{"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "software_engineering", "question": "How does testing strategy change between monolith and distributed systems?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "software_engineering", "question": "What psychological bias makes teams resist CI/CD?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "software_engineering", "question": "Why does TDD produce different code than test-after?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "software_engineering", "question": "What principle makes microservices different from SOA?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "software_engineering", "question": "Why is 'never trust user input' a software architecture concern, not just security?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "software_engineering", "question": "Explain why 'everything fails all the time' is a design philosophy, not pessimism.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "software_engineering", "question": "Why is API versioning a social problem, not a technical one?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "software_engineering", "question": "Explain why NoSQL databases trade consistency for availability \u2014 and when that decision hurts you.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "software_engineering", "question": "Explain how the principle of least privilege applies at the code level.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "software_engineering", "question": "How does 'shift left' change the economics of bug fixing?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "How do TTPs change when an APT group knows they're being tracked?", "assessment": "analytical"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "What cognitive biases affect decision-making during active incident response?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What bias makes blue teams over-invest in prevention and under-invest in detection?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "whiterabbit", "question": "Analyze how institutional epistemology affects truth-finding in high-profile investigations.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "software_engineering", "question": "What makes a good API design differ between internal and external consumers?", "assessment": "analytical"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does groupthink manifest in a SOC and how do you break it?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XSS represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's concept of fortune to zero-day exploit markets.", "assessment": "connective"} {"domain": "tutor", "question": "Teach me how to read and understand a Nmap scan output and what each port means.", "assessment": "practical"} {"domain": "whiterabbit", "question": "What patterns connect the MKULTRA revelations to modern surveillance programs?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSTI represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "cybersec_incident", "question": "Map the incident response lifecycle to Machiavelli's crisis principle.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Explain the recon methodology for cloud vs on-prem targets and why they differ.", "assessment": "connective"} {"domain": "tutor", "question": "Walk me through your terminal to find and fix a vulnerable API endpoint.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "What makes attribution more art than science? Connect to Machiavelli on intelligence.", "assessment": "analytical"} {"domain": "coding", "question": "Build a bash one-liner that finds all hardcoded secrets in a repo. Explain why developers hardcode secrets.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does XXE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a decorator that logs all function arguments. Connect this to the audit trail principle in security.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "What does the sunk cost fallacy have to do with legacy security tools?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does Deserialization represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Map Machiavelli's fox and lion to detection engineering vs prevention engineering.", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "coding", "question": "Create a Python script that scans for open S3 buckets and explains why the permission model allows it.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does Prototype Pollution represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why does incident response maturity map to 'never waste a crisis'?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "whiterabbit", "question": "How does 'official narrative vs evidence gap' connect across JFK, WTC7, and Epstein?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does RCE represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What does 'appear harmless while prepared' mean for C2 infrastructure design?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "How does patience in recon connect to Machiavelli's 'timing is everything'?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "Why is certificate transparency logs a better recon source than search engines?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_recon", "question": "What's the difference between passive and active recon in terms of legal risk?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_defense", "question": "Why is 'assume breach' a healthier mindset than 'prevent all breaches'?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SQL Injection represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_incident", "question": "Explain why tabletop exercises fail and how to make them effective.", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "How does 'the ends justify the means' apply to red team operations?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "Show me step-by-step how you'd approach a black-box penetration test of a web app.", "assessment": "practical"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "Explain anchoring bias in the context of CVSS scoring and how to fix it.", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_exploit", "question": "How does IDOR represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_attribution", "question": "Explain the difference between attribution for defense vs attribution for prosecution.", "assessment": "analytical"} {"domain": "cybersec_exploit", "question": "How does JWT Attack represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "tutor", "question": "I'm writing my first buffer overflow exploit. Walk me through the concepts and the terminal commands.", "assessment": "practical"} {"domain": "cybersec_defense", "question": "How does defense in depth connect to Machiavelli's fox and lion?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "How would Machiavelli design a SIEM?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "What is the psychological root of the 'shadow IT' problem?", "assessment": "connective"} {"domain": "machiavelli_psych", "question": "How does prospect theory explain over-investment in ransomware defense?", "assessment": "connective"} {"domain": "coding", "question": "Write a function that handles the OWASP Top 10 input validation patterns. Explain each.", "assessment": "practical"} {"domain": "cybersec_exploit", "question": "How does SSRF represent a trust boundary failure? What's the psychological root cause?", "assessment": "connective"} {"domain": "cybersec_defense", "question": "Explain zero trust as a psychological framework, not just a technical one.", "assessment": "connective"}