// professional security reference platform
ADRunners
Active Directory Exploitation

The most comprehensive AD attack reference — from enumeration to forest compromise. Every technique, tool and command for authorised red team operations.

  • Kerberos — AS-REP, Kerberoasting, delegation, noPAC
  • Credential access — NTLM relay, Shadow Credentials, LAPS
  • AD CS — ESC1 through ESC17 attack chains
  • Lateral movement — PTH, PTT, coercion, trust abuse
  • Azure AD — hybrid attacks, MSOL → DCSync, PRT theft
  • Interactive command generator — 100+ auto-fill commands
Enter ADRunners
WebRunners
Web Security & Bug Bounty

Professional web vulnerability reference for bug bounty hunters. 20 vulnerability classes with payloads, bypasses, exploit chains and real bounty examples.

  • Injection — SQLi, XSS, SSTI, SSRF, XXE, SSTI, LFI
  • Auth — JWT, OAuth 2.0, 2FA bypass, IDOR
  • Advanced — HTTP smuggling, cache poisoning, deserialization
  • GraphQL, race conditions, prototype pollution
  • File upload, subdomain takeover, open redirect chains
  • WAF bypass techniques + real CVE / bounty examples
Enter WebRunners
RevRunners
Reversing & Binary Exploitation

From assembly fundamentals to kernel exploitation. Complete reference for binary analysis, CTF pwn, and vulnerability research — static, dynamic and exploit dev.

  • Tools — Ghidra, IDA, GDB/pwndbg, Frida, radare2
  • Static & dynamic analysis workflow
  • Stack BOF, ROP chains, format strings, heap exploitation
  • Kernel pwn, Windows exploitation, anti-analysis
  • Fuzzing — AFL++, LibFuzzer, symbolic execution (angr)
  • CTF templates + pwntools boilerplate + syscall tables
Enter RevRunners
100+
AD Commands
20
AD Techniques
20
Bug Classes
ESC17
AD CS Coverage
13
Rev Topics
3
Platforms