Blogs
Technical guides and writeups on cybersecurity, networking, and infrastructure from my coursework, internships, and home lab.
Enterprise Cybersecurity Management: Frameworks, Risk, and Strategy
Framework-level thinking from my Enterprise Cybersecurity Management coursework at BU -- how organizations weigh risk, cost, and compliance at scale.
Nmap Mastery: The Reconnaissance Tool Every Security Person Must Know
A deep look at Nmap, the reconnaissance tool behind nearly every network engineer's and penetration tester's toolkit.
Database Security: Protecting the Crown Jewels
Why database security is the last line of defense once the application layer is compromised, and how to apply least privilege at the data layer.
DeFi Security: Why $3 Billion Was Stolen in 2022 and What It Teaches Us
Breaking down why over $3 billion was stolen from DeFi protocols in 2022, and the well-understood vulnerability classes behind most of it.
CTF Competitions: How Capture The Flag Made Me a Better Security Engineer
How Capture The Flag competitions on HackTheBox and TryHackMe sharpened my offensive and defensive security thinking beyond coursework alone.
Cryptography Fundamentals Every Security Engineer Should Know
The cryptographic primitives behind TLS, password hashing, and digital signatures -- what they do, when to use them, and how to avoid misusing them.
Wazuh: The Free SIEM and EDR Worth Taking Seriously
Why Wazuh is a serious free alternative to commercial SIEM and EDR platforms, based on running it alongside Splunk in my home lab.
Building RBAC Into a Java CRM: What I Learned at Sonata Software
What building Role-Based Access Control into a Java CRM at Sonata Software taught me about the mechanics and philosophy of authorization.
Mobile Forensics 101: What Your Phone Remembers That You've Forgotten
What smartphones retain that most people don't expect, and how mobile forensics differs from established desktop forensic practice.
Incident Response in Practice: Building and Running Your First Playbook
Building a practical incident response playbook around the NIST SP 800-61 lifecycle -- the process clarity that determines whether you contain a breach.
Building a Blockchain-Based Authentication System with Stellar
Exploring blockchain-based authentication on the Stellar network -- cryptographic identity as an alternative to centralized identity providers.
Network Traffic Analysis with Wireshark: A Practical Beginner's Walkthrough
A practical, beginner-friendly walkthrough of using Wireshark to analyze network traffic and debug protocols.
Is the Google Cybersecurity Professional Certificate Worth It? My Honest Review
An honest review of the Google Cybersecurity Professional Certificate, completed while preparing to apply to BU's MS program.
AWS Security Fundamentals: IAM, VPC, and S3 Best Practices
A practical look at AWS IAM, VPC, and S3 fundamentals -- the cloud security controls that matter most, from my AWS Cloud Solutions Architect coursework.
Building Secure APIs: Mistakes I've Made and How to Fix Them
Lessons from building and testing APIs in Java, Python, and TypeScript -- where API security actually breaks down and how to fix it.
SQL Injection: From Attack to Defense (What I Learned at My Internship)
How SQL injection actually works and every layer of defense I applied while implementing secure database interactions at Sonata Software.
My MITRE eCTF 2026 Experience: Securing Bare-Metal Firmware on Arm Cortex-M0+
Designing and attacking secure firmware on the MSPM0L2228 (Arm Cortex-M0+) as part of MITRE's embedded Capture the Flag 2026 competition.
Smart Contract Security: The Vulnerabilities That Have Cost Billions of Dollars
The smart contract vulnerability classes -- from reentrancy to oracle manipulation -- that have collectively cost the blockchain industry billions.
MQTT Broker Hardening on Raspberry Pi: Lessons from My DoS Attack Lab
Hardening an MQTT broker on a Raspberry Pi after running my own DoS attack lab -- where IoT messaging protocols fail by default.
Digital Twin for Network Security: Building a Virtual Lab to Simulate and Detect Attacks
Building a virtual replica of an enterprise network in VirtualBox to simulate attacks and validate a Splunk + Zeek monitoring stack.
Setting Up a Home SIEM with Splunk: My Hands-On Guide
A hands-on guide to setting up a home Splunk SIEM, from my Google Cybersecurity Certificate prep through my coursework at BU.
OWASP Top 10 Explained: What Every Developer Needs to Know
The OWASP Top 10 explained in plain language for developers -- what each vulnerability looks like in real code and how to prevent it.
How I Built Bounty Hawk: My Automated Recon and Vulnerability Discovery Tool
Why I built Bounty Hawk, a Python automation framework that handles recon and OWASP Top 10 checks so I can focus on the parts of pentesting that need judgment.
Getting Started in Cybersecurity: My Student Roadmap
My path from a Bachelor's in Computer Applications to an MS in Cybersecurity at BU -- and the roadmap I'd give any student starting out.
