Need help with assessment-mindset?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

643 Stars 95 Forks MIT License 50 Commits 0 Opened issues


Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

Services available


Need anything else?

Contributors list

# 126,051
39 commits
# 510,107
1 commit

Security Assessment Mindset


I did this to help me on my security assessments (pentest, bug bounty, red-team, kung foo, you name it) and to keep my work well organized.

Each time I finished a task, I marked it with a check icon using XMind. If you don't have this tool, print the image version and use your pencil to mark it as done.

Included in this mindset is WAHH Methodology, OWASP API Security Top 10 and IOT PenTesting Guide from @adi1391.


OPML is the main file because it would be the source to import to almost all mindmap software. I also exported xmind and PNG version for Xmind users and others that don't really have mindmap tools. If you need other format, please let me know so I can start exporting it in future versions.

How to contribute

New tasks, tools, typos and other things you think it would help this mindmap, please Add a new Pull Request with your OPML file on this repo for discussion and validation. Remember that tis is open to ALL infosec community so let us all keep things rolling :thumbsup:. Any question, feel free to ping me at Twitter.


To do

  • Mobile applications mindmap (iOS and Android)
  • Networking mindmap (work in progress)
  • Wifi mindmap
  • IoT mindmap (work in progress)

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.