My Notes Collection#
This is where I keep all my security testing notes - compiled from courses, blog posts, documentation, and too many hours of Googling. These aren’t original research, just my personal reference library that I’ve organized in a way that makes sense to me.
Disclaimer: These notes have been compiled from multiple sources across the internet with the goal of helping me (and hopefully you) learn. The credit for all techniques, tools, and methodologies belongs to their original authors and researchers. I’ve simply aggregated and organized them for easy reference. Use responsibly and only on systems you own or have explicit permission to test.
- Shiro
Core Penetration Testing#
VAPT Notes (9 Parts)#
Penetration testing fundamentals - everything from recon to privilege escalation.
- Part 1: Network Reconnaissance & Enumeration
- Part 2: Linux Exploitation & Privilege Escalation
- Part 3: Windows Exploitation & Privilege Escalation
- Part 4: Active Directory Exploitation Part I
- Part 5: Active Directory Exploitation Part II
- Part 6: Lateral Movement, Network Pivoting & Tunnelling
- Part 7: General Offensive Techniques Part I
- Part 8: General Offensive Techniques Part II
- Part 9: General Utilities
Advanced Red Teaming#
Red Team Notes (6 Parts)#
Red team operations and adversary simulation tactics.
- Part 1: Initial Access, Reconnaissance, File Transfer & Payload Delivery
- Part 2: Internal Reconnaissance & Domain Enumeration
- Part 3: Lateral Movement & Credential Access
- Part 4: Domain Privilege Escalation
- Part 5: MSSQL Server Exploitation, Trust Abuse & Persistence
- Part 6: EDR Evasion & Anti-Forensics
Command & Control Frameworks#
Cobalt Strike Notes (5 Parts)#
Cobalt Strike usage for red team engagements.
- Part 1: Setup, Initial Access & Evasion
- Part 2: Recon, Persistence, PrivEsc & Credential Theft
- Part 3: Domain Recon, Lateral Movement, Pivoting & Proxying
- Part 4: Kerberos Attacks & Domain Dominance
- Part 5: Group Policy Abuse, MSSQL Attacks & Specialized Techniques
Sliver C2 Notes#
Modern C2 framework - the open-source alternative
Web Application Security#
Web Hacking & Bug Bounties (6 Parts)#
Web app vulnerabilities and exploitation techniques.
- Part 1: Setup, Directory Traversal & Cross-Site Scripting
- Part 2: SQL Injection & Command Injection
- Part 3: SSTI & Host Header Attacks
- Part 4: XXE & File Upload Attacks
- Part 5: SSRF & Broken Access Control
- Part 6: Business Logic Exploits & Advanced Attacks
Cloud Security#
Cloud VAPT Notes#
Security testing for AWS, Azure, and GCP.
Mobile Security#
Mobile VAPT Notes#
Android and iOS application security testing.