offensive research workstation
Structured
offensive reasoning.
A workstation for tracing weak signals through validation, edge cases and methodology. Not payloads. Not exploits. How to think.
reasoning threads
$ thread · CORS triage funnel
signalSIG-0007 Reflected Origin w/ creds
→
workflowWF-0006 Classify CORS behavior
→
playbookPB-0004 CORS review
$ thread · auth boundary review
signalSIG-0003 Reset token still valid
→
workflowWF-0002 Validate auth finding
→
playbookPB-0001 Auth boundary review
$ thread · tenant scope reasoning
signalSIG-0006 Endpoint asserts user, not tenant
→
workflowWF-0008 Tenant-scope collapse
→
playbookPB-0006 Tenant scope reasoning
$ thread · IDOR mass assignment
signalSIG-0016 Write exceeds UI shape
→
workflowWF-0009 Validate mass assignment
→
playbookPB-0002 IDOR reasoning
high-signal entries
Signals
Weak patterns worth investigating. Each links to the validation workflow that promotes it or dismisses it.
Workflows
Validation pipelines. From inbox anomaly to confirmed candidate or documented dismissal.
Playbooks
Methodology essays. Repeatable reviews of recurring boundary classes.
Graph
Navigate by relationship. Each node is a reasoning artifact. Each edge is a declared connection.
Signal
Workflow
Playbook
A research workstation,
not a blog.
not a blog.
workstation is a structured surface for offensive security methodology — built and maintained by theoffsecgirl. It holds the reasoning behind the work: signals, validation workflows, edge cases and the playbooks that connect them.
Intent
Offensive security work is mostly reasoning, not exploitation. Most findings start as a weak signal that has to be triaged, validated and given context. This workstation exists to make that reasoning explicit and reusable.
Shape
- Signals — weak observations worth investigating.
- Workflows — the validation paths we run them through.
- Playbooks — repeating patterns abstracted into methodology.
Discipline
No payloads. No exploitation steps. No live targets. Everything here is methodology-first, validation-oriented.
Keyboard shortcuts
- / — open search
- S — go to signals
- W — go to workflows
- P — go to playbooks
- G — go to graph
- Esc — close / go back
- ? — toggle this help