Decided to host my personal CPTS & (soon) COAE study blog and writeups. Completely free and ad-free.
Hey everyone,
(Note: Direct links are in the comment section below to keep this post clean and compliant with filters!)
I’ve spent the last few months grinding through the HTB Academy CPTS (Certified Penetration Testing Specialist) path.
I'm also preparing to add my personal writeups for the COAE (Certified Offensive AI Engineer) path very soon which is another awesome practical cert by HTB where I managed to score a perfect 100/100 on the exam.
Like most of us, my local obsidian/markdown notes were starting to look like an absolute mess, so I decided to clean them up and host them publicly as a personal study blog.
It’s completely free, ad-free, and I just finished translating all 37 writeups and study sheets to English so they can help others in the community.
This personal blog basically covers my study workflows and notes for both certifications: 👉 docs[.]pwnvader[.]com (Direct link in comments!)
What’s in my study blog?
I tried to make my writeups as practical as possible heavy on command syntaxes, quick checklists, and actual pentesting workflows:
Active Directory (CPTS notes): Domain enumeration, GPO auditing, Kerberoasting/AS-REP, delegation, and enterprise network attack paths.
Web Vulnerabilities: In-depth checklists for API audits, GraphQL, SQLi, LFI/RFI, and server-side configurations.
PrivEsc (Windows & Linux): From SUID/Sudo/Capabilities and kernel security to token impersonation, service auditing, UAC bypass, and memory credential hunting.
Pivoting: Exact command recipes for Chisel and Ligolo-NG (double/triple pivoting setups).
Offensive AI (COAE prep - Coming Soon): The exact study notes and writeups I used to get the 100/100 score, covering prompt injection vulnerabilities, model evasion, and LLM data poisoning.
The Design
I designed the blog using a custom Catppuccin Mocha theme, JetBrains Mono, and a retro CRT monitor/scan-line aesthetic because why not. The search is indexed locally using Pagefind, so it's super fast when you're looking up commands in the middle of a lab.
GitHub & Other Projects
This entire blog is open-source. You can follow my work and check out my other security projects directly on my GitHub profile: github[.]com/pwnVader
Also, as a side project, we’ve been building a serverless web tools suite at hacking[.]pwnvader[.]com (it includes a connection command generator, a passive CMS/WordPress auditor, a JWT inspector, and a network tunnel designer).
I'll probably do a dedicated post on those tools later once we finish polishing a few more modules, but feel free to check them out in the meantime if you're working on a lab.
Let me know if you have any feedback or if there's a specific methodology you think is missing!
Sorry for the AI text :p
