search
    Security expand_more
    Security chevron_right

    Offensive & defensive security insights.

    Blockchain
    Web3 and smart contract vulnerabilities.
    Cloud Security
    Infrastructure and network defense.
    Cryptography
    Encryption algorithms and principles.
    Forensics
    Digital investigation and analysis.
    Governance Risk and Compliance
    Policies, standards, and risk management.
    Hack the Box
    Offensive security practice and writeups.
    Identity and Access Management
    IAM architectures and principles.
    Mobile Security
    Securing iOS and Android applications.
    Network Security
    Protecting network infrastructure.
    Payment Card Industry Data Security Standard
    PCI DSS compliance.
    Security Operations
    Monitoring and incident response.
    Threat Intelligence
    Analyzing cyber threats.
    Vulnerabilities
    Common security flaws and mitigations.
    Web Security
    Securing web applications and APIs.
    Offensive Security Fundamentals in AWS & Kubernetes
    Offensive Security Fundamentals in AWS & Kubernetes
    Offensive Security Fundamentals in AWS & Kubernetes
    Learn more chevron_right
    Engineering expand_more
    Engineering chevron_right

    Scalable systems & modern engineering.

    Algorithms & Data Structures
    Core computer science concepts.
    Cloud & DevOps
    CI/CD and infrastructure code.
    Database Systems
    SQL, NoSQL, and data modeling.
    Programming Fundamentals
    Language syntax and best practices.
    SysOps & Infrastructure
    System administration and scaling.
    System Design & Architecture
    Designing scalable applications.
    UI/UX & Frontend Foundations
    Advanced CSS animations and modern frontend principles.
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Learn more chevron_right
    AI & ML expand_more
    AI & ML chevron_right

    Generative AI & LLM architectures.

    AI Agents & Automation
    Multi-agent systems, orchestration, and AI-driven development workflows.
    GenAI
    Generative models and applications.
    Machine Learning
    Data processing and predictive models.
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Learn more chevron_right
    Career expand_more
    Career chevron_right

    Interview tips & career strategies.

    Certificates
    Professional certifications and study guides.
    Interview
    Preparation and technical interviews.
    Post-Interview
    Next steps and negotiations.
    Automating OSCP Reports
    Automating OSCP Reports
    Automating OSCP and Penetration Testing Reports
    Learn more chevron_right
    Personal expand_more
    Personal chevron_right

    Identity, philosophy & personal growth.

    Identity
    Personal reflections and identity.
    Life Information
    Useful tips and life hacks.
    Philosophy
    Thoughts and philosophical discussions.
    Career Roadmap & Reflection 2026
    Career Roadmap & Reflection 2026
    Series Introduction I have always lived by reflecting, planning, and taking action toward my future. In a rapidly changing technology...
    Learn more chevron_right
    Tools expand_more
    Tools chevron_right

    Hand-picked toolkits & tech tutorials.

    Exploitation
    Tools for offensive security.
    Reconnaissance
    Information gathering tools.
    Operating System
    OS-level tools and utilities.
    Jekyll
    Static site generation.
    Forensics Tools
    Digital forensics utilities.
    ELK
    Elasticsearch, Logstash, and Kibana.
    Waybackurls
    Waybackurls
    Waybackurls: Discovering Forgotten Paths for Reconnaissance
    Learn more chevron_right
    Security

    Offensive Security Fundamentals in AWS & Kubernetes AWS & Kubernetes 공격 보안 기초

    Offensive Security Fundamentals in AWS & Kubernetes AWS & Kubernetes 공격 보안 기초 클라우드 네이티브 아키텍처가 현대 인프라를 지배하면서, 공격자들의 공격 표면은 급격히 넓어졌습니다. AWS와 Kubernetes는 기업 클라우드 환경에서 가장 지배적인 두 플랫폼입니다. 방어를 잘하려면 공격자가 어떻게......

    Read article 기사 읽기 arrow_forward
    Offensive Security Fundamentals in AWS & Kubernetes

    Latest

    Security

    Injection Attacks Beyond SQL and XSS 1. Command Injection: The Shell is the Limit

    1. Command Injection: The Shell is the Limit 1. Command Injection: The Shell is the Limit Command Injection은 우리가 마주할 수 있는 가장 치명적인 취약점 중 하나입니다. 성공......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Server-Side Request Forgery (SSRF) SSRF (서버 측 요청 위조): 서버가 공격자의 프록시가 될 때

    Server-Side Request Forgery (SSRF): When Your Server Becomes an Attacker’s Proxy SSRF (서버 측 요청 위조): 서버가 공격자의 프록시가 될 때 서론 SSRF (Server-Side Request Forgery)는 공격자가 서버 측 애플리케이션으로 하여금......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Cross-Site Request Forgery (CSRF) The Cross-Site Request Forgery (CSRF) Attack

    The Cross-Site Request Forgery (CSRF) Attack The Cross-Site Request Forgery (CSRF) Attack 웹 애플리케이션 보안에서 가장 교묘하고 위험한 공격 중 하나인 크로스-사이트 요청 위조(Cross-Site Request Forgery,......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Cross-Site Scripting Attack (XSS) The Cross-Site Scripting Attack

    The Cross-Site Scripting Attack The Cross-Site Scripting Attack 웹 애플리케이션 보안에서 가장 흔하고 위험한 취약점 중 하나인 크로스-사이트 스크립팅(Cross-Site Scripting, XSS) 공격에 대해 알아보겠습니다.......

    Hyoeun Choi Hyoeun Choi ·
    Security

    SQL Injection SQL Injection

    SQL Injection: When Data Becomes Code SQL Injection 서론 SQL Injection (SQLi)은 가장 오래되었지만 여전히 가장 위험한 웹 애플리케이션 취약점 중 하나입니다. SQLi의 핵심은 데이터와 코드를......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Passkey Passkey의 정의 및 개념

    Definition and Concept of Passkeys Passkey의 정의 및 개념 Passkey는 FIDO Alliance와 W3C가 주도하는 FIDO2/WebAuthn 표준을 기반으로 한 비밀번호 없는(Passwordless) 로그인 방식입니다. 기술적으로는 Multi-Device FIDO......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Fast Identity Online (FIDO) & WebAuthn FIDO (Fast Identity Online)의 핵심 철학

    The Core Philosophy of FIDO (Fast Identity Online) FIDO (Fast Identity Online)의 핵심 철학 기존의 인증 방식은 ‘공유 비밀(Shared Secret)’ 모델이었습니다. 사용자와 서버가 똑같은 비밀번호를 알고 있어야 하고,......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Single Sign-On (SSO) SSO(Single Sign-On)란 무엇이며 왜 중요한가?

    What is SSO (Single Sign-On) and Why is it Important? SSO(Single Sign-On)란 무엇이며 왜 중요한가? 오늘날 우리는 수많은 애플리케이션과 서비스를 넘나들며 살아갑니다. 이메일, 클라우드 스토리지, 협업 툴, ERP 시스템 등......

    Hyoeun Choi Hyoeun Choi ·
    Security

    Security Assertion Markup Language (SAML) SAML (Security Assertion Markup Language)이란?

    What is SAML (Security Assertion Markup Language)? SAML (Security Assertion Markup Language)이란? SAML은 웹 기반 인증과 권한 부여를 위한 개방형 표준 프로토콜입니다. 사용자가 한 번의 로그인으로 여러......

    Hyoeun Choi Hyoeun Choi ·