My Notes

A collection of my research, thoughts, and study notes on cybersecurity.

Active Directory Exploitation

Common attack paths and techniques for compromising Active Directory environments, including Kerberoasting and Pass the Hash.

Active Directory Kerberos Red Team
Read Note →

Cross-Site Scripting (XSS) Deep Dive

Exploring the differences between Stored, Reflected, and DOM-based XSS, with code examples and mitigation strategies.

Web Security XSS JavaScript
Read Note →

Linux Privilege Escalation

A checklist of common misconfigurations to look for when escalating privileges on a Linux system, from SUID binaries to cron jobs.

Linux Privilege Escalation CTF
Read Note →

Network Traffic Analysis

Using Wireshark to capture and analyze network packets, identifying protocols, and detecting suspicious activity.

Networking Wireshark Blue Team
Read Note →

Reverse Engineering Fundamentals

An introduction to the tools and techniques used to decompile and understand the functionality of binary executables.

Malware Analysis Assembly Ghidra
Read Note →

Cloud Security Misconfigurations

Identifying and exploiting common security flaws in cloud environments, such as public S3 buckets and overly permissive IAM roles.

Cloud Security AWS IAM
Read Note →

Phishing Email Analysis

Deconstructing phishing emails to identify malicious links, spoofed headers, and social engineering tactics.

Email Security Phishing OSINT
Read Note →

Windows Privilege Escalation

Techniques for escalating privileges on Windows, including unquoted service paths, weak registry permissions, and DLL hijacking.

Windows Privilege Escalation Red Team
Read Note →

Cryptography Basics

An overview of fundamental cryptographic concepts, including symmetric vs. asymmetric encryption, hashing, and digital signatures.

Cryptography Encryption Theory
Read Note →