Cybersecurity Arsenal

Exploitation tools, training grounds, and community intel. Everything a MultiHAT operative needs to master both offense and defense.

// Exploitation Tools

Industry-standard tools used for authorized penetration testing and security research.

Burp Suite

The industry-leading web application security testing toolkit. Proxy, scanner, intruder, repeater — the Swiss Army knife of web pen testing.

portswigger.net/burp →

OWASP ZAP

Free, open-source web application security scanner. Active/passive scanning, fuzzing, and automated vulnerability detection. Maintained by the OWASP Foundation.

zaproxy.org →

Metasploit Framework

The world's most used penetration testing framework. Exploit development, payload generation, post-exploitation modules, and vulnerability validation.

metasploit.com →

Wireshark

Network protocol analyzer for deep packet inspection. Capture, filter, and analyze traffic in real time. Essential for network forensics and troubleshooting.

wireshark.org →

Nmap

Network discovery and security auditing. Port scanning, service detection, OS fingerprinting, and NSE scripting for automated vulnerability checks.

nmap.org →

Kali Linux

Debian-based penetration testing distribution. Pre-installed with 600+ security tools. The standard operating system for ethical hackers and security researchers.

kali.org →

// Training Grounds

Practice hacking legally. These platforms provide safe, authorized environments to build offensive and defensive skills.

PortSwigger Web Security Academy

Free, world-class web security training from the creators of Burp Suite. Hands-on labs covering XSS, SQLi, CSRF, SSRF, access control, and more.

portswigger.net/web-security →

TryHackMe

Guided, gamified cybersecurity learning. Beginner-friendly rooms, learning paths, and real-world scenarios. Great for building foundations.

tryhackme.com →

Hack The Box

Advanced penetration testing labs. Retired and active machines, challenges, and pro labs for intermediate to advanced hackers.

hackthebox.com →

OWASP

The Open Worldwide Application Security Project. Standards, guides, and tools for application security. Home of the OWASP Top 10.

owasp.org →

PicoCTF

Free Capture The Flag competition platform by Carnegie Mellon. Designed for students and beginners. Great entry point into CTF challenges.

picoctf.org →

OverTheWire

War games for learning security concepts. Bandit, Natas, Leviathan — progressive challenges from basic Linux to advanced exploitation.

overthewire.org →

// Community Intel

Join the network. Share knowledge. Grow together.

AIUB Cybersecurity & Programming Society

Facebook community group for AIUB students and cybersecurity enthusiasts. Notebooks, projects, tutorials, CTF discussions, and knowledge sharing.

Join the community →

MultiHAT YouTube Channel

Attack demos, tutorials, and cybersecurity awareness content. Visual walkthroughs of security concepts and tool usage.

youtube.com/@Sagar-MultiHAT →

GitHub — SagarBiswas-MultiHAT

Open-source repositories: vulnerability scanners, automation tools, security notebooks, and educational projects. All code is public and documented.

github.com/SagarBiswas-MultiHAT →