Real-world infosec notes, methodologies, and daily resources — contributed by practitioners, for practitioners.
Knowledge should be free, accessible to all, and in one place.
| Directory | Contents |
|---|---|
| ai-agents/ | Agent hijacking, indirect injection, tool poisoning, MCP attacks, memory poisoning, multi-agent lateral movement |
| ai-security/ | LLM attacks, jailbreaking, data poisoning, model extraction, OWASP LLM Top 10 |
| ics-security/ | SCADA/PLC attacks, Modbus/DNP3/EtherNet-IP exploitation, critical infrastructure incidents |
| Directory | Contents |
|---|---|
| active-directory/ | AD attack paths, enumeration, LAPS/PAM abuse |
| enumeration/ | Port-by-port enumeration (SSH, SMB, DNS, LDAP, HTTP...) |
| pentest/ | Methodology, tools reference, checklists |
| privilege-escalation/ | Linux & Windows escalation techniques |
| post-exploitation/ | File transfer, pivoting, tunnelling |
| red-teaming/ | TTPs, Cobalt Strike C2, AV bypass, covert infra |
| web-hacking/ | SQLi, XSS, SSRF, SSTI, IDOR, JWT, CORS, command injection |
| android-hacking/ | Frida, objection, SSL pinning bypass, GDB remote debug |
| mobile/ | iOS hacking, mobile application testing |
| cloud-hacking/ | AWS, GCP, Azure attack surface |
| exploitation/ | x86 exploitation, CPU internals, virtual memory |
| reverse-engineering/ | ELF, crackmes, disassembly, x86 architecture |
| malware/ | Shellcode execution, process injection, maldev-reloaded |
| covert-infrastructure/ | VPN setup, covert C2 infrastructure |
| wi-fi-hacking/ | WEP/WPA attacks |
| radio-frequency/ | RF hacking techniques |
| hardware-hacking/ | Firmware extraction, hardware exploits |
| macos-hacking/ | macOS security research |
| Directory | Contents |
|---|---|
| soc/ | SOC analyst notes, detection |
| incident-response/ | IR playbooks |
| forensics/ | Digital & network forensics |
| threat-hunting/ | Threat hunting techniques |
| auditing/ | Windows auditing mindmap |
| compliance/ | Risk assessment frameworks |
| vulnerability-analysis/ | Vulnerability research notes |
| Directory | Contents |
|---|---|
| osint/ | OSINT collection techniques |
| cryptography/ | Theory, LFSR, applied crypto |
| steganography/ | Steg techniques |
| programming/ | C, C++, Python, Nim, Assembly, algorithms |
| linux/ | Linux commands, troubleshooting |
| thin-client-testing/ | Thin client & kiosk testing |
| resources/ | Community-submitted links by category |
| feeds/ | Auto-generated daily: news + CVEs + tools |
A GitHub Action runs at 06:00 UTC every day and commits a digest to feeds/YYYY-MM-DD.md:
- Security news — SANS ISC, The Hacker News, Schneier on Security, PortSwigger Research
- Critical CVEs from NVD
- New tool releases — KitPloit, GitHub trending security repos
→ Open a resource submission issue
Fill in the form — the bot reads it, appends your link to the right category file under resources/, and closes the issue automatically.
Scanned and optimized with distill-llm:
Before 2.9M tokens $8.84/session (1473% of Claude context)
After 176k tokens $0.53/session (88% of context)
pip install distill-llm && distill scan --path .MIT — use it, share it, improve it.