This repository contains offensive security techniques documented for authorized CTF (Capture The Flag) competitions, security research, and education. The techniques described — including exploitation, injection, cryptographic attacks, and reverse engineering — are intentionally offensive in nature. That is the purpose of the project.

Please report the following via GitHub Security Advisories:

• Leaked credentials or PII — Real API keys, passwords, tokens, or personally identifiable information accidentally included from writeup sources
• Malicious links — URLs pointing to live malicious infrastructure rather than CTF challenge servers
• Payloads targeting real infrastructure — Examples that reference production systems, real IP addresses, or non-example domains (outside of example.com, attacker.com, etc.)

• Techniques describing how to exploit vulnerabilities — that is the intended content
• Code snippets that perform offensive operations (shellcode, ROP chains, injection payloads, etc.)
• References to real CVEs or public security advisories
• Links to published CTF writeups, tools, or documentation

Users of these materials are expected to apply them only in:

• CTF competitions
• Authorized penetration testing engagements
• Security research with proper authorization
• Educational and training environments

Misuse of these techniques against systems without authorization is illegal and unethical.