Cybersecurity
Knowledge Base
A curated atlas of 288 notes across 17 branches — organized by learning phase, from foundational substrate to specialty operations. Each note is atomic, with attacker/defender duality, references, and links to playbooks that turn it into action.
Read it in order. Each phase is the prerequisite for the next.
Start at 00 · Orientation for the vocabulary. Walk through Substrate → Paired → Operator → Specialty. ★ Always-on (privacy, OPSEC) threads through everything.
Orientation
Mental models, the CIA triad, and threat modeling — the language you'll use everywhere else.
Substrate
Networking, cryptography, browser trust, OS behavior. The substrate that every attack and defense touches.
Cryptography
Hashes, encryption, signatures, key exchange, TLS/PKI, password storage, and token correctness.
ExploreNetworking
Reachability, HTTP, proxies, DNS, TLS, and packet-level observation.
ExploreWeb Security
Browser behavior, sessions, access control, and server-side exploit patterns.
ExplorePaired
Attack and detection as paired thinking. Every offensive primitive has a defensive signature; learn them together.
Operator
Recon, exposure mapping, privilege escalation, and the practical workflows of an offensive operator.
Attack Surface Mapping
What is exposed, reachable, discoverable, and drifting from intended design.
ExploreOSINT
Public-source collection, evidence quality, and ethical handling of clues.
ExploreLinux Privilege Escalation
Local boundary failures, enumeration, and safe escalation hypothesis testing.
ExploreSecurity Playbooks
Repeatable procedures for turning concepts into practical tests.
ExploreSpecialty
Pick what your job demands: cloud, identity, DevSecOps, wireless, binary exploitation, API security.
Wireless Security
Wi-Fi frames, handshakes, rogue access points, and local-network MITM.
ExploreAPI Security
Authorization, token trust, inventory drift, and machine-readable abuse.
ExploreCloud Security
IAM, metadata, storage, network boundaries, secrets, and logging controls.
ExploreDevSecOps
Secure delivery, CI/CD hardening, supply chain, secrets, and release trust.
ExploreIdentity & Active Directory
Kerberos, BloodHound graph analysis, DCSync, and AD attack-path engineering across offense and defense.
ExploreBinary Exploitation
Memory corruption, stack and heap overflows, exploit mitigations, reverse engineering, and the modern exploitation arms race at the binary level.
ExploreAlways-on
Privacy, anonymity, OPSEC. Practice continuously — these aren't a phase, they're a posture.
Cross-Site Scripting (XSS)
XSS happens when attacker-controlled input is rendered in a browser context in a way that causes the browser to interpret it as executable code instead of inert...
Reference registries
The registries keep citations normalized behind the learning branches, so atomic notes stay compact and high-signal.