Tech Skills

Cybersecurity

Ethical hacking, penetration testing, network security, CTFs and defensive security

13,390
lessons
Skills in this topic
View full skill map →
Security Basics
beginner
Fix OWASP top 10 vulnerabilities
AI Security
intermediate
Identify and patch prompt injection vulnerabilities
Network Security
intermediate
Configure a firewall with proper inbound/outbound rules
Ethical Hacking & Pen Testing
intermediate
Conduct a full pen test with Kali Linux
Cloud Security
intermediate
Implement IAM least-privilege policies on AWS/GCP
Incident Response
intermediate
Build an incident response playbook
Security Compliance
intermediate
Map controls for SOC 2 Type II compliance
Defensive AI
advanced
Build an AI-powered log anomaly detector
All Reads (6,486) Articles (4230)Blog Posts (1657)Tutorials (341)Research Papers (20)News (238)
User Role Can Be Modified In User Profile
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
User Role Can Be Modified In User Profile
Access Control Vulnerabilities — APPRENTICE Continue reading on Medium »
The Ultimate Total Security Guide For Safe Online Shopping Experiences
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
The Ultimate Total Security Guide For Safe Online Shopping Experiences
Online shopping brings the entire mall directly to your computer screen, but it also opens the door to digital shoplifters looking for… Continue reading on Medi
Why You Can’t Access the Internet During University Quizzes (And Why Turning Off the Proxy Usually…
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Why You Can’t Access the Internet During University Quizzes (And Why Turning Off the Proxy Usually…
During one of my university lab sessions, I noticed something that made me curious. Continue reading on Medium »
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Certification demands according to roles
Saw this one in LinkedIn and just wanted to share here. https://tylersibley.github.io/certiq/ Remember cert is merely to get pass HR filter. Cheers submitted by
Static Analysis of Linux Malware Captured by a Cowrie Honeypot
Hackernoon 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Static Analysis of Linux Malware Captured by a Cowrie Honeypot
When a bot thinks it has logged into a small energy device, it installs commodity Linux malware. This is a static, defensive breakdown of what a honeypot captur
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Day 1 of Bug Hunting Learning : XSS Made Me Question Everything
I’ve finally decided to document my bug hunting journey. Continue reading on Medium »
I Built a SOC Lab From Scratch. Here’s What Broke First.
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
I Built a SOC Lab From Scratch. Here’s What Broke First.
Forty five minutes lost to a network setting taught me more about SOC work than any course did. Continue reading on InfoSec Write-ups »
Developers Have Learned to Trust AI. That Trust Is Now Being Weaponized.
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Developers Have Learned to Trust AI. That Trust Is Now Being Weaponized.
A two-week-old attack called Agentjacking required no malware, no phishing, and no stolen passwords. Just a fake bug report — and a coding… Continue reading on
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Google vs iCloud
With all best practices enabled like MFA etc, is Google or iCloud more or less secure for personal cloud service? submitted by /u/PHL534_2 [link] [comments]
The First 30 Minutes of an Active Directory Assessment
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
The First 30 Minutes of an Active Directory Assessment
Why successful Active Directory assessments begin with understanding the environment, not exploitation. Continue reading on Medium »
Buckle Up: The Bad Guys Now Have A Model As Powerful As Mythos
Forbes Innovation 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Buckle Up: The Bad Guys Now Have A Model As Powerful As Mythos
China now has an open-weight model that can find software vulnerabilities and create attacks for anybody to use.
