Cyber Security Courses


Learning Process
Learning Process

The learning process is one of the essential and most important components that is often overlooked. This module does not teach you techniques to lear...

Introduction to Academy
Introduction to Academy

This module is recommended for new users. It allows users to become acquainted with the platform and the learning process.

Hacking WordPress
Hacking WordPress

WordPress is an open-source Content Management System (CMS) that can be used for multiple purposes.

Linux Fundamentals
Linux Fundamentals

This module covers the fundamentals required to work comfortably with the Linux operating system and shell.

Network Enumeration with Nmap
Network Enumeration with Nmap

Nmap is one of the most used networking mapping and discovery tools because of its accurate results and efficiency. The tool is widely used by both of...

Cracking Passwords with Hashcat
Cracking Passwords with Hashcat

This module covers the fundamentals of password cracking using the Hashcat tool.

Introduction to Bash Scripting
Introduction to Bash Scripting

This module covers the basics needed for working with Bash scripts to automate tasks on Linux systems. A strong grasp of Bash is a fundamental skill...

Active Directory LDAP
Active Directory LDAP

This module provides an overview of Active Directory (AD), introduces core AD enumeration concepts, and covers enumeration with built-in tools.

File Inclusion
File Inclusion

File Inclusion is a common web application vulnerability, which can be easily overlooked as part of a web application's functionality.

File Transfers
File Transfers

During an assessment, it is very common for us to transfer files to and from a target system. This module covers file transfer techniques leveraging t...

DNS Enumeration Using Python
DNS Enumeration Using Python

As a penetration tester or red teamer, it is imperative that we understand the tools that we use inside and out and also have the ability to write out...

OSINT: Corporate Recon
OSINT: Corporate Recon

OSINT (Open-source Intelligence) is a crucial stage of the penetration testing process. A thorough examination of publicly available information can i...

Stack-Based Buffer Overflows on Linux x86
Stack-Based Buffer Overflows on Linux x86

Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-...

SQL Injection Fundamentals
SQL Injection Fundamentals

Databases are an important part of web application infrastructure and SQL (Structured Query Language) to store, retrieve, and manipulate information s...

Introduction to Networking
Introduction to Networking

As an information security professional, a firm grasp of networking fundamentals and the required components is necessary. Without a strong foundation...

Web Requests
Web Requests

This module introduces the topic of HTTP web requests and how different web applications utilize them to communicate with their backends.

Secure Coding 101: JavaScript
Secure Coding 101: JavaScript

Learn how to improve your JavaScript code's security through Code Review, Static/Dynamic Analysis, Vulnerability Identification, and Patching.

Using the Metasploit Framework
Using the Metasploit Framework

The Metasploit Framework is an open-source set of tools used for network enumeration, attacks, testing security vulnerabilities, evading detection, pe...

JavaScript Deobfuscation
JavaScript Deobfuscation

This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and unders...

Whitebox Pentesting 101: Command Injection
Whitebox Pentesting 101: Command Injection

This module focuses on discovering Command Injection vulnerabilities in NodeJS servers and exploiting them to control the server.

Windows Fundamentals
Windows Fundamentals

This module covers the fundamentals required to work comfortably with the Windows operating system.

Linux Privilege Escalation
Linux Privilege Escalation

Privilege escalation is a crucial phase during any security assessment. During this phase, we attempt to gain access to additional users, hosts, and r...

Attacking Web Applications with Ffuf
Attacking Web Applications with Ffuf

This module covers the fundamental enumeration skills of web fuzzing and directory brute forcing using the Ffuf tool. The techniques learned in this m...

Login Brute Forcing
Login Brute Forcing

Learn how to brute force logins for various types of services and create custom wordlists based on your target.

SQLMap Essentials
SQLMap Essentials

The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the...

Windows Privilege Escalation
Windows Privilege Escalation

After gaining a foothold, elevating our privileges will provide more options for persistence and may reveal information stored locally that can furthe...

Active Directory PowerView
Active Directory PowerView

This module covers AD enumeration focusing on the PowerView and SharpView tools. We will cover various techniques for enumerating key AD objects that...

Active Directory BloodHound
Active Directory BloodHound

This module covers AD enumeration focusing on the BloodHound tool. We will cover various techniques for enumerating key AD objects that will inform ou...

Introduction to Active Directory
Introduction to Active Directory

Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface...

Introduction to Web Applications
Introduction to Web Applications

In the Introduction to Web Applications module, you will learn all of the basics of how web applications work and begin to look at them from an infor...

Getting Started
Getting Started

This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

Broken Authentication
Broken Authentication

Authentication is probably the most straightforward and prevalent measure used to secure access to resources, and it's the first line of defense again...

