Cyber Security & Tech Articles

The Unofficial OSINT Notes: The Investigator's Field Manual
The Unofficial OSINT Notes: The Investigator's Field Manual
If you think Open Source Intelligence (OSINT) is just about Googling someone's name, you are doing it wrong. Real intelligence gathering is a disciplined tradecraft that requires a specific mindset,... Read more...
The Unofficial Wazuh Notes: The Ultimate SIEM & IDS Blueprint
The Unofficial Wazuh Notes: The Ultimate SIEM & IDS Blueprint
If you are trying to deploy a modern Security Information and Event Management (SIEM) solution without a roadmap, you are setting yourself up for failure. Wazuh is a beast of... Read more...
The Unofficial Burp Suite Notes: BSCP Notes
The Unofficial Burp Suite Notes: BSCP Notes
If you call yourself a web pentester but only use Burp Suite to intercept traffic, you are barely scratching the surface. These Burp Suite Notes are the definitive companion, meticulously distilling... Read more...
Network Analysis and Forensics Notes
Network Analysis and Forensics Notes
This guide is the definitive Network analysis Notes collection, condensing over 130 pages of protocol dissections, traffic patterns, and forensic methodologies into one lethal manual. Unlike generic networking textbooks that... Read more...
THM’s SEC1 (Cyber Security 101) Review
THM’s SEC1 (Cyber Security 101) Review
Let’s cut the marketing fluff. The industry is currently drowning in certified professionals who can recite the OSI model but freeze when staring at a terminal. TryHackMe’s SEC1 (Cyber Security... Read more...
Tech Layoffs Continue, But Not Everyone Is Losing
Tech Layoffs Continue, But Not Everyone Is Losing
I’ve been analyzing the headlines about mass layoffs at Amazon, Google, and Microsoft while seeing the exact same companies offer $300k+ packages for AI Specialists, and I think we need to stop... Read more...
The Unofficial OSWE Study Guide & Notes
The Unofficial OSWE Study Guide & Notes
If you are preparing for the OffSec Web Expert (OSWE) exam, formerly known as AWAE OSWE, you likely already know the hard truth: this is a grueling 48-hour marathon of... Read more...
Web Application Firewalls Explained
Web Application Firewalls Explained
I see this misconception constantly: developers or junior admins slap a Web Application Firewall (WAF) in front of a vulnerable app and think they are "secure." The article isn't just... Read more...
HTB Imagery Writeup
HTB Imagery Writeup
I see it all the time in pentest reports: Stored XSS gets rated as Medium or even Low because it requires user interaction. But my recent run through HackTheBox's Imagery... Read more...
The Unofficial HTB CWES Notes: Previously HTB CBBH
The Unofficial HTB CWES Notes: Previously HTB CBBH
If you are transitioning from the Old HTB CBBH (Certified Bug Bounty Hunter) to the newly rebranded HackTheBox Certified Web Exploitation Specialist (HTB CWES), you already know that the game... Read more...
TryHackMe Django: CVE-2025-64459 Walkthrough
TryHackMe Django: CVE-2025-64459 Walkthrough
This walkthrough explains how CVE-2025-64459 impacts Django-based applications and demonstrates the real-world exploitation path inside a TryHackMe lab. It focuses on understanding the root cause of the vulnerability, how improper... Read more...
TryHackMe Data Integrity & Model Poisoning Walkthrough
TryHackMe Data Integrity & Model Poisoning Walkthrough
This walkthrough breaks down Data Integrity and Model Poisoning from a practical, attacker-and-defender perspective.  It explains how trust in data pipelines can be exploited, how poisoned inputs impact machine learning... Read more...