-
I passed the CompTIA CySA+ Exam
I officially passed the CompTIA CySA+ exam on my first attempt! If you’re preparing for this defensive cybersecurity cert, here is my honest, spoiler-free review of the test, the study materials that actually worked, and my top tips for exam day.
-
Attacking AI with AI – How to use OpenClaw as an Autonomous LLM Pentester
As agentic AI frameworks expand, security teams face entirely new attack surfaces. This guide breaks down how to leverage OpenClaw as an autonomous LLM pentester to systematically discover vulnerabilities, simulate prompt injection scenarios, and harden your local or production AI models before adversaries do.
-
How to Deploy OpenClaw on a VPS using Hostinger and OpenRouter
A complete, beginner-friendly walkthrough for deploying your own OpenClaw personal AI assistant 24/7 in the cloud. This guide walks you through launching a Hostinger Docker VPS instance, managing your gateway security tokens, and leveraging an OpenRouter API key to tap into hundreds of optimized AI models without complex command-line configurations.
-
PWPE Practical Web Pentest Expert Review from TCM Security – My Honest Thoughts
Looking to take your web application hacking to the expert level? Here is my honest review of the Practical Web Pentest Expert (PWPE) certification from TCM Security. I dive deep into the Advanced Web Hacking course material, the 3-day practical exam structure, the reporting requirements, and whether this advanced hands-on certification is worth your time…
-
BSides SF 2026 – My Musical Experience
I had a great time attending the BSides SF event this year and getting to network with like-minded people who are passionate about security. As always, there were a lot of great talks, but this year I made the choice to do more CTFs on the event floor since the talks are recorded and will…
-
How to Run Garak Vulnerability Scans on LiteLLM
Securing your LLMs before production is critical. Discover how to use NVIDIA’s Garak AI red-teaming framework to scan a LiteLLM proxy deployment on AWS for prompt injections, data leakage, and hallucinations. This practical walkthrough covers setting up an EC2 scanning environment, provisioning virtual keys, configuring base URLs, and evaluating HTML/JSON vulnerability reports.
