← Back to Terminal

Operations · 2026

Recon &
Vulnerability_

A 14-stage ledger for testing methodology, target evaluation, and vulnerability research notes — worked in order, based on how I learnt. This is not a full guide, but a personal reference for my own learning journey.And an intro to cybersecurity concepts.

1/14 Modules Declassified

7% Path Complete

Clearance Lvl 1

CH 01 — Declassified CH 14 — Final Clearance

Core Roadmap Ledger

How the web works

Requests, DNS, clients & servers — the foundation layer.

Declassified ↗

HTTP deep dive + DevTools practice

Headers, methods, status codes & the network panel.

Declassified ↗

Cookies, sessions, auth tokens & JWTs

How the web remembers who you are.

Declassified ↗

APIs, REST & the modern web

Endpoints, payloads, and how front and back ends talk.

Declassified ↗

OWASP Top 10 overview + threat model

Mapping the landscape before hunting in it.

Declassified ↗

Burp Suite setup & workflow

Proxying, intercepting, and repeating requests.

Declassified ↗

XSS — theory, labs & DVWA

Stored, reflected, DOM — and where each one bites.

Declassified ↗

SQL Injection — theory, labs & sqlmap

From a single quote to a full database dump.

Declassified ↗

IDOR & access control

When changing an ID in the URL changes everything.

Declassified ↗

CSRF & authentication bugs

Forged requests and broken login flows.

Declassified ↗

SSRF & business logic

Bugs in the rules, not just the code.

Declassified ↗

Recon methodology

Mapping a target before touching it.

Declassified ↗

Real targets + hunting checklists

Taking the lab skills to live scope.

Declassified ↗

Writing reports that get paid

Final Clearance — turning a finding into a payout.

Declassified ↗