0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Understanding the Metasploit Framework
By: S-Connect
October 29, 2015

Finally, you're here. Before we step in, I'd like to clear up this misconception about Metasploit: Metasploit is not a tool or software; it’s a ‘Framework.’ Let's start begin: Architecture   Library REX Basic Library for most tasks Handles sockets, protocols, text transformation and others SSL, SMB, HTTP, XOR, Base64, Unicode   Msf: Core Provides the ...

NoobSec Toolkit v2: MAC Address spoofing for Anonymity and Security
By: Krintoxi
October 29, 2015

Hello, today i will be showing you a small guide to using the NoobSecToolkit tool to Spoof the MAC Address of your device for Anonymity ,Security, and confidentiality reasons. When Nick meets Mack! Every NIC has a hardware address that's known as a MAC, for Media Access Control. Where IP addresses are associated with ...

A Closer Look at Malware
By: Dr3AMCoDeR
October 29, 2015

In this discussion, I'd like to talk little more about Malware in detail. I hope that this short tutorial is useful for you. I'm not going to tell you what Malware is and how to make it, because (almost) all of you know that Malware is malicious software and that it's created with advanced programming techniques.The main difference between ...

The Essential Subnetting Cheat Sheet
By: SniperCS2
October 28, 2015

While studying for CCNA many years ago, I created this document to assist me with subnetting.  Hope you find this information helpful.   Address Space - 32 bit IPV4   11111111 11111111 11111111 ...

Tutorial: A3 Cross-Site Scripting (XSS)
By: bestiaNXN
October 28, 2015

Info Sec Institute runs a great site to learn how to hack websites. It's called Practical Website Hacking ( https://ctf.infosecinstitute.com/ctf2/exercises/ex1.php ) and best of all, it's free. Spoiler alert: This is the solution to the Level 1 challenge. The vulnerability identified at the bottom of the page is A3 Cross-Site Scripting (XSS). The A3 Cross-Site Scripting ...

Application Analysis and Reverse Engineering
By: jsec1
October 27, 2015

Basics First, I'll begin with the basics. Most applications consist of a Graphical User Interface or GUI, Middle-ware and or integrated logic and a database. These are the key components to being able to understand any application and how it functions. These components also can be combined on either a single workstation/server or split up in to two ...

Cryptography Mindset: Be Unpredictable
By: Dr3AMCoDeR
October 27, 2015

Software developers and security experts all over the world are trying to design robust applications, which contain beautiful and intuitive interfaces. They also prioritize making extended and stable functionalities. But, most of all, they try to make the most secure communication between the applications and services, because the information that is transmitted in the internet is usually exposed to attacks that ...

Online Security Essentials - From Secure Browsing to Web Exploitations
By: Dr3AMCoDeR
October 27, 2015

We live in a world where technology changes every day. Many new things are developed, and we use technology in various ways that make our life easier. Technology connects us and helps us, but also exposes our identity, privacy and confidential data, which can be a bad thing for us and our future.In this short tutorial, I'll explain online ...

[podcast] WMI, WBEM, and enterprise asset management
By: BrBr
October 26, 2015

WMI (Windows Management Instrumentation) has been a part of the Windows Operating system since Windows 95. With it, you can make queries about information on hosts, locally and even remotely.Why are we talking about it? Its use in the enterprise and by admins is rarely used, but use in moving laterally by bad actors is growing. It's highly versatile, able ...

Help Our Android App!!
By: ryan c
October 26, 2015

Hello Cybrarians,I hope you all had a great weekend!Many of you know that Two weeks ago, we launched our Android Application, which is available here  https://play.google.com/store/apps/details?id=com.cybrary.app I would like to ask for your help in getting the word out about our App. If you would be willing to submit our App to App Featuring Websites like Product Hunt (www.producthunt.com) and ...