0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Tutorial: Setting up a Virtual Pentesting Lab at Home
By: KaalBhairav
September 21, 2015

Hi Pentesters, while pursuing the course on Ethical Hacking and Penetration Testing , we often feel the need to have our own pentesting lab to practice all the stuff we're learning during the course. I am no exception, so I began searching for a way I could do this. After gathering some info, I found a way and wanted ...

What You Should Know About SIEM
By: Zeeshan Alam
September 21, 2015

Security Operations Centers are essential part for dealing with cyber security threats where enterprise information systems are monitored, assessed and defended. SIEM (Security Information and Event Management), which is a combination of SIM (Security Information Management) and SEM (Security Event Management) provides near real-time analysis of security alerts generated by network hardware and applications.Different vendors provide different solutions and ...

Using Python to Facilitate Tasks in Linux
By: Krintoxi
September 21, 2015

Hello, this is a short guide on how to use the Python Scripting language to facilitate Tasks in Linux. I'll start by giving a small overview on what Python is:According to Wikipedia," Python is a widely used general-purpose, high-level programming language . Its design philosophy emphasizes code readability, and its syntax ...

Hacked Through Phishing: An Ugly Security Awareness Lesson Learned
By: ryan c
September 18, 2015

Given we're a cyber security education company, we like to preach (maybe too much at times) about how darn important  security awareness training for employees really is. So, we thought we'd share the hideously ugly lesson that internet authority company, ICANN, learned about security awareness not too long ago.  Reliving the ICANN Phishing Hack: Phishing is ...

What Really Happens When I Press Enter
By: The Steve
September 18, 2015

Please note: some of the backslahes ( \ ) in the coding below may have been removed by the WordPress program. When you press enter, the program doesn't just run. There's an order of operations that takes place. Understanding this order can keep you from making some pretty big mistakes. Let's take a command and break apart what ...

Best Practices for a Security Operations Center
By: Joshi
September 18, 2015

I. Abstract A Security Operations Center (SOC) is an important facility for any organization that wants to address security threats, vulnerability, assessment and management. There are baselines in existence that addresses few of the security aspects, but a complete framework combining people, process and technology currently is not up to the high standards (Jacobs, Arnab & Irwin 2013). ...

What You Should Know About SQL Injection
By: Rana Daniyal Khan
September 17, 2015

SQL Injection: SQL injection  is a code  injection  technique, used to attack data-driven applications in which malicious  SQL  statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). Types : [-]Error based[-]Blind based  [1]Error based: In error based we used error through-ed ...

Firewall Tunneling Using SSH and Putty
September 17, 2015

SSH (Secure Shell) is a protocol that allows two devices exchange data with each other security in an encrypted format, hence protecting the data being transmitted. It usually uses Port 22 for all communications. For example, if you were to connect to a remote server, then there's no guarantee that your username and password would be transmitted in secure ...

Understand These 4 Network Traffic Capture Tools
By: AliceA
September 16, 2015

Traffic capture, which also is referred to as packet capture, is one activity of Penetration Testing (pentesting)*. Pentesting allows the pinpointing of vulnerabilities on a network and provides identification of suspicious packets moving across the network. Being able to Identify routine network traffic is also valuable because it provides a look at how ...

Why Using Study Guides Make a Big Difference
By: klowe
September 16, 2015

You know those times where you took an exam without studying, and still did well? We hate to break it to you, but those times don't exist in the Infosec world.  Sure, you may have one or two baby Einsteins who can sit through a five-day bootcamp ...