Linux Privesc Linux Enumeration Cheat Sheet for Privilege Escalation
A practical Linux post-exploitation enumeration cheat sheet covering id, uname -a, sudo -l, SUID hunting, and process inspection.
Linux Privesc 
Web Exploitation SQL Injection: The Complete Guide to UNION and Error-Based Exploitation
A practical guide to UNION-based and error-based SQL injection, payload crafting with information_schema, and blue-team defenses.
Web Exploitation Blind SQL Injection: Boolean-Based and Time-Based Inference Techniques
A practical guide to blind SQL injection: boolean-based and time-based inference, SUBSTRING/SLEEP payloads, and blue-team defenses.
Web Exploitation SQLMap in Practice: From Detection to OS Shell
A practical SQLMap workflow covering request files, database enumeration, data dumping, OS shells, and WAF evasion with tamper scripts.
Web Exploitation Local File Inclusion (LFI) Fundamentals: Path Traversal, /etc/passwd, and Filter Bypasses
A practical introduction to Local File Inclusion: path traversal, reading /etc/passwd, null byte tricks, and PHP filter bypasses, plus defenses.
Security Remote File Inclusion (RFI) Fundamentals: From allow_url_include to RCE
Learn how Remote File Inclusion abuses PHP wrappers and allow_url_include to achieve remote code execution, plus blue-team defenses.
Web Exploitation From LFI to RCE: Practical Escalation Techniques
How to escalate a PHP Local File Inclusion into remote code execution via log poisoning, php://filter, data wrappers, sessions and /proc.
Web Exploitation SSRF Deep Dive: Pivoting to Cloud Metadata, Internal Scans, and Filter Bypass
A practical guide to Server-Side Request Forgery: cloud metadata theft, internal port scanning, filter bypass, and Blue Team defenses.
Web Exploitation XXE Attacks: Exploiting XML External Entities for File Disclosure and Blind OOB Exfiltration
A practical guide to XML External Entity attacks — DOCTYPE abuse, file disclosure, SSRF, blind/OOB exfiltration, and defense.
Web Exploitation Cross-Site Scripting (XSS): A Practical Primer
A hands-on primer on reflected, stored, and DOM-based XSS, cookie theft, and modern CSP bypass techniques.
Web Exploitation Insecure Deserialization: Exploiting PHP and Java Object Injection
How PHP unserialize and Java deserialization lead to RCE via magic methods and gadget chains, plus blue-team defenses.
Web Exploitation OS Command Injection: From Shell Metacharacters to Blind Exfiltration and Filter Bypass
A practical guide to OS command injection: shell metacharacters, blind techniques, IFS-based filter bypass, and blue-team defenses.
Web Exploitation Path Traversal: Escaping the Web Root with ../, Encoding Tricks, and Null Bytes
A practical guide to directory traversal: dot-dot-slash, encoding bypasses, absolute paths, null bytes, plus blue-team defenses.
Web Exploitation Exploiting File Upload Vulnerabilities: From Bypass to Webshell
A practical guide to bypassing file upload filters with double extensions, content-type, and magic bytes to land a webshell, plus defenses.
Web Exploitation JWT Vulnerabilities and Attacks: alg none, Key Confusion, and kid Injection
A practical guide to exploiting JSON Web Token flaws — alg=none, key confusion, weak secrets, and kid injection — plus defenses.
Web Exploitation IDOR and Broken Access Control: Exploiting Insecure Direct Object References
A practical guide to finding and exploiting IDOR/BOLA flaws through parameter tampering and enumeration, plus blue-team defenses.
Security Server-Side Template Injection: From {{7*7}} to RCE
A practical guide to Server-Side Template Injection: detecting, fingerprinting, and escaping Jinja2 and Twig sandboxes to achieve RCE.
Security Authentication Bypass Techniques: Logic Flaws, SQLi, Weak Resets, and 2FA Bypass
A practical walkthrough of four authentication bypass classes — logic flaws, SQLi, weak password resets, and 2FA bypass — with detection and defense.
Web Exploitation CSRF Attacks and Defenses: Forging State-Changing Requests
How Cross-Site Request Forgery hijacks authenticated sessions, with a hands-on PoC and modern token/SameSite defenses.
Web Exploitation Web Cache Poisoning: Weaponizing Unkeyed Input
How attackers turn unkeyed inputs like X-Forwarded-Host into stored XSS via shared caches, and how to defend.