304 North Cardinal St.
Dorchester Center, MA 02124

Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM

2019 Review - Views

Hacking Blog Aspirations – My Progress Through the Years

It was time for me to combine all of my hacking blog updates and statuses so that I’d have one living post!

Starting a hacking blog was always something that I wanted to do. It isn’t the easiest process, but it can be an incredibly rewarding one. If you are considering starting a security blog for your portfolio/resume or knowledge sharing, then do it!

Table of Contents

  1. Hacking Blog – Introduction
  2. Hacking Blog – The First (full) Year (2015)
  3. Hacking Blog – Two-Year Blogiversary (2016)
  4. Hacking Blog – Moving on Up (2017)
  5. Hacking Blog – Goals Exceeded (2018)
  6. Hacking Blog – Road to 100k (2019)
  7. Hacking Blog – Coming Soon (2020)
  8. Hacking Blog – Conclusions

Hacking Blog – Introduction

I started my path into hacking blogs with the following, “Hello World” post:

So, I figured it was about time to start a blog to track what I'm currently learning or trying to break.

The title of the blog (Security Not Included) comes from a childhood phrase that I think is quite relevant (modified of course) to the realm of Information Security. Back then, the phrase was of course "batteries not included". This is relevant to security as well because users everywhere just expect their systems, applications, and information to be secure out of the box.

At the very least, I know I will learn plenty while writing this blog, but I'm hoping someone else does too.

(I'll try to keep the blog mostly first-person research and learning, but I may have to slip in some videos or tutorials from time to time.)

This was posted back in May 2013, on a now-defunct site if I’m not mistaken.

I figured that hacking blogging would be a great way to teach others, learn about the field, and improve my career.

I could have never imagined just how far I would have come in the last 8+ years, and I’m so proud of this site and its content.

Get Your NordVPN Offer Now!

Hacking Blog – The First (full) Year (2015)

Well, since I was getting a few updates from WordPress as well as Jetpack, I figured it would be fun to look over a year in my site’s life (plus I could still use some downtime after OSCP).

According to WordPress, my blog received 4,768 views by 2,618 visitors for 1.82 views per visitor over the year.

The Early Stats

My most popular posts were the Kioptrix series, which makes sense as Kioptrix is geared more towards beginners.

Surprisingly (to me at least), most of my viewers came from search engines as opposed to VulnHub, which I thought would bring in more.

Most of my outgoing clicks went to PaulSec’s blog, which is all for the explanation on fixing the OpenFuck exploit used in Kioptrix level 1

As I expected, most of my views came from the US, but it was interesting to see where the rest came from (apparently I have a relatively decent following in Indonesia…).

Unfortunately, I am unable to get my Google Webmaster results for the entire year, but they generally leaned towards Kioptrix, errors, and certifications most months (here are my December stats).

Hacking Blogging – Best Day in 2015

The day with the most views (66 in total) was actually on the 22nd of June, but it was fairly easy to figure out why.

This was the day that Filip Ekberg actually tweeted my post about discovering multiple vulnerabilities in his HTTP server.

While it was awesome to see those two events correlate, it showed me that if I want people to read this blog I will need to get it out there and maybe advertise a bit more.

That said, maybe that will come this year in the form of tweets, more public vulnerability findings, conference talks, or guest posts.

All in all, I’m glad I finally picked the blog back up, and I plan on continuing with a post a week for the foreseeable future.

Hacking Blog – Two-Year Blogiversary (2016)

With today being my two-year blogiversary, I thought it would be a good time for another update post!

While my first post was back in May of 2013, I only actually started posting every week back on April 11, 2015, with my eCPPT Review.

This post marks my 104th weekly post, so exactly two years since I started.

First, I had a lot more views (21,518) and visitors (12,805) than in 2016.

Blogiversary - Views

That said, this blog is a lot more to me than just sharing content and getting views. It is a way to force myself to learn, and then share that knowledge with as much of the community as possible.

I like to think that I accomplished this in the last year.

Hacking Blog – Vulnerability Disclosures

I managed to have a few vulnerability disclosures:

New Hardware

There was also a lot of new hardware/toys:

Not to mention, my fairly large tool release:

Blogiversary Statistics

Kioptrix Level 1 led the year again in views for a specific post, but some of my newer posts (including cert reviews) climbed their way up the ranks.

