Web Exploitation Attacking GraphQL APIs: Introspection, Batching, IDOR, and DoS
A practical guide to GraphQL pentesting: fingerprinting with graphw00f, introspection, batching, IDOR, and DoS, plus blue-team defenses.
Web Exploitation 
Tools & Defense Nmap in Practice: A Pentester’s Guide to Scanning, NSE, and Timing
A practical, accurate Nmap workflow covering host discovery, -p-, -sC -sV, NSE scripts, and timing — plus blue-team detection.
Tools & Defense Burp Suite: A Practical Introduction for Web Application Testing
A hands-on guide to Burp Suite's proxy, Repeater, Intruder, Scanner, and extensions, plus blue-team defenses.
Tools & Defense Metasploit Framework Fundamentals: From msfconsole to Meterpreter
A practical introduction to the Metasploit Framework: searching modules, launching exploits, driving Meterpreter, and detecting it all.
Tools & Defense Mastering the Impacket Suite: From Lateral Movement to Credential Extraction
A practical tour of Impacket's psexec, wmiexec, secretsdump, GetUserSPNs and smbserver, plus blue-team detection.
Tools & Defense NetExec (CrackMapExec) in Practice: SMB Enumeration, SAM Dumping, and Password Spraying
A practical guide to NetExec (nxc) for SMB enumeration, SAM dumping, password spraying, and modules — plus blue-team detection.
Tools & Defense Password Cracking with Hashcat: Modes, Rules, Masks, and Cracking NTLM & Kerberos
A practical guide to Hashcat: hash modes, rule-based and mask attacks, and cracking NTLM and Kerberos hashes plus how to defend.
Tools & Defense John the Ripper in Practice: From Hash Extraction to Rule-Based Cracking
A practical guide to John the Ripper: *2john extraction, format detection, wordlist and rule-based attacks, plus blue-team defenses.
Security Reverse Shell Cheat Sheet: From One-Liners to a Stable TTY
A practical reverse shell cheat sheet covering bash, nc, python and PowerShell payloads plus TTY upgrade and detection.
Tools & Defense Generating Payloads with msfvenom: Formats, Encoders, and Staged vs Stageless
A practical guide to msfvenom payload generation: formats, encoders, and the difference between staged and stageless shellcode.
Tools & Defense Pivoting and Tunneling: A Practical Guide to Chisel, Ligolo-ng, and SSH
Reach internal networks through a compromised host using chisel, ligolo-ng, SSH, and proxychains, and learn how defenders detect it.
Tools & Defense OSINT for Penetration Testers: A Practical Introduction to Passive Reconnaissance
A hands-on intro to OSINT for pentesters: theHarvester, recon-ng, Google dorks, Shodan, and Maltego, plus blue-team defenses.
Tools & Defense Passive and Active Reconnaissance: Subdomain Enumeration with Amass and ffuf
A practical walkthrough of passive and active recon: DNS footprinting, subdomain enumeration with Amass, and vhost/path fuzzing with ffuf.
Tools & Defense AWS Security Fundamentals and Attack Techniques: IAM, S3, and the Metadata Service
A practical primer on attacking and defending AWS: IAM enumeration, S3 misconfigurations, IMDS abuse, and Pacu.
Tools & Defense Azure and Entra ID Attacks: A Practical Primer with AADInternals and ROADtools
A hands-on introduction to Entra ID attacks: device code phishing, illicit consent grants, token theft, and the blue-team controls that stop them.
Tools & Defense Kubernetes Security 101: From kubectl to RBAC and Token Theft
A practical intro to Kubernetes security: kubectl, RBAC, service account token abuse, kube-hunter scanning, and how to defend.
Tools & Defense Breaking Out: A Practical Guide to Linux Container Escape Techniques
How privileged containers, host mounts, cgroups, and CAP_SYS_ADMIN lead to container escape, plus blue-team defenses.
Tools & Defense Log4Shell (CVE-2021-44228): Anatomy of the JNDI/LDAP Exploit
A practical breakdown of Log4Shell: how the JNDI/LDAP lookup leads to RCE, a marshalsec PoC, WAF bypass tricks, and defenses.
Tools & Defense Windows Hardening with VBS and Credential Guard: How It Works and How to Test It
A practical guide to Virtualization-Based Security, Credential Guard, HVCI, and LSA protection for red and blue teams.
Tools & Defense Active Directory Defense and Monitoring: Tiering, LAPS, and Detection Engineering
A practical defender's guide to AD tiering, LAPS, honeypot accounts, ADCS hardening, and the event IDs that catch attackers.