Real-world writeups on Red Team operations, Penetration Testing, Bug Bounty hunting, and Offensive Security techniques.

Content includes infrastructure setup, automation workflows, exploit techniques, and lessons learned from actual engagements. No fluff, just technical content.

---

🎯 What You'll Find Here

Content Standards

• ✅ Technical and Practical: Zero fluff, pure actionable content
• ✅ Real-World Experience: From actual engagements and research
• ✅ Code-Heavy: Copy-paste ready commands and scripts
• ✅ Bilingual: Most content in English and Spanish

Topics Covered (but not limited to)

• Bug Bounty: Automation, infrastructure, recon, exploitation, strategy, etc.
• AI/ML Security: LLM exploitation, model security, AI agents
• Cloud Native: Kubernetes, containers, serverless
• Web3 & Blockchain: Smart contracts, DeFi, Web3 apps
• API Security: GraphQL, gRPC, WebSocket, modern APIs
• Mobile Security: iOS, Android, mobile APIs
• Red Team: Infrastructure, C2, Active Directory
• Pentesting: Web, network, wireless testing
• OSINT & Recon: Advanced reconnaissance, social engineering
• Hardware Hacking & Binary Security: reversing, etc.

---

📚 Table of Contents

Bug Bounty

• VPS & VPN Setup for Bug Bounty 🇪🇸
  • English Version 🇬🇧
  • Distributed architecture, IP rotation, and automation
  • Cost analysis: $0 to $200/month setups
  • Axiom framework for dynamic cloud deployment
  • Based on real community messages

AI/ML Security

• LLM Security & Exploitation
• AI Agent Security
• Machine Learning Model Security

Cloud Native

• Kubernetes Security
• Container Security
• Serverless Security

Web3 & Blockchain

• Smart Contract Security
• DeFi Security
• Web3 Application Security

API Security

• GraphQL Security
• gRPC Security
• WebSocket Security

Mobile Security

• iOS Security
• Android Security
• Mobile API Security

Red Team

• Infrastructure Setup
• C2 Operations
• Active Directory Attacks

Pentesting

• Web Application Testing
• Network Penetration Testing
• Wireless Security

OSINT & Recon

• Advanced Reconnaissance
• Open Source Intelligence
• Social Engineering

---

📂 Repository Structure

offensive-security-writeups/
├── README.md
├── bugbounty/              # Bug Bounty hunting
│   └── infrastructure/     # VPS, VPN, tooling setup
├── ai-security/            # AI/ML Security
│   └── [coming soon]
├── cloud-native/           # Cloud Native Security
│   └── [coming soon]
├── web3/                   # Web3 & Blockchain
│   └── [coming soon]
├── api-security/           # API Security
│   └── [coming soon]
├── mobile/                 # Mobile Security
│   └── [coming soon]
├── red-team/               # Red Team operations
│   └── [coming soon]
├── pentesting/             # Penetration testing
│   └── [coming soon]
└── osint/                  # OSINT & Recon
    └── [coming soon]

---

📄 License

This content is licensed under Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0).

You are free to:

• ✅ Share and adapt the content
• ✅ Use it commercially

As long as you:

• ✅ Give appropriate credit
• ✅ Share under the same license

See LICENSE for details.

---

💬 Contact & Contribution

Found a bug in the content? Open an Issue

Want to contribute? Submit a Pull Request

Join the Bug Bounty Argentina community

---

🙏 Acknowledgments

This content is possible thanks to:

• All fellow Hackers and individual hunters: Who share their workflows and lessons learned
• Bug Bounty Argentina Community: For sharing real-world experiences
• Open Source Tooling and the entire infosec community

---

"Knowledge is power that grows when shared. Hack responsibly"

#OffensiveSecurity #RedTeam #Pentesting #BugBounty #InfoSec #Hacking