• Security Practices
  • Transport Security
    • SSL Configuration Testing
    • Setting up SSL
    • Configure SSL for Windows
    • Configure SSL for nginx
  • Firewalls
    • Attack Surface Reduction
    • Configure iptables on Linux
  • Brute force protection
    • Brute force attacks
    • Fail2ban
    • Test Protection
  • Android and APK Analysis
    • Intercepting HTTPS Traffic on Android emulator
    • Setting Up an Android Device for Root Access and HTTPS Traffic Interception via Burp Suite
    • Extract APKs from a physical Android device
  • Web Server Config
    • Setting up Nginx Server
    • Setting up XSSHUNTER
  • Cyber OSINT
    • OSINT TOOLS 2025
    • Advanced OSINT
  • Pentest Tools & Scanning
    • Useful Burp Extensions
    • Metasploit: Scanning a Website with Wmap
    • Greenbone OpenVAS installation
  • Exploitation
    • CVE-2014-6271 (Shellshock)
    • CVE-2007-1860: Double Decoding mod_jk
    • CVE-2016-0792: XStream Deserialization in Jenkins
    • CVE-2016-10033: PHPMailer RCE
    • Pickle Code Execution
    • XMLDecoder Deserialization
    • ECB Cipher Authentication Bypass
    • RCE with PostgreSQL Extensions
  • Cheatsheets
    • Nmap Cheatsheet
    • Tcpdump Cheatsheet
    • Lsof Cheatsheet
    • Web Basics
    • Essential Unix Commands
    • HTTP Requests
    • Wireshark
    • Advanced Nmap scanning