Skip to content
View nodirsafarov's full-sized avatar
☠️
☠️
1 follower · 2 following

Block or report nodirsafarov

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
nodirsafarov/README.md

whoami

class NodirSafarov:
    def __init__(self):
        self.role         = "Junior Penetration Tester"
        self.location     = "Tashkent, Uzbekistan"
        self.focus        = ["Web Application Security", "Active Directory", "Red Team Ops"]
        self.methodology  = ["OWASP Top 10", "PTES", "MITRE ATT&CK"]
        self.platforms    = ["HackTheBox", "TryHackMe", "PortSwigger Web Security Academy"]
        self.languages    = ["Uzbek", "Tajik", "English (B1)"]
        self.open_to      = "Junior Pentester / Red Team Analyst roles"

    def daily_routine(self):
        return ["Hack lab machines", "Read CVE writeups", "Practice on PortSwigger", "Build payloads"]

    def motto(self):
        return "Defenders think in lists, attackers think in graphs."

Repositories

Repo What
adenum Active Directory universal enumerator — staged recon (IP → domain → users → creds), native AS-REP roasting, BloodHound auto-collection, MSSQL/WinRM/coercion checks, standalone HTML reports
cybersecurity-notes Personal knowledge base — PTES web pentest cheatsheet, OWASP Top 10, Active Directory, Red Team
pentest-roadmap Practical zero-to-pentest roadmap — recon → exploitation → post-exploitation → reporting + curated resources & cheat sheets
offensive-security-methodology Per-phase methodology playbook — recon, exploitation, post-exploitation, Active Directory, cloud, reporting

🚧 Continuously growing. New machines solved, new payloads tested, new tools written — everything ends up here.

Arsenal

Web Application Pentesting

Burp Suite OWASP ZAP SQLmap ffuf gobuster Nikto WPScan

Network & Active Directory

Nmap BloodHound CrackMapExec Impacket Evil-WinRM Wireshark Responder

Exploitation & Post-Exploitation

Metasploit Hydra John the Ripper Hashcat Netcat LinPEAS

Operating Systems & Languages

Kali Linux Parrot OS Windows Python Bash PowerShell

OWASP Top 10 — Hands-On

# Vulnerability Practice
A01 Broken Access Control PortSwigger Labs · HTB Web
A02 Cryptographic Failures TryHackMe Crypto rooms
A03 Injection (SQLi / NoSQLi / Command) Manual + SQLmap, HTB Boxes
A04 Insecure Design Threat modeling exercises
A05 Security Misconfiguration Burp Suite scans, lab work
A06 Vulnerable & Outdated Components CVE research, Nuclei templates
A07 Auth & Session Failures JWT abuse, session fixation labs
A08 Software & Data Integrity Failures CI/CD security reading
A09 Logging & Monitoring Failures Defensive context studies
A10 SSRF PortSwigger SSRF labs, HTB

Active Directory Tradecraft

# Reconnaissance & Enumeration
nmap -sC -sV -p- target.htb
ldapsearch / rpcclient / smbclient
bloodhound-python -d corp.local -u user -p 'pass' -c All

# Initial Access
responder -I tun0
crackmapexec smb 10.10.10.0/24 -u users.txt -p 'Password1'

# Privilege Escalation
GetNPUsers.py -no-pass -usersfile users.txt corp.local/
GetUserSPNs.py -request corp.local/lowpriv:'pass'

# Lateral Movement & Domain Compromise
psexec.py / wmiexec.py / smbexec.py
secretsdump.py -just-dc corp.local/admin@dc01

Currently Working On

  • Mastering Active Directory attack chains end-to-end
  • PortSwigger Web Security Academy advanced labs
  • Building a personal pentest methodology playbook
  • Studying for OSCP / eJPT / CRTP
  • Custom Python tooling for AD recon — adenum shipped
  • HackTheBox machines — focus on Web and AD

Certifications

HTB CJCA CRTA Google Cybersecurity OWASP Top 10 TryHackMe AoC 2025

GitHub Stats

Find Me Online

LinkedIn Telegram Gmail

"The quieter you become, the more you are able to hear." — Kali Linux

If my work helped you — drop a ⭐ on the repo.

Pinned Loading

  1. cybersecurity-notes cybersecurity-notes Public

    Personal offensive security knowledge base — PTES web pentest cheatsheet, OWASP Top 10, Active Directory, Red Team

  2. pentest-roadmap pentest-roadmap Public

    Practical, no-fluff pentest roadmap: recon -> exploitation -> post-exploitation -> reporting. Tools, commands, free/paid resources, and cheat sheets for self-learners.

  3. adenum adenum Public

    Universal Active Directory enumeration tool with progressive recon stages, AS-REP roasting, MSSQL/WinRM/coercion checks, and HTML reports

    Python