Khmersec Documentation
A comprehensive cybersecurity learning platform with 100+ tools, 50+ vulnerabilities, and real-world scenarios used by security professionals worldwide.
Getting Started
Follow these steps to begin your cybersecurity journey:
- Set up your environment - Install Linux (Kali, Parrot, or Ubuntu) as your primary workspace
- Learn the fundamentals - Master networking, Linux commands, and basic security concepts
- Practice hands-on - Apply skills in controlled environments like DVWA, HackTheBox, and TryHackMe
Start with the OWASP Top 10, then explore security tools, and work through web vulnerabilities with hands-on labs.
Quick Start
Install Linux
Set up a Linux environment as your primary workspace. Kali Linux, Parrot OS, or Ubuntu are excellent choices for security work.
# Download Kali Linux
https://www.kali.org/get-kali/#kali-installer-images
# Or install on Windows via WSL
wsl --install -d Ubuntu
Learn the Fundamentals
Start with networking, Linux commands, and basic security concepts before diving into offensive security.
- Networking — TCP/IP, DNS, HTTP/S, OSI Model
- Linux — File system, permissions, process management, Bash scripting
- Security Basics — CIA triad, authentication, access control, threat modeling
Always obtain proper authorization before testing systems. Practice only on systems you own or have explicit permission to test. Unauthorized access is illegal.
Documentation Sections
Explore our comprehensive documentation covering all aspects of cybersecurity:
| Section | Description |
|---|---|
| OWASP Top 10 | Most critical web application security risks |
| Web Vulnerabilities | 56 real-world vulnerabilities with attack payloads |
| Security Tools | 137 industry-standard tools for penetration testing |
| API Security | REST, GraphQL, and OAuth security best practices |
| Bug Bounty | How to find and report vulnerabilities for rewards |
Programming Languages
Security-focused programming in 10 languages with interactive code examples and real tool development:
| Language | Use Cases |
|---|---|
| Python | Scripting, automation, exploit development, web scanning |
| Bash | System administration, automation, log analysis |
| Go | High-performance tools, network utilities, containers |
| Rust | Memory-safe tools, binary analysis, cryptography |
| JavaScript | Web security, browser extensions, Node.js tools |
| TypeScript | Type-safe tooling, secure API development |
| Java | Enterprise security, Android analysis, JEE exploitation |
| PHP | Web app auditing, CMS exploitation, custom exploits |
| C++ | Binary exploitation, reverse engineering, low-level tools |
| C | Kernel exploitation, malware analysis, shellcode |
Tool Categories
Our platform covers 137 tools across 25 categories:
| Category | Tools |
|---|---|
| Network Scanning | Nmap, Masscan, Zmap, RustScan |
| Web Proxies | Burp Suite, Caido, OWASP ZAP, mitmproxy |
| Exploitation | Metasploit, SQLMap, Commix, searchsploit |
| Password Cracking | Hashcat, John the Ripper, Hydra, Medusa |
| OSINT | Maltego, SpiderFoot, Sherlock, Recon-ng |