Based On Believe

🚨 I just completed my Network Intrusion Detection Lab! 🚀 Repo link: github.com/chukwupg/netwo… I simulated a real-world attack in a controlled lab and analyzed it like a SOC analyst. Here’s the breakdown 🧵👇

@gabbytech01 Happy Birthday Gabriel 🎈

Happy Birthday 🥳 to me !!! +1 in God's presence. My new age is filled with Joy, blessings, Mercy and abundant grace of the lord. GM x fam

What Is OSINT? As I’ve been learning reconnaissance, one area that stands out is OSINT (Open-Source Intelligence), and how powerful it really is. OSINT is simply the process of collecting information from publicly available sources. What makes it interesting is that both attackers and security professionals rely on it heavily. Some common OSINT sources include: - Social media profiles - Public databases - Company websites - Job postings - Domain registration records While practicing, I started noticing how small details can reveal much more than intended. For example, a job posting asking for experience with specific tools or technologies can indirectly expose: - The company’s tech stack - Potential vulnerabilities - Areas attackers might focus on The key lesson for me: You don’t always need to “hack” a system to understand it, sometimes, the information is already out there, but you need to know how to find it. That’s why organizations need to think beyond infrastructure security and pay attention to information exposure. Because in cybersecurity, what you reveal publicly can shape your attack surface. #Infosec #Hacking #Pentesting #Cybersecurity #EthicalHacking

Update: Prize received ✅🏆 I am grateful to @CybarikGlobal for hosting the Cybersecurity Quiz Space and delivering on this. Big appreciation to Dr. @ireteeh for the initiative behind this motivation doze well put together. Also, shoutout to @Oly_Babyy for making the claim process smooth and seamless. This serves as a motivation to keep learning and showing up. #Cybersecurity #Infosec #LearningInPublic

Reconnaissance isn’t just one thing; it’s typically split into two distinct approaches, and understanding the difference has changed how I think about security and pentesting. Passive Reconnaissance This is all about gathering information without touching the target directly. From my learning so far, this includes: - Public records and disclosures - Company websites and job listings - Social media and employee footprints (OSINT) What surprised me here is how much you can uncover without sending a single packet to the target network. Active Reconnaissance This is where things get more technical, and more visible. It involves direct interaction with systems, through services such as: - Port scanning - Network probing - Service enumeration Unlike passive recon, this phase can leave traces and even trigger alerts on monitoring tools. Both are essential, whether you’re an attacker planning an entry point or a defender trying to detect one; so there is need to create balance. - Passive recon helps you stay invisible - Active recon gives you deeper, technical insight For me, this stage has reinforced a key lesson: Visibility is a double-edged sword, what helps users find you can also help attackers map you. #Infosec #Hacking #Pentesting #Cybersecurity #EthicalHacking

@ireteeh @CybarikGlobal Thank you so much Ma 🙏🏼🤩

@chukwupg @CybarikGlobal 👏👏👏👏👏

Just wrapped up an amazing Cybersecurity Quiz Space and I’m excited to share that I came out as one of the winners 🏆🤩🥳 Big thank you to @CybarikGlobal for hosting such an engaging and knowledge-driven session. Spaces like this are a great way to challenge what you know and learn in real time. Shoutout to the honourable co-hosts, @segoslavia and @jay_hunts for the insightful questions they challenged us with. And a special appreciation to you Ma, Dr. @ireteeh for making this session possible, and for all you do for the community at large. Looking forward to more sessions like this and continuing to grow in the cybersecurity space 🚀 #Cybersecurity #LearningInPublic #Infosec #XSpace #ContinuousLearning

@elormkdaniel B) SSH

NETWORKING KNOWLEDGE CHECKPOINT Which protocol uses port 22 by default? A) FTP B) SSH C) HTTP D) DNS

Before any real attack happens, there’s always a quiet phase most people don’t see; reconnaissance. From what I’ve been learning and practicing, this stage is less about hacking and more about understanding the target deeply. During reconnaissance, the goal is simple: gather as much useful information as possible. This can include: - Identifying target systems and live hosts - Mapping network infrastructure - Discovering publicly exposed services (like open ports and running servers) - Collecting employee or organizational information (OSINT) - Fingerprinting technologies being used What stood out to me while learning this is how powerful publicly available information can be. Without touching the target directly, you can already build a clear picture of potential entry points. It also made me realize that security goes beyond firewalls and tools, it encompasses what you expose unknowingly. As a penetration tester in learning, practicing reconnaissance has helped me think more like an attacker, but with the goal of defending better. Because in the end, you can’t protect what you don’t understand. #Infosec #Hacking #Pentesting #Cybersecurity #EthicalHacking

@Gid_Web3Design @CybarikGlobal @cyberjeremiah I am happy to help 🫱🏼‍🫲🏽

@chukwupg @CybarikGlobal @cyberjeremiah thank you so much brother

Yes, amongst all that I am in, one has proven very useful to my growth, and have given me a sense of community and that is the Guardians of the Cyber Realm by @cyberjeremiah. It has both beginners and professionals working together for the growth of the community. You can message him for how-to join.

@chukwupg @CybarikGlobal do you have any WhatsApp community for beginners?

