Quick navigation to security operations guides: analysis, penetration testing, forensics, and defensive security.
ποΈ Main Domains
π¬ Analysis SOPs
Understanding threats, reverse engineering, cryptographic analysis, and AI/ML security research.
- Malware Analysis β Static/dynamic analysis, IOC extraction
- Reverse Engineering β Disassembly, decompilation, protocol analysis
- Cryptography Analysis β Crypto implementation audit, weakness discovery
- Hash Generation β File integrity verification, forensic hashing
- Forensics Investigation β Evidence collection, incident response, timeline analysis
- AI/ML Vulnerability β Adversarial attacks, prompt injection, model extraction
π Pentesting SOPs
Security assessments across infrastructure, applications, and offensive research.
Infrastructure & Systems
- Linux Pentesting β Privilege escalation, kernel exploits
- Active Directory Pentesting β Kerberos attacks, domain compromise
Applications & Devices
- Web Application Security β OWASP Top 10, SQLi, XSS
- Mobile Security β iOS/Android app analysis, API testing
- Firmware Reverse Engineering β IoT, embedded devices, bootloader bypass
Offensive Research
- Vulnerability Research β 0-day discovery, exploit development
- Bug Bounty Methodology β Reconnaissance, vulnerability chaining, disclosure
- Detection Evasion β AV/EDR/SIEM bypass techniques
π― Quick Start
By Task
| I need to⦠| Go to |
|---|---|
| Analyze suspicious binary | Analysis β Malware Analysis |
| Test web application | Pentesting β Web Application Security |
| Compromise Windows domain | Pentesting β AD Pentesting |
| Find vulnerabilities | Pentesting β Vulnerability Research |
| Investigate incident | Analysis β Forensics Investigation |
| Bypass detection | Pentesting β Detection Evasion |
| Analyze encrypted protocol | Analysis β Reverse Engineering |
| Test mobile app | Pentesting β Mobile Security |
| Test AI/ML system | Analysis β AI/ML Vulnerability |
By Workflow
Incident Response:
- Forensics Investigation β collect evidence
- Malware Analysis β analyze threats
- Reverse Engineering β deep analysis if needed
Penetration Test (External):
- Bug Bounty Methodology β reconnaissance
- Web Application Security β identify vulnerabilities
- Detection Evasion β bypass defenses
Red Team Operation:
- Detection Evasion β establish persistence
- AD Pentesting β lateral movement
- Linux Pentesting β server compromise
- Forensics Investigation β document attack chain
APT Investigation:
- Forensics Investigation β collect evidence
- Malware Analysis β analyze attacker tools
- Reverse Engineering β understand custom malware
- AD Pentesting β trace lateral movement
βοΈ Legal & Authorization
Before any assessment:
- Written authorization from system owner
- Scope clearly defined (in-scope vs. out-of-scope)
- Testing window documented
- Incident response contact provided
- Data handling agreements signed
Key frameworks:
- CFAA (Computer Fraud and Abuse Act) β U.S. anti-hacking law
- GDPR β Data protection in EU
- Authorization required β Never test without permission
Responsible disclosure:
- Report vulnerabilities to vendor first
- Allow 90 days for remediation
- Coordinate public disclosure with vendor
π§° Essential Tools
Multi-Domain: Ghidra, IDA Pro, Radare2, VirusTotal, YARA, Metasploit, Burp Suite, Wireshark, Nmap
Analysis: Any.run, x64dbg, WinDbg, OpenSSL, HashCat, CyberChef
Pentesting: Cobalt Strike, BloodHound, Bettercap, tcpdump
AI/ML Security: Garak, CleverHans, Adversarial Robustness Toolbox
Linux: LinPEAS, pspy, GTFOBinsβ¦
Windows/AD: Mimikatz, Rubeus, PowerView, SharpHound
Web: SQLMap, XSStrike, Nuclei, ffuf
Mobile: Frida, objection, Apktool, jadx
See individual SOP pages for detailed tool lists.
π Evidence & Reporting
Evidence collection standards:
- Calculate SHA-256 hashes immediately
- Screenshot with visible timestamps
- Capture network traffic (PCAPs)
- Maintain chain of custody documentation
- Document all commands and actions
Report structure:
- Executive Summary
- Scope & Methodology
- Findings (by severity)
- Evidence (screenshots, POCs)
- Recommendations (prioritized)
Severity ratings (CVSS):
- Critical (9.0-10.0) β RCE, auth bypass
- High (7.0-8.9) β Privilege escalation, data exposure
- Medium (4.0-6.9) β Information disclosure, CSRF
- Low (0.1-3.9) β Misconfiguration, verbose errors
π Resources
External References:
Training Platforms:
- HackTheBox β Penetration testing labs
- TryHackMe β Guided security training
- PortSwigger Web Security Academy
Certifications:
- OSCP β Offensive Security Certified Professional
- GPEN β GIAC Penetration Tester
- GREM β GIAC Reverse Engineering Malware
- GCFA β GIAC Certified Forensic Analyst
Navigation: π Home | π¬ Analysis | π Pentesting | π Investigations