I’m a penetration tester in Nigeria.
My job is to hack companies legally before the bad guys do.
Here are 5 things I’ve found that would genuinely scare you.
@PythonPr Actually throws a SyntaxError, not a wrong output Python needs a comma to separate arguments in print(). Without it, 'Sum is:' sum isn’t valid syntax at all, so it never even reaches execution.
@Its_Nova1012 The mistake I see most is devs encrypting passwords instead of hashing them meaning if the encryption key ever leaks, every password in the DB is instantly reversible. Hashing (with salt) means even the developer can’t get the original back.
Certifications are the biggest scam in cybersecurity.
I’ve met OSCP holders who can’t secure a basic web app and CISSPs who don’t understand basic networking.
Meanwhile, self-taught engineers who grind real projects are carrying teams.
Stop collecting badges and start breaking (and fixing) things.
What’s your hottest take on security certifications?
#InfoSec #CyberCareer
Every pentest lab, every security distro, every server running critical infrastructure Linux. You don’t run Kali on Windows, you don’t harden a production server with Windows Update on a random Tuesday reboot cycle. Different tool for a different job, but for my work it’s not close.
Efficiency and correctness are different axes though. AI can absolutely produce tight, fast machine code while still introducing subtle logic or security flaws nobody reviewed carefully optimized doesn’t mean safe. Carmack-level performance with unverified trust boundaries is still a liability.