Medium · JavaScript 🔐 Cybersecurity ⚡ AI Lesson 2d ago
A Real Login Attack Explained: How a Hacker Steals Your Session Without Knowing Your Password
You typed your password correctly. You passed MFA. You did everything right. And you still got hacked. Continue reading on Medium »
“This Is Your Bank Calling” — How Scammers Use AI to Fake Trust
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
“This Is Your Bank Calling” — How Scammers Use AI to Fake Trust
We live in a time where a phone call or email can feel more convincing than ever. The voice sounds familiar, the logo looks perfect, and… Continue reading on Me
How I’d Break Into Cybersecurity in 2026: Part 3
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
How I’d Break Into Cybersecurity in 2026: Part 3
You know the tools. Can you defend them? The last gap into the SOC, what day one really looks like, and what I test for from the hiring… Continue reading on Med
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
A Dropdown Value Is Still User Input: SQL Injection in WooCommerce’s Most Popular Order Export…
How a two-value dropdown toggle became a read-any-table SQL injection in a plugin on up to 500,000 stores Continue reading on Medium »
HackTheBox — Cap: I Changed a 1 to a 0 and Got Root
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
HackTheBox — Cap: I Changed a 1 to a 0 and Got Root
The box named after packet captures taught me that the scariest vulnerabilities don’t look scary at all. Continue reading on Medium »
Network Access Control in 2026: 4 Dimensions, 10 Vendors, One Question Your Stack Can’t Answer
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Network Access Control in 2026: 4 Dimensions, 10 Vendors, One Question Your Stack Can’t Answer
Your security stack has EDR. SASE. Zero Trust at the identity layer. Continue reading on Medium »
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Mentorship Monday - Post All Career, Education and Job questions here!
This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job re
From Zero to Wazuh: Deploying the Server and Onboarding a Windows Agent
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
From Zero to Wazuh: Deploying the Server and Onboarding a Windows Agent
In this post I'll walk through deploying the Wazuh server stack with Docker on an Ubuntu host, installing the Wazuh agent on a Windows… Continue reading on Medi
Building a Modern Hybrid Microsoft Security Platform
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Building a Modern Hybrid Microsoft Security Platform
Designing and Implementing a Modern Microsoft Security Platform Continue reading on Medium »
Enrolling and Managing Endpoints with Microsoft Intune: Lab
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Enrolling and Managing Endpoints with Microsoft Intune: Lab
Enrolling and Managing Endpoints with Microsoft Intune Continue reading on Medium »
Why End-to-End Encryption is a Lie (And How I Weaponized Golang to Fix It)
Dev.to · Seif Sayed 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Why End-to-End Encryption is a Lie (And How I Weaponized Golang to Fix It)
The cybersecurity industry is playing a rigged game. We obsess over End-to-End Encryption (E2EE), but...
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Paranoid or keep pushing: USAA Account Typo
So I have a very common name and I'm old. That means I have a [ first.last@gmail.com ](mailto: first.last@gmail.com ) address. I remember when AltaVista was the
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
A Simple Safety Checklist Before Installing Unknown Software Versions
Installing software has become so normal that most people do it without thinking much. We search for a tool, open a download page, click… Continue reading on Me
Gophish — with a gmail account
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Gophish — with a gmail account
I completed a Gophish lab with an instance in the cloud and I wanted to try it now with my gmail account. Continue reading on Medium »
What a $10,000 Cybersecurity Bootcamp Actually Taught Me
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
What a $10,000 Cybersecurity Bootcamp Actually Taught Me
My experience with Coding Temple’s Money Back Guarantee Continue reading on Medium »
Surviving the Reboot: How Attackers Persist in Active Directory
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Surviving the Reboot: How Attackers Persist in Active Directory
How attackers keep their foothold after the initial compromise, and what defenders should watch for. Continue reading on Medium »
SQL Injection & Web Fuzzing with SQLMap and FFUF: A Practical Ethical Hacking Guide
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
SQL Injection & Web Fuzzing with SQLMap and FFUF: A Practical Ethical Hacking Guide
Hey everyone!  Today we will learn about SQL injection and fuzzing. For the whole session, we will use the metasploitable machine. We… Continue reading on Medi
How a Single Misconfigured System at Tata Electronics Leaked 630GB of Apple and Tesla Data
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
How a Single Misconfigured System at Tata Electronics Leaked 630GB of Apple and Tesla Data
In one of the largest supply chain data leaks in recent memory, Indian electronics manufacturer Tata Electronics suffered a massive breach… Continue reading on
TryHackMe — Networking Core Protocols | Cyber Security 101 | Walkthrough
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
TryHackMe — Networking Core Protocols | Cyber Security 101 | Walkthrough
