Hi, I’m J — an aspiring ethical hacker at the start of my journey into the world of cybersecurity and penetration testing.
This blog is my personal space to document everything I’m learning along the way: from understanding web vulnerabilities like broken access controls and open directories, to exploring hands-on tools like Burp Suite, OWASP ZAP, Gobuster, and Nikto.
I’m not here to break things just for the sake of it — I believe in responsible disclosure, continuous learning, and sharing knowledge openly. My focus is on developing real-world skills through practical testing, experimentation, and curiosity.
Why this blog?
Because everyone starts somewhere — and I want to show the real process of leveling up in cybersecurity. The wins, the weird bugs, the dead ends, the lightbulb moments… it’s all part of the journey.
This blog helps me:
- Track my growth and learning in a structured way
- Build a public portfolio for future roles in cybersecurity
- Connect with others who share the same passion
Whether you’re a beginner like me, a seasoned pentester looking for a familiar story, or a recruiter searching for someone with passion and potential — welcome. Grab a coffee, dive in, and explore my findings, failures, and future exploits.
🛡️ Wall of Impact
While I’m still building my skills in cybersecurity, I’ve already had the opportunity to find and report several vulnerabilities. These aren’t the most complex or high-profile hacks, but they represent my first real-world encounters and the start of my journey into hacking. Here’s a snapshot of my contributions so far:
| # | Issue Description | Status | Action Taken |
| 1 | Outdated library with known exploit (found in Exploit-DB) | ✅ Reported | Confirmed and under review |
| 2 | Plaintext credentials exposed in log files | ✅ Fixed | Issue logged and resolved |
| 3 | Sensitive user data (PII) being written to application logs | ✅ Fixed | Reported, patch applied |
| 4 | Ability to download full-quality photoshoot images without watermark or payment | ✅ Reported | Access now restricted properly |
While these may seem like small steps, they represent valuable learning experiences and a solid foundation in real-world security. Each of these findings taught me something new, and I’m eager to continue making an impact as I sharpen my skills and dive deeper into the world of hacking.