0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
Hello and welcome to another one of my contributions. This time, we're going to focus on how to discover web application vulnerabilities. If you haven't read my last contribution into how to manually perform SQL Injection, I recommend you to do that after reading this. It's easy to have a tool actually do stuff for you, but you ...
Social Engineering Toolkit (SETOOLKIT) Credential Harvester using Kali There's a 2 types of Social Engineering Attack a Human Based and Computer Based, this time we are going to use Computer Based Attack using very good tools in performing Social Engineering Attacks.Requirements: 1. An Active Internet Connect. 2. Kali Linux ( Download ) Overview ...
This is not shared with you so that you'll go out now and do something illegal. I want you to read this and learn to actually train and do this on your own or use with others that have given you a thumbs up to try it out. Hello to all of you and welcome ...
Hello and welcome to this tutorial,As you can read in the title, we're going to perform a 'Man in the Middle Attack' using Ettercap, dSniff tools and of course, my favorite, Wireshark. Just to let you know, I've performed this attack on a my Mac. For you guys that are using backbox, Kali or others, load up your terminal ...
Network Security 1.2 Based on CompTIA’s list of Security + exam objectives (their PDF list of domains is found here: https://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf ), I’ll go through each one, giving examples and details where possible, so you know better what each listed item means, does and looks like. The examples are not ...
Updated October 2018 Regarding, end-user security, the term PII is commonly referenced. PII, or Personally Identifiable Information, consists of data that can allow an individual to trace and/or contact another person. This type of information may indicate an individual's name, address, the type of car a person owns, credit card numbers, the names of family members, email addresses, telephone ...
The problem with passwords is that humans are inherently lazy (hey, me too!) and Security Admins are apparently a special kind of sadist when they think users can remember an insane combination of 1337 and binary. In reality, complex password requirements traditionally lead to greater security risks because users find new ways of cheating to remember their passwords. Whether ...
Using PsTools: With PsTools, there are a number of different utilities included. The two I'll focus on are: PsExec and PsShutdown. The rest are useful, too, and you can apply these techniques and batch files to them fairly easily. PsExec is used to execute remove cmd commands or processes on domain connected servers or workstations. I ...
The moment you think you know something about security, you realize you don’t know anything! I'll discuss my experience pursuing a CCNA certificate and a Security + certificate. The Beginning In 2011, I began learning about networking through free classes in San Diego's community college continuing education programs. I started with ...
Security Awareness Training has migrated from a "nice to have" security function within an organization, to now, a "must have." In fact, more quickly than ever, companies of all sizes and industries are integrating security awareness training into their required learning for all employees. It's now a matter of simply being irresponsible if your organization doesn't have a course.One ...