Our Online Labs and Course Library:
Windows Security | Reconnaissance | 12 Labs
Windows Security | Basic Exploitation | 53 Labs
Windows Security | Post Exploitation | 19 Labs
Windows Security | Service Exploitation | 32 Labs
Windows Security | Privilege Escalation | 10 Labs
Windows Security | Maintaining Access | 10 Labs
Cloud Security | AWS Cloud Security | 75 Labs
-
IAM | 10 Labs -
S3 | 11 Labs -
DynamoDB | 6 Labs -
API Gateway | 7 Labs -
Lambda | 11 Labs -
Databases | 5 Labs -
EC2 | 7 Labs -
ECS and ECR | 8 Labs -
Defense | 10 Labs
Cloud Security | Bootcamp | 0 Labs
Linux Security | Linux Basics | 12 Labs
Linux Security | Reconnaissance | 16 Labs
-
Memcached | 2 Labs -
Webservers | 3 Labs -
DNS | 3 Labs -
SQL Databases | 2 Labs -
FTP Servers | 3 Labs -
Web Applications | 3 Labs
Linux Security | Exploitation | 15 Labs
Linux Security | Post Exploitation | 9 Labs
Linux Security | Privilege Escalation | 10 Labs
Linux Security | Pivoting | 5 Labs
Linux Security | Maintaining Access | 7 Labs
Linux Security | MITRE ATTACK | 14 Labs
-
Discovery | 3 Labs -
Credential Access | 2 Labs -
Privilege Escalation | 2 Labs -
Persistence | 2 Labs -
Lateral Movement | 2 Labs -
Defense Evasion | 2 Labs -
Command and Control | 1 Labs
Linux Security | Exploit Research | 0 Labs
Linux Security | Bootcamp | 0 Labs
WebApp Pentesting Basics | Web Application Basics | 4 Labs
WebApp Pentesting Basics | Tools of the Trade | 14 Labs
WebApp Pentesting Basics | OWASP Top 10 | 47 Labs
-
Injection | 11 Labs -
Broken Authentication | 8 Labs -
Sensitive Data Exposure | 4 Labs -
XML External Entities | 2 Labs -
Broken Access Control | 10 Labs -
Security Misconfiguration | 3 Labs -
Cross Site Scripting | 4 Labs -
Insecure Deserialization | 2 Labs -
Vulnerable Components | 2 Labs -
Insufficient Logging | 1 Labs
WebApp Pentesting Basics | Webapp CVEs | 4 Labs
WebApp Pentesting Basics | Bootcamp | 0 Labs
Advanced Priv-Esc | Windows | 10 Labs
Advanced Priv-Esc | Linux | 22 Labs
Container Security | Intro to Containers | 9 Labs
Container Security | Container/Host Security | 23 Labs
Container Security | Docker Image Security | 21 Labs
-
Docker Registry | 8 Labs -
Docker Image Analysis | 4 Labs -
Docker Forensics | 5 Labs -
Dockerfile Linting | 4 Labs
Container Security | Miscellaneous | 9 Labs
Container Security | Securing Docker | 3 Labs
Container Security | Bootcamp | 0 Labs
DevSecOps | DevOps Basics | 16 Labs
-
Version Control Systems | 2 Labs -
Testing | 6 Labs -
Building Project | 3 Labs -
Continuous Integration | 3 Labs -
Infrastructure as Code | 2 Labs
DevSecOps | DevSecOps Basics | 38 Labs
-
Automated Code Review | 3 Labs -
Sensitive Information Scan | 7 Labs -
Static Application Security Testing | 9 Labs -
Dynamic Application Security Testing | 7 Labs -
Software Composition Analysis | 4 Labs -
Compliance as Code | 3 Labs -
Vulnerability Management | 2 Labs -
Secret Management | 3 Labs
DevSecOps | Pipeline Basics | 7 Labs
DevSecOps | Fix The Code | 3 Labs
DevSecOps | Bootcamp | 0 Labs
WiFi Security | Basics | 32 Labs
-
Traffic Analysis | 10 Labs -
Reconnaissance | 3 Labs -
AP Client Basics | 12 Labs -
OpenWRT Router | 2 Labs -
Tools | 5 Labs
WiFi Security | Personal Networks | 11 Labs
WiFi Security | Enterprise Networks | 13 Labs
WiFi Security | Advanced Labs | 14 Labs
WiFi Security | Forensics | 5 Labs
WiFi Security | Bootcamp | 0 Labs
Reverse Engineering | Linux | 10 Labs
