0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.



Info Sec Institute runs a great site to learn how to hack websites. It's called Practical Website Hacking ( https://ctf.infosecinstitute.com/ctf2/exercises/ex1.php ) and best of all, it's free. Spoiler alert: This is the solution to the Level 1 challenge. The vulnerability identified at the bottom of the page is A3 Cross-Site Scripting (XSS). The A3 Cross-Site Scripting ...


Basics First, I'll begin with the basics. Most applications consist of a Graphical User Interface or GUI, Middle-ware and or integrated logic and a database. These are the key components to being able to understand any application and how it functions. These components also can be combined on either a single workstation/server or split up in to two ...


Software developers and security experts all over the world are trying to design robust applications, which contain beautiful and intuitive interfaces. They also prioritize making extended and stable functionalities. But, most of all, they try to make the most secure communication between the applications and services, because the information that is transmitted in the internet is usually exposed to attacks that ...


We live in a world where technology changes every day. Many new things are developed, and we use technology in various ways that make our life easier. Technology connects us and helps us, but also exposes our identity, privacy and confidential data, which can be a bad thing for us and our future.In this short tutorial, I'll explain online ...
![[podcast] WMI, WBEM, and enterprise asset management](https://images.ctfassets.net/kvf8rpi09wgk/3tpSXLMbs6D0bXlTw8UucK/2d648c6dd1981c3fca93f5c03ea36bc7/blog-default.jpg?w=800&fm=webp)

WMI (Windows Management Instrumentation) has been a part of the Windows Operating system since Windows 95. With it, you can make queries about information on hosts, locally and even remotely.Why are we talking about it? Its use in the enterprise and by admins is rarely used, but use in moving laterally by bad actors is growing. It's highly versatile, able ...


Hello Cybrarians,I hope you all had a great weekend!Many of you know that Two weeks ago, we launched our Android Application, which is available here https://play.google.com/store/apps/details?id=com.cybrary.app I would like to ask for your help in getting the word out about our App. If you would be willing to submit our App to App Featuring Websites like Product Hunt (www.producthunt.com) and ...


Hello,Today I'll be showing you how to enhance your Linux Security and facilitate basic penetration testing!To do this, we'll use an open tool called NoobSecToolkit. The toolkit comes built with the following options: Toolkit Options (sqli)SQL Injector (Tests web urls for SQLI) (vulscan) Vulnerability Scanner (Scans for Vulnerabilities in a Network) (dinfo) ...


Want to show off to your friends - displaying that you're a super programmer even if you may not know anything about computers? You won't find this information on Wikipedia, so read on! Hey guys! Andy here, with another fun guide!All you need is a web browser. I suggest ...


[one_half]We’ve toiled and wracked our brains trying to figure out what to call our members, but nothing ever seemed good enough. Trying to explain who our global community is in just a name is trickier than it seems. Now you get the chance to voice your opinion. What do you want to be called? Let us know which of the ...


Do you have one password for all your devices? Do you have 100 passwords and sometimes forget them? Do you have trouble remembering passwords? Do you write your passwords on notecards or post-it notes? If you answered yes to any of these questions, then you should read this post. If not, read it anyway, as it may offer ...