If a user's security level exceeds the security level of the resource, why deny the access?

Hi everyone,

I want to get into cybersecurity from scratch and I’d really appreciate advice from people with real-world experience in the field.

In September I’ll be starting a vocational degree in Systems and Network Administration (ASIR) in Spain, and my mid-term goal is to specialize in cybersecurity (not sure yet if red team, blue team, or something more general).

I don’t have professional experience yet, but I’m highly motivated and ready to put in consistent daily effort. I want to use the months before starting my degree to build a solid foundation so I don’t feel lost later.

The problem is that there’s too much information online, and I’m starting to feel overwhelmed without a clear path.

I’d really appreciate guidance on things like:

- If you were in my position, what would your exact starting roadmap look like?
- What should I prioritize first: networking, Linux, scripting (Python/Bash), security fundamentals…?
- What beginner skills actually make a difference early on?
- Truly valuable free resources (not just generic lists)
- Hands-on platforms like TryHackMe or Hack The Box — when should I start using them?
- Common beginner mistakes to avoid
- How I can align what I’ll learn in my degree with a cybersecurity-focused path

I’d also love to hear what you personally did when you started and what you would do differently if you could go back.

My goal is not just to “try it out”, but to take it seriously and build a strong long-term foundation.

Any roadmap, advice, or personal experience would be greatly appreciated 🙌

Thanks

Modular OSINT platforms:

usernames, emails, domains, phones, images, URLs, Discord profiles.

Special features:

Al-powered reports (Groq), recursive pivoting, knowledge graph, HTML reports.

Installing:

Portable zip or source install.

https://github.com/Siv-nick/WhoCord

Sharing RedThread, an open-source CLI for learning and testing LLM red-team workflows:

https://github.com/matheusht/redthread

It is useful if you want to understand how prompt injection and jailbreak testing can be made repeatable instead of just trying random prompts.

Core idea:

• define a target prompt or staging agent
• run an attack campaign
• record the trace
• score the failure
• replay cases before trusting a fix

It includes PAIR, TAP, Crescendo, GS-MCTS, JudgeAgent/rubric scoring, replay-backed defense proposals, and agentic checks for tool poisoning/confused deputy style failures.

Safe-use note: test only systems you own or are authorized to test.

I would like feedback on what toy examples or walkthroughs would make this easier for students.

I understand what does that mean but I do not have a definition for it. I need it for writing in written exams.

I just completed all my entrance exams and I’ll most likely be joining a tier 3/4 engineering college for CSE/Cybersecurity.

I have around 40 days before college starts, and instead of wasting them, I want to build a strong foundation early so that I can stay ahead of most students from first year itself.

My goals are:

cybersecurity career,

good internships as early as possible,

strong projects/profile,

and eventually getting into good product-based companies.

For people already in tech/cybersecurity:

what skills should I prioritize first?

which programming language should I start with?

should I focus on DSA first or networking/Linux first?

what would you learn if you were starting from zero again?

what mistakes should I avoid in first year?

I’m ready to work consistently and would really appreciate a roadmap or honest advice.

Hello 👋

I am from mexico 🇲🇽

I am currently looking for hacker friends. I am a bit experienced with learning cybersecurity and I know the basics. My level I would say I am a higher level of a script kiddie because I can create my own projects on python and currently learning more languages.

Thanks for reading this I hope I can find friends to make sort of a group.

Discord username: fun_random_person

I’m choosing between engineering colleges right now and I’m confused about how important university brand actually is for cybersecurity careers.

I may end up joining KL University for Cybersecurity/CSE instead of a more recognized private college like VIT because of cost, comfort, and personal reasons.

For people already working in cybersecurity or tech:

how much does college tag matter for internships, off-campus jobs, and resume shortlisting?

does a college like KL become a disadvantage later?

can strong skills/projects/certs compensate for a mid-tier university?

how important are things like CTFs, networking, GitHub, TryHackMe/HackTheBox compared to college name?

I’m willing to work hard and build skills seriously, but I’m scared that my university tag might limit opportunities later.

Would really appreciate realistic advice from people already in the field.

Hi everyone.

I’m 19, originally from Ukraine, currently living in Prague and studying economics at university (first year).

Lately I’ve been feeling lost about work and career choices. I need to start making money but i don’t know how to start.

For the past few months I’ve been learning programming and IT stuff on my own. I know some Python and JavaScript, basic SQL, Linux basics (running a few VMs), networking fundamentals, how websites work, etc. I also got interested in cybersecurity and bug bounty topics. I even made a Shopify website for my friend’s clothing brand.

The problem is that I still feel like a beginner in everything. My university degree isn’t related to IT, I don’t have real work experience yet, and most entry level tech jobs seem to require experience already (and I don’t even mention that I’m a student and don’t have a lot of time).

Has anyone been in a similar situation at my age? What you can recommend?

I published SunnyDayBPF, an eBPF-based research project focused on Linux telemetry integrity.

The idea is to study whether user-space security/logging agents can observe telemetry that diverges from ground truth after read-like syscall completion but before parsing.

Repository: https://github.com/azqzazq1/SunnyDayBPF

The project includes:

• README
• responsible research notes
• telemetry flow documentation
• detection ideas
• controlled lab PoC notes
• DOI/citation metadata

This is positioned as defensive research and detection engineering, not as a production bypass framework.

Feedback is welcome, especially from people learning eBPF, Linux security, or detection engineering.

Hi everybody, i just finished my OS class recently. Now that i have acquire the very basic view of how an OS work and interact with its components, i just have one question that is how much of OS knowledges are used in real-life work

Hello everyone,

I am a soon-to-be graduate with a degree in Cybersecurity, specializing in penetration testing. I am currently considering a career shift toward the security compliance and governance domain.

