Domain overview
Advanced work means changing the model, not just the tooling. Cloud, mobile, identity, supply chain, AI and OT all require different assumptions, different evidence and different operator choices.
Related certification context
These certifications map to parts of the specialist surface collected here.
- OffSec OSAI+ / AI-300Dedicated AI red teaming across LLMs, agents and AI infrastructure.
- OffSec OSWE / WEB-300Useful for API- and source-guided exploitation in complex web-backed systems.
- OffSec OSEP / PEN-300Useful for mature operator workflow where specialist targets intersect with internal operations.
Selected public references
- OWASP API Securityowasp.org/www-project-api-security/
- OWASP MASmas.owasp.org/
- OWASP API Security Top 10 2023owasp.org/API-Security/editions/2023/en/0x00-header/
- OWASP MAS · MASVSmas.owasp.org/MASVS/
- PortSwigger · JWTportswigger.net/web-security/jwt
- Frida Documentationfrida.re/docs/home/
- GitHub · MobSF / Mobile-Security-Framework-MobSFgithub.com/MobSF/Mobile-Security-Framework-MobSF
- Microsoft Learn · Exchangelearn.microsoft.com/en-us/exchange/
- PX4 Documentationdocs.px4.io/
- MAVLink Developer Guidemavlink.io/en/
- ArduPilot Developer Documentationardupilot.org/dev/
Domain index
Cloud Offensive Security
Advanced work collects the surfaces that sit beyond routine web or internal testing: cloud, identity, mobile, supply chain, AI and OT. It is intended as a map for operators who need to move directly into specialist material.
API Security
Advanced work collects the surfaces that sit beyond routine web or internal testing: cloud, identity, mobile, supply chain, AI and OT. It is intended as a map for operators who need to move directly into specialist material.
Mobile App Pentesting
Mobile application behaviour under instrumentation, local-state review and transport validation.
Identity / Entra / Okta / SSO Abuse
Identity flows, token trust, consent behaviour and federation-linked privilege paths.
Adversary Emulation / Tradecraft
Advanced work collects the surfaces that sit beyond routine web or internal testing: cloud, identity, mobile, supply chain, AI and OT. It is intended as a map for operators who need to move directly into specialist material.
DevSecOps / Supply Chain / CI-CD
Model-backed attack paths across prompts, retrieval, orchestration and tool invocation.
OT / ICS Security
Industrial protocols, engineering trust and process-level exposure in operational environments.
AI Security
Model-backed attack paths across prompts, retrieval, orchestration and tool invocation.
Drone / Robotics Security
Industrial protocols, engineering trust and process-level exposure in operational environments.