Tech Skills

Cybersecurity

Ethical hacking, penetration testing, network security, CTFs and defensive security

17,763
lessons
Skills in this topic
View full skill map →
Security Basics
beginner
Fix OWASP top 10 vulnerabilities
AI Security
intermediate
Identify and patch prompt injection vulnerabilities
Network Security
intermediate
Configure a firewall with proper inbound/outbound rules
Ethical Hacking & Pen Testing
intermediate
Conduct a full pen test with Kali Linux
Cloud Security
intermediate
Implement IAM least-privilege policies on AWS/GCP
Incident Response
intermediate
Build an incident response playbook
Security Compliance
intermediate
Map controls for SOC 2 Type II compliance
Defensive AI
advanced
Build an AI-powered log anomaly detector
All Reads (10,859) Articles (5371)Blog Posts (4241)Tutorials (376)Research Papers (34)News (837)
Enrolling and Managing Endpoints with Microsoft Intune: Lab
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Enrolling and Managing Endpoints with Microsoft Intune: Lab
Enrolling and Managing Endpoints with Microsoft Intune Continue reading on Medium »
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Paranoid or keep pushing: USAA Account Typo
So I have a very common name and I'm old. That means I have a [ first.last@gmail.com ](mailto: first.last@gmail.com ) address. I remember when AltaVista was the
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
A Simple Safety Checklist Before Installing Unknown Software Versions
Installing software has become so normal that most people do it without thinking much. We search for a tool, open a download page, click… Continue reading on Me
Gophish — with a gmail account
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Gophish — with a gmail account
I completed a Gophish lab with an instance in the cloud and I wanted to try it now with my gmail account. Continue reading on Medium »
What a $10,000 Cybersecurity Bootcamp Actually Taught Me
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
What a $10,000 Cybersecurity Bootcamp Actually Taught Me
My experience with Coding Temple’s Money Back Guarantee Continue reading on Medium »
Surviving the Reboot: How Attackers Persist in Active Directory
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Surviving the Reboot: How Attackers Persist in Active Directory
How attackers keep their foothold after the initial compromise, and what defenders should watch for. Continue reading on Medium »
SQL Injection & Web Fuzzing with SQLMap and FFUF: A Practical Ethical Hacking Guide
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
SQL Injection & Web Fuzzing with SQLMap and FFUF: A Practical Ethical Hacking Guide
Hey everyone!  Today we will learn about SQL injection and fuzzing. For the whole session, we will use the metasploitable machine. We… Continue reading on Medi
How a Single Misconfigured System at Tata Electronics Leaked 630GB of Apple and Tesla Data
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
How a Single Misconfigured System at Tata Electronics Leaked 630GB of Apple and Tesla Data
In one of the largest supply chain data leaks in recent memory, Indian electronics manufacturer Tata Electronics suffered a massive breach… Continue reading on
TryHackMe — Networking Core Protocols | Cyber Security 101 | Walkthrough
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
TryHackMe — Networking Core Protocols | Cyber Security 101 | Walkthrough
Hey everyone! TryHackMe just announced the new Cyber Security 101 learning path, and there are tons of giveaways this time! This article… Continue reading on Me
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Building realistic packet captures with a flag hidden inside — so your players have something worth fishing for. Continue reading on Medium »
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Building realistic packet captures with a flag hidden inside — so your players have something worth fishing for. Continue reading on Medium »
Padding Oracle Attack: Forging Encrypted Share Tokens in OopsSec Store
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Padding Oracle Attack: Forging Encrypted Share Tokens in OopsSec Store
The server told you too much, and that was enough to win. Continue reading on Medium »
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
As a Computer Science and Engineering (CSE) student, my journey into the world of technology has been centered around two core interests… Continue reading on Me
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
As a Computer Science and Engineering (CSE) student, my journey into the world of technology has been centered around two core interests… Continue reading on Me
PortSwigger Lab Write-Up: Stored DOM XSS
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PortSwigger Lab Write-Up: Stored DOM XSS
Cross-Site Scripting (XSS) comes in many shapes and sizes, but Stored DOM XSS is particularly interesting. It occurs when an application… Continue reading on Me
PortSwigger Lab Write-Up: DOM XSS in document.write
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PortSwigger Lab Write-Up: DOM XSS in document.write
DOM-based Cross-Site Scripting (DOM XSS) vulnerabilities occur when an application contains client-side JavaScript that processes data… Continue reading on Medi
