Port 80 is open. Now what?
A practical route through headers, technologies, hidden paths, virtual hosts, and the assumptions worth checking first.
ARCHIVE ONLINE
WRITEUPS / LAB NOTES / FAILURES
No perfect hindsight. These notes keep the failed commands, wrong assumptions, and useful corrections.
The featured field note is live. The remaining cards are sample drafts and will be replaced by real, sanitized writeups one by one.
01 // FEATURED WRITEUP
A practical route through headers, technologies, hidden paths, virtual hosts, and the assumptions worth checking first.
ZPX-RECON-002 07 MIN
Why a version string is the beginning of investigation—not permission to fire every exploit you can find.
ZPX-CLI-003 05 MIN
The flags and small patterns I reach for while filtering URLs, command output, logs, and evidence.
ZPX-WEB-004 09 MIN
A manual-testing mindset for changing one thing at a time and keeping evidence that actually explains the result.
ZPX-AD-005 12 MIN
A lab-first map of users, groups, hosts, relationships, and why random commands do not become methodology.
ZPX-OPS-006 04 MIN
The short checklist that keeps practice legal, controlled, and useful before the first packet leaves your machine.
02 // PUBLISHING RULE
The first real entry goes live when the testing, evidence, and explanation are strong enough to help someone.
RETURN HOME →