CyberWithPriyanshu

A portfolio is your personal website where you curate information about yourself and the work you have done. This is usually the first thing a recruiter, collaborator, or even a client asks for. Even I was asked to make my portfolio. Now, a portfolio is supposed to represent your work. Ideally, you would write the code yourself. But honestly, instead of spending days writing HTML and CSS, I just wanted to fill my details into something that already works. There are many tools available for this: WordPress Google Sites Vercel Wix You might like any of these. But in my case, I wanted to try something different. Using AI to Build the Portfolio So, I decided to use AI. I gave it a proper prompt describing what kind of portfolio I wanted. It gave me code. I checked it. It was not up to the mark. Then I gave another prompt. Still not good enough. This process repeated almost five times . At one point, it felt frustrating — but then I realized something important....

Windows stores local user credentials in a place most users never see, yet attackers, forensic analysts, and system administrators all rely on it. This component is known as the Security Accounts Manager (SAM) . Understanding how the SAM file works is essential for anyone learning Windows security, digital forensics, or incident response. In this post, we’ll break down what the SAM file is, what it contains, how it is protected, and why it matters from both defensive and forensic perspectives. What Is SAM? SAM (Security Accounts Manager) is a Windows database that stores credentials for local user accounts on a system. It contains information related to: local users groups password hashes account properties Windows never stores passwords in plain text. Instead, it stores cryptographic hashes derived from user passwords inside the SAM database. Location and Structure of the SAM File Primary Location C:\Windows\System32\config\SAM The SAM file is locked while Windows is ...

At first glance, this question feels almost unnecessary. Both IP addresses and MAC addresses are unique identifiers. So why do we use IP addresses for communication across networks instead of MAC addresses? That curiosity pushed me to revisit some networking fundamentals — and the answer turns out to be surprisingly elegant. What Is a MAC Address? A MAC (Media Access Control) address is a unique hexadecimal identifier assigned to a network interface by the manufacturer. Key properties: Assigned at manufacturing time Works at the Data Link Layer (Layer 2) Intended for local network communication Flat addressing (no hierarchy) Although often called “hardcoded,” modern systems can spoof or change MAC addresses — but logically, they are still hardware-level identifiers . What Is an IP Address? An IP (Internet Protocol) address is a logical identifier assigned by: a network administrator, or automatically via DHCP Key properties: Works at the Networ...

In my previous post , I shared the story of building my first OSINT tool — UserRecon . In this post, I want to share something equally important: how I published this tool on PyPI , and why that journey felt like a tragedy-based comedy . “What Should I Do Next?” As soon as I finished building the tool, I did what most of us do nowadays. I opened ChatGPT and asked: “I have made this tool. What should I do next?” The answer was simple: “Publish it on GitHub.” So I did exactly that. Then I asked again: “I also want to publish it on the apt store. Give me step-by-step guidance.” After reading the response, I realised something important. Publishing on apt would be too heavy for me right now . For a beginner, PyPI was a much better starting point . And that’s how my PyPI journey began. Tragedy + Comedy = PyPI The first step was extremely simple: Sign up on pypi.org The real journey started after that. Before anything else, I needed to understand the project structure required ...

I recently finished documenting my learning of OSINT in a series of posts. But honestly? I was not satisfied. Most of what I had written felt like theory dumps — definitions, lists of tools, and what each tool does. Useful, yes… but something was missing. It didn’t feel like engineering. And then I realised something: Knowing tools is not the same as building something. So, to satisfy the engineer inside me, I decided to do something different. The Turning Point I opened ChatGPT and asked a simple question: “What OSINT tools can I make as a beginner?” I got a list of ideas. I read through them, picked one, and decided: this is the one I’m going to build. But choosing the tool was only the beginning. The next question naturally followed: “What do I need to learn to build this tool? Give me a day-to-day learning plan.” And honestly — that response changed everything. Learning What Was Actually Needed ChatGPT suggested: Python basics (loops, conditionals, functions, recursion...

Network OSINT: Mapping the Digital Infrastructure Network OSINT is the discipline of collecting, analyzing, and leveraging information about networks, domains, and internet-facing assets using publicly available sources. Unlike People or Social Media OSINT, this area feels more technical and closer to real cybersecurity work , which is why it plays an important role in vulnerability research and bug bounty hunting. Why Network OSINT Matters Network OSINT helps us understand: how an organization is exposed on the internet what services are running publicly how different assets are connected This information is often the starting point for deeper security testing . Common Tools Used in Network OSINT Search & Reconnaissance These tools help discover publicly indexed assets: Google Dorking Used to find exposed files, directories, login pages, and misconfigurations indexed by search engines. Shodan A search engine for internet-connected devices. It reveals open ports, ...