Posts
All the articles I've posted.
-
API Pentesting Cheat Sheet: Hands-On Commands for OWASP API Top 10
A practical command reference for testing API vulnerabilities. Step-by-step techniques for BOLA, JWT attacks, BFLA, SSRF, GraphQL exploitation, and more.
-
API Penetration Testing: OWASP API Security Top 10 (2023) Explained
A practical breakdown of the OWASP API Security Top 10 vulnerabilities, real-world breach analysis, and the methodology I use for API pentesting engagements.
-
Windows Privilege Escalation Guide
A comprehensive reference guide covering Windows privilege escalation techniques for GPEN and penetration testing preparation.
-
Cloud IAM Misconfigurations and Attack Paths: AWS Focus
Understand how cloud IAM failures lead to full environment compromise. Learn common misconfigurations, privilege escalation paths, cross-account attacks, and detection strategies with practical AWS examples.