Hacking Blog - Blogiversary - Posts

Most of my clicks still came from Google searches, but a few came from Reddit and Twitter self-promoting.

Blogiversary - Referrers

Paul’s blog on fixing OpenFuck is still the page that gets the most clicks from my site, but I’m glad to see some other stuff up there as well.

Blogiversary - Clicks

My most views in one day took a huge leap, from 66 to 352.

Hacking Blog - Blogiversary - Records

This was mostly because this was the day that I released RWSH and posted about it on a few security sub-Reddits.

Blogiversary - Reddit

That said like I said last year, self-promotion would be the best way to get visitors to my blog.

I saw a lot more views overall this year, and even a little more in 2017.

Blogiversary - All Time Views

While this was technically only my 2nd Blogiversary, I’m hoping to have many more, with tons of information to share.

If you’d like to compare to my stats from last year, you can at this post.

Get Your NordVPN Offer Now!

Hacking Blog – Moving on Up (2017)

With another year in the books, it’s time for my 2017 review! 2017 Review – Introduction

It is a little earlier in the year than last year, but it’s the holidays and I didn’t want to write a real post.

Some of this information will be the same as my blogiversary post, but that’s because it was also posted this year.

Hacking Blog – Stats, stats, stats

First, I managed to beat my goal of 50,000 views by over 15% this year!

Hacking Blog - 2017 Review - Views

My most popular post this year was my pfSense DNSBL post, which isn’t too surprising. This was a popular topic, and not only among infosec professionals. My Kioptrix walkthrough came in at a solid second, which also makes sense given its introductory nature.

2017 Review - Popular Posts

Almost all of my readers are geo-located in the US, but it is fun to see where everyone else’s IP originates from.

2017 Review - IP Locations

My most popular referer by far is still search engine traffic. This is both a blessing and a curse. It is great to get so much organic traffic, but it also means that I could do a better job promoting the site. Additionally, I should probably get better at SEO to increase those numbers more.

Hacking Blog - 2017 Review - Referrers

Not surprising based on the most popular post, but a lot of my traffic is coming from pfSense searches.

2017 Review - Google Console

GitHub managed to pass PaulSec’s blog post as my most common outgoing traffic, with a nice mix of my tools + other people’s.

2017 Review - Outgoing Traffic

Finally, the most popular time and days for my blog are Monday and 10:00 am respectively. I’m not sure if this is because people are reading my posts once they get into work, or something else. It could be because of the Twitter e-mail updates, an RSS reader program, or another reason entirely.

Hacking Blog - 2017 Review - Popular Time

Hacking Blog – 2017 Review (Most Views in a Day)

My most views in a day, for both this year and all-time, was on April 15, 2017.

2017 Review - Best Views Ever

I managed to get 689 views in one day, which is over 4 times my daily average of 156.

2017 Review - April 15 Views

The reason for this spike in viewership was because of a few Reddit posts I made that day. I released my Burp VERBalyzer plugin and shared it with a few different subreddits.

Hacking Blog - 2017 Review - Max Referrals

I’d love to get more posts on Reddit, but I don’t want my account used only for shilling my site. I either need to find time to share other things as well or have other people share my posts.

While most of my traffic is still coming organically, my big viewership days are still from some sort of promotion.


I went to, and spoke at, 6 different conferences this year!

New Hardware or Write-Ups with Old Hardware

I upgraded or picked up some new hardware this year, so I got to do a few write-ups in that category as well. Next year will probably have fewer new toys, but hopefully some more in-depth uses.

Hacking Blog – Cross-Site Scripting (XSS)

With my new job being friendlier towards disclosure, plus more collaboration, I made a lot of new XSS posts. These ranged from various attacks to different filters or limitation avoidance. I still have a few more in the queue for next year, so be on the lookout!

Tool Releases and Updates

While my tooling wasn’t as active as I would have liked, I still had a few solid releases this year. PyDHCPDiscover and VERBalyzer were entirely new tools that got some decent traction and usage. I also updated RWSH to v1.1, with plenty of ideas for v1.2 or v2.0, which will be coming in 2018!


I even managed to pick up two new eLearnSecurity certifications this year. I’m hoping to finish at least my GXPN and eCRE next year, but we’ll see.

