ZZEPHRYX//

INDEX ONLINE

LABS / DOCS / FIELD REFERENCES

Trusted links.
Zero hype.

A small library of resources worth returning to. Curated for action, not bookmark-count flexing.

LIBRARY INDEXR/01
ENTRIES
14
TRACKS
06
COST TO OPEN
₹0
LAST REVIEW
JUL 2026

START HEREIf you are new: Bandit → HTTP basics → Web Security Academy. Take notes while you work.

USE RESPONSIBLYLabs and systems you own or have permission to test.

A useful reference does not replace authorization, scope, or judgment.

01 // RESOURCE INDEX

Find the next useful link.

SHOWING 14
/01
STARTFREE

OFFICIAL / WARGAME

OverTheWire Bandit

A command-line wargame built for absolute beginners.

USE IT FOR

Use it to make Linux navigation, files, permissions, pipes, and SSH feel normal.

BEGINNEROPEN RESOURCE
/02
STARTFREE

OFFICIAL / GUIDE

MDN: HTTP Overview

A clear explanation of requests, responses, clients, servers, and proxies.

USE IT FOR

Read this before trying to understand web vulnerabilities or proxy traffic.

BEGINNEROPEN RESOURCE
/03
STARTFREE

OFFICIAL / DOCUMENTATION

The Python Tutorial

The official language tutorial for people who already know basic programming.

USE IT FOR

Use it when a small script is better than repeating the same task by hand.

BEGINNEROPEN RESOURCE
/04
WEBFREE

OFFICIAL / LABS

Web Security Academy

Free web-security learning material with realistic interactive labs.

USE IT FOR

My first recommendation for learning a web bug, testing it, and proving it safely.

ALL LEVELSOPEN RESOURCE
/05
WEBOPEN

OFFICIAL / METHODOLOGY

OWASP WSTG

A structured framework for testing web applications and services.

USE IT FOR

Use it as a methodology when you need to know what to test and why.

INTERMEDIATEOPEN RESOURCE
/06
WEBOPEN

OFFICIAL / REFERENCE

OWASP Cheat Sheets

Focused defensive guidance for common application-security problems.

USE IT FOR

Open it after finding a weakness so your remediation advice is concrete.

ALL LEVELSOPEN RESOURCE
/07
RED TEAMOPEN

COMMUNITY / FIELD NOTES

HackTricks

A broad community field reference covering many offensive-security topics.

USE IT FOR

Use it to form questions during a lab—not as a substitute for understanding the path.

INTERMEDIATEOPEN RESOURCE
/08
RED TEAMOPEN

COMMUNITY / REFERENCE

PayloadsAllTheThings

A community collection of payload patterns and security-testing references.

USE IT FOR

Use it inside authorized labs after you understand the vulnerability you are testing.

INTERMEDIATEOPEN RESOURCE
/09
RED TEAMOPEN

COMMUNITY / REFERENCE

GTFOBins

Unix-like executables and legitimate functions that can be abused on misconfigured systems.

USE IT FOR

Use it to study living-off-the-land behavior and local privilege boundaries.

INTERMEDIATEOPEN RESOURCE
/10
WINDOWSOPEN

COMMUNITY / REFERENCE

LOLBAS

A catalog of Windows binaries, scripts, and libraries used for living off the land.

USE IT FOR

Use it to understand dual-use Windows behavior and map it back to ATT&CK.

INTERMEDIATEOPEN RESOURCE
/11
WINDOWSFREE

OFFICIAL / DOCUMENTATION

BloodHound Docs

The documentation hub for understanding and using BloodHound.

USE IT FOR

Start here before treating an Active Directory graph like a list of magic attack paths.

INTERMEDIATEOPEN RESOURCE
/12
REFERENCEOPEN

OFFICIAL / KNOWLEDGE BASE

MITRE ATT&CK

A public knowledge base of adversary tactics and techniques grounded in real observations.

USE IT FOR

Use it to connect a technique to behavior, context, data sources, and mitigations.

ALL LEVELSOPEN RESOURCE
/13
REFERENCEOPEN

OFFICIAL / DOCUMENTATION

Wireshark Documentation

User guides, manual pages, display-filter references, and sample captures.

USE IT FOR

Return here when a packet or filter does not behave the way you expected.

ALL LEVELSOPEN RESOURCE
/14
PRACTICEFREE

OFFICIAL / PLATFORM

picoCTF / CyLab Academy

Carnegie Mellon University’s free cybersecurity learning and competition platform.

USE IT FOR

Use it for beginner-friendly practice across several security categories.

BEGINNEROPEN RESOURCE

02 // USE THE LIBRARY

One link. One question. One note.

  1. 01Choose a question

    Know what you are trying to understand.

  2. 02Open the source

    Read enough to form a safe lab action.

  3. 03Do the work

    Test only inside your authorized environment.

  4. 04Write the result

    Keep the command, evidence, and correction.

NEED A PATH FIRST?