Methodology & Assessments
Pentest mindset, box-solving workflow, and engagement structure
Web Exploitation
SQLi, XSS, SSRF, LFI/RFI, command injection, file upload, auth bypass
Infrastructure
Linux and Windows privesc, post-exploitation, pivoting, and file transfers
Recon & Tools
Port scanning, web enum, OSINT, and command references for all major tools
Active Directory
Kerberoasting, ACL abuse, delegation, ADCS, credential dumping, and trusts