Hacking Blog – Exploits

I released a few exploits this year, though most of them were for older vulnerabilities. The two that I’m most proud about are the DB2 one (because I hadn’t seen that specific one before) and the CertReq exfil because I spent a ton of time on it.


I wanted one more category to catch a few other posts that I thought were good this year. The two CTF write-ups are self-explanatory, and I have more coming for 2018. The new job was just something awesome and led to even better quality posts here. Finally, the stealing hashes post was one of the coolest attacks I performed this year, so I had to include it.

Hacking Blog – Goals for 2018

First, I plan on continuing my streak of posting (or back-dating) every Saturday next year.

In addition to that, I have set my goal at 70,000+ views for the year.

I got this number based on the last 5 months of this year and extrapolating out.

2017 Review - Goal Calculation

It should be closer to the 73,000-75,000 range, but I’m not sure if I’ll be able to keep up those numbers yet. 2017 Review – Conclusion

Well, it was a great year for my blog, and I hope you enjoyed it.

Other than more posts, I’m also hoping to try to get some videos started in 2018.

If you have any other ideas, requests, suggestions, or questions, then please send them my way!

Hacking Blog – Goals Exceeded (2018)

Another year down, so it’s 2018 review time! 2018 Review – Introduction

The timing was great this year, and I got to wait until after the 1st unlike last year.

No blogiversary post this year, but I’m hoping to do something special for my 200th consecutive post!

Lies, Damned Lies, and Statistics

First, I managed to beat my goal of 70,000 views by over 13%!

Hacking Blog - 2018 Review - Views

For the second year in a row, my most popular post was the pfSense DNSBL post. This is a very popular post and is a very high result in a lot of organic traffic. My second, and my fourth, most popular posts were about new wireless cards and configuration/installation, which also mostly search engine traffic.

2018 Review - Most Popular posts

An even larger part of my traffic came from the US this year, but I still really like looking at this chart.

2018 Review - Geotraffic

My traffic generation was still terrible, and this is a place that I need to focus on next year. That said, it is nice having so many referrals from search engines.

Hacking Blog - 2018 Review - Referrers

While I cannot grab the search history for my entire year, my wireless card posts drove traffic for the last few months.

2018 Review - Searches

Unsurprisingly, GitHub is my most common for outgoing clicks. I’ve thought about adding referral and/or affiliate links for monetization, so this might be an option for 2019.

2018 Review - Outgoing clicks

I still can’t figure out what is causing my most popular day or time, but it is still different from last year’s. While my most popular time is still 10 am, the day changed from Monday to Wednesday.

Hacking Blog - 2018 Review - Popularity

Hacking Blog – 2018 Highlights

I was nowhere near my 2017 record of 689 views in one day. This year, my best day was 335 views on September 12th. That said, I made 0 Reddit links to my blog this year. I need to post more on Reddit, as that is where the burst traffic comes from.

2018 Review - Most daily views

That day, it was mostly just generic traffic and views on the eCPPT post, which is always popular.

2018 Review - Biggest day

CTF Write-Ups

While this was a miscellaneous category for my post last year, I got through a bunch this year! That said, I still have some that I’d like to finish from years ago, so hopefully, I can get to them.

Hacking Blog – XSS

While I only had two cross-site scripting posts this year, they were still pretty neat. I’ve got some in my draft folder for next year, so I hope to finish those too.


I went to another 6 conferences this year, and again spoke at 3! I don’t have a topic in mind yet, so these numbers may be smaller next year.

Assembly (x86)

I know I posted a lot about x86 this year, but that was due to the SLAE certification. This was a great course, and I learned a ton. I didn’t want to re-link all of my posts, just the most interesting ones here.


This year I managed to knock out another two certifications, which I’m proud of. I haven’t done my SLAE review/exam post yet, so I will just link to the first post I made about it. I plan on getting my OSCE next year, but I am not sure what else yet. I’ve already paid for the eCRE and the eCPTX, but I’m also looking at the pTrace Advanced Software Explotation as an option.

Hacking Blog – Tooling

I didn’t release any updates for my most popular tools or release anything novel. That said, if I include this category again, maybe I’ll do better next year!


I had a few other neat posts this year, that I wanted to re-share. The book review was a ton of work, and I’m still really proud of that one.

Hacking Blog – Goals for 2019

Based on this year’s statistics, plus my yearly insights, I should probably aim for 80,000 views next year.

