is, and how it benefits us. SSL (Secure Sockets Layer) is ...

Kali Linux Command Lines Part 3 – Working with Files
By: bjacharya
February 1, 2016

Welcome to Kali Linux Command Lines - Part 3. Here, I'll show you the commands for files to work in Kali Linux. This article is absolutely for BEGINNERS, but as we move on with upcoming parts, we'll see much more complex and advanced commands to work in Kali. Note : Video Demo/Lab for this part is available here ...