I’ve Interviewed Dozens of Cybersecurity Professionals — Here’s My Best Advice
Hey guys, Rocky here—you probably know me as the founder of CodeLivly. A few weeks ago I got a call I didn’t expect: a Kathmandu-based cybersecurity company asked if I’d consider joining them as a fractional security strategist. (Spoiler: I said “let’s talk.”) While we...
The Pentester Playbook – Get Started To Hacking
When you hear the word “hacking,” you might picture someone in a hoodie typing away in the dark, breaking into banks or stealing data. But here’s the truth: not all hackers are bad — and hacking isn’t just for the movies anymore. In today’s world,...
How to Create a Linux Bash Script – And What You Can Do With It
So, you’ve heard about Bash scripting and you’re curious what all the buzz is about? Whether you're just starting with Linux or diving deeper into automation, Bash scripts are your best friend. They’re like small sets of instructions that you write once, and they do...
Cloud Engineer Roadmap: The Complete Guide from Beginner to Expert (2025 Edition)
If you've been wondering how to become a cloud engineer, you're in the right place. Whether you're just starting out in tech or looking to switch your career, cloud engineering is one of the hottest and fastest-growing fields out there. And the best part? You...
Mastering SQL Injection Recon – Step-by-Step Guide for Bug Bounty Hunters
Picture this: You’re testing a website, and with a simple tweak to a login form—BAM!—you trick the database into spilling its secrets. No password? No problem. That’s the power of SQL Injection (SQLi), one of the most dangerous (and profitable) vulnerabilities in web security. Despite...
Is it secure to use an MCP server?
The Model Context Protocol (MCP) is a convenient open protocol for linking large-scale language models (LLMs) with external data sources and tools. However, since anyone can create an MCP server and publish it on GitHub, there is a possibility that it may contain malicious code....
Don’t Get Hacked by Jargon! The Cybersecurity Glossary Everyone Needs
Hey there! Welcome to your go-to guide for cyber security terms, abbreviations, and acronyms. Whether you're just starting out in cybersecurity or need a quick refresher, this glossary will help you decode all the techy jargon. Why Does This Stuff Matter? Cyber threats are everywhere,...
Ultimate Guide: Hosting a Live Website in Termux with Nginx & Apache! 🚀
Do you want to turn your Android phone into a fully functional web server? With Termux, you can run Nginx or Apache to host a live website locally—or even make it public! This in-depth guide will walk you through setting up both web servers, configuring...
Now it’s clear! Explaining the basics of IP addresses and their allocation for beginners
Hey guys , I'm Rocky. This may seem sudden, but have you ever thought about what an IP address is?When you use a smartphone or computer, you can connect to the Internet without even thinking about it, and you can watch YouTube or upload photos...
The Ethical Hacker’s Playbook for Hacking Web Servers
So you’re interested in cracking the code of how hackers navigate web servers like they own the place? Well, welcome to the dark side—of knowledge. It’s not a tutorial on rampaging; it’s your backstage pass to hacker thinking so you can outsmart ’em. It’s your...
Analysis of sudo privilege escalation techniques to obtain root through C language under Linux
Sudo privilege escalation is a technique that allows an attacker to gain root access on a Linux system. While sudo is a powerful tool for system administration, it can become a potential security risk if misconfigured or exploited. This article will dive into how attackers...
Mastering Exploit Development: The Key Skill for Professional Cybersecurity Practitioners
Have you read about hackers breaking into gateway systems and stealing proprietary information, or even shutting down entire networks? But how do hackers gain access to it? Much of the answer is exploit development, the art of finding software vulnerabilities and weaponizing those vulnerabilities for...
Exploit Development Made Easy: Generating Payloads In Metasploit
When developing exploits, creating shellcode is a necessary step. Metasploit provides an easy way to generate payloads from within the msfconsole. When you select a specific payload, Metasploit automatically adds useful commands such as "generate", "pry", and "reload". Among these commands, "generate" is the key...
The Ultimate Nmap Guide: Master Network Scanning, Scripting, and Security Audits
Hey guys, Rocky here! 👋 Welcome to your ultimate guide to Nmap—the Swiss Army knife of networking tools! Whether you’re a cybersecurity newbie, a network admin, or just a curious techie, this tutorial will turn you into an Nmap ninja by the time we’re done....
Hacking like a Pro: The Ultimate Guide to Penetration Testing with Kali Linux Tools in 2025
Penetration testing is an essential part of any comprehensive security program, and Kali Linux is a powerful platform for conducting such testing. With its vast array of built-in tools and support for third-party software, Kali Linux is a favorite of security professionals and penetration testers...
