guest@000a:~$
$ whoami
a hacker. curious, relentless, here to learn.
$ cat /etc/motd
# Welcome. The door is open. Everyone who builds, breaks,
# and learns in good faith has a home here.
$ ./start --learn

Welcome, hacker.

000a.org is a friendly, resilient home for the curious — a place to learn how systems really work, sharpen real skills, and stay current with live security intel. We welcome and host them all.

Enter the Knowledge Base Start Learning →
// the ethos

The hacker mindset

Hacking is curiosity with skill attached. It's the discipline of understanding a system so deeply that you see what its builders missed — then choosing to make it better.

🧠

Curiosity first

Ask how it works. Take it apart. The deepest understanding comes from breaking things in a place where breaking is safe.

🤝

Share knowledge

The best of this culture is open. Write-ups, tools, and teaching lift everyone. You were helped — pass it on.

🛡️

Do no harm

Power without ethics is just damage. Hack what you own or have permission to test. Disclose responsibly.

♾️

Never stop

The field moves daily. The hacker doesn't memorize answers — they learn how to learn, forever.

// the knowledge base

Domains of hacking

Ten core territories. Each card is a map: what it is, what to study, and the best places to go deeper. Search to filter.

/
🕸️

Web Application Security

Where most of the action is. The browser is an attack surface and so is everything behind it.

  • Injection: SQLi, command, template (SSTI), LDAP
  • XSS — stored, reflected, DOM; and CSP bypasses
  • SSRF, IDOR, broken access control, auth flaws
  • Request smuggling, deserialization, file upload abuse
OWASP Top 10 ↗PortSwigger Web Security Academy ↗OWASP Cheat Sheets ↗
🌐

Network & Infrastructure

Map it, understand it, then find the soft spot. Protocols leak more than people think.

  • Recon & scanning: ports, services, versions
  • Pivoting, tunneling, lateral movement
  • MITM, ARP/DNS poisoning, protocol abuse
  • Firewall / IDS evasion fundamentals
Nmap Reference ↗HackTricks — Pentesting ↗Wireshark Docs ↗
🧬

Binary Exploitation & RE

Read the machine. Understand memory, then understand what breaks it.

  • Buffer overflows, ROP, format strings
  • Heap exploitation, use-after-free
  • Static & dynamic analysis, debugging
  • Disassembly & decompilation workflows
Nightmare (heap/pwn course) ↗Ghidra ↗pwn.college ↗
🔐

Cryptography

Don't roll your own. But absolutely learn how the real ones break.

  • Symmetric/asymmetric primitives & modes
  • Padding oracles, length-extension, nonce reuse
  • Hashing, password cracking, rainbow tables
  • TLS, PKI, and where trust goes wrong
Cryptopals Challenges ↗Crypto 101 ↗NIST CSRC ↗
🔎

OSINT & Recon

The quietest phase and often the most powerful. Information wants to be found.

  • Domain, DNS, cert transparency, subdomain enum
  • People & org footprinting, metadata
  • Credential & breach data exposure
  • Cloud asset & bucket discovery
OSINT Framework ↗crt.sh — cert transparency ↗Shodan ↗
⬆️

PrivEsc & Post-Exploitation

Getting in is step one. Staying, escalating, and understanding the blast radius is the craft.

  • Linux & Windows privilege escalation
  • Credential harvesting & token abuse
  • Persistence, defense evasion (lab-only)
  • Active Directory attack paths
GTFOBins ↗LOLBAS ↗PayloadsAllTheThings ↗
📡

Wireless & Hardware

Radio, firmware, and physical interfaces — the attack surface you can hold in your hand.

  • Wi-Fi (WPA2/3), capture & cracking
  • Bluetooth, RFID/NFC, SDR basics
  • Firmware extraction & analysis
  • JTAG/UART & embedded debugging
Hak5 ↗OpenWrt ↗Firmware Analysis (OWASP) ↗
🤖

AI / LLM Security

The newest frontier. Models are software — and software gets attacked.

  • Prompt injection (direct & indirect)
  • Jailbreaks, data exfiltration, tool abuse
  • Training-data & supply-chain poisoning
  • Model & adversarial-input attacks
OWASP LLM Top 10 ↗MITRE ATLAS ↗LLM Security ↗
// the roadmap

Learning paths

No gatekeeping. If you can read this page, you can start today. Follow the steps in order.

01Foundations

Start here — no prior experience needed.

  1. Learn Linux: the shell, files, permissions, processes
  2. Networking basics: TCP/IP, DNS, HTTP, ports
  3. Pick one language: Python for tooling, then a little C
  4. Set up a lab: a VM, Kali/Parrot, and a target box
  5. Play OverTheWire Bandit + TryHackMe Pre-Security
02Core Offense

Build real attacker skills, ethically.

  1. Work through PortSwigger Web Security Academy end-to-end
  2. Learn recon: nmap, enumeration, OSINT
  3. Practice on Hack The Box / TryHackMe boxes
  4. Read OWASP Top 10 and reproduce each class in your lab
  5. Start documenting — write-ups make you 10x faster
03Specialize

Go deep where your curiosity pulls you.

  1. Pick a track: web, binary, cloud, AI, or AD
  2. Compete in CTFs (watch CTFtime for events)
  3. Study MITRE ATT&CK to think like a real adversary
  4. Contribute: bug bounties, open-source tools, write-ups
  5. Learn the defense side too — it makes you dangerous
// the arsenal

Tools of the trade

The essential kit, grouped by job. Free and open-source unless noted. Learn one well before collecting them all.

