0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

9 Surprisingly Prevalent Social Engineering Techniques
June 26, 2015

This article will illustrate 9 surprisingly prevalent techniques used by attackers to carry out social engineering offenses.   Human-Based and Computer-Based Social Engineering   1. Impersonation: “An impersonation attack is an attack in which an adversary successfully assumes the identity of one of the legitimate parties in a system or in a communications protocol” (Encyclopaedia ...

A Method for Bypassing Keystroke Recognition Based Security System Using Social Engineering
By: xc0de
June 25, 2015

A Method for Bypassing Keystroke Recognition Based Security Systems Using Social Engineering Abstract: In this paper, we aim to use the power of Social Engineering to bypass a Keystroke Recognition based authentication system. We have designed a virtual chat system (basically a chat bot), coded in Python , which performs the ...

Reset Windows Passwords with Kali Linux
By: fr4nc1stein
June 24, 2015

Reset Your Windows Password Using Kali Linux Hello Cybrary members.Here I am again to talk about Passwords for Windows 7 or any version of Windows. Sometimes, we forget our password, or we want to reset the Windows password for a friend, officemate or anyone's laptop in legal way.  Today, I'm am going to teach ...

Why Isn't That Course Live Yet?!
By: klowe
June 23, 2015

We get it. We truly do. We're JUST as excited about our new classes as you. We understand the anticipation, the anxiousness and the frustration. You joined Cybrary just fo r Malware Analysis . You refresh the Metasploit course page daily.  We get it, because we created ...

Tutorial: Using SSLSTRIP in a "Man in the Middle" Attack
By: fr4nc1stein
June 23, 2015

SSLSTRIP in a Man in the Middle Attack  Hello guys,In this tutorial, I'm going to teach you how to use a SSLSTRIP via the Kali OS.We'll use SSLSTRIP for sniff or steal password in a Target PC via LAN (Local Area Network). SSLSTRIP is known in hijacking HTTP traffic on a network. ...

CompTIA Security+ Certification, Evolution and Innovation for Sustained Relevancy
By: ryan c
June 23, 2015

Many companies, throughout the years, have failed because they failed to innovate and change. Many great market leaders, like Kodak, even held in their hands the future of their industry, and still refused to embrace it. Change is always difficult for someone of something in a position where status quo is providing awesome returns. It takes courage to innovate, and ...

2 Key Elements of Your Info Sec Job Search
By: DocGreenBanner
June 22, 2015

This is a primer for new job seekers and a refresher for seasoned job seekers.  People often ask, " How do I find and get Info Sec jobs? "This document will: identify online and offline job sources provide key elements of a good resume ...

The Role of Information Security Governance and Risk Management in the CISSP certification
By: Rachel Laura M
June 22, 2015

The Certified Information Systems Security Professional (CISSP) certification is a strong credential to have for professionals who have a mix of both technical and managerial experience as well as competence in designing, engineering and the overall management of security programs. Their knowledge helps protect company’s important and confidential information from the growing threat of cyber attacks. This certification is perfect ...

Launch a Web Application Bruteforce Using Burp Suite
By: fr4nc1stein
June 22, 2015

Hello to all Cybrary Members.This is my process on how to launch a bruteforce attack on any web application. Today, web applications are using a defense mechanism we called Authentication and using Login Pages. I'm going to teach you how this bruteforce attack by using a simple proxy tools.  Requirements: 1. Burp Suite ( click here to download )2. Worldlist ...

Tutorial: Evading Anti-Virus Software While Hacking
By: Akash Raghav M
June 22, 2015

Hello,When it comes to " hacking " into our target's system, where most of us all fail is evading their Anti-Virus (AV) .In this tutorial, I'll be teaching you various ways to actually by-pass the AV, so you can easily have a meterpreter session running into your target's system without the Anti-Virus flagging your software.AV software companies generally ...