Cybrary’s Open Blog is a user contributed cyber security knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
Featuring tutorials, op-eds, research papers, user guides, cheat sheets, product reviews, official Cybrary posts, and more; The Open Blog provides the cyber security community a growing resource of content that can help professionals at all levels in their careers.
Cybrary | 0P3N
The Unconventional Guide to Network Security 1.1
Leveraging CompTIA’s list of Security+ Exam Objectives (http://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf), I’ll go through each element and provide examples. This article covers the first domain, Network Security (1.0), with its first sub-heading (1.1). The examples are not in any particular order, preference, or recommendation. They’re just quick and easily found examples. I have no affiliations with any of the co ...
Leveraging CompTIA’s list of Security+ Exam Objectives (http://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf), I’ll go through each element and provide examples. This article covers the first domain, Network Security (1.0), with its first sub-heading (1.1). The examples are not in any particular order, preference, or recommendation. They’re just quick and easily found examples. I have no affiliations with any of the co ...
Sicherheitssysteme und Applikationen:
All-in-one Security Appliance – Modulares System, mit verschiedenen Sicherheitslösungen:
1. IPS – intrusion protection system, schützt vor großformatige Angriffe
2. IDS – intrusion detection system, identifiziert Angriffe durch Angriffsmuster
Host-basiert: auf jedem Rechner installiert
Ne ...
Skills:
Verstehen wie Computer arbeiten, sicherer Umgang mit verschiedenen OS, Hardwarevorausetzungen der OS kennen, Kommunikation mit anderen Sicherheitsspezialisten
Klassifikationen:
Black Hat Hackers: kriminelle, auf persönlichen Profit aus
Grey Hat Hackers: Mischung aus ...
PowerShell Exploit Using SEToolkit
PowerShell Exploit Using SEToolkit In this tutorial, I’m going to show you how you can compromise any Windows computer that has PowerShell installed on it. The scope of this tutorial is to: Show you how to open a Meterpreter session on a victim’s computer. Help you understand what’s happening with the code, so that you can bump your knowledge level up and hopefully get yourself out of Script Kiddie status. Help you understand how to protect/defend your sy ...
PowerShell Exploit Using SEToolkit In this tutorial, I’m going to show you how you can compromise any Windows computer that has PowerShell installed on it. The scope of this tutorial is to: Show you how to open a Meterpreter session on a victim’s computer. Help you understand what’s happening with the code, so that you can bump your knowledge level up and hopefully get yourself out of Script Kiddie status. Help you understand how to protect/defend your sy ...
5 Elements to Explore in Metasploit Basics
Hi once again, In this security article, I’ll define the framework of Metasploit. We’ll cover following topics (there are many more of them and we’ll cover them in my next article): What is Metasploit? What Can We Do with It? Understanding Metasploit CLI Commands and Exploit Attacks Armitage 1. What is Metasploit? Metasploit is software that works with hardware to find additional vulnerabilities and aids in figuring out the kinds of machines our victim/ ...
Hi once again, In this security article, I’ll define the framework of Metasploit. We’ll cover following topics (there are many more of them and we’ll cover them in my next article): What is Metasploit? What Can We Do with It? Understanding Metasploit CLI Commands and Exploit Attacks Armitage 1. What is Metasploit? Metasploit is software that works with hardware to find additional vulnerabilities and aids in figuring out the kinds of machines our victim/ ...
What is Ransomware?
Ransomware is a generic term for a family of malware, which, once active on your systems, searches for documents and pictures then encrypts them. Once encrypted the malware leaves a note with instructions on how to pay the attacker to receive a key allowing decryption of your files. These tools encrypt not only your local ...
As a volunteer with a cyber crime-non profit, I’ve recently worked a case involving fraud.
I’d like to share the following techniques to avoid fraud from electronic media, such as social media and email. And, the same information can also apply to in-person, phone or mail solicitations.
First of all, if it sounds too good t ...
Xpath Injection (Final)
1. Testing and confirming Xpathi Testing for Xpath and confirming are the most important parts. Most of us, and specially the readers of securityidiots, see SQLi everywhere and anywhere they find an error – even if the error is a Conversional Error, Internal Error or Programming Error. Sometimes, people assume that getting blocked by WAF upon typing “Union Select” means it’s vulnerable to SQLi. When we see an input field, the first thing we’ll d ...
1. Testing and confirming Xpathi Testing for Xpath and confirming are the most important parts. Most of us, and specially the readers of securityidiots, see SQLi everywhere and anywhere they find an error – even if the error is a Conversional Error, Internal Error or Programming Error. Sometimes, people assume that getting blocked by WAF upon typing “Union Select” means it’s vulnerable to SQLi. When we see an input field, the first thing we’ll d ...
