Structured methodology for testing authentication mechanisms — brute force, credential stuffing, session fixation, token forgery, and OAuth abuse chains.
Full-spectrum recon methodology covering OSINT, subdomain enumeration, tech fingerprinting, and attack surface mapping before exploitation.
From error-based to blind time-based SQLi, covering WAF bypass techniques, OOB exfiltration, and privilege escalation via database misconfiguration.
Enumerating SUID binaries, writable cron paths, sudo misconfigurations, capabilities abuse, and kernel exploit triage for CTF and real engagements.
BOLA, broken function-level authorization, mass assignment, and rate-limiting bypass across REST endpoints and GraphQL introspection abuse.
Pass-the-hash, Kerberoasting, AS-REP roasting, NTLM relay, and pivoting techniques for internal network traversal in AD environments.
Each playbook is a living document — structured as an attack chain with prerequisite context, tooling commands, detection indicators, and remediation notes for responsible disclosure.
Designed for authorized penetration testing, bug bounty engagements, CTF competitions, and red team operations. Always obtain written authorization before testing.