SpellBook#

“Knowledge is power.”

Welcome to SpellBook — a personal knowledge base dedicated to penetration testing, offensive security, and attack research.

This site exists as a structured archive of techniques, experiments, scripts, and methodologies collected throughout my journey exploring how systems break. Much like the spellbooks found in fantasy worlds, this one contains a growing catalog of “spells” — practical techniques used to uncover weaknesses in systems and applications.

The purpose of this project is simple: document everything worth remembering.

What This SpellBook Is#

SpellBook is a living notebook of offensive security knowledge.
Every page is written with the intention of being practical, reproducible, and useful during real-world testing or lab environments.

Inside this collection you will find:

  • Active Directory attack techniques
  • Web application exploitation
  • Attack paths and privilege escalation chains
  • Custom scripts and automation
  • Methodologies used during penetration tests
  • Tool usage and command references
  • Breakdowns of vulnerabilities and exploitation logic

Rather than scattered notes across multiple notebooks, terminals, and markdown files, this project brings everything into one structured reference.

Think of it as a grimoire for penetration testers.

Why This Exists#

In offensive security, knowledge accumulates quickly but is easily forgotten.

A command used six months ago.
A privilege escalation path discovered during a lab.
A bypass technique that worked once but took hours to rediscover later.

Without documentation, valuable discoveries disappear into terminal history.

SpellBook exists to solve that problem by turning knowledge into something organized, searchable, and continuously refined.

Research → Test → Break → Document → Refine

Every technique added here follows this philosophy.

A Living Document#

This project is continuously evolving.

New pages appear as:

  • new techniques are learned
  • new tools are explored
  • old notes are refined
  • attack chains are better understood

Some sections may be incomplete, experimental, or rough around the edges — and that’s intentional.

A spellbook is never truly finished.

Disclaimer#

All content in this knowledge base is intended for:

  • educational purposes
  • security research
  • authorized penetration testing
  • defensive understanding

The techniques documented here demonstrate how systems can be attacked in order to better understand how they should be secured and defended.

Use this knowledge responsibly and only within legal and authorized environments.