Logoeddietorial

Practice

Most of my technical curiosity goes into APIs.

I build them, integrate them, test them, and spend time understanding how they behave under real conditions. That naturally leads into web application security, authentication, authorization, software engineering, and security automation.

The work below reflects that ongoing practice.

🔗API Security

API security is where most of my attention sits today. The focus spans protocol behavior, authentication, authorization, secure design, and practical testing techniques.

🔗Practical Labs

PentesterLab

  • API badge: 41 / 41 exercises completed
  • HTTP badge: 43 / 43 exercises completed
  • Unix, Essential, PCAP, and Android badges completed

View PentesterLab profile

🔗Professional Credentials

APIsec University

  • APIsec Certified Practitioner
  • Certified API Security Analyst
  • API Penetration Testing
  • API Authentication
  • Securing API Servers
  • ACP Examination

View Credly profile

🔗Offensive Security

Understanding systems requires exploring how they can be attacked, misconfigured, and defended. I regularly work through structured labs covering web applications, operating systems, networking, privilege escalation, and security operations.

🔗Hack The Box

Username: @geoffmx

  • Constant Champion
  • Half-Decade Hacksmith
  • Academician

View Hack The Box profile

🔗TryHackMe

The platform provides structured practice across multiple security domains.

Web application security

  • Web Fundamentals
  • World Wide Web
  • Intro to Web Hacking
  • OWASP Top 10
  • Burped

Networking and infrastructure

  • Network Fundamentals
  • Network and System Security
  • Wireshark
  • Metasploitable
  • Linux Privilege Escalation

Security operations

  • Security Awareness
  • Intro to Security Engineering
  • Software Security
  • Advanced Splunk
  • Blue
  • Calculated Risk
  • Hash Cracker

Foundations

  • Intro to Pentesting
  • Terminaled
  • Phishing
  • Just Have to Deal With It

Daily consistency has also been tracked through 7-day, 30-day, 90-day, and 180-day practice streaks.

View TryHackMe profile

🔗Software Engineering

Building secure systems benefits from understanding how software is designed, implemented, and maintained. Alongside security work, I continue to develop practical software engineering skills across backend development, frontend development, databases, and mobile applications.

The Meta professional certificate programs include:

  • Meta Generalist Software Engineer Certificate
  • Meta Back-End Developer Professional Certificate
  • Meta Front-End Developer Professional Certificate
  • Meta Database Engineer Professional Certificate
  • Meta Android Developer Professional Certificate

View software engineering credentials

Capstone project write-ups on GitHub

🔗Current Direction

Current areas of interest include:

  • API security
  • API design
  • REST APIs
  • OAuth and modern authentication
  • Python
  • Django REST Framework
  • Security automation
  • Web application security
  • Offensive security
  • Secure software engineering

The technologies evolve, but the motivation stays consistent: understand how systems work, build them well, and test their limits.