Blog
Latest Articles
In-depth technical writeups, research findings, and practical guides on penetration testing, vulnerability research, and offensive security techniques.
HackTheBox Certified Penetration Testing Specialist (CPTS) Review
My honest experience with the HackTheBox CPTS exam - the hardest certification I've done. Environment issues, a 120-page report, and what actually helped me pass.
The Ultimate Guide to Cybersecurity Frameworks: MITRE, OWASP, NIST, CWE/CVE, and Compliance
A detailed guide to the major cybersecurity frameworks, MITRE ATT&CK, OWASP, NIST, CWE/CVE, and compliance standards, and how they fit together to describe attacker behavior, weaknesses, vulnerabilities, and organizational security.
A Pentester's Guide to File Upload Vulnerabilities
Understanding file upload vulnerabilities from a pentester's perspective, including common pitfalls, attack techniques, and exploitation methods.
A Complete Guide to Access Control Vulnerabilities
A clear breakdown of access control vulnerabilities, untangling confusing terms like IDOR, BOLA, and BFLA, with real examples that show how they appear in modern applications.
A Strong Penetration Test Needs a Strong Report
Why a penetration test reaches its full value only when paired with a clear, actionable report that turns findings into real security improvements.
Web Application Penetration Tester eXtreme (eWPTXv3) Review
My eWPTX review: prep strategy, lab difficulty, exam workflow, and whether it's worth it for web app pentesting.
Mobile Application Pentest Tester (eMAPT) Review (Old Version)
A detailed review of the old version of the eMAPT certification, covering exam structure, and my personal experience earning it.
Practical Mobile Pentest Associate (PMPA) Review
A detailed review of the PMPA certification, covering exam structure, preparation tips, and my personal experience earning it.