Welcome to z-r0crypt

Not sure where to begin? This page guides you to the most relevant content based on your interests.

I’m Preparing for OSCP (PEN-200)

Best starting point: Foundation building, Linux privilege escalation, network penetration testing

Recommended reading order:

  1. Cryptography Fundamentals

  2. Linux Post-Exploitation

  3. Methodology & Planning

Estimated time: 2-3 hours reading + practice labs

I’m Preparing for OSWE (Web-300)

Best starting point: Web application security, exploit development, code review

Recommended reading order:

  1. Web Security Fundamentals

  2. OSWE/AWAE Preparation Guide

  3. Advanced Concepts

Estimated time: 3-4 hours reading + hands-on AWAE lab

I’m Preparing for OSEP (PEN-300)

Best starting point: Red teaming, advanced exploitation, active directory attacks

Recommended reading order:

  1. Start with the Curated List

  2. Tool Development

  3. Cryptography Deep Dive

Estimated time: 4-5 hours reading + HTB practice

I’m Interested in Web Application Security

Best starting point: Understanding vulnerabilities, code review, exploitation techniques

Recommended reading order:

  1. Understanding Dangerous Patterns

  2. OSWE Preparation (Advanced)

  3. Related Posts in Category

I’m Interested in Cryptography

Best starting point: Cryptography theory, practical applications, attacks

Recommended reading order:

  1. Start with Fundamentals

  2. Advanced Topics

  3. Explore More

Why read these? Stanford’s Cryptography I course by Dan Boneh is industry-leading. These notes summarize the essentials and explain practical implications.

I’m Learning to Reverse Engineer & Exploit

Best starting point: Assembly, binary exploitation, CTF challenges

Recommended reading order:

  1. Get Hands-On with Challenges

  2. Complement with Theory

I’m Interested in Red Teaming & Post-Exploitation

Best starting point: Tool development, practical techniques, attack chains

Recommended reading order:

  1. Practical Tool Deep-Dive

  2. Attack Chain Planning

  3. Explore More

I Want a Full Reading Path

Complete learning journey (in order):

  1. Foundations (2 weeks)

    • Cryptography I - Week 1
    • Cryptography I - Week 2 Part 1
    • Dangerous PHP Functions

  2. Intermediate (2 weeks)

    • Cryptography I - Week 2 Part 2
    • OSWE/AWAE Preparation
    • SSSD-Extract Tool

  3. Hands-On (ongoing)

    • Microcorruption CTF Tutorial (practice)
    • HTB Machines for OSEP (practice with real machines)

  4. Advanced (as you progress)

    • All Red Team posts
    • All Web Security posts

All Posts by Category

  • Red Team — Penetration testing, post-exploitation, adversarial techniques
  • Web Security — Web application exploitation and defense
  • Cryptography — Cryptographic theory and attacks
  • Exploit Development — Building and understanding exploits
  • CTF — Capture the flag walkthroughs and techniques
  • Tools — Open-source security tools and utilities

How to Use This Site

  • Browse by category — Find content related to your specific interest
  • Read the posts — Each post is self-contained and thoroughly researched
  • Follow the recommendations above — If you’re prepping for a cert, follow the reading path
  • Explore tags — Click tags to find related content across posts
  • Check back regularly — New posts are added regularly covering emerging topics

Questions?

Found an error? Have a topic suggestion? Want to discuss something?

Happy learning!