Understanding URL and HTML Encoding: Why It Happens, How to Spot It, and What to Do With It If you’ve ever seen a URL filled with strange symbols like %20, or noticed your payloads getting altered in weird ways during testing, you’ve already met encoding — specifically URL encoding and HTML encoding. To exploit vulnerabilities […]
URL & HTML Encoding Read More »
Authentication on the Web: Sessions vs JWTs Understand how users stay logged in — and how we as pentesters can take advantage of it. Authentication is the process of proving who you are. Every time you log in to a website — with a username and password — you’re authenticating. But logging in is just
Understanding REST APIs: How They Work and What They Look Like An API (Application Programming Interface) is a messenger between different parts of a program — like a middleman that delivers your order to the kitchen. In the web world, APIs allow: You don’t see APIs directly, but every time you: What Makes It a
Python for Hackers: Why, How, and What You’ll Build Welcome to the Python Crash Course for Pentesters — a practical, zero-fluff series designed to teach you how to use Python as a weapon in your hacking toolkit. We’re not building web apps or to-do lists. We’re here to build brute-forcers, reverse shells, payload generators, and
Python for Hackers Read More »
My eCPPT Review The eLearnSecurity Certified Professional Penetration Tester (eCPPTv3) is a certification you don’t hear a lot about — at least not in detail. When I searched for honest reviews or walkthroughs, there wasn’t much out there. Now that I’ve completed it (as of 2025), I want to share my full experience — the
My eJPT Review – The Certification That Brought It All Together If you’ve ever searched for entry-level certifications in penetration testing, chances are the eJPT (eLearnSecurity Junior Penetration Tester) popped up. And for good reason — it’s one of the best practical introductions to the world of ethical hacking. I completed the eJPT in March
CompTIA Secure Infrastructure Specialist After completing the A+, Network+, and Security+ certifications, I received the CompTIA Secure Infrastructure Specialist (SIS) stackable certification — a badge that represents a well-rounded understanding of IT fundamentals, networking, and cybersecurity. But to me, it wasn’t just about collecting certs. It was about laying the groundwork for something bigger —
My CompTIA Security+ Certification Review When I first started my journey into IT, I had a long-term goal in mind: I wanted to become a penetration tester. But I also knew I couldn’t just jump straight into the deep end. I needed to build a strong foundation first — and for me, that meant following
My CompTIA Network+ Certification Review Out of the CompTIA trifecta (A+, Network+, and Security+), Network+ was hands down my favorite. It was the first time I truly started to understand how everything fits together — how data moves across the internet, how devices communicate, and how networks are built and managed. For anyone serious about
My CompTIA A+ Certification Review The CompTIA A+ was my first real IT certification — and it played a massive role in getting me where I am today. I didn’t come from a technical background. In fact, I only got my first computer when I was 21. Before that, I wasn’t some childhood prodigy tinkering
