ofensive-playbook

HackTheBox — Writeups Collection A collection of HackTheBox m...

Wa3r-OffSec-Kit

🔐 Wa3r-OffSec-Kit - Practical Security Tools and Notes !Dow...

vulnhub-machines-writeups

vulnhub-machines-writeups Collec...

Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

Pentesting-Portfolio

🔐 Pentesting Portfolio Colección personal de writeups detalla...

ctf-writeups

No d...

Exploit for Improper Restriction of XML External Entity Reference in Wordpress

TryHackMe Writeups and Walkthroughs This repository contains...

Exploit for CVE-2025-65409

VulnerabilityDisclosures Personal vulnerability advisories a...

ExploitReport

The Exploit Report — Portfolio React A single-page React si...

Vulnlab

It is an offensive tool for learning and documentation. This rep...

CTFium

This is a collection of CTF Capture The Flag writeups by PersianCats. It is a repository of technical writeups for various CTF challenges from different events. The writeups cover a range of topics, including exploitation of vulnerabilities, reverse engineering, and binary analysis. The repositor...

HEVD-Exploits

HEVD-Exploits We will exploit HEVD vulner...

Exploit for Out-of-bounds Write in Debian Debian_Linux

awesome-browser-exploit Share some useful archives about browser exploitation. I'm just starting to collect what I can found, and I'm only a starter in this area as well. Contributions are welcome. Chrome v8 Basic v8 github mirrordocs withingithub on-stack replacement in v8article // multiple...

CRAKEN: Cybersecurity LLM Agent with Knowledge-Based Execution

Large Language Model LLM agents can automate cybersecurity tasks and can adapt to the evolving cybersecurity landscape without re-engineering. While LLM agents have demonstrated cybersecurity capabilities on Capture-The-Flag CTF competitions, they have two key limitations: accessing latest...

ab4yss-wr4iteups

ab4yss-wr4iteups Hi,...

vAPI - Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHP MySQL PostMan MITM Proxy Installation Docker docker-compose up -d Installation Manual Copying the Code cd git clone...

Pwn Write-ups

RE: 从零开始的 Pwn 世界之旅...

Pwnable.kr-CTF-Writeups

This repository contains writeups for a CTF Capture The Flag challenge called Pwnable.kr. The challenge involves exploiting vulnerabilities in various programs to obtain flags. The repository includes four writeups: 1. FD: This writeup involves exploiting a file descriptor vulnerability in a...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE 2021-3156 How to pwn py...

ctfs-1

This repository contains notes and code on past CTF Capture The Flag challenges, with a focus on web, crypto, and realistic challenges. The repository is organized into several sections, each covering a different type of challenge. The web section includes write-ups on various web-based challenge...