Monthly tutorials about cybersecurity tools, network scanning, vulnerability analysis, and hands-on techniques for real-world scenarios.
-
Burp Suite Guide: The Heimdall of the Web
Burp Suite is the standard toolkit for intercepting, inspecting, and modifying HTTP traffic between a client (browser or mobile app) and a web server. If you can see the request and the response, you can test what matters: authentication, authorization, input handling, session behavior, and the real security posture of the application. This tutorial focuses…
-
Using Shodan – Attack Surface Discovery & Monitoring
Shodan is a search engine for internet-exposed systems. Instead of indexing web pages, it indexes services (SSH, HTTP, databases, VPNs, remote admin panels, etc.) and their banners/metadata, which makes it extremely useful for attack surface discovery and continuous exposure monitoring. This tutorial focuses on authorized, defensive use: mapping what your company exposes to the internet,…
-
SQLMap: Automating SQL Injection
sqlmap is an open-source penetration testing tool that automates the detection and exploitation of SQL injection (SQLi) vulnerabilities in web applications and databases. This tutorial focuses on responsible, low-impact validation: confirm whether a parameter is injectable, identify the back-end DBMS and technique used, and collect just enough evidence to help engineering fix the issue—without turning…
-
Using Nmap
This tutorial is your practical introduction to Nmap (Network Mapper) — the Swiss Army knife of network scanning. We’ll explain what it does, how it works, when to use it, and how to interpret results safely and ethically. Whether you’re a beginner technician or an experienced professional, you’ll find actionable examples and advanced tips here. What is…