I’ve spent a lot of time reflecting on what it actually takes to teach someone to find and exploit SQLi vulnerabilities. My conclusion: People often confuse learning the SQL language with learning the SQLi vulnerability.

Learning SQL is easy: SELECT, DROP, WHERE. These are just reserved words and clauses.

Learning SQLi is hard. It means:

Knowing how to bypass filters to change the application's data into code.

The ability to enumerate targets by guessing/brute-forcing tables and columns.

The necessity of custom scripting. (If you’re not rewriting or debugging the logic in a tool like sqlmap, you’re missing the deep understanding required.)

For anyone serious about this path, my recommendation is to dive into Python and try to follow complex challenges like Ippsec's Nightmare HTB video. You will fail, you will debug, and you will rewrite it a dozen times. That frustration is the only way to mastery.

#Infosec #HackerMindset #EthicalHacking #ProgrammingForSecurity

Just saying… I wouldn’t be able to scan the QR code if not help of the AI

#HackerMindset #WHY2025 #TeamBadge

https://gitlab.com/why2025/team-badge/Hardware

Telegram chat: https://t.me/TeamBadgeWHY2025

🎙️ Catching Up With Ken Munro After Infosecurity Europe 2025 — Hack the Planet, One System at a Time

This is our final On Location episode from Infosecurity Europe 2025, and I couldn’t think of a better way to wrap it than with Ken Munro of Pen Test Partners — a conversation that dives into real-world #hacking: from vehicles to planes to critical infrastructure, and why tangible, hands-on security education matters more than ever.

▶️ Watch the Video: https://youtu.be/5hgs01-RzjM?si=K0b9HQnAidbRgQpa

🎧 Listen to the Podcast: https://on-location-with-sean-martin-and-marco-ciappelli.simplecast.com/episodes/catching-up-with-ken-munro-after-infosecurity-europe-2025-hacking-the-planet-one-car-one-plane-and-one-system-at-a-time

As we close the London chapter, we now go full throttle into Black Hat USA — our next stop for on-location coverage.

If your company wants to join the ITSPmagazine coverage with a sponsored podcast or executive briefing, now’s the time.

Only a few spots left.

Book here https://www.itspmagazine.com/black-hat-usa-2025-hacker-summer-camp-2025-cybersecurity-event-coverage-in-las-vegas

Or DM me or Sean Martin, CISSP Martin if you want in.

#HackThePlanet #InfosecurityEurope #BlackHatUSA #Cybersecurity #PenTestPartners #OnLocation #Podcast #ITSPmagazine #SecurityLeadership #CyberAwareness #HackerMindset #DefconVibes #infosec2025

Escalation is not brute force. It's craft. From guest to god, silently.

#PrivilegeEscalation #HackerMindset #GTFOBins #RedTeam #DeadSwitch #InfoSec

http://tomsitcafe.com/2025/05/20/the-art-of-privilege/

The Hidden Security Threat: Bloated Management in Big Tech #CyberSecurity #InfoSec #TechLeadership #ITSecurity #HackerMindset #EngineeringCulture #DataBreach #CorporatePolitics #Transparency #NoMoreBosses #DeadSwitch #FearTheSwitch

http://tomsitcafe.com/2025/05/10/the-hidden-security-threat-bloated-management-in-big-tech/

A decade in the shadows.

DeadSwitch returns.

Common Lisp - the blade reborn.

#CommonLisp #CyberGhost #DeadSwitch #ProgrammingReborn #HackerMindset