@_DeejustDee Thanking God for giving listening ear to your prayers 🙏🏼

I was telling God last week that this project I’m about to handle will pay me so well and I need to feel better asap before meetings starts flying up and down and as a team lead, I can’t be unavailable. Nothing started till I got better. Here we are 💃

@Gid_Web3Design @CybarikGlobal Thank you sir. I appreciate your support 💯🙏🏼😁

@chukwupg @CybarikGlobal you're doing well boss

Thank you to everyone who joined and participated in the @CybarikGlobal Quiz Space today. Congratulations to all the winners 👏👏👏👏 And to our amazing hosts @segoslavia @jay_hunts thank you for making it a great experience ❤️

Baby steps 🫱🏼‍🫲🏽

Just secured my ticket for Africa Cyberfest 🎟️🔐 Looking forward to connecting with brilliant minds in cybersecurity, learning from industry experts, and gaining new perspectives on the evolving threat landscape. If you’ll be attending, let’s connect 🤝 #Cybersecurity #AfricaCyberfest #Infosec #Networking #LearningJourney

Just wrapped up a 3-hour mentorship session on Ethical Hacking, and this one went deep into the practical side of things. Today’s focus was on: Exploiting Network-Based Vulnerabilities Exploiting Server Message Block (SMB) Protocol We moved beyond just identifying open ports and services, and looked at how those services can actually be leveraged during an attack. A key lesson for me: Enumeration is only half the job. The real impact comes from understanding how misconfigurations and weak services (like SMB) can be exploited to gain access, escalate privileges, or move laterally across a network. Seeing how SMB can expose systems (especially when poorly configured) really connects with earlier labs I’ve done around Nmap scanning and service enumeration. This session helped bridge the gap between: Recon, Enumeration, and Exploitation Next step: spending more time practicing these techniques in controlled lab environments to fully understand both the attack path and how to defend against it. #RedTeamer #Cybersecurity #EthicalHacking #SMB #LearningInPublic #Infosec

This is a serious concern. ⚠️ ⛔️ Many of these attacks follow patterns that could be identified early with proper monitoring and threat intelligence. The pattern is concerning, but equally important is how breaches are disclosed. Public information sharing and proper breach notification frameworks help the community and wider ecosystem learn and defend against similar attacks. Our institutions need to understand that without being transparent about security breaches, the same weaknesses will keep getting exploited. Strengthening security posture across our institutions is no longer optional, it’s necessary.

The breaches happening in the Nigerian systems are being taken likely ,in less than 2 months we have recorded severe hacks in our banking and finance systems. This is a great attack pattern and we are not seeing it , all bodies should start bracing up their security cause the thing is going to take a toll on the old people when this datas starts being sold to advertisers,yahoo boys and more that can buy this data. Let's make Nigeria a place for the citizens and keep it safe Làtom

@_DeejustDee 😔😔 LinkedIn own is worse

I don’t like how we toy with the desperation of job seekers out here, it’s unfair

@GebgBarbie Consistency 😁🔥🔥

@chukwupg Somebody help me spell konxix10cy 🙌🙌🙌🙌🙌🙌🙌

Day 100 - #100DaysOfCybersecurity 🎉 (Final Day) Today marks the completion of my 100 Days of Cybersecurity Challenge, and I wrapped it up by diving into a critical concept in vulnerability management: Types of Vulnerability Scans. After building a strong foundation in reconnaissance, and packet crafting, today I tied everything together by exploring how vulnerabilities are systematically discovered in real-world environments. What I Learned Today: Vulnerability scanning is about strategy, context, and accuracy. Here are the key scan types I explored today: Unauthenticated Scans Simulate an external attacker’s view. -Useful for identifying exposed services, but limited visibility. Authenticated Scans Provide deeper insight by logging into the system (with credentials). -More accurate results, fewer false positives. Discovery Scans Focus on identifying the attack surface (hosts, ports, services). - This builds directly on tools like Nmap. Full Scans Run all available checks and plugins. - Powerful but can be noisy and resource-intensive. Stealth Scans Designed to reduce detection (e.g., SYN scans, reduced noise). - Important in production or monitored environments. Compliance Scans Validate systems against regulatory standards (e.g., security policies). - Critical for enterprise and regulated industries. ⚙️ Key Insight Vulnerability scanners follow a structured workflow: - Discover hosts & services (often using tools like Nmap) - Identify software versions - Match against known vulnerabilities (CVE databases) - Generate findings (which must be validated) ⚠️ One major lesson: False positives are real, and validation is just as important as detection. 🧠 Why This Matters This ties directly into everything I’ve been learning: Recon - identifies targets, builds profile Enumeration - reveals services Scanning - uncovers weaknesses It’s the bridge between finding systems and actually assessing their security posture. 🚀 Reflection - 100 Days Later What started as curiosity has evolved into structured, hands-on cybersecurity practice. Cybersecurity goes beyond tools, it’s about understanding systems, thinking critically, and validating everything. This is just the beginning. @jay_hunts @ireteeh @segoslavia #RedTeamer #Cybersecurity #EthicalHacking #VulnerabilityAssessment #Nmap #RedTeam #LearningInPublic