It’s been a few intense weeks in my cybersecurity journey. Between revisiting OffSec 301, shifting gears toward macOS and iOS, and making a huge academic decision, a lot has changed. Here’s a quick update—and a few things I’ve learned along the way..

Refocusing on OffSec 301 Link to heading

I had just started the OffSec module “6 - Overcoming Space Restrictions: Egghunters” but I wasn’t satisfied with my understanding of the previous modules. Even though I was enjoying MalDev Academy, I decided to pause it and everything else and only focus on 301.

The anxiety to “learn everything fast” was still there, but instead of rushing, I started over from the beginning. To my surprise, it didn’t take as long as I expected. I actually retained more than I thought. The only module that required extra attention was module 4—Exploiting SEH Overflows. I took my time, worked through every step in detail, and it paid off: I completed the Egghunter “extra mile” exercise without any tips or outside help.

At first, restarting felt like a setback. But after finishing module 6, I knew I’d made the right call—I wasn’t just going through the motions, I was actually learning.

Changing my Mind about WinDBG Link to heading

Another shift: I started to enjoy using WinDBG! I know, I wasn’t very kind to it in my last post. I still believe it’s not the most beginner-friendly debugger, but it forces you to think deeply about every action and really understand each step.

One thing that helped was a theme I found on GitHub that makes WinDBG look more like x32dbg. Being able to see registers and the stack visually, without typing commands, really helped my learning process.

Even though I’m enjoying WinDBG, I still hate using RDP to connect to the target VM. I’ve tried running a VM locally, but some exercises just don’t work as expected. That’s frustrating.

From Windows to Apple: Following My Real Passion Link to heading

Originally, I planned to complete 301 and MalDev Academy before diving into macOS/iOS. My reasoning was that there’s way more content out there for Windows exploitation. And that’s true—good macOS training is hard to find.

But I realized I was using that as an excuse to delay what I really wanted to do, just because it seemed harder. Truth is, there’s no “finish line” in cybersecurity. So I stopped waiting.

I’ve been a Mac user for over 20 years, and I’ve always wanted to specialize in Apple systems. A few months ago, I enrolled in SANS 610: Reverse Engineering Malware, but after this shift in focus, I switched to SANS 518: Mac & iOS Forensic Analysis & Incident Response. I’m not primarily interested in the forensics angle, but I believe it will help me understand Apple systems more deeply.

Next step after 301: OffSec 312.

Big News: Starting My MS in Computer Science Link to heading

I’m incredibly excited to share that I was accepted into the Align MS in Computer Science program at Northeastern University!

Studying at an American university has been a dream since I was a teenager. At first, I considered a cybersecurity-specific program, but ultimately, I feel I’ll benefit more from developing a deeper foundation in software engineering. I start next semester—and I couldn’t be more excited.

Let’s Talk Link to heading

Have you ever restarted a course or shifted your focus mid-journey? What helped you decide? What were you biggest fears?

I’d love to hear your experience — drop a comment or DM me!