Skip to content
Codex Codex

Codex

Command-first cheatsheets for pentesting, CTFs, and security exams.
Enter the Codex GitHub

What is the Codex?

Section titled “What is the Codex?”

The Codex is a curated field reference for offensive security, built for use during pentests, CTFs, and certification exams like OSCP and HTB. Every page is OS-agnostic and command-first: technique, payload, success indicator. No theory you don’t need.

It is maintained by the Athena OS project and published under CC-BY-SA 4.0.

Sections

Section titled “Sections”

Web Attacks

SQL injection, command injection, SSRF, SSTI, web services, and more.

Server-side Attacks

SSRF, SSI, ESI, SSTI, XSLT injection.

Windows Privilege Escalation

Token abuse, weak ACLs, credential hunting, UAC bypass, and more.

More coming

Active Directory, Linux privesc, network services, pivoting, and more - in progress.