OFFENSIVE CYBERSECURITY STACK ┃ ┣ 📂 Recon & Enumeration ┃ ┣ 📂 OSINT ┃ ┣ 📂 Subdomain Enumeration ┃ ┣ 📂 DNS Analysis ┃ ┗ 📂 Attack Surface Mapping ┃ ┣ 📂 Web Exploitation ┃ ┣ 📂 OWASP Top 10 ┃ ┣ 📂 Authentication Bypass ┃ ┣ 📂 IDOR ┃ ┣ 📂 XSS / SQLi ┃ ┗ 📂 File Upload Bugs ┃ ┣ 📂 API Security ┃ ┣ 📂 Broken Object Level Auth ┃ ┣ 📂 Rate Limiting Bypass ┃ ┣ 📂 Mass Assignment ┃ ┗ 📂 Token Manipulation ┃ ┣ 📂 Network Attacks ┃ ┣ 📂 Port Scanning ┃ ┣ 📂 Service Enumeration ┃ ┣ 📂 SMB / LDAP Attacks ┃ ┗ 📂 MITM ┃ ┣ 📂 Exploitation ┃ ┣ 📂 Metasploit ┃ ┣ 📂 Manual Exploits ┃ ┣ 📂 Privilege Escalation ┃ ┗ 📂 Reverse Shells ┃ ┣ 📂 Post-Exploitation ┃ ┣ 📂 Persistence ┃ ┣ 📂 Lateral Movement ┃ ┣ 📂 Data Exfiltration ┃ ┗ 📂 Covering Tracks ┃ ┣ 📂 Automation ┃ ┣ 📂 Python Scripting ┃ ┣ 📂 Bash ┃ ┣ 📂 Fuzzing ┃ ┗ 📂 Custom Tools ┃ ┗ 📂 Reporting ┣ 📂 Bug Reports ┣ 📂 Risk Severity ┣ 📂 Proof of Concept ┗ 📂 Remediation Advice What do you think should be added? Like & Repost

A step-by-step guide to build your own AI agent. github.com/czl9707/build-you…

Two Anthropic engineers spent 24 minutes exposing every Claude Code feature you didn't know existed. Most people will scroll past this. Don't be most people.

If you’re an IT admin and you’ve never had your internal environment pentested and can’t afford one right now, do this instead: 1. Run Locksmith - fix anything that’s a High risk 2. Run ADeleginator - make sure everyone, authenticated users, domain users and domain computers doesn’t have any unsafe permissions 3. Run ScriptSentry - check for credentials in logon scripts 4. Run PingCastle - check the control paths section. It’s like bloodhound. Look for non-admins that have control paths If you do this, your environment will be much better when you’re done fixing everything.

NEW! FREE! FROM 0 TO OSCP! ratctf.thexssrat.com/oscp

We've launched a new @WebSecAcademy topic on exploiting AI-powered security scanners! Learn how to use indirect prompt injection to steal data, cause damage & trigger exploit chains!

🔵 Blue Teaming Active Directory: EvenMonitor 🔥 Telegram: t.me/hackinarticles ✴ Twitter: x.com/hackinarticles Attackers target AD… defenders must monitor EVERYTHING ⚠️ ⚡ Defense Highlights 🔍 Monitor AD events & suspicious logins 📊 Track user/group/permission changes 🚨 Detect privilege escalation & lateral movement 🧠 Identify abnormal behavior patterns 🛡️ Improve visibility across domain 💡 Active Directory monitoring = continuous tracking of accounts, permissions & activities to detect threats early () ⚠️ Without proper monitoring → attacks stay invisible until domain compromise 📖 Article: hackingarticles.in/blue-team… #cybersecurity #blueteam #activedirectory #soc #threathunting #infosec

Incorporating AI In Herding: A 23-year-old graduate of JKUAT is this year's winner of Red Bull basement Kenya national finals, beating 14 other finalists in Nairobi. #NTVWeekendEdition @Karanja_Ibrah

Curated awesome-list for Wazuh (open-source SIEM/XDR) — deployment, rules, integrations, SOAR, compliance github.com/TTlab-Research/aw…

🚨 BREAKING: Claude can now build your entire resume and LinkedIn profile for free. I used it and started getting interview calls within 3 days (including Google and Amazon). Here are 12 Claude prompts you should try before applying to any job: (save this)

Open source cloud penetration testing tool github.com/BishopFox/cloudfo…

Next-gen headless web crawler github.com/projectdiscovery/…

We have managed to uncover Traffic (Minor Offences) Rules and the charges motorists face following the rollout of the new NTSA Instant Fines system. Save the thread below:

The Africahackon program has been running for a year and a few months now and have to say its amazing to see most students graduate. The program is not easy, hasnt been and wouldnt be but lots of people have been able to go through it coming from diverse backgrounds. From Digital Marketing, Legal, Healthcare to being able to do a cyber security audit and run exploits against a target, Pentest mobile applications and understand threat intelligence. I know we pushed you to the edge for the past 6 months but glad to see you have been able to graduate. Get out to the world and show your cyber skills set. This is just the beginning and only way to keep going it practice, practice, practice

🚀 I'm releasing AndroHunter-v, my on-device Android security toolset developed for bug hunters. 17 modules. No root required. Works on Android 10 . 👉 github.com/ynsmroztas/AndroH… #bugbountytip #bugbountytips #infosec #recon #Android #PenTest

Curated list of threat intelligence resources github.com/hslatman/awesome-…

Cybersecurity Resources for different domains github.com/m14r41/Pentesting…

Homelab with Active Directory and SIEM for security training github.com/0xMR007/Lab4Purpl…

OSINT CTFs List of Capture The Flag platforms that will help you improve your #OSINT skills: OSINT Industries CTF TryHackMe Hacktoria Diver OSINT CTF Maltego Community CTF Gralhix (Sofia Santos) OSINT Analysis & Exercises UK OSINT CTF and others. github.com/ubikron/OSINT-CTF…