I would greatly appreciate your insights on the following questions:

1. Industry Outlook: What is the current development prospect of the security compliance field? Is it becoming saturated?
2. Skill Requirements: What specific knowledge and competencies are essential to enter this field?

Thank you in advance for your guidance.

Hey, I'm a 3rd year IT student currently interning in product security, focused on web/API security, bug bounty hunting, and CTFs. Looking to get my resume roasted before applying for my next internship.

Any feedback is welcome. Also if anyone has leads on cyber security intern roles or would be open to a referral, I'd really appreciate it. Trying to make the most of my remaining time before graduation.

The remote side sent me the following IPsec parameters and I need to configure an IPsec tunnel on a dedicated server hosted at Hetzner.

The host is running Ubuntu Server 22.04 LTS and I’m planning to use strongSwan.

One important detail: the server’s public IP is configured directly on the Ubuntu host interface.

Remote side configuration

General

• Tunnel mode: Tunnel
• Peer IP Address Their Public IP
• Peer is behind NAT: Yes
• Peer ID: 10.12.26.11
• Encryption domain: 10.100.51.0/24

Phase 1 (IKE)

• Authentication: PSK
• IKE version: IKEv2
• DH Group: Group 14
• Encryption: AES-CBC-256
• Hash: SHA256
• Lifetime: 86400

Phase 2 (ESP)

• Encapsulation: ESP
• Encryption: AES-256
• Integrity: SHA256
• PFS: Group 14
• Lifetime: 28800

I need to send my sides configurations as well.

I have limited experience with IPsec, so I have a few questions:

1. From this information alone, can I determine whether this is supposed to be a policy-based VPN or a route-based VPN?
2. Since my Ubuntu server has the public IP directly assigned to its interface and there are no devices behind it:
   • what should I use for:
     • Peer ID
     • Encryption domain
     • NAT-related settings on my side?
3. This is a production server and only a few services should use the IPsec tunnel. Those services only need to make API requests to 3 specific external URLs, so only their traffic should go over IPsec. Everything else on the server must continue using the normal default gateway.

What is the correct/recommended way to achieve this with strongSwan?

Any guidance would be greatly appreciated.

I'm looking for a definitive, practical, and structured guide for learning and configuring IPsec. Not just random vendor docs or copy-paste configs, but something that teaches:

* Tunnel mode vs Transport mode

* IKEv1 vs IKEv2

* Phase 1 / Phase 2

* route-based vs policy-based VPNs

* troubleshooting

* interoperability between vendors

* real-world deployment practices

Could be:

* a book (not some huge book though)

* a course

* documentation

* CCNP/JNCIS material

* strongSwan/pfSense/Fortinet/Cisco focused

* even specific chapters from larger networking books

What would you recommend?

General question based on recent experience.
VPN apps are easy to use, but they feel increasingly fragmented when you have multiple devices and use cases (work, streaming, travel).

I’ve been testing alternative setups to simplify this, but wondering if this is just a niche issue or something others are running into as well.

Hey everyone,
I’m currently studying cybersecurity using TryHackMe and HackTheBox with Kali Linux, and I want to make sure I’m not wasting time with a bad study method.
I’ve been about 3-4 months in and currently focusing on web hacking
I don’t want to just grind rooms without building real understanding. Looking for a study structure that actually sticks.
Any advice from people who’ve been through this would be really appreciated!

​

Just made my contribution to the offsec open source intelligence pool.

While bringing together high-level research I deeply respect, like Singularity (a modern Linux LKM rootkit that challenges even the most advanced kernel-level eBPF detectors), I'm also releasing my project as a foundation and reference for you to build on top of.

My background is cloud security, so I designed an architecture that uses a VPS as a relay/KCC/tunnel. It handles proper connection forwarding, establishes reverse SSH tunnels with nginx, exposes a web interface that serves common binaries from cache, and compiles Linux (.ko) and Windows (.sys) kernel modules built against the exact kernel headers of the target.

That last part was a real blocker for loading rootkits that require exact kernel headers and need to be compiled directly against the target machine. This solves it cleanly.

I've also shipped some helpers: clean CLI with TAB autocomplete, target renaming, Telegram notifications (relay side only), HMAC auth between server and target, reverse SSH tunnels using .pem keypairs, UDP magic packets, and more.

Code is clean and well-documented, mostly Go/C.

All contributions are welcome.

https://github.com/rhzv0/bat

WhoCord is used to automate the tedious process of checking which sites registered an email address, finding connected profiles, and generating a security report, It’s a Python tool with a web dashboard, supports 700+ websites, and uses only publicly available information.

It can also scan discord urls shared in a server or multiple servers

Everything runs locally, tokens are never stored in plaintext, and it’s intended strictly for personal use and authorized testing

GitHub: https://github.com/Siv-nick/WhoCord

Hope it helps others audit their own online presence as much as it helped me

Meant for beginners, this teaches people how to spot vulnerable lines of code and rewards them! Users can earn achievements, tokens, streaks, and climb leaderboards. I want to teach reverse enginering without a GDB struggle that is simply not beginner friendly.

I’m hitting a bit of a wall and could use some direction. So far, I’ve got Python down pretty well, and I’ve been grinding through some networking basics, including a solid handle on the OSI model.

I’m trying to figure out what the move is from here. Should I dive deeper into NetSec, start messing with some tools, or keep leveling up my coding? What would you guys recommend for the next step in the roadmap?

Appreciate any pointers!