Info
Creation Moment: 2025-09-02 @ 13:31
Vendor Agnostic
Do research and publish it
Orange cyberdefense https://sensepost.com/blog
oscp
writing is needed
start speaking english well
burpsuite for websites
presentation 2
OSINT (stalker girlfriends)
MasterDeeds
wigle.net
google dorking
haveibeenpwned (you can use this for OSINT)
gmail & truecaller (ghunt) can find out which services the google account is in
Tools
example
DVWA
OWASP Juice Shop
OWASP top 10
sudo docker run --rm -it -p 80:80 vulnerables/web-dvwa
sudo docker run --rm -it -p 8008:80 vulnerables/web-dvwa (choose your own port, i chose 8008)
cross site scripting
log everything. log everything on your website. harddrives are cheap, just log everything.
use burp suite
virtualbox, start kali linux in a virtual machine. do not run it on bare metal, only run it in a virtual machine. kali.org