Foundations
Scoping, authorisation, rules of engagement, standards, documentation habits, delivery constraints and the business logic behind a real assessment.
Pentest // Entry Map
A giant pentesting surface built around attack types, trust failures and operator workflow.
Use this portal when you want the broadest route into research, internal operations, application security, cloud, API, identity, mobile, escalation, tradecraft, AI, cyber-physical work, code review, exploit development and reverse engineering.
Internal Operations
Internal network assessments, password attacks, Active Directory tradecraft, C2, thick clients, persistence and pivoting.
Application Security
Web testing workflows, OWASP coverage, browser tooling, client trust and application-layer exploitation.
API Security
REST, GraphQL, object-level access, OAuth/OIDC, JWT, schema abuse and API fuzzing.
Cloud Offensive Security
AWS, Azure, GCP, Kubernetes, IaC drift, control-plane abuse and cloud identity.
Mobile App Pentesting
Android and iOS testing, Frida, pinning bypass, storage, deep links and runtime analysis.
Identity / SSO Abuse
Entra, Okta, SSO, consent abuse, token theft, SCIM drift and conditional-access pressure.
Escalation Paths
Linux, Windows and macOS privilege escalation with a focus on enumeration, path discovery and practical abuse chains.
Adversary Emulation
Payload staging, AV/EDR pressure, OPSEC, client-side chains, custom tooling and C2 tradecraft.
DevSecOps / CI-CD
Git secrets, runner compromise, artifact poisoning, signing, SBOM and build-system trust.
OT / ICS Security
Industrial protocols, PLC/HMI trust, segmentation failures and process-manipulation risk.
AI Security
Prompt injection, jailbreaks, unsafe agents, retrieval abuse, tool compromise and model API pressure.
Drone / Robotics
Autopilot, MAVLink, ROS, telemetry, companion computers and field-side control trust.
Exploit Development
Shellcoding, payload construction, scripting for offensive use, exploit analysis and practical evasion concepts.
Reverse Engineering
x86 and ARM basics, Ghidra, radare2, macOS analysis and memory-corruption-oriented reversing.