Intro to Network Traffic Analysis
Intro to Network Traffic Analysis

Network traffic analysis is used by security teams to monitor network activity and look for anomalies that could indicate security and operational iss...

Intro to Assembly Language
Intro to Assembly Language

This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.

Setting Up
Setting Up

This module covers topics that will help us be better prepared before conducting penetration tests. Preparations before a penetration test can often t...

Introduction to Python 3
Introduction to Python 3

Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Pytho...

Stack-Based Buffer Overflows on Windows x86
Stack-Based Buffer Overflows on Windows x86

This module is your first step into Windows Binary Exploitation, and it will teach you how to exploit local and remote buffer overflow vulnerabilities...

Penetration Testing Process
Penetration Testing Process

This module teaches the penetration testing process broken down into each stage and discussed in detail. We will cover many aspects of the role of a p...

Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) vulnerabilities are among the most common web application vulnerabilities. An XSS vulnerability may allow an attacker to ex...

Vulnerability Assessment
Vulnerability Assessment

This module introduces the concept of Vulnerability Assessments. We will review the differences between vulnerability assessments and penetration test...

Command Injections
Command Injections

Command injection vulnerabilities can be leveraged to compromise a hosting server and its entire network. This module will teach you how to identify a...

Using Web Proxies
Using Web Proxies

Web application penetration testing frameworks are an essential part of any web penetration test. This module will teach you two of the best framework...

Footprinting
Footprinting

This module covers techniques for footprinting the most commonly used services in almost all enterprise and business IT infrastructures. Footprinting...

Attacking Common Applications
Attacking Common Applications

Penetration Testers can come across various applications, such as Content Management Systems, custom web applications, internal portals used by develo...

Shells & Payloads
Shells & Payloads

Gain the knowledge and skills to identify and use shells & payloads to establish a foothold on vulnerable Windows & Linux systems. This module utilize...

Attacking Common Services
Attacking Common Services

Organizations regularly use a standard set of services for different purposes. It is vital to conduct penetration testing activities on each service i...

Web Attacks
Web Attacks

This module covers three common web vulnerabilities, HTTP Verb Tampering, IDOR, and XXE, each of which can have a significant impact on a company's sy...

File Upload Attacks
File Upload Attacks

Arbitrary file uploads are among the most critical web vulnerabilities. These flaws enable attackers to upload malicious files, execute arbitrary comm...

Active Directory Enumeration & Attacks
Active Directory Enumeration & Attacks

Active Directory (AD) is the leading enterprise domain management suite, providing identity and access management, centralized domain administration,...

Information Gathering - Web Edition
Information Gathering - Web Edition

This module covers techniques for identifying and analyzing an organization's web application-based attack surface and tech stack. Information gatheri...

Server-side Attacks
Server-side Attacks

A backend that handles user-supplied input insecurely can lead to sensitive information disclosure and remote code execution. This module covers how t...

Password Attacks
Password Attacks

Passwords are still the primary method of authentication in corporate networks. If strong password policies are not in place, users will often opt for...

Session Security
Session Security

Maintaining and keeping track of a user's session is an integral part of web applications. It is an area that requires extensive testing to ensure it...

Pivoting, Tunneling, and Port Forwarding
Pivoting, Tunneling, and Port Forwarding

Once a foothold is gained during an assessment, it may be in scope to move laterally and vertically within a target network. Using one compromised mac...

Web Service & API Attacks
Web Service & API Attacks

Web services and APIs are frequently exposed to provide certain functionalities in a programmatic way between heterogeneous devices and software compo...

Bug Bounty Hunting Process
Bug Bounty Hunting Process

Bug bounty programs encourage security researchers to identify bugs and submit vulnerability reports. Getting into the world of bug bounty hunting wit...

Documentation & Reporting
Documentation & Reporting

Proper documentation is paramount during any engagement. The end goal of a technical assessment is the report deliverable which will often be presente...

Attacking Enterprise Networks
Attacking Enterprise Networks

We often encounter large and complex networks during our assessments. We must be comfortable approaching an internal or external network, regardless o...

Introduction to Deserialization Attacks
Introduction to Deserialization Attacks

In this module, we will explore deserialization attacks with specific examples in Python and PHP.

Attacking Authentication Mechanisms
Attacking Authentication Mechanisms

Authentication plays an essential role in almost every web application. If a vulnerability arises in the application's authentication mechanism, it co...

Introduction to NoSQL Injection
Introduction to NoSQL Injection

In this module, we will look at exploiting NoSQL injection vulnerabilities, specifically MongoDB, with examples in Python, PHP, and Node.JS.

Sign Up to get started!