0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
Perhaps it is somewhat shocking that hundreds of thousands of people are learning hacking, for free on Cybrary. However, there are several very good reasons for this free cyber security learning revolution.A fundamental change in the way cyber security is taught and learned, is upon us. Together, the Cybrary team, and each of our Members, are making this change happen, ...
Many of the beliefs we have around what constitutes a “good” password are created by what default policies in software such as Microsoft teach us.We are led to believe that a minimum length of 8 characters, a good mixture of UPPER and lower-case, numbers and uncommon (i.e. $@#&!) characters automatically make a good password.Many Systems Administrators ...
Introduction from the Programmer - This program is a simple program for the employees payment from the logistics section.We suppose that the currency is in Euro and we dont focus on how the national tax system ison 40 Euro or in 100 Euro.Its a typical example to understand how programming is getting done with a languagelike Pascal. ...
In my first tutorial I demonstrated the basic usage of the Metasploit database. This included how to use nmap from within the Metasploit console, importing nmap scans and also how to display information in it.Now we will look a bit deeper in what possibilities the Metasploit database can provide, and also see how it looks when importing database from other ...
The Internet is complex system composed of many different protocols and implementations. Sometimes, it's very buggy. It contains many poorly documented devices and operators that are implementing policies that aren't well measurable. Often, measured data isn't perfect, partial, not friendly, etc. Further, understanding such data is difficult and requires some skills and practice. Generally, any task related to data ...
Hola amigos... Aim: To crack a WPA2-psk encrypted WiFi password using Aircrack-ng.Requirements: If you're using a Kali Linux in VMware or other virtual machines, then you need to get a compatible USB WiFi receiver (I'm using an Atheros AR9271 wireless network adapter), because WiFi connections don't show up in virtual machines. Instead, they show those connections ...
// Hey guys, today, I will give you a brief introduction to buffer overflows on Linux x8664 machines.// So, let's start with a basic example in C:_______// First some standard includes, you should now them...#include#include#include// we create a vulnerable functionint vulnFunction(int a, int b){// it creates a buffer with a size of 128 bytes! Yes, 128 not 125; it ...
Hello and welcome to another tutorial,You may have read my other contributions on Cybrary. If not, you should check them out: How to Manually Use SQL Injection with the UNION SELECT Method [Guide] How to Find Web-Based Vulnerabilities (Manually and with Tools) As you might already know, SQL Injection is ...
https://brakeingsecurity.com/2015-037-making-patch-management-work Once you find a vulnerability, how do you handle patching it? Especially when devs have their own work to do, there are only so many man hours in a sprint or development cycle, and the patching process could take up a good majority of that if the vuln is particularly nasty.One method is to triage your patches, and ...
The Metasploit database is a good way of keeping track of the things you get your hands on during a penetration test. The database can hold things like hosts, services, usernames and passwords. One particular useful feature of the Metasploit database is the integration it has with Nmap. You can utilize Nmap scans from within Metasploit and ...