See. Understand. Control.
A comprehensive knowledge base for the Shadow.Lab security research team. This repo is the single source of truth for techniques, tools, and resources across Red Teaming, Blue Teaming, and the foundational disciplines that underpin them.
Shadow.Lab operates in the Grey Hat space — skilled researchers who understand both sides of the fence: how attackers think and operate, and how defenders detect, respond, and harden systems.
New to Shadow.Wiki or building your lab for the first time, follow this path:
| Step | Guide | What you'll do |
|---|---|---|
| 1 | 🛠️ Tools & Setup | Pick an OS, spin up a VM, install core tools |
| 2 | 🐧 Linux | Learn Linux fundamentals for easy use of prefered OS |
| 3 | 💻 Programming Languages | Scripting foundations for exploit dev and tooling |
- Understand both sides — the best defenders think like attackers; the best attackers understand defenses
- Responsible disclosure — report vulnerabilities through proper channels; do not cause harm
- Authorised scope only — never test systems you do not have explicit written permission to test
- Document everything — reproducible findings, clear timelines, and clean write-ups matter
- Continuous learning — the threat landscape evolves; so must you
- Operate ethically — Grey Hat does not mean lawless; it means deeply informed
- Branch off
mainand add your guide or improvement - Keep guides practical — commands, real-world examples, and tool references
- Use consistent Markdown formatting
- Submit a PR
Join the Shadow.Lab community — share findings, ask questions, and collaborate with the team.
