Skip to main content
Personal security research notes, cheatsheets, and methodology.

Methodology & Assessments

Pentest mindset, box-solving workflow, and engagement structure

Web Exploitation

SQLi, XSS, SSRF, LFI/RFI, command injection, file upload, auth bypass

Infrastructure

Linux and Windows privesc, post-exploitation, pivoting, and file transfers

Recon & Tools

Port scanning, web enum, OSINT, and command references for all major tools

Active Directory

Kerberoasting, ACL abuse, delegation, ADCS, credential dumping, and trusts