pwn.college - education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion.

Common security issues with crypto websites and APIs | what I'm breaking...

An opinionated guide on how to reverse engineer software, part 1

The Six Dumbest Ideas in Computer Security

Better to block everything and allow known good things

Bad things vastly outnumber good things

Penetrate and patch means finding holes and fixing them repeatedly

• expressed as endless loop of testing, finding flaws, patching, repeat
• doesn't improve underlying design quality, just hardens through trial and error

Action is better than inaction drives premature technology adoption

• "early adopters" vs "pause and thinkers" - latter build more successful secure systems
• better to wait, learn from others' mistakes, deploy mature technology
• technology gets cheaper and more reliable with time