Open Source · Community Driven

The Complete
Red Teaming Guide

A comprehensive, beginner-to-advanced resource for penetration testers and red teamers. One website. Everything you need.

Start Learning Star on GitHub

50+ Articles

9 Categories

4 Real Writeups

What's Inside

💻

Server-Side Attacks

SQL Injection, NoSQL, Command Injection, Authentication bypass, JWT, GraphQL, API Testing

🌐

Client-Side Attacks

XSS, CSRF, CORS misconfiguration, Clickjacking, DOM manipulation

📝

Real-World Writeups

Auth Bypass to SSRF, Prompt Injection, RCE via sandbox escape — from actual assessments

🛠

Tools & Techniques

Nmap, Metasploit, Nessus, Google Dorking, Subdomain enumeration, Reverse shells

🎯

CTF Writeups

Solutions and walkthroughs from PicoCTF, TryHackMe, and HackingHub

📈

Learning Roadmap

Structured path from beginner to advanced with difficulty badges on every article

Learning Path

Beginner

Terminologies, OWASP Top 10, HTTP Headers, Cookies, Encoding, Enumeration

Intermediate

SQL Injection, XSS, CSRF, CORS, IDOR, Authentication, Access Control

Advanced

JWT Attacks, GraphQL, NoSQL Injection, RCE, Reverse Shell, AI/LLM Security

Practice

CTF challenges, real-world writeups, hands-on tool usage

Explore Full Roadmap

Built by the community, for the community

Contribute your knowledge. Fix a typo. Add a writeup. Every contribution helps someone learn.

Start Contributing Browse Content

The CompleteRed Teaming Guide