TCM Security

Thank you to everyone who attended our resume workshop in Discord today! We'll have another one in the near future, and if you're attending BSides San Diego, don't miss our talk on resumes and personal branding. Here’s how you can make your resume stand out from the crowd: P.S. Want a head start? Grab our resume #template here: hubs.la/Q047rgGv0 This content complements our Soft Skills for the Job Market course, one of several free resources we offer. Check them all out here - and save 50% off Academy paid memberships right now with our Flash Sale. You can start learning at just $15 for one month! The promo code is 𝐒𝐏𝐑𝐈𝐍𝐆𝐅𝐋𝐀𝐒𝐇𝟐𝟔 - and the sale closes March 20th at 11:59 PM ET! hubs.la/Q047rfJP0 𝗣𝗿𝗼𝗼𝗳𝗿𝗲𝗮𝗱 Make sure your #resume is completely error-free. Even small typos can lead to instant rejection. Try reading it out loud; you’ll catch more than you think. 𝗛𝗶𝗴𝗵𝗹𝗶𝗴𝗵𝘁 𝗔𝗰𝗰𝗼𝗺𝗽𝗹𝗶𝘀𝗵𝗺𝗲𝗻𝘁𝘀 Don’t just list responsibilities; focus on what you achieved. Show how you made an impact, whether that’s leading a red team or stopping a major security incident. 𝗤𝘂𝗮𝗻𝘁𝗶𝗳𝘆 𝗬𝗼𝘂𝗿 𝗜𝗺𝗽𝗮𝗰𝘁 Whenever possible, use numbers to back it up. Metrics make your contributions more concrete and memorable. 𝗦𝗵𝗼𝘄 𝗣𝗮𝘀𝘀𝗶𝗼𝗻 𝗣𝗿𝗼𝗷𝗲𝗰𝘁𝘀 Include things like CTFs, bug bounties, blogs, or content creation. These show initiative and genuine interest in the field. 𝗞𝗲𝗲𝗽 𝗜𝘁 𝗨𝗽𝗱𝗮𝘁𝗲𝗱 Update your resume regularly; at least once a year, or whenever you complete something meaningful. Future you will appreciate it. 𝗕𝗲 𝗛𝗼𝗻𝗲𝘀𝘁 Be confident, but truthful. Overselling can backfire in interviews. Authenticity goes a long way. 𝗨𝘀𝗲 𝗔𝗜 𝗧𝗼𝗼𝗹𝘀 AI can be a great editor, not a replacement. Use it to refine and polish your content ... not to write your entire resume. 𝗦𝗲𝗲𝗸 𝗙𝗲𝗲𝗱𝗯𝗮𝗰𝗸 A second set of eyes makes a big difference. Ask friends, mentors, or colleagues to review your resume and offer honest input. 𝗧𝗮𝗶𝗹𝗼𝗿 𝘁𝗵𝗲 𝗥𝗲𝘀𝘂𝗺𝗲 𝗣𝗲𝗿 𝗝𝗼𝗯 𝗣𝗼𝘀𝘁𝗶𝗻𝗴. Make modifications to your resume based on the job posting you're applying to; that can mean including certain keywords or phrases highlighted in the posting. This also helps increase your likelihood of passing ATS criteria.

Want a cheat code to use on your next internal network penetration test? 👀 We got you. Enter JSKeylogger - a surefire way to get #XSS during a network pentest. Watch it unfold in this clip! The TCM Security Academy has an assortment of network and web app courses that will help you build and refine your skillset. (And you can score an All-Access Membership for 50% off the first payment right now!) Become a more efficient hacker: hubs.la/Q047sL-J0

@ishowcybersec Thanks for sharing!

Struggling to build a cybersecurity resume that gets noticed? Certifications alone aren’t enough but how you present your skills, projects, and impact matters. Use this practical template from TCM Security: tcm.rocks/resume-template Focus on real work. Show impact. Stand out.

