
OSWP review (OffSec Wireless Professional)
The OffSec Wireless Professional (OSWP) certification validates practical wireless penetration testing skills, including WPA/WPA2, WPA Enterprise, WPS, and wireless network attacks.

The OffSec Wireless Professional (OSWP) certification validates practical wireless penetration testing skills, including WPA/WPA2, WPA Enterprise, WPS, and wireless network attacks.

wwwtree-redteam is an enhanced version of wwwtree that automatically generates multiple Windows, Linux, and Python payload delivery commands while hosting an entire directory over HTTP or HTTPS.

The OffSec Experienced Penetration Tester (OSEP) certification validates advanced offensive security skills in realistic enterprise environments.

An interactive Web Security Attack Surface Map covering 88 attack vectors across discovery, authentication, injection, access control, API, data, and infrastructure security.

Port Forwarding and Pivoting with Chisel and Ligolo-ng Disclaimer This post is for authorized security testing and lab environments only. Only use these techniques on systems you own or have expl...

How default 404 pages expose backend technologies, and how my tool 404-Fingerprint automates this fingerprinting process.

Summary of my responsible disclosure work reporting reflected XSS and open redirect issues (CVE-2021-32478) across education and learning sites worldwide, coordinated via Open Bug Bounty.

Understand the relationship between Red, Blue, and Purple Teams in cybersecurity, how offense and defense work together to strengthen an organisation’s detection, response, and resilience.
NTLM Hash Capture via Legacy WAX File - Lab Demonstration This lab scenario explores the capture of NTLMv2 hashes using a legacy WAX file combined with Responder for hash poisoning. The technique ...

Summary of my responsible disclosure work reporting open redirect issues (CVE-2025-4123) that I reported