Security pentesting cheatsheet, tools for SAST/DAST, learning guides and roadmap, x86 and CVE scripts.
- Recon - CMS, network scan, directories, subdomains, certificate, web tech, secret repos.
- Web - bug bounty related attack methodology and gitbook attack pattern, OWASP methodology.
- Android - Reverse engineering, binary dissassembling, deeplink/secrets , SSL unpinning, frida/adb bridge exploits
- IOS - Hooking, Cydia, reverse engineering, C# disassemble, SSL unpinning
- Docker - Basics, building containers, running code and deploy in cloud.
- Active Directory - Guide, enumeration, attack methodology and post-enumeration
- Wifi - Basics, enumeration, WEP,WPA,WPA2 attack techniques
- API - Testing, secure methodology, REST/GRAPHQL
- Cloud ( AWS , GCP , Terraform(both AWS and GCP)) - Creating containers, configuration of network/user policies and correlate dataflow usecases(Usage of gcli/awscli required)