About the handbook

This is our public handbook, our main source of truth about how we deliver our offensive security services (inspired by GitLab and OCV).

We encourage our employees to use the handbook during the daily work.

We try to publish content that our employees, clients or other pentesters might benefit from. The handbook is opinionated and no legal or binding advice to those outside of our company.

Our handbook should be complete enough that a new employee doesn't need extensive onboarding to get to know our style of working and our approach to offensive security.

This handbook is a constant work in progress and follows an iterative approach. We are currently in the process of moving our internal documentation to this public handbook. Things might be missing due to several reasons (privacy, security, copyright, etc.).

It is okay to be messy. Let's improve iteratively. Better done than perfect.

Style guide

Front-load essential information.
Write in present tense.
Prefer active voice if possible.
Avoid filler words.
Use sentence case for titles.
Avoid typos.

You can use AI to suggest improvements to your text (include the style guide in your prompt).

Making changes

For externals

Open an issue and describe your suggestions and improvements. Thank you for contributing. ❤️

For employees

The handbook is hosted in our internal GitLab. Read how to make changes there.

About the handbook ​

Style guide ​

Making changes ​

For externals ​

For employees ​

About the handbook

Style guide

Making changes

For externals

For employees