Skip to content

OffSec

Everything that didn't fit neatly into basics but deserves its own dirty corner of the site These are tools and techniques for authorized testing only — don't be that guy

  • Reconnaissance — enumeration , OSINT , scanning , fingerprinting , finding the doors before you kick them in
  • Vulnerability Analysis & Guides — CVEs , vuln scanning , assessment methodologies , knowing what breaks and why
  • Active Directory — AD attacks , Kerberos abuse , privilege escalation , enumeration — where enterprise security goes to die
  • Exploitation — PoC code , exploitation techniques , buffer overflows , weaponizing theory into practice
  • Payloads & Wordlists — shellcode , payload generation , wordlist resources — the ammo you didn't know you needed
  • Advanced Post-Exploitation — lateral movement , pivoting , privilege escalation , persistence — you're in , now what
  • Android Pentesting — mobile app testing , Android security , tearing apart APKs like a cheap toy
  • Tools & Automation — security tooling , automation scripts , CI/CD security , making the machine work for you
  • Reporting & Writeups — pen test report templates , CTF writeups , documentation , because it didn't happen if you didn't write it down
  • Learning & Certifications — training paths , cert prep , educational resources , stop reading and start doing

next -> Reconnaissance