0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Tutorial: How to Use SQLMAP
By: Kevin Mark
September 1, 2015

 Hello and welcome to another tutorial,You may have read my other contributions on Cybrary. If not, you should check them out: How to Manually Use SQL Injection with the UNION SELECT Method [Guide] How to Find Web-Based Vulnerabilities (Manually and with Tools)  As you might already know, SQL Injection is ...

Brakeing Down Security Podcast - Episode 2015-037
By: BrBr
August 31, 2015

https://brakeingsecurity.com/2015-037-making-patch-management-work Once you find a vulnerability, how do you handle patching it? Especially when devs have their own work to do, there are only so many man hours in a sprint or development cycle, and the patching process could take up a good majority of that if the vuln is particularly nasty.One method is to triage your patches, and ...

Using the Metasploit Database
By: Johan Grotherus
August 28, 2015

The Metasploit database is a good way of keeping track of the things you get your hands on during a penetration test. The database can hold things like hosts, services, usernames and passwords. One particular useful feature of the Metasploit database is the integration it has with Nmap. You can utilize Nmap scans from within Metasploit and ...

Tutorial: Setting up an "Evil Twin" Access Point
By: Kevin Mark
August 27, 2015

Hello and welcome to this tutorial, This time, we're going to setup an ”Evil Twin.” Basically, an Evil Twin works to copy another access point and fool your target into connecting to it. However, people aren’t oblivious and will choose the wireless with a strongest connection. We can and, we will, fix that in ...

Secrets of Magic Called "Ping"
By: Falko
August 27, 2015

Many...no, all (yeah, I'm an optimist) administrators know what Ping is. They also know about its usage.Basic usage of the Ping utility is for discovering and reaching devices in network.Let's sum up what we already know about Ping. If it says us "unreachable," we did something wrong or we're derailed thanks to a firewall preventing us from pinging our ...

Compound Security Strategy (CSS)
By: Grnd D3sk Hck3r
August 27, 2015

Using the socratic method « knowledge is inside you », we will make this course not as a outpouring of knowledge but a process of queries and inquiries that lead to answers through the power of imagination and intuition. Think and grow wise thus unquoting Napoeleon HILL. Any effective CSS must have these very three interrelated elements ...

Use GPU to Speed Up WPA/WPA2 Password Cracking
By: darkangel4
August 27, 2015

There are many ways to crack a WPA/WPA2 password. We all know that a GPU (Graphic Processing Unit) is way faster than a CPU in terms of computation. So, we'll use the power of GPU to speed up WPA/WPA2 cracking.The tools used will be (available for both windows and Linux.) Aircrack-ng ...

What are the Next Generation Firewalls?
By: Mario
August 26, 2015

[udesigniconfont name="fa fa-user"] Contribution Credit: @mrsn82 We've all heard about firewalls, whether in our home computers with does terrible balloons which tells us that our computer is at risk or in the company where we work and have blocked access to internet when trying to get into our social networks to see the photos of our ...

Network Time Protocol (NTP)
By: Falko
August 25, 2015

NTP and Its Function There are many network services running silently and without any interaction. One of them is the NTP (Network Time Protocol) service. Many often forget how important this protocol is.  What is NTP? In the most basic description, NTP is a networking protocol that helps us keep the time up-to-date. However. its' importance ...

Recommended: TrueCrypt Replacement in Kali Linux (2.0, 64 Bit Version)
By: rubins
August 24, 2015

As I installed the latest release of Kali Linux 2.0, 64 Bit, I found out that it's no longer pre installed with TrueCrypt. I need TrueCrypt to open my 200 GB encrypted volume using four keyfiles.To continuously use an encrypted volume created from TrueCrypt, I recommend to try using VeraCrypt instead. I've tested this and it normally runs similarly ...