0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.



Introduction from the Programmer - This program is a simple program for the employees payment from the logistics section.We suppose that the currency is in Euro and we dont focus on how the national tax system ison 40 Euro or in 100 Euro.Its a typical example to understand how programming is getting done with a languagelike Pascal. ...


In my first tutorial I demonstrated the basic usage of the Metasploit database. This included how to use nmap from within the Metasploit console, importing nmap scans and also how to display information in it.Now we will look a bit deeper in what possibilities the Metasploit database can provide, and also see how it looks when importing database from other ...


The Internet is complex system composed of many different protocols and implementations. Sometimes, it's very buggy. It contains many poorly documented devices and operators that are implementing policies that aren't well measurable. Often, measured data isn't perfect, partial, not friendly, etc. Further, understanding such data is difficult and requires some skills and practice. Generally, any task related to data ...


Hola amigos... Aim: To crack a WPA2-psk encrypted WiFi password using Aircrack-ng.Requirements: If you're using a Kali Linux in VMware or other virtual machines, then you need to get a compatible USB WiFi receiver (I'm using an Atheros AR9271 wireless network adapter), because WiFi connections don't show up in virtual machines. Instead, they show those connections ...


// Hey guys, today, I will give you a brief introduction to buffer overflows on Linux x8664 machines.// So, let's start with a basic example in C:_______// First some standard includes, you should now them...#include#include#include// we create a vulnerable functionint vulnFunction(int a, int b){// it creates a buffer with a size of 128 bytes! Yes, 128 not 125; it ...


Hello and welcome to another tutorial,You may have read my other contributions on Cybrary. If not, you should check them out: How to Manually Use SQL Injection with the UNION SELECT Method [Guide] How to Find Web-Based Vulnerabilities (Manually and with Tools) As you might already know, SQL Injection is ...


https://brakeingsecurity.com/2015-037-making-patch-management-work Once you find a vulnerability, how do you handle patching it? Especially when devs have their own work to do, there are only so many man hours in a sprint or development cycle, and the patching process could take up a good majority of that if the vuln is particularly nasty.One method is to triage your patches, and ...


The Metasploit database is a good way of keeping track of the things you get your hands on during a penetration test. The database can hold things like hosts, services, usernames and passwords. One particular useful feature of the Metasploit database is the integration it has with Nmap. You can utilize Nmap scans from within Metasploit and ...


Hello and welcome to this tutorial, This time, we're going to setup an ”Evil Twin.” Basically, an Evil Twin works to copy another access point and fool your target into connecting to it. However, people aren’t oblivious and will choose the wireless with a strongest connection. We can and, we will, fix that in ...


Many...no, all (yeah, I'm an optimist) administrators know what Ping is. They also know about its usage.Basic usage of the Ping utility is for discovering and reaching devices in network.Let's sum up what we already know about Ping. If it says us "unreachable," we did something wrong or we're derailed thanks to a firewall preventing us from pinging our ...