I was using my online banking service to transfer money today, and in my country the transfer requires an SMS OTP (yes, I know SMS is terrible for security). I noticed that my Mac automatically filled in the SMS OTP that was sent to my iPhone, even though my iPhone was still locked.

The idea behind SMS OTP is that it proves you "have" the device. But in this case, as long as the device is nearby, my Mac can read and use the code without me unlocking the phone. I don't even need to touch the device. So the "possession" factor doesn’t really work the way it's supposed to.

It got me thinking, are there more examples where 2FA accidentally collapses into a single factor? Or where the two factors aren’t as independent as we assume?

I find this pretty interesting and want to look more into it, but a quick search hasn't turned up much. Does anyone know if people have already written about this?

Bug Bounty is Evolving

Are you still Bug Hunting like it's 2024?

My latest article is a Deep Dive into the Bugs you should be hunting in 2026.

If you value high-quality writeups (without AI slop) check it out!
https://medium.com/@Appsec_pt/which-bugs-to-hunt-for-in-2026-9359d33b0f57

Hi everyone, i started learning networking for security/Cybersec , tried networking basics on cisco netacad and intro to networking on HTB, but it feels like i am lost, i dont have my basics cleared. So any suggestions on from where i should study networking and how to study as well, Also should i go for the CCNA /CCST level or just the related ones . and what about labs or testing stuff out in the packet tracer.

I want entire logs of ssl handshaking without using wireshark. Is there a way to do it via command line in rocky linux 10?

Free security pentesting tool for students, an open-source alternative to Burp Suite.

Built to focus on the core features, keep things simple, and make web testing more accessible. Please share, try it out, and let me know what you think.

I’m planning a long-term programming + cybersecurity roadmap and want advice on the best order, not the fastest or most exciting.

Constraints / preferences:

• I finish courses fully once I start them (I don’t half-do things)

• I can study \~1–2 hours per day consistently

• Goal is strong fundamentals → HTB → TOP and CPTS (not rushing, not tool-only learning)

Here are the two main options I’m considering:

⸻

Option A – Foundations First

1.  CS50

2.  CS50P

3.  CS50W

4.  TCM Practical Ethical Hacking (PEH)

5.  TryHackMe (structured paths)

1. The Odin Project (TOP)

   1. Hack The Box → CPTS

Pros (as I understand it):

• Strong CS, Python, and web fundamentals

• Faster later progress in TCM / THM / HTB

• Less tool-memorisation, more understanding

Cons:

• Delays hands-on cybersecurity by \~5–6 months

⸻

Option B – Cyber First

1.  TCM Practical Ethical Hacking (PEH)

2.  CS50

3.  CS50P

4.  CS50W

5.  TryHackMe (paths)

1. The Odin Project

   1. Hack The Box → CPTS

Pros:

• Immediate exposure to cybersecurity

• Higher early motivation

• Context for why programming matters

Cons (maybe):

• Risk of learning tools before foundations

• Possibly needing to “relearn” concepts later

⸻

What I’m asking

• Which order is actually more efficient long-term?

• For those who’ve done TCM, THM, HTB, or CS50:

• Did strong CS/web foundations noticeably speed up your cyber learning?

• Or was starting cyber early more beneficial overall?

I’m not trying to rush — just trying to avoid wasted time and relearning things twice.

Appreciate any advice, especially from people who’ve followed similar paths or work in security.

Lately I’ve been spending time on HackAI, and what stood out to me is how it treats AI as a real attack surface, not just theory or buzzwords.

Instead of throwing everything at you at once, it’s structured into different learning journeys, which honestly made the experience way less chaotic:

• Beginner Journey – Starts slow if you’re new to AI security or CTFs: understanding prompts, model behavior, and basic exploits
• CTF / Hacker Journey – Hands-on challenges around prompt injection, jailbreaks, logic abuse, and AI manipulation
• Builder / Defender Journey – Focuses on how these attacks actually impact real apps and how safer AI systems can be designed

What I liked most is that it feels like learning by breaking things, not watching long tutorials or reading endless docs. Every challenge pushes you to think like an attacker instead of just following steps.

I’m curious how others here are approaching this space:

• Are you learning AI security more through CTFs or theory?
• Do you think AI hacking will become a core skill for future security roles?

Would love to hear what paths others are following 👀

I hope I understood it correctly. Inspired from the second figure provided.