Use the code SPRINGFLASH26 to get 50% off your first payment to the TCM Security Academy from now until March 20th. hubs.la/Q047sfvH0 For as little as $1 a day, $15 a month, or $150 a year, enjoy access to #hacking & #cybersecurity courses like: - 𝗦𝗢𝗖 𝟭𝟬𝟭: 𝗟𝗲𝗮𝗿𝗻 𝘁𝗵𝗲 𝗳𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹𝘀 𝗼𝗳 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝘀 - 𝗦𝗢𝗖 𝟮𝟬𝟭: 𝗚𝗼 𝗱𝗲𝗲𝗽𝗲𝗿 𝘄𝗶𝘁𝗵 𝘁𝗵𝗿𝗲𝗮𝘁 𝗵𝘂𝗻𝘁𝗶𝗻𝗴 & 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲 - 𝗔𝗜 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 𝟭𝟬𝟭: 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿 𝗵𝗼𝘄 𝘆𝗼𝘂 𝗰𝗮𝗻 𝘁𝗲𝘀𝘁 𝗮𝗻𝗱 𝗯𝗿𝗲𝗮𝗸 𝗔𝗜-𝗯𝗮𝘀𝗲𝗱 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 & 𝗟𝗟𝗠𝘀 - 𝗕𝗲𝗴𝗶𝗻𝗻𝗲𝗿'𝘀 𝗚𝘂𝗶𝗱𝗲 𝘁𝗼 𝗛𝗮𝗿𝗱𝘄𝗮𝗿𝗲 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 & 𝗜𝗼𝗧 𝗧𝗲𝘀𝘁𝗶𝗻𝗴: 𝗦𝘁𝗮𝗿𝘁 𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗶𝗻𝗴 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵 & 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗼𝗻 𝘀𝗺𝗮𝗿𝘁 𝗱𝗲𝘃𝗶𝗰𝗲𝘀 - 𝗠𝗼𝗯𝗶𝗹𝗲 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗣𝗲𝗻𝗲𝘁𝗿𝗮𝘁𝗶𝗼𝗻 𝗧𝗲𝘀𝘁𝗶𝗻𝗴: 𝗕𝗿𝗲𝗮𝗸 𝗶𝗢𝗦 & 𝗔𝗻𝗱𝗿𝗼𝗶𝗱 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 𝘄𝗶𝘁𝗵 𝘁𝗵𝗶𝘀 𝗰𝗼𝘂𝗿𝘀𝗲 All of this and more is available in the TCM Security Academy. Get an All-Access Membership while they're on sale!

What is forensic soundness and why is it so critical to #DFIR? And what distinctive advantage does it have over physical forensics? Andrew Prince walks through the concept and how it differs from its more traditional counterpart. Right now: Get 20% off live trainings like next week's SOC Level 2, which is focused on threat hunting, incident response, and other advanced security operations topics. Use the code SPRINGFLASH26 to save! tcm.rocks/soc2-fb-2026

@segoslavia Actually, it is still open for the day! So, anyone who sees this, give it a try if you haven't yet: ctf.tcmsecurity.com

@segoslavia It's closed now, but we will have other CTFs soon!

Digital forensic CTF 👇🏾👇🏾👇🏾

If you've been waiting for next TCM Security sale, this is your lucky week! Use the code SPRINGFLASH26 to enjoy: ☘️ 20% off industry-recognized certs ☘️ 20% off instructor-led live trainings ☘️ 50% off your first payment to the TCM Security Academy This sale will be over in a flash too! Promos close March 20th at 11:59 PM ET. hubs.ly/Q047d5Jv0

It's that day of the week where a new challenge drops on our platform! 🔎 Name: Flag of the Day 🔒 Category: Reverse Engineering ⭐ Points: 300 Get ready to get first blood when the challenge drops at 6pm ET tonight🩸

All of our web app certs are 20% off right now! Actually, 𝘢𝘭𝘭 𝘰𝘧 𝘰𝘶𝘳 certs are discounted until the 20th as well as our live trainings. You can also 50% off your first payment to the TCM Security Academy. Enjoy this promo while it lasts; your code is SPRINGFLASH26 - hubs.la/Q04714dw0 Let's look at a few resources and skills that will help you on your path to becoming a skilled web app pentester.👑 𝐓𝐡𝐞 𝐟𝐮𝐧𝐝𝐚𝐦𝐞𝐧𝐭𝐚𝐥𝐬. It helps to understand the basics, like how a web app works, what client-side vs. server-side means, common architectures, and common databases. It might seem boring at first, but trust us, you don't want to gloss over this. 𝐊𝐧𝐨𝐰 𝐬𝐨𝐦𝐞 𝐩𝐫𝐨𝐠𝐫𝐚𝐦𝐦𝐢𝐧𝐠. Languages you'll want to get familiar with include JavaScript and Python. JavaScript is found in most web apps so you'll encounter it often; meanwhile, Python can help you write exploits and proof of concepts. 𝐔𝐧𝐝𝐞𝐫𝐬𝐭𝐚𝐧𝐝 𝐜𝐨𝐦𝐦𝐨𝐧 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬 𝐚𝐧𝐝 𝐭𝐨𝐨𝐥𝐬. This goes beyond the OWASP Top 10. Some resources we recommend are the #PortSwigger Academy and Rana Khalil's YouTube channel. Check out this resource-rich roadmap and use it as your guide while studying web app #pentesting. And don't forget about our certs like the beginner-friendly Practical Web Pentest Associate (PWPA) and its counterparts: the more intermediate Practical Web Pentest Professional (PWPP), and the advanced Practical Web Pentest Expert.