Building a Windows Defender Disable Shellcode with Stardust
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Building a Windows Defender Disable Shellcode with Stardust
In the previous posts of this series, we introduced the Stardust shellcode generator template and built a practical reverse shell payload… Continue reading on M
Daring Fireball 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PuffPal, an App for Accessing Cannabis Clubs, Leaked 1 Million Users’ Passports
Sean Hollister, writing for The Verge (gift link): If you’ve visited a cannabis club in Spain, [Sammy] Azdoufal says, chances are your photo ID was among them —
AML Monitoring: How Banks Spot Suspicious Transactions Before Anyone Else Does
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
AML Monitoring: How Banks Spot Suspicious Transactions Before Anyone Else Does
Behind every seamless digital payment is a silent, high-stakes game of cat and mouse. Continue reading on Medium »
How Security Teams Prioritize Vulnerabilities Using CVSS
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
How Security Teams Prioritize Vulnerabilities Using CVSS
Find out how security teams use CVSS scores and VAPT severity levels to prioritise vulnerabilities before attackers exploit them. Continue reading on Medium »
I Built a Web Application Firewall From Scratch, and Then Attacked It
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I Built a Web Application Firewall From Scratch, and Then Attacked It
Learning cybersecurity is definitely not a cakewalk. And no matter how many books you read, courses you do, or videos you watch, you can… Continue reading on Me
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Interested in space cybersecurity as a career
Interested in space cybersecurity as a career satellite security, ground station hardening, space protocol vulnerabilities (like those shown in the Viasat hack)
Threat Attribution with MITRE ATT&CK: A Repeatable Method
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Threat Attribution with MITRE ATT&CK: A Repeatable Method
How to turn incident evidence into a defensible APT hypothesis using TTP mapping, IOCs, and probability ranking — without pretending… Continue reading on Medium
TCM Security’s Practical Junior Penetration Tester: an honest review of my experience
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
TCM Security’s Practical Junior Penetration Tester: an honest review of my experience
Hi! I’m Adam. I’m currently in the process of changing career from a Musician in the Royal Air Force into Cybersecurity, focusing on Blue… Continue reading on M
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I enjoy cybersecurity, but I can’t stop obsessing over being “trapped”. Looking for advice from people who are more experienced.
Hi everyone, I’m 22 and recently started my first full-time job as a cyber incident responder after graduating. The confusing part is that I don’t actually disl
I Spent a Day Thinking Like a Hacker And It Changed How I Look at Data
Medium · Data Science 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I Spent a Day Thinking Like a Hacker And It Changed How I Look at Data
When you first start working with data or building web applications, you spend all your time thinking about how to create cool things. You… Continue reading on
CC Switch Became a Service Mesh, and Nobody Asked It To
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
CC Switch Became a Service Mesh, and Nobody Asked It To
A free desktop app meant to stop you hand-editing config files now runs a local proxy that can reroute the API traffic of the agents you… Continue reading on Me
Building My First Microsoft Sentinel SOC Lab in Azure
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Building My First Microsoft Sentinel SOC Lab in Azure
I recently built my first Microsoft Sentinel SOC lab in Azure to gain practical experience with SIEM deployment, log onboarding, and… Continue reading on Medium
GlobalFlow SCM CTF Lab
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
GlobalFlow SCM CTF Lab
This lab was created by HIVE CONSULT to simulate security weaknesses commonly found in Supply Chain Management platforms. The environment… Continue reading on M
The New Digital Security Mindset: Speed, Trust and Resilience
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
The New Digital Security Mindset: Speed, Trust and Resilience
Digital security is often discussed through tools: firewalls, monitoring systems, access controls and software updates. They all have a… Continue reading on Med
️ Network Scanning Masterclass: A Complete Guide to Recon, Port Scanning & Vulnerability…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
️ Network Scanning Masterclass: A Complete Guide to Recon, Port Scanning & Vulnerability…
A field guide to how bug bounty hunters and penetration testers map an attack surface — from finding an organization’s ASN all the way to… Continue reading on S
Why Prime 37 GRC Masterclasses Are Preparing Professionals for the Future of Cybersecurity and AI…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Why Prime 37 GRC Masterclasses Are Preparing Professionals for the Future of Cybersecurity and AI…
