Tech Skills

Cybersecurity

Ethical hacking, penetration testing, network security, CTFs and defensive security

17,929
lessons
Skills in this topic
View full skill map →
Security Basics
beginner
Fix OWASP top 10 vulnerabilities
AI Security
intermediate
Identify and patch prompt injection vulnerabilities
Network Security
intermediate
Configure a firewall with proper inbound/outbound rules
Ethical Hacking & Pen Testing
intermediate
Conduct a full pen test with Kali Linux
Cloud Security
intermediate
Implement IAM least-privilege policies on AWS/GCP
Incident Response
intermediate
Build an incident response playbook
Security Compliance
intermediate
Map controls for SOC 2 Type II compliance
Defensive AI
advanced
Build an AI-powered log anomaly detector
All Reads (11,023) Articles (5460)Blog Posts (4293)Tutorials (395)Research Papers (34)News (841)
The Internet’s Dirty Little Secret: Anyone Can Investigate Anyone — and Here Are 20 Free Tools to…
Medium · Programming 🔐 Cybersecurity ⚡ AI Lesson 1h ago
The Internet’s Dirty Little Secret: Anyone Can Investigate Anyone — and Here Are 20 Free Tools to…
What spies, FBI agents, and your nosy neighbor all have in common — and how you can join the club for $0. Continue reading on InfoSec Write-ups »
The Internet’s Dirty Little Secret: Anyone Can Investigate Anyone — and Here Are 20 Free Tools to…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 1h ago
The Internet’s Dirty Little Secret: Anyone Can Investigate Anyone — and Here Are 20 Free Tools to…
What spies, FBI agents, and your nosy neighbor all have in common — and how you can join the club for $0. Continue reading on InfoSec Write-ups »
Website Defacement Attack Simulation in a Virtual Lab: Understanding the Risks and Defenses
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3h ago
Website Defacement Attack Simulation in a Virtual Lab: Understanding the Risks and Defenses
A hands-on cybersecurity lab demonstrating how website defacement can occur in a controlled VirtualBox environment and the security… Continue reading on Medium
The Internet Has a Hidden Side: 5 Cyber Intelligence Tools Security Experts Use to Spot Threats…
Medium · Programming 🔐 Cybersecurity ⚡ AI Lesson 3h ago
The Internet Has a Hidden Side: 5 Cyber Intelligence Tools Security Experts Use to Spot Threats…
What Google Can’t See Could Already Know Your Password Continue reading on Medium »
The Internet Has a Hidden Side: 5 Cyber Intelligence Tools Security Experts Use to Spot Threats…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3h ago
The Internet Has a Hidden Side: 5 Cyber Intelligence Tools Security Experts Use to Spot Threats…
What Google Can’t See Could Already Know Your Password Continue reading on Medium »
CAP (HackTheBox Easy Machine)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 5h ago
CAP (HackTheBox Easy Machine)
How I pwned HackTheBox Cap using IDOR and a Python privilege escalation Continue reading on Medium »
Necropolis C2: decentralised command and control mesh network.
Medium · Programming 🔐 Cybersecurity ⚡ AI Lesson 5h ago
Necropolis C2: decentralised command and control mesh network.
Necropolis is a fork of the original Arachne command-and-control (C2) system. Arachne used the libp2p protocol, pairing a distributed hash… Continue reading on
Necropolis C2: decentralised command and control mesh network.
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 5h ago
Necropolis C2: decentralised command and control mesh network.
Necropolis is a fork of the original Arachne command-and-control (C2) system. Arachne used the libp2p protocol, pairing a distributed hash… Continue reading on
Dev.to AI 🔐 Cybersecurity ⚡ AI Lesson 6h ago
Mullvad vs ProtonVPN for Privacy-Focused Users 2026: Honest Comparison
What if I told you the "loser" of this comparison is still better than 95% of the VPNs you'll see plastered across YouTube sponsor slots? Because that's basical
TryHackMe — Corridor CTF Writeup
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 7h ago
TryHackMe — Corridor CTF Writeup
hi guys, aryan here! Continue reading on MeetCyber »
Ten signs that your business has been hacked
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 7h ago
Ten signs that your business has been hacked
NetworkTigers on what to look out for if you think your business has been hacked. First published December 3, 2022, on NetworkTigers News. Continue reading on M
Hashing, encoding, and encryption are three different jobs, and Security+ catches you when you mix them up
Dev.to · TiltedLunar123 🔐 Cybersecurity ⚡ AI Lesson 8h ago
Hashing, encoding, and encryption are three different jobs, and Security+ catches you when you mix them up
A lot of people walk into the SY0-701 exam able to recite that AES is symmetric and SHA-256 is a...
