Technical
Concepts
Penetration testing techniques, attack methodologies, and security fundamentals explained the way I wish someone had explained them to me. No fluff, just the concepts and the commands.
Network Foundations for Security
TCP/IP, subnetting, the OSI model, ARP, routing, and how packets actually move. The networking fundamentals that make every other security concept make sense.
Read arrow_forwardLinux Fundamentals for Pentesters
File permissions, process management, shell navigation, pipes, grep, find, and the commands every pentester uses within the first five minutes on a Linux target.
Read arrow_forwardBash Scripting for Security
Variables, conditionals, loops, functions, and real automation patterns. Building scripts that do useful things during engagements instead of just running tools by hand.
Read arrow_forwardAndroid Security Fundamentals
The Android security model, application components, inter-process communication, permission abuse, and common mobile attack surfaces that most web pentesters overlook.
Read arrow_forwardHardware Attack Surfaces
JTAG debugging, UART serial interfaces, side-channel analysis, fault injection, and firmware extraction. What physical access to a device actually unlocks for an attacker.
Read arrow_forwardCross-Site Scripting (XSS)
Stored, reflected, and DOM-based XSS from first principles. What the browser actually executes, how to find injection points, and why content security policies keep failing.
Read arrow_forwardSQL Injection Fundamentals
From authentication bypass to UNION-based data extraction and OS-level code execution. Understanding why parameterisation alone isn't always enough.
Read arrow_forwardCommand Injection
How shell metacharacters turn a ping form into a root shell. Injection operators, filter bypass techniques, and the payload patterns that actually work under real WAF rules.
Read arrow_forwardFile Upload Attacks
Bypassing client-side checks, blacklist extensions, whitelist MIME types, and magic byte filters to land a web shell. The path from upload to RCE.
Read arrow_forwardFile Inclusion Vulnerabilities
Local and remote file inclusion from directory traversal to log poisoning. What happens when a PHP include() trusts user-controlled input.
Read arrow_forwardLinux Privilege Escalation
SUID binaries, cron job abuse, writable /etc/passwd, kernel exploits, and LD_PRELOAD hijacking. A systematic checklist for going from www-data to root.
Read arrow_forwardWindows Privilege Escalation
Token impersonation, unquoted service paths, AlwaysInstallElevated, DLL hijacking, and SeImpersonatePrivilege. The Windows PrivEsc playbook explained clearly.
Read arrow_forwardIntroduction to Active Directory
What AD actually is, why 95% of enterprise networks run it, and why a single standard user account is enough to enumerate the entire domain. The foundation before any AD attack.
Read arrow_forwardActive Directory Attacks
Kerberoasting, AS-REP Roasting, Pass-the-Hash, DCSync, and Golden Ticket attacks. How real-world domain takeovers are chained from a foothold user.
Read arrow_forwardFootprinting and Reconnaissance
Service enumeration across FTP, SMB, SMTP, NFS, DNS, SNMP, and IMAP. The methodology for mapping every open service before a single exploit is attempted.
Read arrow_forwardDNS Enumeration with Python
Building a DNS recon tool from scratch in Python. Zone transfers, record types, subdomain brute-forcing, and why writing your own tools teaches you more than any pre-built scanner.
Read arrow_forwardNetwork Enumeration with Nmap
SYN scans, UDP, version detection, OS fingerprinting, NSE scripts, and timing controls. How to get a full picture of a target network without triggering every IDS rule in the book.
Read arrow_forwardWeb Fuzzing Techniques
Directory and endpoint discovery, parameter fuzzing, vhost brute-forcing, and wordlist selection. The difference between a scanner that finds something and one that generates noise.
Read arrow_forwardWindows Stack Buffer Overflows
EIP control, bad character identification, finding JMP ESP, shellcode generation, and patching the exploit. The manual walkthrough from fuzzing to a working reverse shell.
Read arrow_forwardShells and Payloads
Bind shells, reverse shells, web shells, and staged payloads. Spawning a TTY, upgrading a dumb shell, and the payload formats that survive restrictive network environments.
Read arrow_forwardPassword Attack Techniques
Hash cracking, credential stuffing, password spraying, LSASS dumping, SAM extraction, and NTDS harvesting. Every credential attack technique from the local machine to the domain controller.
Read arrow_forwardNetwork Pivoting and Tunneling
SSH tunnels, SOCKS proxies, Proxychains, port forwarding, and moving through segmented networks without triggering egress controls. Lateral movement from a compromised host.
Read arrow_forward