Tech Skills
Cybersecurity
Ethical hacking, penetration testing, network security, CTFs and defensive security
Skills in this topic
8 skills — Sign in to track your progress
Security Basics
beginner
Fix OWASP top 10 vulnerabilities
AI Security
intermediate
Identify and patch prompt injection vulnerabilities
Network Security
intermediate
Configure a firewall with proper inbound/outbound rules
Ethical Hacking & Pen Testing
intermediate
Conduct a full pen test with Kali Linux
Cloud Security
intermediate
Implement IAM least-privilege policies on AWS/GCP
Incident Response
intermediate
Build an incident response playbook
Security Compliance
intermediate
Map controls for SOC 2 Type II compliance
Defensive AI
advanced
Build an AI-powered log anomaly detector

Medium · AI
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Uncover the Real MSISDN | SS7 Telecom Security Research Tool
Understanding How Mobile Identity Works in Modern Telecom Networks Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Uncover the Real MSISDN | SS7 Telecom Security Research Tool
Understanding How Mobile Identity Works in Modern Telecom Networks Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Accidental RCE: How I Found a Working Exploit in a Live CTF (and It Wasn’t Even the Challenge)
On 19/6/2026, riffhack.biterra.co hosted an online CTF. The event had two types of challenges, what I’ll call normal and RIFFHACK… Continue reading on Medium »
Dev.to AI
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Weekly Roundup — What Happened in Tech, Jun 15–21
Five stories from the week of Jun 15–21, each one I read end to end. 1. CISA contractor exposed AWS GovCloud admin keys on public GitHub. A repo called "Private
Medium · Python
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Python OpSec in 2026: Spoofing, Anti-Fingerprinting & Zero Traces
Look. I was writing Python scripts before your favorite framework even existed. I’ve watched the internet go from a place where anonymity… Continue reading on M
Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Python OpSec in 2026: Spoofing, Anti-Fingerprinting & Zero Traces
Look. I was writing Python scripts before your favorite framework even existed. I’ve watched the internet go from a place where anonymity… Continue reading on M

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
PortSwigger Lab Write-Up: User ID Controlled by Request Parameter with Password Disclosure
Category: Access Control Vulnerabilities Difficulty: Apprentice Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
PortSwigger : DOM XSS in jQuery Anchor href Attribute Sink Using location.search Source
In this lab, the website has a DOM-based XSS vulnerability in the submit feedback page. Continue reading on Medium »

Medium · Programming
🔐 Cybersecurity
⚡ AI Lesson
1w ago
I found North Korean (DPRK) malware hiding in my tailwind.config.js
I almost closed the file without reading it. Three days later I was killing processes in production at 2am, rotating every credential I… Continue reading on Med

Medium · JavaScript
🔐 Cybersecurity
⚡ AI Lesson
1w ago
I found North Korean (DPRK) malware hiding in my tailwind.config.js
I almost closed the file without reading it. Three days later I was killing processes in production at 2am, rotating every credential I… Continue reading on Med

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
I found North Korean (DPRK) malware hiding in my tailwind.config.js
I almost closed the file without reading it. Three days later I was killing processes in production at 2am, rotating every credential I… Continue reading on Med

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The Single-Primitive Write: WriteProcessMemory’s Hidden Page Flip
Documenting Undocumented WriteProcessMemory Behavior Continue reading on Medium »
Medium · Programming
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Timing Attacks Against PHP Login Endpoints — How Real and How to Fix
If your login skips password_verify for unknown users, attackers can enumerate accounts via response time. Verified fix in 4 lines. Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
OAuth Is Still Misunderstood
OAuth has a reputation for being complicated, mysterious, and slightly annoying. To be fair, it has worked hard to earn that reputation. Continue reading on Med

Dev.to · Oluwole Ajayi
🔐 Cybersecurity
⚡ AI Lesson
1w ago
VeriLync- Application Security for SaaS Scale-ups
I studied MSc Applied Cybersecurity at the University of South Wales. My dissertation was titled...

Dev.to · Hiren Kava
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Precision Loss and Rounding Exploits in Financial Smart Contracts
A smart contract does not need an overflow, reentrancy bug, or broken access-control check to lose...

Dev.to · GoldenGlobalHawks
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Engineering a residential security stack for high-value LA properties: site survey to dispatch
Site survey, perimeter design, staffing models, and tech integration for LA residential security ops — with BSIS compliance requirements and real cost figures.

Dev.to · Arashad Dodhiya
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Business Logic Vulnerabilities in Modern APIs: The Security Flaws Firewalls Can't Stop
Most API security discussions revolve around SQL injection, authentication bypasses, or remote code...

Dev.to · xusteve
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The Ultimate WordPress Security Checklist for 2026
The Ultimate WordPress Security Checklist for 2026 WordPress powers over 43% of all...

Dev.to · kg8888
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The Security Checklist Every Vibe Coder Needs Before Launch
You shipped something. It works. Users are signing up. And somewhere in your codebase, there's a...

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Detecting Atomic Arch Before the eBPF Rootkit Loads
Atomic Arch (Sonatype-2026–003775) backdoored around 1,500 AUR packages on June 11–12, 2026. The credential stealer it ships is… Continue reading on Medium »
Medium · Programming
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The CIA Triad: The Three Words Every Security Decision Comes Back To
I’ve taught cybersecurity to enough beginners now to know that the term “CIA Triad” sounds like it belongs in a spy movie, not a textbook… Continue reading on M
Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The CIA Triad: The Three Words Every Security Decision Comes Back To
I’ve taught cybersecurity to enough beginners now to know that the term “CIA Triad” sounds like it belongs in a spy movie, not a textbook… Continue reading on M

Dev.to · Pavel Espitia
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Front-Running and MEV: Writing Contracts That Don't Leak Money to the Mempool
When you submit a transaction, it sits in the public mempool before it is mined, visible to everyone....

