.-'''-.
     / .===. \
     \/ 6 6 \/
     (  \_/  )   Shield Wall
      `-___-´  Defensive HQ

Bug bounty wisdom • Responsible disclosure • Blue-team playbooks

Bug Bounty Guide Deck

Hacker101 Videos

Free deep-dive lessons by HackerOne.

PortSwigger Academy

Hands-on labs for every OWASP issue.

Bugcrowd University

Exploit-writing slides and videos.

IoT Hacking Field Guide

Hardware attack surface checklist.

Bug-Bounty Cheatsheet

Community-driven workflow tips.

NahamSec Resource List

Starter toolkit curated by NahamSec.

Detectify Labs

Fresh vuln research drops.

Bounty Dork Bank

Google dorks that print money.

Disclosure Templates

Expand, copy, and send – instant diplomacy.

Responsible Disclosure Email
Public Write-Up Header
Non-Disclosure Agreement Clause

Defensive Playbooks

Web App Fortress

  • Content-Security-Policy strict-dynamic baseline
  • OWASP CRS v3 with mod_security
  • Long-lived HSTS and mTLS on admin paths
  • Dependency track with OSS-Index
Full guide →

Cloud Guardrails

  • Multi-account landing zone with SCP lockdown
  • Continuous config drift via Cloud Custodian
  • Zero-trust identity – short-lived IAM creds
  • S3 object-level logs piped to SIEM
Reference CCM →

Endpoint Lockdown

  • Windows Attack Surface Reduction rules
  • Application allow-listing with WDAC
  • Sysmon + Osquery fleet telemetry
  • Untagged USB kill via udev rules
ATT&CK mitigations →