Who to thank
Everything in this hub is fueled by other people’s work. If a writeup helped you solve a machine, subscribe to their channels and/or buy them a coffee, not this site.Whitelisted authors
S4vitar
Marcelo Vázquez. Spanish-language videos, step by step, with deep
explanation of the why behind each technique.
El Pingüino de Mario
Spanish-language videos covering each attack vector with a clear
pedagogical approach.
0xdf
The gold standard for written walkthroughs in English. Clean
structure, clear screenshots, copyable commands.
IppSec
YouTube videos covering virtually every retired machine. The
ippsec.rocks search is essential.Proposing a new author
Editscripts/config.py, add the entry to the AUTHORS dict with
its domains, and open a PR explaining why their material is
consistent in quality. Please, no “random Medium list”.
Sources behind the professional content
The sections Methodology, Glossary, AD CS, Cloud, LLM Security, Red Team, and Bug Bounty were built from research at the following sources (cited inline where relevant):PortSwigger Research
James Kettle: Smashing the state machine (race conditions),
HTTP/2 The Sequel is Always Worse, Web Security Academy.
SpecterOps
Will Schroeder, Lee Christensen — Certified Pre-Owned (AD CS),
BloodHound, Certify, Mythic, Empire.
Microsoft Threat Intelligence
Storm-2372 device code phishing, EchoLeak (CVE-2025-32711),
Defender for Identity AD CS sensor.
MITRE ATT&CK
Tactics and techniques framework. Mandatory mapping in 2026
professional reports.
OWASP
Top 10 web, Top 10 API, Top 10 LLM 2025, Cheat Sheet Series,
ASVS, Testing Guide.
HackTricks
Community pentesting wiki. Mandatory lookup before any
AD/Linux/Cloud technique.
Mandiant / Google Threat Intel
M-Trends 2025, UNC2165 / RansomHub cases, AD CS defense.
Rhino Security Labs
Pacu, AWS IAM Privilege Escalation paths, GCPBucketBrute,
GCP IAM PrivEsc.
ProjectDiscovery
subfinder, httpx, nuclei, dnsx — de-facto stack in bug bounty
2026.
OffSec / Hack The Box
PEN-200, OSCP+ 2024, HTB Academy, retired machines.
Unaffiliated.
TrustedSec / harmj0y / ly4k
Certipy, Certify, EKUwu (CVE-2024-49019), continuous AD CS
research.
OWASP Gen AI Project
Top 10 for LLM Applications 2025 — basis of the LLM Security
section.
Other authors worth citing
- Dirk-jan Mollema (dirkjanm.io) — ROADtools, mitm6, Pass-the-PRT, NTLM Relay + delegation research.
- Oliver Lyak (ly4k) — original Certipy, CVE-2022-26923 Certifried.
- Justin Bollinger (TrustedSec) — EKUwu (CVE-2024-49019).
- mr.d0x — Browser-in-the-Browser attack disclosure.
- Florian Roth (Neo23x0) — YARA signature-base, DFIR research.
- chvancooten — NimPlant.
- C5pider — Havoc framework.
- kgretzky — Evilginx2.
- Aim Labs (Aim Security) — EchoLeak disclosure.