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Triaging My First Phishing Alerts: A SOC Simulator Walkthrough
Most of my recent work has been offensive or IR-focused tracing a fileless malware infection through an Active Directory lab, running… Continue reading on Mediu

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Spent Years Trying to Forecast Cyberattacks Like Weather Systems
For the last few years, I’ve been working on a problem that sits between cybersecurity, mathematics, and large-scale systems : Can… Continue reading on Medium »
Medium · Programming
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Reconnaissance: Why the Best Hackers Look Before They Touch Anything
When new students start learning ethical hacking, almost all of them want to skip straight to the exciting part: running a scan, finding a… Continue reading on
Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Reconnaissance: Why the Best Hackers Look Before They Touch Anything
When new students start learning ethical hacking, almost all of them want to skip straight to the exciting part: running a scan, finding a… Continue reading on

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Maritime Cyber Resilience Brief — Charting the USCG Cybersecurity Rule: Implementation Timeline and…
A follow‑up to the 3‑Part Comparative Series. Part 3 mapped the conceptual bridge between IACS UR E26/E27 and the U.S. Coast Guard’s new… Continue reading on Me
Medium · Startup
🔐 Cybersecurity
⚡ AI Lesson
1w ago
What is RDP? Complete Beginner’s Guide (2026)
What is RDP? Complete Beginner's Guide (2026) Continue reading on Medium »
Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Your Browser as a Weapon — Understanding and Stopping CSRF
The attack that exploits trust to make you do things you never intended Continue reading on Medium »

Dev.to · TrustSig
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Reverse once, run forever: designing client-side defenses that assume the attacker has already read every line
There's a sentence every engineer in this field eventually says out loud, usually with a sigh: "But...

Dev.to · umbra
🔐 Cybersecurity
⚡ AI Lesson
1w ago
I built a macOS security tool that locks your secrets when you walk away
CHIMERA is an open-source macOS security "organism" — one local process orchestrating 8 native organs...

Dev.to · Dimitrij Drus
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Stop Using Bearer Tokens Like House Keys: DPoP with Heimdall
You've built an API. You protected it with OAuth 2.0. You're using JWTs. You feel secure. You're...

Dev.to · 문세환
🔐 Cybersecurity
⚡ AI Lesson
1w ago
I scanned a "vibe-coded" Python repo. Found 137 security bugs.
I scanned KaletoAI/anima-verse — a Python LLM project that literally says "Vibe-coded experiment" in...

Dev.to · Sujala Vasanthasena Nelavai
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Your Mind Is the First System Hackers Can Exploit
Why Cybersecurity Must Start With the Analyst — Not the Attack** 1. The Breach No One Talks...

Dev.to · Aviral Srivastava
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Confidential Computing (SGX, SEV)
Your Data's Secret Lair: Diving Deep into Confidential Computing (SGX & SEV) Ever get...

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Anonymous — TryHackMe Walkthrough
What’s up everyone! So this is my very first writeup on Medium, and I figured why not kick it off with the Anonymous room on TryHackMe… Continue reading on Me

Dev.to · Bala Paranj
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The Aftermarket She Diagnosed is the Aftermarket She Prescribed
Jen Easterly correctly identified that cybersecurity is an aftermarket for software quality failures. Then she celebrated an AI that makes the aftermarket faste

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
PortSwigger Lab Write-Up: User ID Controlled by Request Parameter with Data Leakage in Redirect
Category: Access Control Vulnerabilities Difficulty: Apprentice Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Business Logic Attacks Explained Using a Banking App
How Attackers Abuse Perfectly Working Features Without Hacking the Code Continue reading on Medium »
Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
WhatsApp Plus Explained: What It Really Is and the Risks Nobody Tells You
WhatsApp Plus means two different things in 2026. Here is the full breakdown of the official Meta subscription, the unofficial mod APK… Continue reading on Medi

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
The Counterfeit Self and the Fight to Reclaim Digital Trust
A Room Where Everyone Was a Ghost Continue reading on Medium »

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Building a Zero-Knowledge Note Vault: What I Learned by Getting It Wrong First
How a simple “encrypted message” demo turned into a real lesson in what end-to-end encryption actually means — and the mistakes along the… Continue reading on M

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Part 3: Configuring and Validating the Windows 11 Domain Client
With the domain controller fully operational and the cyber lab network established, the next step was to integrate a client workstation… Continue reading on Med

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Part 2: Configuring the Cyber Lab Environment — Windows Server 2022
With the network infrastructure now in place via pfSense, the next phase of the project focuses on configuring the systems that make up… Continue reading on Med

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Understanding Converter and AttributeConverter In Java: Transparent AES Encryption at the Database…
Java applications often need to perform repetitive transformations when reading from or writing to a database. Common examples include: Continue reading on Medi

Medium · Cybersecurity
🔐 Cybersecurity
⚡ AI Lesson
1w ago
Beginner picoMini 2022 Writeup
My writeup for the Beginner picoMini 2022 challenges! It consists of pretty simple general skills challenges that serve as a good starting… Continue reading on
DeepCamp AI