The world of Governance, Risk, and Compliance (GRC) is changing faster than ever. Continue reading on Medium »
Before You Attack Active Directory: Read This First(Pentester’s Foundation Guide)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Before You Attack Active Directory: Read This First(Pentester’s Foundation Guide)
Most pentesters jump straight into BloodHound and Impacket. Here’s the foundation they’re missing , explained with a school analogy that… Continue reading on In
Understanding Cybersecurity Risk Through Everyday Examples
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Understanding Cybersecurity Risk Through Everyday Examples
“Risk isn’t about predicting the future. It’s about preparing for the possibilities.” Continue reading on Medium »
Running Scheduled Virus Scans with Microsoft Defender Antivirus Pt-2
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Running Scheduled Virus Scans with Microsoft Defender Antivirus Pt-2
A practical guide to using Windows Server Group Policy to centrally configure and deploy scheduled Microsoft Defender Antivirus scans… Continue reading on Mediu
Grab Your Red Hat Certification This Summer While You Still Can
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Grab Your Red Hat Certification This Summer While You Still Can
The demand for Linux administrators, cloud engineers, DevOps professionals, and container platform specialists continues to rise across… Continue reading on Med
Building OmniGuard: Engineering an Enterprise-Grade Command & Control System from Scratch
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Building OmniGuard: Engineering an Enterprise-Grade Command & Control System from Scratch
How we bypassed Windows Defender, utilized native Win32 APIs, and built a Zero-Trust endpoint monitoring system in Python. Continue reading on Medium »
What Really Happens When You Press Ctrl + Alt + Delete?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
What Really Happens When You Press Ctrl + Alt + Delete?
The answer led me from a Windows security feature to a real-world MITRE ATT&CK persistence technique “T1547.004” Continue reading on Medium »
How a Flawed CORS Policy on an API Gateway Led to a $13,000 Private Token Leak
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
How a Flawed CORS Policy on an API Gateway Led to a $13,000 Private Token Leak
Cross-Origin Resource Sharing (CORS) is a browser security mechanism designed to break down the strict walls of the Same-Origin Policy… Continue reading on Medi
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
Do you find your job meaningful?
To me cybersecurity seems to be one of the very few CS domains which really allow you to do some truly meaningful work and positively contribute to society. Is
Stuxnet: The Worm That Changed Warfare
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
Stuxnet: The Worm That Changed Warfare
Stuxnet would be responsible for letting the cyber-weapon cat out of the bag. Continue reading on HackTrace »
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
Introducing to Heap Overflow: tcache metadata hijacking
What Is the Difference Between tcache_house_of_spirit and tcache_metadata_hijacking? Both techniques are heap exploitation primitives, but… Continue reading on
Why I Stopped Renting My Operating System
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
Why I Stopped Renting My Operating System
The hidden cost of “user-friendly” tech, and what happens when you finally claim root access to your digital life. Continue reading on Medium »
The Open Source Security Reset
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
The Open Source Security Reset
Finding bugs is becoming cheap. The scarce work in open source security is proving that fixes survive review and reach production. Continue reading on AISecHub
A Suspicious Process Creation Alert Pops Up… What Should You Do Next?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
A Suspicious Process Creation Alert Pops Up… What Should You Do Next?
Process creation is one of the most important and critical events to monitor on any operating system. Continue reading on Medium »
Why Learning C Still Matters for Cybersecurity in 2026
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
Why Learning C Still Matters for Cybersecurity in 2026
Python helps you automate tasks. C helps you understand the machine. Discover why C remains one of the most valuable languages for… Continue reading on Medium »
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
It's looking like a hot, messy summer for security teams as AI finds countless previously hidden vulns
More holes, more patches. https://www.theregister.com/security/2026/06/27/its-looking-like-a-hot-messy-summer-for-security-teams-as-ai-finds-countless-previousl
I Popped Admin on a SaaS Platform in 2 HTTP Requests — Here’s the Whole Kill Chain
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 4d ago
I Popped Admin on a SaaS Platform in 2 HTTP Requests — Here’s the Whole Kill Chain
Free account → full data breach → 1,630 private documents → CEO account takeover. All before my coffee got cold. Continue reading on Medium »