search
    Security expand_more
    Security chevron_right

    Offensive & defensive security insights.

    Blockchain
    Web3 and smart contract vulnerabilities.
    Cloud Security
    Infrastructure and network defense.
    Cryptography
    Encryption algorithms and principles.
    Forensics
    Digital investigation and analysis.
    Governance Risk and Compliance
    Policies, standards, and risk management.
    Hack the Box
    Offensive security practice and writeups.
    Identity and Access Management
    IAM architectures and principles.
    Mobile Security
    Securing iOS and Android applications.
    Network Security
    Protecting network infrastructure.
    Payment Card Industry Data Security Standard
    PCI DSS compliance.
    Security Operations
    Monitoring and incident response.
    Threat Intelligence
    Analyzing cyber threats.
    Vulnerabilities
    Common security flaws and mitigations.
    Web Security
    Securing web applications and APIs.
    Mobile Deep Links - Attack Surface and Pentesting Guide
    Mobile Deep Links - Attack Surface and Pentesting Guide
    Mobile Deep Links: From Concept to Attack Surface
    Learn more chevron_right
    Engineering expand_more
    Engineering chevron_right

    Scalable systems & modern engineering.

    Algorithms & Data Structures
    Core computer science concepts.
    Database Systems
    SQL, NoSQL, and data modeling.
    DevOps & Automation
    CI/CD and infrastructure code.
    Programming Fundamentals
    Language syntax and best practices.
    SysOps & Infrastructure
    System administration and scaling.
    System Design & Architecture
    Designing scalable applications.
    UI/UX & Frontend Foundations
    Advanced CSS animations and modern frontend principles.
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Learn more chevron_right
    AI & ML expand_more
    AI & ML chevron_right

    Generative AI & LLM architectures.

    AI Agents & Automation
    Multi-agent systems, orchestration, and AI-driven development workflows.
    GenAI
    Generative models and applications.
    Machine Learning
    Data processing and predictive models.
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Learn more chevron_right
    Career expand_more
    Career chevron_right

    Interview tips & career strategies.

    Certificates
    Professional certifications and study guides.
    Interview
    Preparation and technical interviews.
    Post-Interview
    Next steps and negotiations.
    Automating OSCP Reports
    Automating OSCP Reports
    Automating OSCP and Penetration Testing Reports
    Learn more chevron_right
    Personal expand_more
    Personal chevron_right

    Identity, philosophy & personal growth.

    Identity
    Personal reflections and identity.
    Life Information
    Useful tips and life hacks.
    Philosophy
    Thoughts and philosophical discussions.
    Career Roadmap & Reflection 2026
    Career Roadmap & Reflection 2026
    Series Introduction I have always lived by reflecting, planning, and taking action toward my future. In a rapidly changing technology...
    Learn more chevron_right
    Tools expand_more
    Tools chevron_right

    Hand-picked toolkits & tech tutorials.

    Exploitation
    Tools for offensive security.
    Reconnaissance
    Information gathering tools.
    Operating System
    OS-level tools and utilities.
    Jekyll
    Static site generation.
    Forensics Tools
    Digital forensics utilities.
    ELK
    Elasticsearch, Logstash, and Kibana.
    Waybackurls
    Waybackurls
    Waybackurls: Discovering Forgotten Paths for Reconnaissance
    Learn more chevron_right

    Explore

    Security Operations

    Monitoring and incident response.

    Security Operations

    Assumed Breach Methodology: Building the Technical Controls

    Before you start: This post is the hands-on technical guide. If you’re new to the Assumed Breach concept, read Assumed Breach: Why Your Firewall Is No Longer Enough first to understand the philosophy before jumping...

    H Hyoeun Choi ·
    Read more arrow_forward

    More in Security Operations

    Security Operations

    Assumed Breach: Why Your Firewall Is No Longer Enough

    The Uncomfortable Truth About Modern Security

    H Hyoeun Choi ·
    Security Operations

    Social Engineering

    Social Engineering: The Art of Hacking the Human OS

    H Hyoeun Choi ·
    Security Operations

    EDR Bypass

    EDR Bypass Techniques: Understanding Attack Methods and Defense Strategies

    H Hyoeun Choi ·
    Security Operations

    Endpoint Detection and Response (EDR)

    Understanding EDR: Endpoint Detection and Response

    H Hyoeun Choi ·
    Security Operations

    Diamond Model of Intrustion Analysis

    What is the Diamond Model of Intrusion Analysis?

    H Hyoeun Choi ·
    Security Operations

    Threat Modeling

    Threat Modeling Practical Guide

    H Hyoeun Choi ·
    Security Operations

    Security Information and Event Management (SIEM)

    What is Security Information and Event Management (SIEM)?

    H Hyoeun Choi ·
    Security Operations

    IDS & IPS

    What is an Intrusion Detection System (IDS)?

    H Hyoeun Choi ·
    Security Operations

    MITRE ATT&CK

    MITRE ATT&CK Framework: Understanding Cyber Threats and Defense Strategies

    H Hyoeun Choi ·