Hey everyone! TryHackMe just announced the new Cyber Security 101 learning path, and there are tons of giveaways this time! This article… Continue reading on Me
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Building realistic packet captures with a flag hidden inside — so your players have something worth fishing for. Continue reading on Medium »
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Introducing ‘ChumBucket’: A Forge for Network-Forensics CTF Challenges
Building realistic packet captures with a flag hidden inside — so your players have something worth fishing for. Continue reading on Medium »
Padding Oracle Attack: Forging Encrypted Share Tokens in OopsSec Store
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Padding Oracle Attack: Forging Encrypted Share Tokens in OopsSec Store
The server told you too much, and that was enough to win. Continue reading on Medium »
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
As a Computer Science and Engineering (CSE) student, my journey into the world of technology has been centered around two core interests… Continue reading on Me
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Bridging the Gap: The Journey of Mr. Tan in Cybersecurity and Digital Forensics
As a Computer Science and Engineering (CSE) student, my journey into the world of technology has been centered around two core interests… Continue reading on Me
PortSwigger Lab Write-Up: Stored DOM XSS
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PortSwigger Lab Write-Up: Stored DOM XSS
Cross-Site Scripting (XSS) comes in many shapes and sizes, but Stored DOM XSS is particularly interesting. It occurs when an application… Continue reading on Me
PortSwigger Lab Write-Up: DOM XSS in document.write
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PortSwigger Lab Write-Up: DOM XSS in document.write
DOM-based Cross-Site Scripting (DOM XSS) vulnerabilities occur when an application contains client-side JavaScript that processes data… Continue reading on Medi
Building a Windows Defender Disable Shellcode with Stardust
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Building a Windows Defender Disable Shellcode with Stardust
In the previous posts of this series, we introduced the Stardust shellcode generator template and built a practical reverse shell payload… Continue reading on M
Daring Fireball 🔐 Cybersecurity ⚡ AI Lesson 3d ago
PuffPal, an App for Accessing Cannabis Clubs, Leaked 1 Million Users’ Passports
Sean Hollister, writing for The Verge (gift link): If you’ve visited a cannabis club in Spain, [Sammy] Azdoufal says, chances are your photo ID was among them —
AML Monitoring: How Banks Spot Suspicious Transactions Before Anyone Else Does
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
AML Monitoring: How Banks Spot Suspicious Transactions Before Anyone Else Does
Behind every seamless digital payment is a silent, high-stakes game of cat and mouse. Continue reading on Medium »
How Security Teams Prioritize Vulnerabilities Using CVSS
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
How Security Teams Prioritize Vulnerabilities Using CVSS
Find out how security teams use CVSS scores and VAPT severity levels to prioritise vulnerabilities before attackers exploit them. Continue reading on Medium »
I Built a Web Application Firewall From Scratch, and Then Attacked It
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I Built a Web Application Firewall From Scratch, and Then Attacked It
Learning cybersecurity is definitely not a cakewalk. And no matter how many books you read, courses you do, or videos you watch, you can… Continue reading on Me
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Interested in space cybersecurity as a career
Interested in space cybersecurity as a career satellite security, ground station hardening, space protocol vulnerabilities (like those shown in the Viasat hack)
Threat Attribution with MITRE ATT&CK: A Repeatable Method
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Threat Attribution with MITRE ATT&CK: A Repeatable Method
How to turn incident evidence into a defensible APT hypothesis using TTP mapping, IOCs, and probability ranking — without pretending… Continue reading on Medium
TCM Security’s Practical Junior Penetration Tester: an honest review of my experience
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
TCM Security’s Practical Junior Penetration Tester: an honest review of my experience
Hi! I’m Adam. I’m currently in the process of changing career from a Musician in the Royal Air Force into Cybersecurity, focusing on Blue… Continue reading on M
Reddit r/learnprogramming 🔐 Cybersecurity ⚡ AI Lesson 3d ago
No clue where to start on Cyber security
Hello everyone! I am very new to the whole IT thing in general, but it does interest me to learn about it. Problem is… i have no idea what to start with. I feel
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I enjoy cybersecurity, but I can’t stop obsessing over being “trapped”. Looking for advice from people who are more experienced.
Hi everyone, I’m 22 and recently started my first full-time job as a cyber incident responder after graduating. The confusing part is that I don’t actually disl
I Spent a Day Thinking Like a Hacker And It Changed How I Look at Data
Medium · Data Science 🔐 Cybersecurity ⚡ AI Lesson 3d ago
I Spent a Day Thinking Like a Hacker And It Changed How I Look at Data
When you first start working with data or building web applications, you spend all your time thinking about how to create cool things. You… Continue reading on