Knowledge Hub

Practitioner-grade cybersecurity content

Technical playbooks, war stories, and how-to-think guides — written by practitioners, anchored to the Indian context.

Want structured, step-by-step learning instead? Explore the Academy (guided courses) or the AI security hub.

Latest articles

Most recent practitioner playbooks across every track. Filter by topic in the sidebar, or use search.

Academy

Module 3 · Authentication Attacks

Username enumeration, password spraying, credential stuffing, session attacks, JWT vulnerabilities, OAuth/SAML flaws, MFA bypasses.

Apr 19, 2026 · 11 min read
Academy

Module 2 · Web Enumeration & Recon

Subdomain enumeration, technology fingerprinting, directory brute-forcing, JavaScript bundle analysis, and Wayback reconnaissance.

Apr 19, 2026 · 11 min read
Academy

Module 1 · HTTP & Web Fundamentals

How HTTP actually works at the wire level — methods, status codes, headers, cookies, TLS. The foundation for every web-app attack pattern.

Apr 19, 2026 · 11 min read
Cloud Security

CSPM Tools Compared: Wiz, Orca, Prisma, Defender (2026)

Honest comparison of CSPM tools in 2026: Wiz, Orca, Prisma Cloud, Microsoft Defender, Lacework, plus open-source (Prowler, ScoutSuite, Trivy). How to choose…

Apr 19, 2026 · 4 min read
DPDP Compliance

Hiring a Data Protection Officer (DPO) in India: The 2026 Guide

When DPDP requires a DPO, when to hire one anyway, the candidate profile, market rates in 2026, the fractional-DPO alternative, and the…

Apr 19, 2026 · 4 min read
Cloud Security

Hardening a New AWS Account in 2 Hours (Runbook)

The 10-step runbook we use to harden a new AWS account from default state to production-defensible posture in about 2 hours. Commands,…

Apr 19, 2026 · 4 min read
VAPT

VAPT Report: What a Good One Actually Contains

What a good VAPT report contains, with an annotated 8-section template — serving CTO, engineer, auditor, and buyer audiences — and the…

Apr 19, 2026 · 4 min read
VAPT

Network Penetration Testing: Internal vs External (2026)

Network penetration testing in 2026 — external vs internal scope, the cloud transition, tools that matter, common findings, and when traditional network…

Apr 19, 2026 · 4 min read
VAPT

Mobile Application Penetration Testing: Android + iOS Guide (2026)

Mobile app pen testing for 2026 — Android vs iOS methodology, OWASP MASVS L2 coverage, common findings, platform-specific security features, and typical…

Apr 19, 2026 · 4 min read
DPDP Compliance

Data Principal Rights Under DPDP (With Templates)

Data Principal rights under DPDP — the four substantive rights, the 6-stage request-response workflow, templates for access and erasure responses, and the…

Apr 19, 2026 · 5 min read
1 85 86 87 88 89 91