After missing the easiest question known ever 😭
Why is the easiest exams are actually the worst ?🙄

🔥 Cyber Night Alert!
Tonight, we’re bringing the heat with a special guest—an impact-driven woman making serious waves in security.

🔐 AppSec & API Security Specialist
🕵️ Pentester
💼 Cybersecurity Presales
🎓 CASA, ACP
🌐 APISec U Ambassador
👥 ECySA Member

🕑 Cyber Night Session – Tonight
Don’t miss the energy, the knowledge, and the inspiration.

where : here on telegram
when : tonight 2:30 pm local time

linkedin
#AASTUCyberClub #CyberNight #WomenInCyber
@AASTU_CyberClub

had a good time
discussed about : api security ig it is rare somehow compared to those common fields
she said " joining community and having mentor (specially having mentor) helps u to succeed in this field "

⚡️Advent of Cyber 2025 Starts Tomorrow!

#TryHackMe annual Advent of Cyber kicks off in just one day, bringing a full month of free, beginner-friendly cybersecurity challenges designed to help you build real, practical hacking skills.

📅 Starts: Tomorrow
💰 Cost: Free
🎯 Skill Level: All levels — especially beginners

Join in, sharpen your skills, and make this December a month of continuous learning.
👉 Start here: https://tryhackme.com/adventofcyber25


@bunabytecs

OSI VS TCP/IP😁

Helps a lot specially for beginners i just have done the warm up and still 3 rooms to go from released ones
It doesn't matter when u do the rooms what matters to win the prize is having more points at the end , if u do all the rooms u will get the certificate after 24 days

Will post what each room is about

The warm up room: was about basic linux commands , looking for suspicious emails, files and the first defense of cyber attack strengthing ur password .....
Should i continue posting this?

next time when u think to do a project consider these

continued
let's do the rooms together
https://tryhackme.com/room/linuxcli-aoc2025-o1fpqkvxti
DAY 1:
- basics linux commands
such as ls, cd , grep(to find a text in a file) , find (to find a file with certain parameter provided) , and others
- what are some file systems in linux actually hold
such as /var/log/, a Linux directory where all security events (logs) are stored etc....
if u get stack u can get a video guide in the first page

continued
let's do the rooms together
https://tryhackme.com/room/phishing-aoc2025-h2tkye9fzU
DAY 2: was about
Understand what social engineering is
Learn the types of phishing
Explore how red teams create fake login pages
Use the Social-Engineer Toolkit to send a phishing email

Unfortunately, phishing attacks are becoming harder to spot so try to remember this word always : S.T.O.P
Suspicious?
Telling me to click something?
Offering me an amazing deal?
Pushing me to do something now?

the other mnemonic

Slow down. Scammers run on your adrenaline.
Type the address yourself. Don’t use the message’s link.
Open nothing unexpected. Verify first.
Prove the sender. Check the real From address/number, not just the display name.

Channel summary for 2025
your top preforming post of the year is https://news.1rj.ru/str/kiddev13/152

continued
let's do the rooms together
https://tryhackme.com/room/splunkforloganalysis-aoc2025-x8fj2k4rqp
DAY 3: was about
learning objectives
- Ingest and interpret custom log data in Splunk
- Create and apply custom field extractions
- Use Search Processing Language (SPL) to filter and refine search results
- Conduct an investigation within Splunk to uncover key insights

continued
let's do day 4 it is interesting and short
https://tryhackme.com/room/AIforcyber-aoc2025-y9wWQ1zRgB
DAY 4: consideration of AI in cybersecurity
learning objectives
Learning Objectives
How AI can be used as an assistant in cyber security for a variety of roles, domains and tasks
Using an AI assistant to solve various tasks within cyber security
Some of the considerations, particularly in cyber security, surrounding the use of AI

the usage of ai in offensive security , defensive security and software development

⚠️ Researchers found malicious packages in VS Code, Go, npm, and Rust stealing developer data.

They mimicked themes, AI tools, and libraries to grab screenshots, Wi-Fi passwords, and browser cookies.

🔗 Find details here ↓ https://thehackernews.com/2025/12/researchers-find-malicious-vs-code-go.html

CONTINUED
let's do the rooms together
https://tryhackme.com/room/idor-aoc2025-zl6MywQid9
DAY 5: Learning Objectives

- Understand the concept of authentication and authorization
- Learn how to spot potential opportunities for Insecure Direct Object References (IDORs)
- Exploit IDOR to perform horizontal privilege escalation
- Learn how to turn IDOR into SDOR (Secure Direct Object Reference)

and we have to know the concepts
- **Authentication:** The process by which you verify who you are. For example, supplying your username and password.
- **Authorization:** The process by which the web application verifies your permissions. For example, are you allowed to visit the admin page of a web application, or are you allowed to make a payment using a specific account?

continued
let's do the rooms together
https://tryhackme.com/room/malware-sandbox-aoc2025-SD1zn4fZQt
DAY 6:
learning objectives
- The principles of malware analysis
- An introduction to sandboxes
- Static vs. dynamic analysis
- Tools of the trade: PeStudio, ProcMon, Regshot

There are two main branches of malware analysis: **static** and **dynamic**. Static analysis focuses on inspecting a file without executing it, whereas dynamic analysis involves execution. We will come to these shortly.

sandboxes
In cyber security, sandboxes are used to execute potentially dangerous code. Think of this as disposable digital play-pens. These sandboxes are safe, isolated environments where potentially malicious applications can perform their actions without risking sensitive data or impacting other systems.

continued
https://tryhackme.com/room/networkservices-aoc2025-jnsoqbxgky
DAY 7:
Learning Objectives

- Learn the basics of network service discovery with Nmap
- Learn core network protocols and concepts along the way
- Apply your knowledge to find a way back into the server

u can learn basic networking commands and tools like nmap, netcat etc....

Best approach😂

continued
https://tryhackme.com/room/promptinjection-aoc2025-sxUMnCkvLO
DAY 8:
Learning Objectives

- Understand how agentic AI works
- Recognize security risks from agent tools
- Exploit an AI agent