Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 26 · Web Cache Poisoning & Deception

Why this module exists. James Kettle’s 2018 “Practical Web Cache Poisoning” Black Hat talk made cache poisoning the bug that goes from…

Apr 27, 2026 · 11 min read
Academy

Module 24 · WebSocket Security

Why this module exists. Real-time chat, live trading dashboards, multiplayer games, collaborative editors — all run on WebSockets. And every web pentester…

Apr 27, 2026 · 11 min read
Academy

Module 22 · OAuth & SSO Authentication Flaws

Why this module exists. OAuth 2.0 and OIDC are the universal authentication layer of the modern web — and the most-misunderstood spec…

Apr 27, 2026 · 11 min read
Academy

Module 21 · NoSQL Injection

Why this module exists. Developers who learned about SQL injection often think NoSQL databases are safe by design. They aren’t — they…

Apr 27, 2026 · 11 min read
Academy

Module 20 · Server-Side Template Injection (SSTI)

Why this module exists. SSTI almost always becomes RCE. The bug looks innocent — user input ends up in a template —…

Apr 27, 2026 · 10 min read
Academy

Network Forensics — Reading Captures Like a Detective

Network forensics is the art of reconstructing what happened from packets and flow logs after the fact. This module is the practitioner…

Apr 27, 2026 · 11 min read
Academy

MPLS, SD-WAN, and the Indian Enterprise WAN

MPLS is the legacy carrier-grade WAN — expensive, predictable, low-jitter, with operator-managed L3 VPNs. SD-WAN overlays multiple cheaper transports (broadband, LTE, 5G,…

Apr 27, 2026 · 10 min read
Academy

Zero Trust Network Access vs Traditional VPN — The Replacement Pattern That Is Now Default

Traditional VPN puts users on the corporate network — once authenticated, broad reachability. ZTNA does the opposite — explicit per-application authorisation, no…

Apr 27, 2026 · 10 min read
Academy

CDN and DDoS Defence — Cloudflare, Akamai, Anti-Bot in 2026

A CDN serves your content from edge nodes near users — fast, reliable, and incidentally an extraordinary DDoS shield. This module covers…

Apr 27, 2026 · 11 min read
Academy

Network Telemetry — NetFlow, sFlow, IPFIX, and What a SOC Actually Watches

Network telemetry is the per-flow metadata your routers and switches export — who talked to whom, when, how much, on what ports.…

Apr 27, 2026 · 11 min read
1 53 54 55 56 57 91