DEV Community: Amardeep M

I Built a Hacking Home Lab for ₹0 — Here’s My Exact Cybersecurity Setup

Amardeep M — Wed, 20 May 2026 07:33:55 +0000

Six months ago I thought ethical hacking required expensive hardware, paid labs, and powerful systems. I was wrong.
I built a complete cybersecurity home lab using an old laptop, free tools, VirtualBox, Kali Linux, and intentionally vulnerable applications — all for ₹0.

In this post I explain:

My exact setup
Mistakes I made
Free tools I used
Network architecture
Safe practice environments
Beginner roadmap for learning penetration testing

Read full guide:
(https://apisecurityguide.blogspot.com/2026/05/i-built-hacking-home-lab-for-0-heres.html)

I Spent 3 Months on Bug Bounty — Here’s What I Actually Earned

Amardeep M — Mon, 18 May 2026 08:54:06 +0000

I spent 3 months doing bug bounty hunting as a beginner.

Here are the real numbers:

~180 hours invested
23 reports submitted
11 duplicates
6 accepted findings
₹12,400 earned

Not life-changing money.

But probably the most practical cybersecurity learning experience I’ve had so far.

I wrote a completely honest breakdown of:

the mistakes I made
why duplicates are mentally exhausting
how I improved my methodology
what bug bounty guides usually don’t tell beginners

No hype. No fake “I made $50k in a month” story.

Just the reality of starting bug bounty from India in 2026.

👉 https://apisecurityguide.blogspot.com/2026/05/i-spent-3-months-on-bug-bounty-heres.html

How I'm Becoming an Ethical Hacker With No Degree — My Honest Roadmap in 2026

Amardeep M — Sat, 16 May 2026 14:34:00 +0000

I started learning ethical hacking with no CS degree, no IT job experience, and only free online resources. Here’s the exact roadmap I’m following in 2026 — including TryHackMe, PortSwigger, bug bounty learning, Security+, and the mistakes I made along the way.

Most cybersecurity roadmaps online feel unrealistic.

So I decided to document my actual journey:

what I studied
what confused me
which resources genuinely helped
how I built a home lab
how I started bug bounty hunting
and how I’m trying to land my first cybersecurity role without a CS degree.

This is not a “become a hacker in 30 days” post.

It’s the honest version.

Read here:(https://apisecurityguide.blogspot.com/2026/05/how-im-becoming-ethical-hacker-with-no.html)

Someone Tried to Scam Me Last Week — Here’s Exactly How It Worked

Amardeep M — Tue, 12 May 2026 13:46:34 +0000

Last week, someone tried to scam me.

What made it dangerous wasn’t poor grammar or obvious fake messages.

It was how realistic everything felt.

The attacker:

researched my background
referenced my actual cybersecurity work
created a believable internship opportunity
slowly built trust before making the real request

The scary part is that I study cybersecurity — and I still almost fell for it.

I documented the entire experience step by step, including every psychological technique used and the red flags I missed in real time.

👉 https://apisecurityguide.blogspot.com/2026/05/someone-tried-to-scam-me-last-week.html

Modern scams are much more about psychology than technology.

Why Your Antivirus Won’t Save You (And What Actually Will)

Amardeep M — Mon, 11 May 2026 10:04:15 +0000

I recently did something uncomfortable:

I audited my own digital security the same way an attacker would.

I expected to find a few small issues.

Instead, I found:

reused passwords across accounts
old exposed profiles
unnecessary app permissions
accounts without 2FA
default router credentials

The interesting part wasn’t discovering advanced vulnerabilities.

It was realising how many risks came from small habits that slowly accumulated over time.

I documented the full process, every weakness I found, and exactly how I fixed them.

👉 https://apisecurityguide.blogspot.com/2026/05/i-tested-my-own-security-heres-every.html

If you’ve never done a personal security audit before, it’s worth trying once. The results may surprise you.

I Audited My Own Security — The Results Were Worse Than Expected

Amardeep M — Sun, 10 May 2026 05:48:25 +0000

I recently did something uncomfortable:

I audited my own digital security the same way an attacker would.

I expected to find a few small issues.

Instead, I found:

reused passwords across accounts
old exposed profiles
unnecessary app permissions
accounts without 2FA
default router credentials

The interesting part wasn’t discovering advanced vulnerabilities.

It was realising how many risks came from small habits that slowly accumulated over time.

I documented the full process, every weakness I found, and exactly how I fixed them.

👉 https://apisecurityguide.blogspot.com/2026/05/i-tested-my-own-security-heres-every.html

If you’ve never done a personal security audit before, it’s worth trying once. The results may surprise you.

Cybersecurity Salary Guide 2026: Real Numbers & Career Growth

Amardeep M — Wed, 29 Apr 2026 09:37:22 +0000

Cybersecurity is one of the fastest-growing fields right now, but one question everyone asks is:

How much do cybersecurity professionals actually earn?

The answer depends on role, experience, and specialization.