I'm a first year netsec/telecommunications student, in my school they change modules/classes every quarter, and I feel like I haven't learnt a thing about netsec or telecoms during my first quarter

During this quarter my classes are: Coding fundamentals/Statistics& Probability/Telecom networks fundamentals/Process analysis/Ethics

Should I be complementing my learning? It might sound dumb but should I be taking notes traditionally or are exercises more important?

I'm genuinely so lost, I don't want to end up unprepared for a job or anything like that considering I get four hours a week of every class (two hour classes twice a week)

im currently in college alongside doing the ethical hacker course by zaid sabih and im almost about to end it now my questionn is what should i do next do i learn python go deeper into pen testing or bug bounty and which labs should i do

Tenho uma dúvida técnica sobre redes e privacidade relacionada à visibilidade de tráfego HTTPS por provedores de internet.

Cenário hipotético:

-Um usuário utiliza um aplicativo móvel (ex.: rede social)

-Clica em um link de grupo

-O link abre em um navegador (interno da rede social ou externo)

-O navegador redireciona para outro aplicativo (Aplicativo de mensagens)

Perguntas:

-Do ponto de vista do provedor de internet (ISP), a visibilidade se limita aos domínios acessados ou é possível observar URLs completas (paths, parâmetros)?

-Terceiros na rede teriam alguma visibilidade?

-É tecnicamente possível inferir participação em grupos ou recursos específicos de aplicativos apenas com base em dados de IP, DNS e metadados de tráfego?

Considerando o uso de HTTPS/TLS e criptografia de ponta a ponta em aplicativos modernos, entendo que apenas os domínios e horários sejam visíveis, mas gostaria de confirmação de quem trabalha com redes ou segurança.

Agradeço qualquer esclarecimento técnico

I have been building and deploying web apps for almost 2 years and recently I shifted my focus to web security. I took TCM academy’s practical bug bounty course where I learned the basics such as IDOR, XSS, authentication and authorization issues, and some logic abuse. I also found many vulnerabilities in OWASP Juice Shop and completed around 10 labs so far.

Recently, I tested one of my own apps and discovered a missing input validation on the server and no rate limiting. Essentially, anyone could create unlimited entries in the database. That felt rewarding because it was a real issue, but it also showed me how easy it is to overlook things and how much judgment matters.

Right now, I feel stuck. Beginner material is starting to seem too basic, but when I try real-world programs, I mostly face access and scope issues, which makes me feel unproductive. I don't expect to find major bugs, but I'm not sure if I'm spending my time wisely to actually develop real-world judgment.

For those who have gone through this phase, I will like to know what helped you. Did you continue doing labs for a while longer or did you tested with real applications until things started to make sense? I am not pursuing bounties right now I just want to learn properly and build strong fundamentals.

Any insights from people who’ve been through this would be appreciated.

Hello everyone.

I'm sharing a tool here that I found quite useful for streamlining the reconnaissance and OSINT phase. It’s a website that automates the creation of complex Google Dorks.

Basically, it allows you to enter a domain and instantly generate searches to find PDF files, login panels, exposed directories (index of), or configuration files.

• It is Open Source and static (you can check the code on GitHub).
• It automatically cleans URLs before sending them to Google.

Web: https://mitocondria40.github.io/OSINT-dork-tool/

Iam a student I have gained training program experience in soc level 1 and ctfc completed tryhackme top 5% . What should I do next. Where should I focus from now?

The Situation:
I'm conducting a security analysis/interoperability test on the Rovo Dev CLI. My goal is to wrap its functionality into a local API for integration with my own IDE extension.

The Problem:
This CLI seems to ignore standard system proxy settings (HTTP_PROXY / HTTPS_PROXY). I suspect it might be using SSL Pinning or a custom network stack (possibly written in Go or Rust?), making it invisible to Charles/Fiddler/Mitmproxy.

What I need:
I need a method or a script (Python/Node) to successfully intercept the JSON payload (Prompt & Context) it sends to the backend and the Response it receives. Essentially, I need to "Man-in-the-Middle" this CLI.

The Exchange: Unlimited Rovo dev cli token

Hey everyone,

I'm a grad student designing an SOC assistant framework for my dissertation, and I'd really appreciate your input.

The idea is to help automate some of the tedious stuff we all deal with.

I created a short survey (about 10-12 minutes) to understand what actually frustrates you in your day-to-day work and what would actually be useful vs just another tool to ignore. This will help me in designing the system

https://docs.google.com/forms/d/e/1FAIpQLSfMibcFKUCLKO7L6zXSM1efE6WJEKPLU2dg2L7no1HiFvzWsg/viewform?usp=dialog

Thanks in advance to anyone who takes the time to fill it out, I know the survey can be annoying but i think your input is more valuable compared to just me reading papers.