Password Cracking | Hashes | 8 Labs
Password Cracking | File Passwords | 9 Labs
Forensics | Disk Forensics | 10 Labs
Forensics | Memory Forensics | 7 Labs
Offensive Python | Interacting with Files | 11 Labs
Offensive Python | Live Interactions | 18 Labs
IoT Security | Device Attacks | 7 Labs
IoT Security | Network Attacks | 16 Labs
Other Topics | Network Recon | 74 Labs
-
Webservers | 23 Labs -
SQL Databases | 6 Labs -
NoSQL Databases | 12 Labs -
Distributed Databases | 2 Labs -
Distributed Queues | 2 Labs -
Proxy Servers | 2 Labs -
SMTP Servers | 2 Labs -
POP3 Servers | 2 Labs -
IMAP Servers | 2 Labs -
SIEM Platforms | 3 Labs -
SMB Servers | 4 Labs -
SSH Servers | 2 Labs -
Telnet Servers | 1 Labs -
NTP Servers | 1 Labs -
TFTP Servers | 1 Labs -
IRC Servers | 2 Labs -
Finger Servers | 1 Labs -
RADIUS | 3 Labs -
VNC | 1 Labs -
SNMP | 2 Labs
Other Topics | Real World WebApps | 148 Labs
-
Remote Code Execution | 15 Labs -
Stored XSS | 24 Labs -
File Upload | 15 Labs -
SQL Injection | 38 Labs -
XML External Entity | 2 Labs -
SSRF | 1 Labs -
SSTI | 1 Labs -
Command Injection | 3 Labs -
Local File Inclusion | 5 Labs -
Reflected XSS | 13 Labs -
CSRF | 19 Labs -
Arbitrary File Download | 7 Labs -
Directory Traversal | 2 Labs -
Broken Authentication | 1 Labs
Other Topics | Traffic Analysis | 8 Labs
Other Topics | WebApp CVEs | 342 Labs
-
2022 | 55 Labs -
2021 | 32 Labs -
2020 | 36 Labs -
2019 | 65 Labs -
2018 | 75 Labs -
2017 | 17 Labs -
2016 | 4 Labs -
Older CVEs | 58 Labs
Other Topics | Metasploit | 280 Labs
-
Windows Apps Exploits | 3 Labs -
Linux Exploitation | 94 Labs -
Meterpreter | 5 Labs -
Post Modules | 2 Labs -
Metasploit CTFs | 10 Labs -
Metasploit Pivot CTFs | 8 Labs -
Latest Targets | 38 Labs -
WordPress Exploitation | 21 Labs -
Pivoting | 16 Labs -
Auxiliary Modules | 71 Labs -
WebApp Exploits | 12 Labs
Other Topics | Network Pivoting | 4 Labs
Other Topics | Infrastructure Attacks | 43 Labs
Other Topics | Privilege Escalation | 37 Labs
Other Topics | Deliberately Vulnerable | 19 Labs
Other Topics | Forensics | 3 Labs
Other Topics | Firmware Analysis | 6 Labs
Other Topics | Secure Coding | 18 Labs
Other Topics | Malware Analysis | 0 Labs
Other Topics | DevSecOps | 4 Labs
Other Topics | Code Repositories | 19 Labs
Other Topics | Endpoint Security | 29 Labs
Other Topics | Persistence | 8 Labs
Other Topics | Linux Runtime Analysis | 8 Labs
Other Topics | Log Analysis | 14 Labs
-
Webserver Logs | 4 Labs -
SSH Logs | 1 Labs -
Proxy Logs | 1 Labs -
DNS Logs | 1 Labs -
Windows Event Logs | 3 Labs -
Other Tools | 4 Labs
Other Topics | REST | 72 Labs
-
JWT Basics | 21 Labs -
JWT Advanced | 8 Labs -
JWT Expert | 12 Labs -
API Security | 24 Labs -
GraphQL | 7 Labs
Other Topics | MITRE ATTACK Linux | 30 Labs
Other Topics | Service Exploitation | 67 Labs
Other Topics | Web Technologies | 16 Labs
Other Topics | Android Pentesting | 7 Labs
Other Topics | OWASP Top 10 | 18 Labs
Other Topics | Network Pentesting | 18 Labs
Advanced Exercises | Weekly CTF | 11 Labs
Advanced Exercises | Capture the Flags | 70 Labs
Python for Pentesters
This course will teach you Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administrat...
View Details
Windows Process Injection for Red-Blue Teams
In this course, we will understand the basics of Windows processes, virtual memory and different techniques to enumerate processes. Then we will look at the fundamentals of process injection and tr...
