This repository documents my learning journey in ethical hacking, web security, and bug bounty hunting. All work is performed on legal labs and authorized platforms only.
- Master web security fundamentals
- Practice ethical hacking legally
- Build a strong security portfolio
- Prepare for cybersecurity employment and bug bounty programs
- Networking fundamentals
- Linux basics
- HTTP & web protocols
- OWASP Top 10
- Authentication & authorization flaws
- SQL Injection, XSS, IDOR, CSRF
- Bug bounty methodology
- Tooling (Burp Suite, curl, nmap)
- PortSwigger Web Security Academy
- OWASP Juice Shop
- DVWA
- TryHackMe
- Hack The Box (Academy)
All testing documented here was performed on:
- Intentionally vulnerable labs
- Self-hosted applications
- Platforms that explicitly allow security testing
No real-world systems were tested without permission.
- Kali Linux
- Burp Suite
- curl
- nmap
- Browser DevTools
- Git & GitHub
Actively learning and updating this repository.