Our great sponsors
-
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
ghidra-scripts
A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
choose your wordlists carefully, as rockyou.txt won't work everywhere magically*
Kali Linux is fantastic but there are alternatives like Black-Arch
Use PrivEsc tools such as linpeas to quickly hack you way in
Use PrivEsc tools such as linpeas to quickly hack you way in
most CTFs can be achieved using only Gobuster, Nmap, and reverse shells, but others require more advanced approaches like reverse engineering with Ghidra