View Details
x86 Assembly Language and Shellcoding on Linux
This course focuses on teaching the basics of 32-bit assembly language for the Intel Architecture (IA-32) family of processors on the Linux platform and applying it to Infosec. Once we are through wit...
View Details
x86_64 Assembly Language and Shellcoding on Linux
This course focuses on teaching the basics of 64-bit assembly language for the x86_64 family of processors on the Linux platform and applying it to Infosec. Once we are through with the basics, we wil...
View Details
Javascript for Pentesters
In this course, we will be learning how to use Javascript for Pentesting.
View Details
Linux Forensics
This course will familiarize students with all aspects of Linux forensics. By the end of this course students will be able to perform live analysis, capture volatile data, make images of media, ana...
View Details
Pentesting with Metasploit
This course is ideal for penetration testers, security enthusiasts and network administrators.
A non-exhaustive list of topics to be taught includes:
- Metasploit Basics and Fram...
View Details
Wi-Fi Security and Pentesting
This course is ideal for penetration testers, security enthusiasts and network administrators.
A non-exhaustive list of topics to be taught includes:
- Bypassing WLAN Authe...
View Details
Exploiting Simple Buffer Overflows on Win32
In this course, we will look at how to exploit Simple Buffer Overflows on Win32 systems. This is an introductory course and starts from the very basics of exploitation and is beginner friendly. We wil...
View Details
USB Forensics and Pentesting
This course will cover USB in detail with an emphasis on understanding USB Mass Storage devices (also known as flash drives or thumb drives).By the end of this course students will know how to snif...
View Details
Pentesting iOS Applications
This course focuses on the iOS platform and application security and is ideal for pentesters, researchers and the casual iOS enthusiast who would like to dive deep and understand how to analyze and sy...
View Details
Make your own Hacker Gadget
All of us have heard about or used Hacker Gadgets like the WiFi Pineapple, Minipwner, Pwn Plug, R00tabaga etc. They are fantastic to use for demos, in social engineering tasks, explaining security imp...
View Details
Scripting Wi-Fi Pentesting Tools in Python
In this course we will learn how to create Wi-Fi Pentesting tools - sniffer and packet injectors using Python. We will look at both using libraries like scapy and working with raw sockets.
This ...
View Details
GNU Debugger Megaprimer
This course will cover the basics of using GDB on Linux - x86, x86_64 and ARM based platforms.
View Details
WAP Challenges
We will be hosting interesting web application security challenges in this section for our students to try out. Challenges will be categorized into Beginner, Intermediate and Advanced Levels. We will ...
View Details
Pentesting Challenges
In this section we will be posting Pentesting Challenges from multiple topics such as Web App, Network, Shellcoding, Metasploit, Mobile Apps, Reversing and Exploit Development.
View Details
Windows System Programming: Fundamentals
Windows System Programming: Fundamentals course will take you through the basics of getting started with system programming on Windows.
A non-exhaustive list of topics covered include...
View Details
PCAP to XML and SQLITE
PCAP2XML is a tool suite which takes 802.11 PCAP trace files as input and can convert them into XML or SQLITE representations. This allows a pentester to run arbitrary queries on the packet header fie...
View Details
Airodump-NG Scan Visualizer
Airodump-NG Scan Visualizer allows you to filter, sort and visualize Airodump-NG scan data. The tool currently uses the CSV file generated by Airodump-NG with the -w option and can work locally or as ...
View Details
Web Application Pentesting
A beginner friendly introduction to Web Application Security with starts from the very basics of the HTTP protocol and then takes on more advanced topics.
View Details
Network Pentesting
A non-exhaustive set of topics covered include:
- Pentesting Routers
- Attacking SSH with Metasploit, Nmap, Medusa, Hydra, Ncrack
- SNMP attacks
- Bypassing Fir...
View Details
Powershell for Pentesters
The PowerShell For Penetration Testers (PFPT) is an online course designed for teaching PowerShell to penetration testers, system administrators and other security professionals. You will be able to u...
View Details
Windows Forensics
This course will familiarize students with all aspects of Windows forensics.By the end of this course students will be able to perform live analysis, capture volatile data, make images of medi...
View Details
Data Science and Machine Learning for Infosec
The age of intelligent machines is here! We are now seeing Machine Learning disrupting every technological field including computer security. As more and more security products use Machine Learning, i...
View Details
WinDbg Fundamentals: User Mode
In this course you will learn the fundamentals of using WinDgb for user mode debugging.
View Details
WinDbg Fundamentals: Kernel Mode
In this course, you will learn the fundamentals of using WinDgb for kernel mode debugging.
