Recon-ng: Modular OSINT Framework — Part 1 (Setup & Workspaces)
Part 1 of the Recon-ng walkthrough — install, the workspaces architecture, the marketplace, API keys, and your first lab module on ex...
OWASP Amass: Subdomain Enumeration & Attack Surface Mapping
A practical guide to OWASP Amass — passive & active subdomain enumeration, attack-surface mapping, API integrations, and visualizatio...
Linux Privilege Escalation: LinPEAS, LinEnum & LES Enumeration
A practical guide to the four most important Linux privilege escalation enumeration tools — LinPEAS, LinEnum, Linux Exploit Suggester...
Maltego: OSINT Link Analysis & Footprinting for Pentesters
A practical guide to Maltego — the de facto OSINT link-analysis platform. Covers entities, transforms, marketplace integrations, a co...
theHarvester: Fast OSINT Recon — Subdomains, Emails & Hosts
A practical guide to theHarvester — the Swiss army knife of fast external reconnaissance. Covers install, sources, API keys, and comp...
Linux Privilege Escalation Tools — Part 2: Traitor, LES & Kernelpop
Part 2 of the Linux Privilege Escalation series — Traitor, LES, and Kernelpop for automated exploitation in CTF labs and authorized e...
Netdiscover: Ανακάλυψη Hosts με ARP Discovery σε Penetration Testing
Πρακτικός οδηγός για το Netdiscover, το εργαλείο ARP-based host discovery: εγκατάσταση, παραδείγματα σε εργαστηριακό δίκτυο, blue-tea...
Osintgram: Instagram OSINT for Self-Exposure Assessment
A lawful, ethics-first guide to Osintgram — the Instagram OSINT tool — for self-exposure assessment and security awareness training....
Fsociety Hacking Tools Pack: All-in-One Pentest Framework for Lab
A practical guide to the Fsociety Hacking Tools Pack — what it bundles, how it maps to the kill chain, lab-only use, and when to grad...
Infoga: Email Harvesting & OSINT Enrichment for Pentesters
A practical guide to Infoga — a focused OSINT tool for email harvesting and breach-database enrichment. Covers install, usage, and la...
Netdiscover: ARP Host Discovery for Penetration Testing
A practical guide to Netdiscover for ARP-based host discovery during authorized internal penetration tests and lab exercises — includ...
Penetration Test Walkthrough: From Old Password to Root Shell
A full black-box CTF lab walkthrough — Nmap recon, Brainfuck-decoded credential, Usermin login, reverse shell, capability abuse, and...










