Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Responder, mitm6, NTLM relay. Protocols designed in 1990 still farming credentials in 2026.

Segmentation on paper vs reality. Every network has exceptions attackers exploit for lateral movement.

'The framework handles it' is the most dangerous phrase in modern web security. Escape hatches, third-party integrations, and non-REST transports.

Developers focus on login; attackers target sessions. Theft, rotation, revocation, and the edge cases that break.

Every endpoint your mobile or SPA calls is exposed to the internet. Shadow endpoints, version drift, mass assignment.

Upload = attack at parsing + storage + serving. All three have their own rules, and mistakes compound.

Framework defaults cover one HTML context. Every other context — URL, CSS, JSON-in-script — is fresh attack surface.

Every URL parameter where the server fetches. Cloud metadata turned SSRF from inconvenience to catastrophe.

Business logic bugs are legal sequences of actions producing illegal outcomes. Understand the product to find them.

Authentication is one gate. Authorization is every gate after. Most breaches live in the latter.

← Newer 1 … 72 73 74 75 76 … 91 Older →