Amardeep Maroli
I publish 48+ in-depth guides on API security, web vulnerabilities, penetration testing, and hands-on cybersecurity research — based on real lab work, practical testing, and actual security research. Not theory. Not copied content.
Verified Credentials & Experience
PES University, Bengaluru
Professional Experience
Cybersecurity & Compliance Intern
Active hands-on experience in breach monitoring, threat analysis, SIEM configuration and management, security compliance review, vulnerability assessment, and incident response. Working with industry-standard tools and real-world security scenarios.
Cybersecurity Researcher & Lab Practitioner
160+ completed security labs covering ethical hacking, web application security, network penetration testing, API vulnerabilities, and real-world exploitation scenarios. Every blog post is tested through hands-on lab work before publication.
Who I Am
I'm Amardeep Maroli, an MCA student from Bengaluru currently interning as a Cybersecurity & Compliance Analyst at Inhok Technologies. I've spent 6+ months doing practical cybersecurity research — not reading about it, but actually testing vulnerabilities, building security tools, and documenting everything I learn.
I'm not a corporate content mill or AI-generated author. I'm a hands-on researcher who publishes only what I've tested myself and genuinely understand through practice. Most of my knowledge comes from completing 160+ labs on TryHackMe, working through real vulnerabilities on HackTheBox, and testing my own code and systems.
Why I started this blog: When I was learning cybersecurity, resources fell into two camps — YouTube videos that glossed over details, or technical papers that assumed you already knew everything. I built API Security Guide to fill that gap: practical, hands-on guides written by someone actively learning, for others in the same position.
Technical Skills & Tools
Everything on this blog is based on hands-on practice with real tools. Here's what I work with:
What This Blog Covers
API Security Guide focuses on three core areas of practical cybersecurity:
API & Web Security
Authentication flaws, injection attacks, API vulnerabilities, CORS misconfigurations — explained through real lab work.
Ethical Hacking & Pentesting
Hands-on methodology, Burp Suite walkthroughs, network reconnaissance — lab challenges you can follow along with.
Security Automation
Python scripts for reconnaissance, custom security tools, understanding attack techniques to defend against them.
SIEM & SOC
Wazuh, ELK Stack, Splunk configuration, threat detection, incident response, and practical SOC operations.
Who This Blog Is For
- Complete beginners who want to understand cybersecurity fundamentals and get started with hands-on labs
- Computer Science students in India curious about security and wanting to know what real skills matter
- Developers who want to understand how applications get exploited so they can write secure code
- Aspiring bug bounty hunters who want to master fundamentals before targeting real applications
- Self-taught learners motivated to learn independently without formal training or expensive courses
- SOC analysts and incident responders looking for practical guides on SIEM tools and threat detection
Personal Security Projects
I build security tools and share them publicly on GitHub. Check out my major projects:
- CloudSOC — A SOC simulation platform for learning threat detection and incident response
- AIDDS — An AI-driven intrusion detection system combining machine learning with network analysis
- Security Automation Scripts — Python tools for reconnaissance, payload generation, and security testing
View all projects on GitHub →
My Research Methodology
Every post on this blog follows the same process:
- 1. Hands-on testing — I reproduce every vulnerability, exploit, or technique in a real lab environment
- 2. Documentation — I document the process with screenshots, code snippets, and detailed explanations
- 3. Verification — I test my explanations again to ensure accuracy and clarity
- 4. Ongoing updates — If tools, techniques, or best practices change, I update the post
No AI-generated content. No recycled blog posts from other sites. No theoretical fluff.
Connect With Me
Find me on these platforms:
⚠️ Important — Educational Use Only
All security testing techniques, vulnerability examples, and hacking methods discussed on this blog are for educational and ethical purposes only. Always obtain written permission before testing any system you don't own. Unauthorized access to computer systems is illegal under the Indian IT Act 2000 (Sections 43 & 66) and international laws. This blog does not encourage or endorse any illegal activity.
0 Comments