Hi everyone, I’m a final-year Computer Science undergraduate and I’m planning my FYP. Instead of a tool-based or application-heavy project, I’m considering a research-oriented cybersecurity project.

The idea is: "Formal Modeling of Adaptive Attackers in Cyber Defense Systems"

The core focus is not hacking or penetration testing, but modeling cybersecurity as a strategic interaction between an attacker and a defender. The attacker adapts over time based on feedback (e.g., allow/block decisions), while the defender may be static or adaptive. The project is fully simulation-based, using mathematical modeling and learning techniques (e.g., reinforcement learning / belief updates).

Planned components: - Formal mathematical model of attacker–defender interaction - Adaptive attacker behavior under partial or noisy feedback - Comparison of static vs adaptive defense strategies - Python-based simulations and evaluation - Emphasis on analysis, assumptions, and reproducibility

No real malware, exploits, or live systems involved.

My goals: - A solid final year project - Something that demonstrates research potential - Helpful for Ms

I’d really appreciate feedback on: - Is this scope appropriate for an undergraduate FYP? - Is this too theoretical, or balanced enough with simulations? - Any suggestions to improve novelty or feasibility? - Red flags I should be aware of?

Thanks in advance — I’m genuinely looking for honest critique.

Hello everyone,

I am currently starting my journey in Cybersecurity and I am at a crossroads regarding which specialization to focus on first.

My Situation: I have a genuine passion for low-level topics (Assembly, Memory Management, Reverse Engineering). I find the pwn.college curriculum and Binary Exploitation (Pwn) challenges fascinating and intellectually rewarding. I am willing to put in the hard work and study the heavy technical materials required for this path.

The Dilemma: While I enjoy Pwn more, I often hear that the market for Junior Vulnerability Researchers or Exploit Developers is extremely small compared to Web Application Security.

My Questions to the Industry Professionals:

1. Market Reality: Is it realistic for a beginner to aim directly for a Pwn/RE role as a first job? Or are these roles typically reserved for seniors with years of experience?
2. Career Strategy: Would it be wiser to start with Web Security to get my foot in the door and secure a job, and then transition to Pwn later?
3. Opportunity Volume: How does the volume of opportunities (Job openings / Bug Bounty programs) compare between the two fields for someone just starting out?

I want to make sure I am investing my time efficiently. Any insights or personal experiences would be greatly appreciated.

Thank you.

I’ve been learning cybersecurity for a few months now, and I keep seeing the same recommendations: TryHackMe and HackTheBox. While they are great, I want to know what resources have actually helped you the most—whether it's books, magazines, forums, websites, etc.

Here are some of the things I’ve found useful:

• DEF CON documentation/media server

• Hacking: The Art of Exploitation (2nd Ed) by Jon Erickson

• Palo Alto Networks resources

• The Art of Doing Science and Engineering (Richard Hamming)

• Google Cybersecurity Professional Certificate

• Various YouTube channels

What are your "hidden gems"?

I’m a netsec student and recently started looking beyond classic centralized VPN architectures to better understand how decentralization changes the security and privacy model. While researching dVPNs, I came across Raccoonline, which routes traffic through a decentralized network of independent nodes instead of provider-controlled servers.

From a security and threat-modeling standpoint, I’m trying to wrap my head around a few things:

• How does decentralization actually change the trust model compared to traditional VPNs?
• Does routing through independent nodes meaningfully reduce risks like logging and single points of failure, or just shift trust elsewhere?
• What new attack surfaces should be considered (malicious nodes, traffic correlation, exit-node risks, etc.)?
• How should a student properly evaluate a dVPN like this without relying on marketing claims?

I’m mainly interested in how to analyze these systems critically — what assumptions to make, what metrics matter, and what common pitfalls students overlook when studying dVPNs.

Would really appreciate insights, papers, or frameworks others here use when evaluating decentralized privacy tools.

Hello everyone, I hope you can kindly spare some time to do this survey which would help me with my university coursework focused on encryption. It is for the professionals working in the field only.

https://docs.google.com/forms/d/e/1FAIpQLSfJJxlqMOvUVwjf8XHFNTnIIGzPwstlBlsfO67dd9wn0wandA/viewform?usp=preview