Dev.to AI 🔐 Cybersecurity ⚡ AI Lesson 8h ago
FBI Disrupts Botnet While Web3 Builders Drive Innovation Amidst Bearish Sentiment
🔗 Live Dashboard: autonomous-portfolio-2026.live 📢 Telegram: t.me/AII2026futher Today's Headlines BTC holds $63,144 (+1.0% 24h) and ETH $1,783.03 (+1.6% 24h)
The open source AI pentest tools worth knowing in 2026
Dev.to · Mehdi BOUTAYEB 🔐 Cybersecurity ⚡ AI Lesson 9h ago
The open source AI pentest tools worth knowing in 2026
Disclosure: I work on Darkmoon, one entry in this list. This is a neutral survey of the open source...
Autonomous pentesting against Active Directory, without the black box
Dev.to · Mehdi BOUTAYEB 🔐 Cybersecurity ⚡ AI Lesson 9h ago
Autonomous pentesting against Active Directory, without the black box
Active Directory is where most internal compromises happen and where most AI tools give up. Darkmoon...
Pentera alternatives in 2026, including the open source options
Dev.to · Mehdi BOUTAYEB 🔐 Cybersecurity ⚡ AI Lesson 9h ago
Pentera alternatives in 2026, including the open source options
Disclosure: I work on Darkmoon, one of the tools below. Pentera is a mature, enterprise grade...
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 9h ago
Analyzing DVWA Web Attacks Inside Wazuh SIEM
It covers simulating web application attacks against Damn Vulnerable Web Application (DVWA) and analyzing the resulting telemetry within… Continue reading on Me
What I Learned in My First 6 Months as a Junior Penetration Tester
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 9h ago
What I Learned in My First 6 Months as a Junior Penetration Tester
Hello everyone! My name is Arfat Khan, and I run a YouTube channel called Arfi Tutorials. Continue reading on System Weakness »
US government body paid $1M to hackers who never locked a single file
The Next Web AI 🔐 Cybersecurity ⚡ AI Lesson 9h ago
US government body paid $1M to hackers who never locked a single file
A US government entity paid around $1m to stop stolen files from being published, according to a case study by researcher Rakesh Krishnan for Ransom-ISAC. The a
Built an AI-Powered WAF for PHP/Laravel Apps in Africa — Here’s What It Catches
Dev.to · Nchiminyi — Founder, Kriosa 🔐 Cybersecurity ⚡ AI Lesson 11h ago
Built an AI-Powered WAF for PHP/Laravel Apps in Africa — Here’s What It Catches
Originally published on Medium A student developer from Cameroon built a security tool that explains...
Seven Unpatched FatFs Flaws Put Millions of Embedded Devices One USB Away From a Jailbreak
Dev.to · Etairos.ai 🔐 Cybersecurity ⚡ AI Lesson 11h ago
Seven Unpatched FatFs Flaws Put Millions of Embedded Devices One USB Away From a Jailbreak
TL;DR what: runZero disclosed seven vulnerabilities in FatFs, a tiny FAT/exFAT...
We open-sourced our security audit. Here's what we found (and fixed).
Dev.to · Edison Flores 🔐 Cybersecurity ⚡ AI Lesson 11h ago
We open-sourced our security audit. Here's what we found (and fixed).
MarketNow got pentested. 4 CRITICAL, 5 HIGH, 7 MEDIUM findings. All fixed. Here's the full report.