@StormyCloudInc 100%. That's why we offer an AI pentesting cert! tcm.rocks/papa-x-2026

@TCMSecurity AI pentesting is the future of cybersecurity.

Looking for some #AI-based tools to use on a security engagement or while doing #bugbounty? We've got a shortlist of some of our favorites we turn to when we need artificial intelligence to give us an extra boost or help us work smarter. Want to learn how to be an AI pentester - and prove it? Then you might want to grab a PAPA (Practical AI Pentest Associate) certification package. And right now, you can get one for 20% off using the code 𝗦𝗣𝗥𝗜𝗡𝗚𝗙𝗟𝗔𝗦𝗛𝟮𝟲 - read more here: hubs.la/Q046PrFG0

𝐎𝐧𝐞 𝐟𝐢𝐧𝐚𝐥 𝐨𝐩𝐩𝐨𝐫𝐭𝐮𝐧𝐢𝐭𝐲 𝐭𝐨 𝐞𝐧𝐭𝐞𝐫 𝐭𝐡𝐞 𝐏𝐫𝐨𝐣𝐞𝐜𝐭 𝐇𝐞𝐥𝐢𝐱 𝐂𝐓𝐅! hubs.la/Q046RY9f0 Decipher the data, find the #CTF flag, and enter for the chance to win part of a $500 prize pool. As of tomorrow, feel free to share your answers and methodology on socials (make sure you tag us, please)! Don't forget that we also have our Flash Sale going on until the end of the week! 20% off certs and live trainings as well as 50% off the first payment to the TCM Security Academy. Use the code SPRINGFLASH26 and enjoy some savings! hubs.la/Q046RVHh0

@Evonne_Sutkus @d1gitalandrew That's awesome to hear. Check this course out if you enjoyed the reel: tcm.rocks/hh-x-2026

@TCMSecurity @d1gitalandrew Great find! It's fascinating to learn about IoT hacking. Thanks for sharing the tutorial, I'm excited to check it out!

Did you know you can hack all kinds of smart devices for just $2? Watch Andrew Bellini (@d1gitalandrew) share how a $2 hardware hacking device gives him access to routers or other IoT equipment. He walks you through the process in only 3 minutes! Want to go further with IoT and hardware #hacking? Check out the Practical IoT Pentest Associate (PIPA) and the beginner-friendly IoT and hardware hacking course from Andrew Bellini, linked below! 🔗tcm.rocks/pipa-x

@AZGingerHacker <3

@TCMSecurity Anytime ! TCM skills and training are a fantastic resource we point our members too ! Always down to partner up and help folks break into cyber !! 🫡

Level up your skills! Subscriptions like TryHackMe and The Cyber Mentor offer great theory and hands-on experience. YouTube is also a free go-to, with Professor Messer being a top resource for CompTIA certs. #CyberSecurity #EdTech #Skills

@Rajab_ryan Thanks for being here with us!

@TCMSecurity I like your learning content, looking forward to become your partner from East Africa, Uganda.

Ready to start (or maybe restart) your #cybersecurity journey? Check out How to Be an Ethical Hacker in 2026 for a holistic look into the components that can help you on your path. These include things like: ⬛ 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻𝘀 (𝗶𝗻𝗰𝗹𝘂𝗱𝗶𝗻𝗴 𝗼𝘂𝗿 𝗳𝗿𝗲𝗲 𝗰𝗼𝘂𝗿𝘀𝗲 𝘁𝗶𝗲𝗿) 🟥 𝗢𝘁𝗵𝗲𝗿 𝗿𝗲𝘀𝗼𝘂𝗿𝗰𝗲𝘀 𝘄𝗲 𝗼𝗳𝗳𝗲𝗿 𝘁𝗵𝗮𝘁 𝗰𝗮𝗻 𝗵𝗲𝗹𝗽 ⬛ 𝗔 𝗰𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗰𝗼𝗺𝗽𝗮𝗿𝗶𝘀𝗼𝗻 🟥 𝗪𝗵𝗲𝗿𝗲 𝘁𝗼 𝗴𝗼 𝗳𝗼𝗿 𝗰𝗼𝗺𝗺𝘂𝗻𝗶𝘁𝘆 And more. Remember, it's never too late to pick up a new skill. 🧠 Certs like the PJPT (Practical Junior Penetration Tester) and PNPT (Practical Network Penetration Tester) can help. And from now until March 20th, you can save 20% on all TCM Security certs. Use the code 𝐒𝐏𝐑𝐈𝐍𝐆𝐅𝐋𝐀𝐒𝐇𝟐𝟔 to save. Let's go: hubs.la/Q046P6tZ0 (See the full ethical hacker guide here: hubs.la/Q046N_Q_0

@Rajab_ryan Our foundational courses are free: tcm.rocks/acad-x

@TCMSecurity Are they free?