View Details
Abusing SQL Server Trusts in a Windows Domain
MS SQL Server is widely used in enterprise networks. Due to its use by third party applications, support for legacy applications and use as a database, SQL Server is a ...
View Details
Embedded/IoT Linux for Red-Blue Teams
This course is a deep dive into Embedded/IoT firmware where we will start from the very basics - understand the multistage boot process, the kernel and root filesystem, how to build them with a cus...
View Details
OSINT: Fun with Open Source Intelligence
A good primer on OSINT, this course explains what Open Source Intelligence is and also covers types of OSINT sources, ethics and grey areas, useful tools available for ...
View Details
Pandas for Pentesters
We are now living in a Big Data world - billions of devices communicating over millions of networks and generating petabytes of data, both at rest and in transit! Security professionals now encounter ...
View Details
Wi-Fi Monitoring for Red-Blue Teams
This course focuses on the tools, techniques and procedures to monitor 802.11ac/n networks. We will be learning about both USB and Access Point hardware, pros and cons, and scalable architectures. ...
View Details
Windows API Exploitation Recipes: Processes, Tokens and Memory RW
In today's secured environments, it is almost impossible for Red-Blue Teams to emulate modern adversarial tactics, techniques and procedures using publicly available 3rd party pentesting products. Pow...
View Details
Hacker Project: SMS Controlled Pentest Bot
In this Hacker Project we will learn how to create an SMS controlled Pentesting Bot! This bot will be able to run nmap scans on your command from anywhere in the world :)
Key concepts you w...
View Details
Traffic Analysis: TSHARK Unleashed
Most of us have used Wireshark either academically or professionally for traffic analysis. Its a great tool for microscopic analysis of what is happening in the network...
View Details
Memcache Reconnaissance for Red-Blue Teams
Reconnaissance the first and probably most important step of pentesting and red-blue teaming exercises. A well done recon can help prioritize which systems to go behind first and to dedicate more t...
View Details
WMI Attacks and Defense
Windows Management Instrumentation (WMI) has been used by Windows administrators for various system management operations since Windows NT. As WMI is often used to automate administrative tasks, it...
View Details
Reverse Engineering Linux 32-bit Applications
This course will familiarize students with all aspects of reverse engineering (reversing) Linux 32-bit applications for the purposes of locating flaws and developing ex...
View Details
Reverse Engineering Win32 Applications
This course will familiarize students with all aspects of reverse engineering (reversing) Windows 32-bit applications for the purposes of locating flaws and developing ...
View Details
VoIP Traffic Analysis
Today, all enterprises, large and small depend on VoIP to provide voice communication both internally and externally to the company. Most organizations even have dedicated Voice VLANs and/or physic...
View Details
ARM Assembly
ARM processors now power billions of mobile and IoT devices today! Understanding the basics of ARM assembly provides the foundation for diving deep into ARM exploitation and reverse engineering. This ...
View Details
Windows System Programming: Processes and Threads
This course focuses on threads and processes. We will learn everything about processes, jobs, and threads. At the end of the course, we will look at creating multiple threads applications with windows...
View Details
Windows System Programming: Security
In this course, we will start with fundamentals concepts in windows security, followed by learning how to work with security ids and access tokens. And finally, we will look at how to secure kernel ob...
View Details
Windows Kernel Programming: Processes and Threads Monitoring
In this course, we will start with general kernel programming techniques and then take a look at various notifications supported by the kernel. In the last module, we will cover how to build a process...
View Details
Windows Kernel Programming: Fundamentals
In this course, we will learn the fundamentals of Windows kernel programming. We will start with I/O systems and learn how to write simple device drivers. We will also take a look at the I/O request p...
View Details
Windows System Programming: Memory Management
This course focuses on the fundamentals of memory management. We will learn how to use windows API to interact with and manipulate memory. Once we have covered the fundamentals, we will look at memory...
View Details
Ongoing Courses Let the Games Begin!
Linux Rootkits for Red-Blue Teams
Linux dominates the Server, Embedded and now the Internet of Things (IoT) device market. In recent times, embedded systems and IoT devices in particular have been the w...
View Details
DevSecOps: Insecure Docker Registry
Many organizations deploy private registry servers in their internal/external application development/deployment environment. Unfortunately, most often, these servers are not securely deployed. In th...
View Details
Reverse Engineering for ARM Platforms
This course will familiarize students with all aspects of writing Assembly code on the ARM platforms. By the end of this course students will be able to understand and ...
View Details
iOS Penetration Testing: The Basics
In this course, we will look at the basics of iOS Penetration Testing
View Details