search
    Security expand_more
    Security chevron_right

    Offensive & defensive security insights.

    Blockchain
    Web3 and smart contract vulnerabilities.
    Cloud Security
    Infrastructure and network defense.
    Cryptography
    Encryption algorithms and principles.
    Forensics
    Digital investigation and analysis.
    Governance Risk and Compliance
    Policies, standards, and risk management.
    Hack the Box
    Offensive security practice and writeups.
    Identity and Access Management
    IAM architectures and principles.
    Mobile Security
    Securing iOS and Android applications.
    Network Security
    Protecting network infrastructure.
    Payment Card Industry Data Security Standard
    PCI DSS compliance.
    Security Operations
    Monitoring and incident response.
    Threat Intelligence
    Analyzing cyber threats.
    Vulnerabilities
    Common security flaws and mitigations.
    Web Security
    Securing web applications and APIs.
    Offensive Security Fundamentals in AWS & Kubernetes
    Offensive Security Fundamentals in AWS & Kubernetes
    Offensive Security Fundamentals in AWS & Kubernetes
    Learn more chevron_right
    Engineering expand_more
    Engineering chevron_right

    Scalable systems & modern engineering.

    Algorithms & Data Structures
    Core computer science concepts.
    Cloud & DevOps
    CI/CD and infrastructure code.
    Database Systems
    SQL, NoSQL, and data modeling.
    Programming Fundamentals
    Language syntax and best practices.
    SysOps & Infrastructure
    System administration and scaling.
    System Design & Architecture
    Designing scalable applications.
    UI/UX & Frontend Foundations
    Advanced CSS animations and modern frontend principles.
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Learn more chevron_right
    AI & ML expand_more
    AI & ML chevron_right

    Generative AI & LLM architectures.

    AI Agents & Automation
    Multi-agent systems, orchestration, and AI-driven development workflows.
    GenAI
    Generative models and applications.
    Machine Learning
    Data processing and predictive models.
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Learn more chevron_right
    Career expand_more
    Career chevron_right

    Interview tips & career strategies.

    Certificates
    Professional certifications and study guides.
    Interview
    Preparation and technical interviews.
    Post-Interview
    Next steps and negotiations.
    Automating OSCP Reports
    Automating OSCP Reports
    Automating OSCP and Penetration Testing Reports
    Learn more chevron_right
    Personal expand_more
    Personal chevron_right

    Identity, philosophy & personal growth.

    Identity
    Personal reflections and identity.
    Life Information
    Useful tips and life hacks.
    Philosophy
    Thoughts and philosophical discussions.
    Career Roadmap & Reflection 2026
    Career Roadmap & Reflection 2026
    Series Introduction I have always lived by reflecting, planning, and taking action toward my future. In a rapidly changing technology...
    Learn more chevron_right
    Tools expand_more
    Tools chevron_right

    Hand-picked toolkits & tech tutorials.

    Exploitation
    Tools for offensive security.
    Reconnaissance
    Information gathering tools.
    Operating System
    OS-level tools and utilities.
    Jekyll
    Static site generation.
    Forensics Tools
    Digital forensics utilities.
    ELK
    Elasticsearch, Logstash, and Kibana.
    Waybackurls
    Waybackurls
    Waybackurls: Discovering Forgotten Paths for Reconnaissance
    Learn more chevron_right
    Security

    Offensive Security Fundamentals in AWS & Kubernetes AWS & Kubernetes 공격 보안 기초

    Offensive Security Fundamentals in AWS & Kubernetes AWS & Kubernetes 공격 보안 기초 클라우드 네이티브 아키텍처가 현대 인프라를 지배하면서, 공격자들의 공격 표면은 급격히 넓어졌습니다. AWS와 Kubernetes는 기업 클라우드 환경에서 가장 지배적인 두 플랫폼입니다. 방어를 잘하려면 공격자가 어떻게......

    Read article 기사 읽기 arrow_forward
    Offensive Security Fundamentals in AWS & Kubernetes

    Latest

    Security

    Browser Extension Penetration Test 브라우저 확장 프로그램 보안

    Browser Extension Security 브라우저 확장 프로그램 보안 브라우저 확장 프로그램(Browser Extension)은 웹 브라우저의 기능을 확장하고 사용자 경험을 향상시키는 강력한 도구입니다. 광고 차단부터 생산성......

    Hyoeun Choi Hyoeun Choi ·
    Security

    JWT Penetration Test JWT 핵심 취약점 분석 및 공격 시나리오

    Analyzing Core JWT Vulnerabilities and Attack Scenarios JWT 핵심 취약점 분석 및 공격 시나리오 JWT(JSON Web Token)는 현대적인 인증 방식에서 널리 사용되지만, 그 유연함은 양날의 검과 같습니다.......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Simple Object Access Protocol (SOAP) 1. SOAP의 기본 개념

    1. Basic Concepts of SOAP 1. SOAP의 기본 개념 SOAP은 그 이름과 달리 그리 간단하지 않은 프로토콜입니다. 특정 플랫폼이나 언어에 종속되지 않고, 주로 HTTP, SMTP,......

    Hyoeun Choi Hyoeun Choi ·
    Security

    File Upload Feature Penetration Test Checklist

    When a file upload feature is present, you should check the following items. Fundamentally, from a developer’s perspective, a whitelist... 파일 업로드 기능이 있을때에는 다음과 같은 것들을 확인해보면 됩니다. 기본적으로 개발자 입장에서는 white-list or allowlist approach가 이상적입니다. Checklist 파일 확장자......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Dissecting HTTP Headers 웹 펜테스팅: HTTP 헤더 심층 분석

    Analyzing HTTP Headers in Web Penetration Testing 웹 펜테스팅: HTTP 헤더 심층 분석 웹 펜테스팅을 수행할 때, HTTP 헤더는 클라이언트와 서버 간 통신의 중추 역할을 합니다. 보안......

    Hyoeun Choi Hyoeun Choi ·
    Security

    OWASP Top 10 Mobile- 2024 OWASP 모바일 Top 10 - 2024: 핵심 가이드

    OWASP Mobile Top 10 Risks: 2024 Edition OWASP 모바일 Top 10 - 2024: 핵심 가이드 2024년 OWASP 모바일 Top 10은 2016년 목록에서 일부 카테고리를 통합하고 새로운 항목을......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Cookie & Seession Security 쿠키와 세션의 차이

    Differences Between Cookies and Sessions 쿠키와 세션의 차이 Cookies 쿠키는 클라이언트의 로컬 저장소에 key-value 쌍의 형태로 저장되는 작은 데이터입니다. 주로 웹 애플리케이션에서 사용자를 식별하거나 상태......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Microsoft Entra ID (Azure AD) Security Microsoft Entra ID란?

    What Is Microsoft Entra ID? Microsoft Entra ID란? Microsoft Entra ID(구 Azure Active Directory / Azure AD)는 Microsoft의 클라우드 기반 ID 및 접근 관리(IAM) 서비스입니다.......

    Hyoeun Choi Hyoeun Choi ·
    Security

    iOS Sideloading with Xcode Xcode를 이용한 iOS 사이드로딩: 모바일 펜테스터를 위한 실전 가이드

    iOS Sideloading with Xcode: A Practical Guide for Mobile Pentesters Xcode를 이용한 iOS 사이드로딩: 모바일 펜테스터를 위한 실전 가이드 사이드로딩 — App Store 우회를 통한 iOS 기기 앱 설치 —......

    Hyoeun Choi Hyoeun Choi ·