0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
Hi Pentesters, while pursuing the course on Ethical Hacking and Penetration Testing , we often feel the need to have our own pentesting lab to practice all the stuff we're learning during the course. I am no exception, so I began searching for a way I could do this. After gathering some info, I found a way and wanted ...
Security Operations Centers are essential part for dealing with cyber security threats where enterprise information systems are monitored, assessed and defended. SIEM (Security Information and Event Management), which is a combination of SIM (Security Information Management) and SEM (Security Event Management) provides near real-time analysis of security alerts generated by network hardware and applications.Different vendors provide different solutions and ...
Hello, this is a short guide on how to use the Python Scripting language to facilitate Tasks in Linux. I'll start by giving a small overview on what Python is:According to Wikipedia," Python is a widely used general-purpose, high-level programming language . Its design philosophy emphasizes code readability, and its syntax ...
Given we're a cyber security education company, we like to preach (maybe too much at times) about how darn important security awareness training for employees really is. So, we thought we'd share the hideously ugly lesson that internet authority company, ICANN, learned about security awareness not too long ago. Reliving the ICANN Phishing Hack: Phishing is ...
Please note: some of the backslahes ( \ ) in the coding below may have been removed by the WordPress program. When you press enter, the program doesn't just run. There's an order of operations that takes place. Understanding this order can keep you from making some pretty big mistakes. Let's take a command and break apart what ...
I. Abstract A Security Operations Center (SOC) is an important facility for any organization that wants to address security threats, vulnerability, assessment and management. There are baselines in existence that addresses few of the security aspects, but a complete framework combining people, process and technology currently is not up to the high standards (Jacobs, Arnab & Irwin 2013). ...
SQL Injection: SQL injection is a code injection technique, used to attack data-driven applications in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). Types : [-]Error based[-]Blind based [1]Error based: In error based we used error through-ed ...
SSH (Secure Shell) is a protocol that allows two devices exchange data with each other security in an encrypted format, hence protecting the data being transmitted. It usually uses Port 22 for all communications. For example, if you were to connect to a remote server, then there's no guarantee that your username and password would be transmitted in secure ...
Traffic capture, which also is referred to as packet capture, is one activity of Penetration Testing (pentesting)*. Pentesting allows the pinpointing of vulnerabilities on a network and provides identification of suspicious packets moving across the network. Being able to Identify routine network traffic is also valuable because it provides a look at how ...
You know those times where you took an exam without studying, and still did well? We hate to break it to you, but those times don't exist in the Infosec world. Sure, you may have one or two baby Einsteins who can sit through a five-day bootcamp ...