Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 11 · ICS Threat Actors

ICS attacks have public-policy gravity. Each provides defender learning. The big incidents Stuxnet (2010) — Iranian nuclear centrifuges; multi-stage; PLC manipulation BlackEnergy…

Apr 27, 2026 · 1 min read
Academy

Module 10 · Bluetooth & Zigbee Security

Wireless protocols for IoT have specific attack surfaces. BLE Pairing modes: Just Works (no auth), Passkey, OOB Many devices use Just Works…

Apr 27, 2026 · 1 min read
Academy

Module 9 · IoT Firmware Analysis

IoT pentesting often starts with firmware. Extract, analyse, find vulns offline. Workflow # Identify firmware structure binwalk firmware.bin binwalk -e firmware.bin #…

Apr 27, 2026 · 1 min read
Academy

Module 8 · Purdue Model & ICS Architecture

Purdue Model = standard reference architecture for ICS networks. Six levels of segmentation. Levels Level 0 — physical process (sensors, actuators) Level…

Apr 27, 2026 · 1 min read
Academy

Module 7 · OT Network Monitoring

Active scanning breaks OT — even an Nmap can crash a PLC. Passive monitoring is the norm. Tools Claroty CTD — top-tier;…

Apr 27, 2026 · 1 min read
Academy

Module 6 · IoT Protocols — MQTT, CoAP, Modbus

IoT/OT runs on protocols designed for constrained devices, often without security as primary concern. The big four MQTT — pub/sub for IoT.…

Apr 27, 2026 · 1 min read
Academy

Module 15 · Strategic Threat Intelligence

Tactical TI is for SOC. Strategic TI is for executives. Different language, different cadence, different artefacts. Strategic questions Which threat actors target…

Apr 27, 2026 · 1 min read
Academy

Module 14 · Continuous Threat Intel Workflow

Most Indian organisations don’t have dedicated CTI teams. But you can run a 1-person / 0.5-FTE program effectively. The cadence Daily (15-30…

Apr 27, 2026 · 1 min read
Academy

Module 13 · Malware Family Classification

Classifying samples by family enables tracking actor evolution. YARA is the de-facto language. YARA basics rule MyMalware_v2 { meta: author = "RingSafe"…

Apr 27, 2026 · 1 min read
Academy

Module 12 · Deception Technology

Deception is high-fidelity threat detection: legitimate users don’t touch decoys, so any touch = malicious. Three patterns Honeypots — fake systems (servers,…

Apr 27, 2026 · 1 min read
1 42 43 44 45 46 91