Recon

nmapmasscanamasssubfindertheHarvesterShodan

Web

Burp SuiteOWASP ZAPffufsqlmapniktogobuster

Exploitation

MetasploitmsfvenomsearchsploitImpacketCrackMapExec

Reverse Eng.

Ghidraradare2 / Cutterx64dbggdb + pwndbgIDA Free

Network

WiresharktcpdumpBettercapmitmproxyResponder

Password

hashcatJohn the RipperhydraHashes.com

Forensics

VolatilityAutopsybinwalkExifToolCyberChef

Cloud

ScoutSuiteProwlerPacukube-huntertrivy
// the dojo

Practice grounds

Reading is not skill. These are legal, intentionally-vulnerable playgrounds — hack them all you want.

PortSwigger Web Security Academy ↗Free, world-class web hacking labsHack The Box ↗Live machines & pro labsTryHackMe ↗Guided rooms, beginner-friendlypicoCTF ↗Beginner CTF by Carnegie MellonOverTheWire ↗Classic terminal wargamesVulnHub ↗Downloadable vulnerable VMspwn.college ↗Binary exploitation & systemsCryptopals ↗Hands-on crypto attacksRoot-Me ↗Huge challenge catalogueCTFtime ↗Find live CTF competitions
// live intel

The feeds

Stay current. Curated, high-signal sources — threat intel, advisories, CVEs, cloud, and AI tradecraft. The live visitor watch and threat map live at redpatch.us ↗, our sister station.

Threat Intel

The Hacker NewsBreaking infosec news & incidentsBleepingComputerVulns, malware, ransomware reportingDark ReadingEnterprise security journalismKrebs on SecurityInvestigative deep divesThe RecordRecorded Future intel deskSecurityWeekDaily security newsInfosecurity MagazineIndustry magazineSchneier on SecurityBruce Schneier commentaryWIRED SecuritySecurity & policyHacker NewsCommunity front pageCisco TalosThreat researchPalo Alto Unit 42Threat intelligence & IR

Nation-State & Government

CISA AdvisoriesUS cyber advisoriesCISA HomeUS Cybersecurity & Infrastructure Security AgencyCISA Stop RansomwareRansomware alertsNSA Cybersecurity GuidanceNSA advisoriesFIRST.orgGlobal incident response forumCERT/CC Vuln NotesCoordinated disclosure notesNIST CSRCComputer security standards

CVEs & Zero-Days

NVDNational Vulnerability DatabaseNVD CVE SearchSearch every CVEMSRCMicrosoft patches & advisoriesHuntrAI/ML bug bounty

Cloud Security

AWS Security BlogAmazon cloud securityAzure Security BlogMicrosoft cloud securityGoogle Cloud SecurityGCP identity & securityCloudflare SecurityEdge & DDoSMicrosoft Security BlogMSFT security researchGoogle Security BlogGoogle security researchApple Security ResearchApple platform security

AI & Offensive Tradecraft

MITRE ATT&CKAdversary TTP knowledge baseMITRE ATLASAdversarial threats to AI systemsOWASP LLM Top 10LLM app security risksLLM SecurityPrompt injection researchNIST AI RMFAI Risk Management FrameworkAI VillageDEF CON AI security communityAnthropic ResearchAI safety & alignmentOpenAI SafetyAI safety & alignmentGoogle DeepMind SafetyAI safety researchNIST AIAI standards & trustworthiness
// the lexicon

Speak the language

The vocabulary you'll hear everywhere. Know these and you can follow any conversation in the field.

0-day
A vulnerability with no available patch — defenders have had zero days to fix it.
CVE
Common Vulnerabilities and Exposures — a unique ID for a publicly known flaw.
Payload
The part of an exploit that performs the intended action after a vuln is triggered.
Pivot
Using a compromised host to reach networks you couldn't reach directly.
Recon
Reconnaissance — gathering information about a target before engaging.
RCE
Remote Code Execution — running arbitrary code on a target over the network.
PrivEsc
Privilege escalation — going from low-privilege access to admin/root.
C2
Command & Control — infrastructure used to operate compromised systems.
Bug Bounty
A program that pays researchers for responsibly reported vulnerabilities.
Responsible Disclosure
Reporting a flaw privately to the owner and giving time to fix it.
Red Team
Offensive security — simulating real adversaries to test defenses.
Blue Team
Defensive security — detection, response, and hardening.
// the wall

Sign the guestbook

Leave your mark. Handles, war stories, hellos — all welcome. Be cool, be ethical.

> ./sign

Posts to the public wall. No links to anything you shouldn't.

loading the wall...
// direct line

Send a Mortal Alert

Have a question or something you'd rather share privately? It goes straight to the operator.

// rules of the house

  • Only test systems you own or have explicit, written permission to test.
  • Unauthorized access is a crime in most of the world. Know your local law (e.g. CFAA, Computer Misuse Act).
  • Found a real vulnerability? Disclose it responsibly to the owner — don't exploit, don't sell, don't sit on it.
  • Everything here is for education, defense, authorized testing, and CTF. Use it to protect, not to harm.
  • Be the kind of hacker the next generation is proud to learn from.

// 000a.org provides educational information and links to public resources. You are responsible for how you use what you learn.