We open-sourced our security audit
Dev.to · Edison Flores 🔐 Cybersecurity ⚡ AI Lesson 11h ago
We open-sourced our security audit
MarketNow got pentested. 4 CRITICAL, 5 HIGH, 7 MEDIUM. All fixed.
GET Was Too Small. POST Was Too Generic. QUERY Entered the Chat. RFC 10008 Explained
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 11h ago
GET Was Too Small. POST Was Too Generic. QUERY Entered the Chat. RFC 10008 Explained
As someone working in DevSecOps and API Security, I spend a lot of time understanding how web applications and APIs communicate. Recently… Continue reading on M
I Built a Four‑Cloud Security Scanner That Auto‑Fixes Attack Chains – Here's How
Dev.to · APCSS SECURITY 🔐 Cybersecurity ⚡ AI Lesson 11h ago
I Built a Four‑Cloud Security Scanner That Auto‑Fixes Attack Chains – Here's How
🚀 The Problem Cloud security tools like Wiz and Orca are incredibly powerful – but they...
Fools Mate-TryHackMe Write-UP
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 11h ago
Fools Mate-TryHackMe Write-UP
Hello and welcome to my first write-up, I am d4nc00p3r and I am a new pentester learning by myself. Continue reading on Medium »
The Hidden Dangers of DMARC p=none: Why It's Undermining Your Email Security (Not Just Deliverability)
Dev.to · Azeem Malik 🔐 Cybersecurity ⚡ AI Lesson 12h ago
The Hidden Dangers of DMARC p=none: Why It's Undermining Your Email Security (Not Just Deliverability)
Understanding DMARC and the 'p=none' Policy DMARC (Domain-based Message Authentication,...
Dev.to AI 🔐 Cybersecurity ⚡ AI Lesson 14h ago
Keunggulan Teknologi Arjuna138: Sistem Fair Play dan Kemenangan Terjamin
Di era digital, keamanan dan keadilan adalah dua pilar utama yang menentukan kepercayaan pemain terhadap sebuah platform game online. Arjuna138 hadir dengan kom
The MCP attack your code review cannot see
Dev.to · Kiell Tampubolon 🔐 Cybersecurity ⚡ AI Lesson 14h ago
The MCP attack your code review cannot see
Here is a line from an MCP manifest that would pass most code reviews: { "name": "search",...
Securing the Amnesiac Cloud: Database-Free Token Auth in Apps Script Web Apps
Dev.to · Hayrullah Kar 🔐 Cybersecurity ⚡ AI Lesson 14h ago
Securing the Amnesiac Cloud: Database-Free Token Auth in Apps Script Web Apps
Stop relying on vulnerable client-side states. Learn how to engineer production-grade session tokens, server-side RBAC, and audit logs using native CacheService
How one line in my log scanner's allowlist was muting alerts I never told it to
Dev.to · TiltedLunar123 🔐 Cybersecurity ⚡ AI Lesson 15h ago
How one line in my log scanner's allowlist was muting alerts I never told it to
threatlens is a log triage cli i've been building. you point it at windows event logs, or syslog, or...
Medium · Programming 🔐 Cybersecurity ⚡ AI Lesson 15h ago
Your AI Coding Assistant Is Still Hashing Passwords Like It Is 2009
A developer I know sent me their side project to look over before launch. Auth worked, signup worked, everything ran. Then I opened the… Continue reading on Med
Best Free SSL Certificate Providers 2026
Medium · Startup 🔐 Cybersecurity ⚡ AI Lesson 15h ago
Best Free SSL Certificate Providers 2026
A Secure Sockets Layer (SSL) certificate is no longer optional. Whether you run a personal blog, an online store, Continue reading on Medium »
Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 15h ago
Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)
TL;DR AI editors still reach for md5/sha1 to hash passwords because that is what a decade...
Malware Analysis: Fake “Search for Perplexity AI” Chromium Extension
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 15h ago
Malware Analysis: Fake “Search for Perplexity AI” Chromium Extension
A Search Hijacker / Spyware That Intercepts Every Query via a Look-Alike Domain Continue reading on Medium »
How I built a zero-knowledge encrypted cloud storage app: the complete crypto architecture
Dev.to · Rajath R 🔐 Cybersecurity ⚡ AI Lesson 15h ago
How I built a zero-knowledge encrypted cloud storage app: the complete crypto architecture
For the past two years I've been building Silvora - a zero-knowledge encrypted cloud storage app -...
