cropped cropped cybersecwriteupslogo.png
  • VAPT
  • Red Teaming
  • Tools & Scripts
  • Active Directory Pentesting
  • Pentesting Fundamentals
  • Google Dorking
  • VAPT
  • Red Teaming
  • Tools & Scripts
  • Active Directory Pentesting
  • Pentesting Fundamentals
  • Google Dorking
Category: Tools & Scripts
Red Teaming

Load Testing and Controlled DoS Assessment During Red Team Assessments

📅 May 29, 2026 ✏ khukuririmal

Red Team engagements extend beyond identification of traditional exploitation paths such as authentication bypasses, injection flaws, exposed assets, or privilege escalation. Organizations increasingly depend on application resilience, API stability, and infrastructure availability…

Read writeup
Pentesting Fundamentals

Stealth Network Recon: Differentiating Network Devices & Servers Using Native Command-Line Utilities

📅 February 25, 2026 ✏ khukuririmal

In modern enterprise environments, aggressive network scanning is no longer always practical or permitted. Mature organizations deploy IDS/IPS systems, EDR solutions, and strict change-control policies that quickly flag noisy reconnaissance or scanning…

Read writeup
Pentesting Fundamentals

Creating a Bootable Kali Linux USB for Professional Pentesting

📅 January 10, 2026 ✏ khukuririmal

Kali Linux is the industry-standard operating system for penetration testing, red teaming, and security research. While Kali can be installed on a laptop or run inside a virtual machine, a bootable Kali…

Read writeup
Pentesting Fundamentals

Downloading Files in Windows via CLI – Native Techniques Every Pentester Should Know

📅 January 7, 2026 ✏ khukuririmal

In real-world penetration testing, red teaming, and internal security assessments, professionals frequently operate in environments where installing tools is restricted or outright blocked. Corporate endpoints, jump servers, and internal VDIs are often…

Read writeup
Pentesting Fundamentals

Building Portable Static Binaries for Pentesting, Red Teaming & Active Directory Assessments

📅 January 4, 2026 ✏ khukuririmal

In an ideal pentesting setup, installing tools is trivial cloning a GitHub repository, installing dependencies, resolving errors, and carry the activities. Security testers often, more increasingly now come across the below: In…

Read writeup
Pentesting Fundamentals

Nmap in Internal Networks: A Practical Port-Based Cheatsheet for VAPT & Red Teaming

📅 December 26, 2025 ✏ khukuririmal

Inside an enterprise network, the attack surface extends far beyond web servers and Active Directory. Switches, printers, scanners, remote administration tools, virtualization platforms, and legacy services often expose ports that are overlooked…

Read writeup
Tools & Scripts

Application VAPT in Hardened Systems – Without Installing Tools

📅 December 20, 2025 ✏ khukuririmal

A Practical Approach for Banking, Internal, and Regulated Environments In an ideal world, a security tester would always be provided with a fully privileged testing machine, complete with the freedom to install…

Read writeup
Pentesting Fundamentals

Browser Extensions in VAPT: Turning Your Browser into a Lightweight Pentesting Arsenal

📅 December 18, 2025 ✏ khukuririmal

Modern Vulnerability Assessment and Penetration Testing (VAPT) is no longer limited to heavyweight scanners and complex toolchains. A significant amount of reconnaissance, validation, and even exploitation can be performed directly from the…

Read writeup
Active Directory Pentesting

Purple Knight: A Modern Active Directory Security Health Check for Hybrid Enterprises

📅 December 18, 2025 ✏ khukuririmal

Active Directory (AD) remains the backbone of identity, authentication, and authorization in most enterprise environments. Despite years of awareness around AD attacks—Kerberoasting, Pass-the-Hash, ACL abuse, delegation misconfigurations—many organizations still operate with legacy…

Read writeup
Tools & Scripts

Top 20 Useful Burp Suite Extensions for Web Application Pentesting

📅 December 17, 2025 ✏ khukuririmal

Burp Suite has become the de facto toolkit for security professionals assessing web applications. While the core product is powerful on its own, its real strength lies in its extensibility. The Burp…

Read writeup

YouTube

Subscribe on YouTube

Recent Posts

  • The New HTTP QUERY Method Explained: What It Might Mean for APIs and Application Testing
  • Top 20 Mobile Application Vulnerability Chaining Scenarios Every Pentester Should Know
  • Bluetooth Enumeration & GATT Analysis: A Practical BLE Security Assessment with TP-Link UB500 & Flipper Zero
  • Bluetooth Pentesting Lab Setup Guide: Building Your First BLE Security Lab with TP-Link UB500 and Flipper Zero
  • Routing Pentesting Tool Traffic Through Burp Suite: A Practical Upstream Proxy Lab

Recent Comments

  • Bluetooth Enumeration & GATT Analysis: A Practical BLE Security Assessment with TP-Link UB500 & Flipper Zero - Cyber Security Writeups on Bluetooth Pentesting Lab Setup Guide: Building Your First BLE Security Lab with TP-Link UB500 and Flipper Zero
  • Sandip Parane on JavaScript File Analysis in VAPT: An Overlooked Goldmine for High-Impact Findings
  • HariHacks on Redefining the Traditional Black Box Web Application VAPT Approach

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • About
  • Contact
  • Disclaimer
  • Privacy Policy
    © 2026 Cyber Security Writeups · authorized testing only
    • About
    • Contact
    • Disclaimer
    • Privacy Policy