Hacking Blog - 2018 Review - Monthly insights

That said, I almost hit that this year, so it doesn’t feel like a great goal. I think I will aim for 85,000 views, but I’m willing to adjust this if I spend more time on traffic generation next year.

Other than that, I haven’t missed a post in over three years now, and I don’t plan on starting next year.

2018 Review – Conclusion

This was a great year for my blog, and it kept me slightly motivated during some rougher times.

I also increased my average words per post a lot, which I hope speaks to their quality.

2018 Review - Full year

If you have any ideas for more topics, monetization ideas, or ways to branch out, then please let me know! I’ve thought about creating a book(s), courses, consultancies, etc. always bouncing around in my head.

Get Your NordVPN Offer Now!

Hacking Blog – Road to 100k (2019)

Last year is already over, so here is my 2019 review! 2019 Review – Introduction

If you haven’t seen my other yearly review posts, this will be similar in style and formatting to those.

I ended up behind a few posts this year due to my break, but I still plan on finishing those up!


I missed my goal of 85,000 views (as well as last year’s 79,393) by a bit this year, but that’s alright.

2019 Review - Views

This is the third year that my most popular post was the pfSense DNSBL one. This post is mostly organic traffic, which is great. The rest of my top five were still related to wireless cards or attacks, so this is search engine traffic as well.

Popular posts

My US traffic was a bit lower this year, but this is always a fun graphic to look at.

Hacking Blog - 2019 Country traffic

I’m still bad at traffic generation, so I need to improve that in 2020.

2019 Review - Referrers

I generated a report for my search traffic for all of 2019, which was cool to see. The searches are very similar to last year’s, which is interesting to note.

Search traffic

GitHub is still far and away my biggest outgoing click, but it’s also what I link to the most.

Hacking Blog - 2019 Outgoing clicks

While Wednesday is still my most popular day, the time is now 9 am (instead of midnight).

2019 Review - Popular day/time

Hacking Blog – Highlights for 2019

I finally have a new record for views in one day! On January 20th this year I had 874 views (up from 689 views in a day back in 2017).

Record views

There was a lot of traffic on my post from January 19th about a Vulnserver exploit.

Hacking Blog - 2019 Record post and referrers

CTF/Challenge Write-Ups

I had even more write-ups for CTFs and various challenges this year, so hopefully, they were helpful.

There are also still some from older conferences that I’ve either been holding onto or procrastinating on.


I only attended a few conferences this year, and only spoke at one of them.

I’m hoping to speak some more next year, but I still don’t have a topic in mind yet.

Hacking Blog – 2019 Review (Disclosures/Vulnerability Write-ups)

I reported a few vulnerabilities this year and got to release the public disclosures along with the CVE information.

There was also a fun finding that I had on a production system, shortly after someone else’s disclosure.

Hacking Blog – XSS

Cross-site Scripting wasn’t a priority of mine this year, but I still wrote posts for three different filter bypasses.


While it seemed like a slower year, I finished and/or blogged about two new certifications in 2019

2019 Review – Vulnserver

I worked on a few vulnserver exploits as well, as preparation for my OSCE as well as fun afterward. I still want to finish every command, so stay on the lookout for those posts.


I also had a few other posts this year that I wanted to re-share.

Hacking Blog – Goals for 2020

Based on this year’s stats, plus what happened, I’m going to set my goal back down to 80,000 views for next year.

2019 Review - Monthly views

I also want to finish my goal of 1337+ Twitter followers, which I’m pretty close to already.

2019 Review - Twitter followers

2019 Review – Conclusion

This was another great year, and I’m glad that I’ve stuck with this for so long.

I increased my average words per post AGAIN, from 1132 to 1151.

Words per post

I’m always open for monetization ideas, branching out, or guest posts, so let me know!

Hacking Blog – Coming Soon (2020)

I’m a little behind on this post, so my 2020 update isn’t quite ready yet!

Get Your NordVPN Offer Now!

Hacking Blog – Conclusions

I have been running this blog on and off since 2013, with the focus coming and going over the years.

Once I started my weekly posting goal, I got almost THREE HUNDRED posts in a row before taking a longer break.

Now, I still plan on trying to post every week, but the goals are now increased quality (and monetization).

I’d love for feedback on the new site or direction, so hit me up!

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.