Level up your red team skillset with the TCM Security Academy. Here are some of the most popular #redteam courses we currently offer. You can see our entire catalog here: hubs.la/Q045Wl-V0 🔴 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗮𝗹 𝗘𝘁𝗵𝗶𝗰𝗮𝗹 𝗛𝗮𝗰𝗸𝗶𝗻𝗴: This is our most popular course! This will set you up for success with both the PJPT and PNPT. Get an introduction to wireless penetration testing, web application penetration testing, and network penetration testing. 🔴 𝗢𝗽𝗲𝗻-𝗦𝗼𝘂𝗿𝗰𝗲 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗙𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹𝘀: Want to learn how to do OSINT properly and effectively? This course will teach you everything you need to know about doing reconnaissance right, which is a pivotal part of a red team engagement. 🔴 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗮𝗹 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆: Our starter course for the web app pentester roadmap! Even if you just want to up your bug bounty game, this course is well worth the investment. It covers web application architecture, essential web technologies, and key web app concepts like understanding the OWASP Top 10. 🔴 𝗡𝗘𝗪 - 𝗔𝗜 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 𝟭𝟬𝟭: Get a jumpstart into the world of breaking LLMs and AI chatbots with this brand-new course from Andrew Bellini! This course will explain to you the fundamentals you need to know in order to become an AI penetration tester (a career that is only growing in demand.) Want to see what else we have? Sign up for the TCM Security Academy! We also are proud to offer free foundational security and IT Courses in addition to a growing blue team content roster.

Have you tried the Project Helix #CTF yet? Time is running out if you want to participate - and potentially win part of $500 in prizes! We've already seen a flood of interest from the community in this investigative challenge, but we want everyone to give it their best shot! Make sure you tag us when you complete the challenge! (And don't give away too much until March 17th, when you're welcome to share your write-ups on how you solved it.) 🧬 hubs.la/Q046PFqT0🧬

We know that a lot of you are always wondering when we will have our next #sale ... .and we're happy to share that there is one happening RIGHT NOW! Welcome to our SPRING FLASH SALE! From now until March 20th, you can get: 🎯 𝟮𝟬% 𝗼𝗳𝗳 𝗰𝗲𝗿𝘁𝘀 𝗹𝗶𝗸𝗲 𝘁𝗵𝗲 𝗣𝗦𝗔𝗔, 𝗣𝗔𝗣𝗔, 𝗼𝗿 𝗣𝗢𝗥𝗣 🎯 𝟮𝟬% 𝗼𝗳𝗳 𝗹𝗶𝘃𝗲 𝘁𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 𝗹𝗶𝗸𝗲 𝗦𝗢𝗖 𝗟𝗲𝘃𝗲𝗹 𝟮 𝗼𝗿 𝘁𝗵𝗲 𝗘𝘁𝗵𝗶𝗰𝗮𝗹 𝗛𝗮𝗰𝗸𝗲𝗿 𝗕𝗼𝗼𝘁𝗰𝗮𝗺𝗽 🎯 𝟱𝟬% 𝗼𝗳𝗳 𝘆𝗼𝘂𝗿 𝗳𝗶𝗿𝘀𝘁 𝗽𝗮𝘆𝗺𝗲𝗻𝘁 𝘁𝗼 𝘁𝗵𝗲 𝗧𝗖𝗠 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝗰𝗮𝗱𝗲𝗺𝘆 𝘄𝗵𝗲𝗿𝗲 𝘆𝗼𝘂 𝗰𝗮𝗻 𝘁𝗮𝗸𝗲 𝗰𝗼𝘂𝗿𝘀𝗲𝘀 𝗹𝗶𝗸𝗲 𝗔𝗜 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 𝟭𝟬𝟭 𝗼𝗿 𝗦𝗢𝗖 𝗟𝗲𝘃𝗲𝗹 𝟮 All you need is the code SPRINGFLASH26. Happy shopping! 🛒 hubs.la/Q046Pjfv0