Entry-level roles like security analysts start with moderate salaries, but as you move into areas like penetration testing, cloud security, or security engineering, the numbers increase significantly.

In 2026, the demand for cybersecurity professionals is rising due to increasing cyber threats, making it one of the most stable and high-paying tech careers.

If you're planning to enter cybersecurity, understanding salary trends can help you choose the right path and skills.

👉 Full breakdown with real numbers:
https://apisecurityguide.blogspot.com/2026/04/cybersecurity-salary-guide-2026-real.html

Cybersecurity Checklist 2026 — Fix Your Security in Minutes

Amardeep M — Mon, 27 Apr 2026 08:01:57 +0000

Most cybersecurity advice is too general to be useful.

“Use strong passwords” or “enable security” doesn’t tell you what to actually fix.

In real-world scenarios, security improves when you can clearly identify gaps and fix them step by step.

That’s where a checklist helps.

I put together a complete cybersecurity checklist for 2026 covering:

individuals
small businesses
developers

Each item is actionable and prioritised so you know what matters first.

👉 https://apisecurityguide.blogspot.com/2026/04/cybersecurity-checklist-2026-secure.html

If you’re serious about improving security, this kind of structured approach makes a big difference.

You Can Learn Cybersecurity Without Spending ₹1

Amardeep M — Sun, 26 Apr 2026 10:35:24 +0000

Most people think learning cybersecurity requires expensive courses.

It doesn’t.

The real challenge isn’t money — it’s knowing what to learn and in what order.

There are enough free resources today to go from beginner to job-ready if you follow a clear roadmap and stay consistent.

I put together a complete step-by-step guide to learning cybersecurity for free:

👉 https://apisecurityguide.blogspot.com/2026/04/you-dont-need-money-to-learn.html

If you're starting out, this can save you months of confusion.

Small Businesses Are Targeted First — Cybersecurity Guide 2026

Amardeep M — Sat, 25 Apr 2026 18:02:00 +0000

Most people assume cyber attacks target big companies.

In reality, small businesses are often the first target.

Not because they’re more valuable — but because they’re easier to breach.

Weak passwords, no MFA, outdated systems — these small gaps are enough.

The good part? The most effective protections are simple and affordable.

I put together a complete guide on how small businesses actually get hacked — and how to prevent it:

👉 https://apisecurityguide.blogspot.com/2026/04/small-business-cybersecurity-guide.html

If you're learning cybersecurity or running a small business, this gives a clear real-world perspective.

Most cyber attacks don’t start with hacking.

Amardeep M — Fri, 24 Apr 2026 13:08:18 +0000

Most people think cyber attacks are highly technical.

They’re not.

In many real-world cases, attacks start with simple things:

A phishing email
A weak password
A small misconfiguration

Once attackers get in, they combine multiple techniques — not just one.

That’s why understanding how each attack works matters more than just knowing the names.

I put together a complete breakdown of every major cyber attack type — with real examples and how they actually work:

👉 https://apisecurityguide.blogspot.com/2026/04/types-of-cyber-attacks-explained-real.html

If you’re learning cybersecurity, this gives you the full picture of what you’re defending against.

Your Smart Devices Aren’t as Safe as You Think (IoT Security Explained)

Amardeep M — Thu, 23 Apr 2026 16:42:50 +0000

Your Smart Devices Aren’t as Safe as You Think (IoT Security Explained)

Most people think hacking requires advanced skills.

But when it comes to smart devices…
attackers don’t need anything complex.

They just need weak defaults.

🧠 The Reality of IoT Security

Smart devices like:

TVs
Routers
CCTV cameras
Smart bulbs

are all connected to the internet.

That means:

Every device is a potential entry point.

⚠️ Why IoT Devices Are Easy Targets

Here’s what usually goes wrong:

Default usernames & passwords
No firmware updates
Open ports exposed to the internet
Poor encryption or no encryption

👉 Most attacks succeed because of misconfiguration, not skill.

💥 Real Example: Mirai Botnet

One of the biggest IoT attacks ever.

Scanned the internet for devices
Used default credentials
Turned devices into a botnet

Result:

Massive DDoS attacks that took down major websites

🔍 How Attackers Exploit Devices

Typical flow:

Scan for vulnerable devices
Try default credentials
Gain access
Deploy malware / botnet
Control device remotely
🛡️ How to Protect Yourself

Simple but powerful steps:

Change default passwords immediately
Disable unused services/ports
Keep firmware updated
Use a separate network for IoT devices
Avoid cheap, unknown-brand devices
💡 From My Experience

Most IoT vulnerabilities are not “advanced hacks”.

They are:

simple mistakes left unpatched for years

🚀 Final Thoughts

IoT security is not optional anymore.

If one device is compromised:

your entire network can be exposed

🔗 Want the full guide?

I’ve explained everything with deeper examples here:
👉 https://apisecurityguide.blogspot.com/2026/04/your-smart-devices-arent-as-safe-as-you.html