Fundamental~5 MIN READ
AWS Misconfigurations
AWS misconfigurations are cloud setup mistakes that expose data, identities, networks, or workloads to unnecessary risk.
Read guide// Wiki
Browse the WYZSec field notes
Search, filter, and sort the full guide library.
Tool~6 MIN READ
Burp Suite
An intercepting proxy and web vulnerability scanner that captures, inspects, and modifies HTTP traffic.
Read guideThreat~5 MIN READ
Cross-Site Scripting (XSS)
Injects malicious scripts into trusted websites to steal session tokens, deface pages, or redirect users.
Read guidePlaybook~5 MIN READ
Incident Response
Incident response is the structured process for identifying, containing, eradicating, and recovering from security incidents.
Read guideFundamental~5 MIN READ
Kill Chain
The kill chain is a model for describing attacker steps from planning through objective completion.
Read guideTool~5 MIN READ
Metasploit
Metasploit is a penetration testing framework used to validate vulnerabilities and simulate attacker techniques.
Read guideThreat~5 MIN READ
MITM
A man-in-the-middle attack intercepts or alters traffic between two parties who think they are communicating directly.
Read guideTool~5 MIN READ
Nmap
The industry-standard network scanner used for host discovery, port scanning, and service fingerprinting.
Read guideThreat~3 MIN READ
Phishing
Social engineering attack that tricks users into revealing credentials or installing malware through deceptive messages.
Read guide