SSH DDoS Attack Simulation Using Python: A Comprehensive Guide
Hey guys! 👋 Rocky here. Let’s talk about something wild but super important: DDoS attacks targeting SSH—and how Python, everyone’s favorite Swiss Army knife of coding, plays a role in both causing and stopping these digital dumpster fires. Wait, What’s a DDoS Attack? Imagine 1,000...
The Ultimate Guide to Transforming Your Old Machine into a VPS Server
Hey guys, Rocky here! 👋 So you've got a dusty old laptop or computer taking up space in the corner? Perhaps it's that hulking desktop from 2012 or that gaming machine you upgraded for something new and flashy. Before you throw it on eBay for...
Building Malware with Python: Writing Ransomware, Keyloggers & Reverse Shells from Scratch
Hey guys, Rocky here! 👋 So you're curious how malware actually works? Maybe you're wondering why ransomware is holding a computer for ransom, how keyloggers steal login passwords, or why reverse shells allow hackers remote access. I get it—cool stuff! But before we get started,...
Building a Custom Python Backdoor
Hey guys! 👋 Rocky here. So, you wanna learn how to build a custom backdoor in Python? Cool, let’s dive in! But first—let’s get one thing straight: this is for educational purposes only. I’m talking about ethical hacking here—the kind that helps you understand how...
🚨 Building a Malicious Backdoor & C2 Server in Python! 💻🔥
Malicious backdoors and Command & Control (C2) servers are tools commonly employed in cyberattacks to enable unauthorized entry into systems. Knowledge of their architecture is extremely crucial for cybersecurity professionals to protect against such an attack. In this article, the conceptual architecture of these entities...
Mastering Linux: The Top Commands Every Server Administrator Should Know
As a Linux system administrator, you need to know how to effectively manage and configure your Linux servers using the command line interface. While there are many graphical user interfaces for Linux, most system administrators prefer to use the command line because it is powerful...
So You Want to Be a Hacker: 2025 Edition
Growing up in the 90s inundated me with images of hackers portrayed as mysterious, hoodie-clad figures breaking into systems with a few keystrokes. Little did I know then that this portrayal wasn't far from reality, albeit with a twist. Today, as someone deeply immersed in...
Nmap Cheat Sheet 2025
Nmap is a powerful and versatile network scanning tool used by network administrators, security professionals, and ethical hackers for a variety of purposes, including network mapping, inventory management, vulnerability assessment, and penetration testing. While Nmap offers a wide range of options and capabilities, its syntax...
Master Shell Scripting– Zero to Interview Ready!🔥
Have you ever found yourself doing the same monotonous task over and over again on your Unix or Linux system? Have you ever hoped that there was a means to automate tasks like this and have more time for yourself? If so, then Bash scripting...
Basic Network Concepts for Hacking
If you're stepping into the world of ethical hacking, then network knowledge isn't just helpful but a must-have. The internet and private networks are the playgrounds where security threats come into being, and to know how data moves, how devices talk to each other, and...
All About Logic Bombs: Your Computer Could Be Hijacked With Malware
Most users are familiar with viruses, trojans and worms. But there is a special type of malware that stands out for its stealth and accuracy in hitting its target – a logic bomb. Let's figure out what it is. Operating principle Attackers embed malicious code...
Port Binding Shellcode Remote Shellcode
When a host is exploited remotely, a multitude of options are available to gain access to that particular machine. The first choice is usually to try the execve code to see if it works for that particular server. If that server duplicated the socket descriptors...
GRUB LUKS Bypass and Dump
Recently, I needed to get the data off of a LUKS encrypted partition on a Virtual Machine that "wasn't mine" and I'd never done it before. You can probably guess what happened next. As a preface, if you've landed on this blog and are thinking...
Unleashing the Power of SQL Injection Testing with SQLMap : A Comprehensive Guide
Sqlmap is a Python-based tool, which means it will usually run on any system with Python. However, we like Linux, specifically Ubuntu, because it simply makes it easy to get stuff done. Python is already installed on Ubuntu. This is the same tool we use...
Can Port Scanning Crash the Target Computer or Network
So, you’ve probably heard of port scanning in movies or tech blogs, where hackers “scan” networks to find weaknesses. But what is it, really? And can something as simple as scanning ports actually crash a computer or take down a whole network? Let’s break it...
The Pentester Playbook – Get Started To Hacking
When you hear...
How to Create a Linux Bash Script – And What You Can Do With It
So, you’ve heard...
Mastering SQL Injection Recon – Step-by-Step Guide for Bug Bounty Hunters
Picture this: You’re...
Is it secure to use an MCP server?
The Model Context...
Don’t Get Hacked by Jargon! The Cybersecurity Glossary Everyone Needs
Hey there! Welcome...
The Ethical Hacker’s Playbook for Hacking Web Servers
So you’re interested...
Analysis of sudo privilege escalation techniques to obtain root through C language under Linux
Sudo privilege escalation...