The blog

Writeups, Tools & the Journey

Technical deep dives, CTF breakdowns, and honest notes from studying cybersecurity. Filter by topic or search for something specific.

Landing Your First Cybersecurity Internship: A Student's Playbook
Career Guidance May 20, 2026 9 min

Landing Your First Cybersecurity Internship: A Student's Playbook

How to get your first security internship without prior experience: building proof of skill, writing a resume that passes the filter, and showing up ready for the interview.

CareerInternshipStudent
Read more
How I Earned 17 Cybersecurity Certifications as a Student
Career Guidance Apr 12, 2026 9 min

How I Earned 17 Cybersecurity Certifications as a Student

An honest look at building a certification stack while in university: which certs actually matter, how to study efficiently, and how to avoid the cert collecting trap.

CertificationsCareerStudent
Read more
Wireshark Deep Dive: Hunting Threats in Packet Captures
Tools & Techniques Mar 5, 2026 11 min

Wireshark Deep Dive: Hunting Threats in Packet Captures

Beyond capture filters: how to use Wireshark to find command and control beaconing, DNS tunneling, and data exfiltration hiding inside ordinary looking traffic.

WiresharkNetwork ForensicsThreat Hunting
Read more
Mastering Nmap: From Host Discovery to NSE Scripting
Tools & Techniques Feb 10, 2026 10 min

Mastering Nmap: From Host Discovery to NSE Scripting

A practical deep dive into Nmap: how scan types actually work, tuning for speed and stealth, and using the scripting engine to turn a port scanner into a recon platform.

NmapReconnaissanceNetwork Security
Read more
Zero Trust Architecture - A Practical Implementation Guide
Security Architecture Dec 15, 2025 12 min

Zero Trust Architecture - A Practical Implementation Guide

A comprehensive guide to understanding and implementing Zero Trust security architecture in modern enterprise environments.

Zero TrustNetwork SecurityEnterprise Security
Read more
Advanced Web Application Penetration Testing Methodology
Penetration Testing Nov 28, 2025 15 min

Advanced Web Application Penetration Testing Methodology

Deep dive into modern web application security testing techniques, OWASP Top 10 exploitation, and professional pentesting methodology.

Web SecurityOWASPPentesting
Read more
Building a Red Team Lab - From Beginner to Advanced
Tutorial Nov 15, 2025 14 min

Building a Red Team Lab - From Beginner to Advanced

Step-by-step guide to building your own penetration testing and red team lab environment for security practice and skill development.

Red TeamHome LabPentesting
Read more
API Security Testing - Finding & Exploiting Vulnerabilities
Security Testing Oct 30, 2025 12 min

API Security Testing - Finding & Exploiting Vulnerabilities

Comprehensive guide to API security testing, covering REST, GraphQL, authentication bypass, and common API vulnerabilities.

API SecurityRESTGraphQL
Read more
Malware Analysis for Beginners - Static & Dynamic Techniques
Malware Analysis Oct 15, 2025 16 min

Malware Analysis for Beginners - Static & Dynamic Techniques

Introduction to malware analysis techniques including static analysis, dynamic analysis, behavioral analysis, and practical case studies.

MalwareReverse EngineeringForensics
Read more
Cloud Security - Securing AWS, Azure, and GCP
Cloud Security Sep 28, 2025 14 min

Cloud Security - Securing AWS, Azure, and GCP

Comprehensive guide to cloud security best practices across AWS, Azure, and GCP, covering IAM, misconfigurations, and multi-cloud security strategies.

AWSAzureGCP
Read more
Active Directory Attacks & Defense - A Complete Guide
Windows Security Sep 15, 2025 18 min

Active Directory Attacks & Defense - A Complete Guide

In-depth guide to Active Directory attack techniques and defense strategies, covering enumeration, lateral movement, persistence, and detection.

Active DirectoryRed TeamBlue Team
Read more
Bug Bounty Hunting - From Zero to First Bounty
Bug Bounty Aug 30, 2025 13 min

Bug Bounty Hunting - From Zero to First Bounty

Complete guide to starting your bug bounty hunting journey, from choosing platforms to writing reports and earning your first bounty.

Bug BountyWeb SecurityHacking
Read more
Network Security Monitoring with Wireshark & Zeek
Network Security Aug 15, 2025 12 min

Network Security Monitoring with Wireshark & Zeek

Practical guide to network security monitoring using Wireshark and Zeek for traffic analysis, threat hunting, and incident detection.

Network MonitoringWiresharkZeek
Read more
Docker & Kubernetes Security - Container Hardening
DevSecOps Jul 30, 2025 15 min

Docker & Kubernetes Security - Container Hardening

Advanced guide to securing Docker containers and Kubernetes clusters, covering image scanning, RBAC, runtime security, and incident response.

DockerKubernetesContainer Security
Read more
SIEM Deployment & Threat Detection - Wazuh & Splunk
SOC / SIEM Jul 15, 2025 14 min

SIEM Deployment & Threat Detection - Wazuh & Splunk

Practical guide to deploying SIEM solutions using Wazuh and Splunk for threat detection, custom rules, and incident response workflows.

SIEMWazuhSplunk
Read more
Mobile Application Security Testing (Android & iOS)
Mobile Security Jun 28, 2025 16 min

Mobile Application Security Testing (Android & iOS)

Comprehensive guide to mobile application security testing for Android and iOS, covering static analysis, dynamic analysis, and reverse engineering.

AndroidiOSMobile App Security
Read more
Incident Response Playbook - Ransomware Attack
Incident Response Jun 15, 2025 14 min

Incident Response Playbook - Ransomware Attack

Step-by-step incident response playbook for handling ransomware attacks, covering detection, containment, eradication, recovery, and forensic analysis.

Incident ResponseRansomwareForensics
Read more
Secure Code Review - Finding Vulnerabilities in Source Code
Application Security May 30, 2025 15 min

Secure Code Review - Finding Vulnerabilities in Source Code

Guide to secure code review methodology, common vulnerability patterns across languages, and automated SAST tools for application security.

Secure CodingCode ReviewSAST
Read more
Career in Cybersecurity - From Student to Professional
Career Guidance May 15, 2025 12 min

Career in Cybersecurity - From Student to Professional

Personal guide to building a successful cybersecurity career, covering learning paths, certifications, portfolio building, and job search strategies.

CareerCybersecurityLearning Path
Read more
Building a Professional SOC Lab with Wazuh and ELK Stack
Tutorial Feb 1, 2025 11 min

Building a Professional SOC Lab with Wazuh and ELK Stack

A practical blueprint for a home SOC lab: Wazuh plus the Elastic Stack, telemetry generation with Atomic Red Team, and your first real detection rule and dashboard.

SIEMWazuhELK
Read more
My Path to Top 3% on TryHackMe
Career Guidance Jan 15, 2025 9 min

My Path to Top 3% on TryHackMe

How consistent practice, structured note taking, and a repeatable methodology took me into the top 3 percent on TryHackMe, and how those skills carried into real security work.

TryHackMeLearningCareer
Read more
Practical MITRE ATT&CK Framework for SOC Analysts
SOC Jan 1, 2025 10 min

Practical MITRE ATT&CK Framework for SOC Analysts

A hands-on guide to using MITRE ATT&CK in a real SOC: mapping alerts to techniques, writing detections, and finding coverage gaps with ATT&CK Navigator.

MITRE ATT&CKSOCThreat Detection
Read more