ENIGMA CTF BOOTCAMP DAY 5-FORENSICS TASK
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 15h ago
ENIGMA CTF BOOTCAMP DAY 5-FORENSICS TASK
CHALLENGE : Camp Nou Conspiracy Continue reading on Medium »
Hacker News (AI) 🔐 Cybersecurity ⚡ AI Lesson 16h ago
I found a malware hiding in my TailwindCSS config file
Comments
Fool’s Mate: Beating a Chess Engine That Cheats — A TryHackMe Walkthrough
Medium · JavaScript 🔐 Cybersecurity ⚡ AI Lesson 17h ago
Fool’s Mate: Beating a Chess Engine That Cheats — A TryHackMe Walkthrough
https://tryhackme.com/room/foolsmate Continue reading on Medium »
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 17h ago
Anyone Can Make Your Coding Agent Run Their Code. They Never Touch Your Machine.
A new attack called agentjacking hit an 85 percent success rate against Claude Code, Cursor, and Codex, and every security tool you own is… Continue reading on
The Blind Spot of Every Cloud Config Scanner
Dev.to · Bala Paranj 🔐 Cybersecurity ⚡ AI Lesson 18h ago
The Blind Spot of Every Cloud Config Scanner
Most cloud security tools check settings one at a time. The breaches come from how settings combine. The maintainers of the best open-source scanner have been s
Celebrating America's First 250 Years By Securing The Next 250
Forbes Innovation 🔐 Cybersecurity ⚡ AI Lesson 18h ago
Celebrating America's First 250 Years By Securing The Next 250
As America celebrates 250 years of independence, cybersecurity, AI and critical infrastructure resilience will determine the nation's security for the next 250.
Millions of Embedded Devices at Risk: Critical FatFs Vulnerabilities Demand Immediate Attention
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 19h ago
Millions of Embedded Devices at Risk: Critical FatFs Vulnerabilities Demand Immediate Attention
Embedded devices form the backbone of today’s connected world, powering everything from industrial automation systems and medical devices… Continue reading on M
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 19h ago
Membedah Serangan Phishing: Cara Kerja SEToolkit & Zphisher (dan Cara Melindungi Diri dari…
Disclaimer: Artikel ini dibuat untuk tujuan edukasi security awareness dan pengujian di lab pribadi. Semua demonstrasi dilakukan di… Continue reading on Medium
Drone’ların Beyni Nasıl Çalışır: FreeRTOS ve ARM Cortex-M Mimarisi Üzerine Bir Güvenlik…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 19h ago
Drone’ların Beyni Nasıl Çalışır: FreeRTOS ve ARM Cortex-M Mimarisi Üzerine Bir Güvenlik…
Bir güvenlik mühendisi olarak sistemleri test etmek için önce onları anlamak gerektiğine inanıyorum. MAVLink fuzzer yazarken ArduPilot’un… Continue reading on M
Why HIPAA Doesn't Cover the Health Data Your API Just Pulled
Dev.to · Spicy 🔐 Cybersecurity ⚡ AI Lesson 19h ago
Why HIPAA Doesn't Cover the Health Data Your API Just Pulled
If you're building anything on top of HealthKit, Google Fit, or a direct wearable API integration,...
Sensitive Information Disclosure: What It Is and the Top 10 Tools to Find It in 2026
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 19h ago
Sensitive Information Disclosure: What It Is and the Top 10 Tools to Find It in 2026
A practical primer on one of the most common — and most underestimated — classes of web vulnerability, plus the current toolkit security… Continue reading on Me
Dev.to AI 🔐 Cybersecurity ⚡ AI Lesson 20h ago
My Journey Into Cyber Security: 5 Things I Wish I Knew Before Starting
When I first became interested in cyber security, I thought it was all about hacking into systems and writing complex code. Social media and movies made it look