Browse architecture maps, attack flows, and methodology visuals in one diagram gallery.

A chained internal pentest flow from foothold to privilege expansion, designed for walkthroughs and operator planning.

A compact view of the Active Directory lab layout, including domain controller, member systems, and operator footholds.

A visual map of command-and-control staging, redirectors, team servers, and operator traffic paths.

A data-flow style diagram for framing trust boundaries, processing nodes, and threat-modeling discussions.

A privilege and dependency map for showing how attackers chain AD relationships into full domain control.

A stage-by-stage overview of the internal pentest lifecycle, from pretext and access to cleanup and reporting.

An end-to-end diagram for IoT assessments covering field devices, gateways, message paths, and cloud services.

A concise view of ticket flows, service accounts, and common Kerberos abuse paths in Windows environments.

A simple offensive sequence map for modeling initial access, execution, and follow-on tradecraft.

A route map through Linux escalation paths, service abuse, misconfigurations, and local privilege expansion.

A workflow diagram for moving from triage into static analysis, dynamic analysis, and deeper reverse engineering.

An architecture view for Model Context Protocol deployments, connectors, and trust boundaries.

A layered model of the OSI stack with attack references, useful for grounding network-security content.

A reconnaissance workflow showing how sources, pivots, enrichment, and attribution fit together.

A Portable Executable map for malware reversing, section parsing, and binary triage.

A post-exploitation view of scheduled tasks, autoruns, services, and long-term foothold options.

A physical assessment map covering entry points, defensive controls, and operator techniques.

A high-level operator map covering looting, privilege expansion, pivoting, and cleanup decisions.

A visual explanation of adversary indicators, ordered by how much pressure defenders apply when they detect them.

A cross-functional architecture map for secure delivery, design reviews, and security activities across the SDLC.

A visual sequence of the web testing lifecycle, from recon to exploit validation and reporting.

An escalation map for token abuse, service paths, local misconfigurations, and Windows foothold expansion.

A wireless assessment map covering discovery, capture, attack decision points, and validation flows.