Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

Learning paths

398+

Live modules

You've completed

Free

Your tier

Browse the academy

Advanced · modules

Modules tagged Advanced. Use the sidebar to narrow by track or topic.

187 results · Page 15/19

Filtering: Level: Advanced × Clear all →

Attacker Mindset — Active Directory Advanced Members

Kerberos Delegation Abuse

Unconstrained, constrained, RBCD. S4U2Self + S4U2Proxy, MachineAccountQuota, PetitPotam coercion.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

SSH, RDP, SMB, WinRM — The Lateral Movement Highway

Every enterprise's admin protocols are attackers' rails. Credential reuse + cached credentials = fast compromise.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

VPN Appliances — The Crown Jewel

Ivanti, Fortinet, Citrix, Palo Alto — every year a critical CVE. Patching speed vs attacker speed.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

BGP, DNS, CAs — Internet-Scale Trust Failures

BGP hijack + DNS poisoning + TLS cert abuse = traffic interception at scale. Real breaches, real tools.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

OT / ICS at the Network Layer

Stuxnet, Industroyer, Triton, Oldsmar. Why PLCs reachable from IT is catastrophic and common.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

Wireless — The Perimeter That Moves

Evil Twin, KRACK, PMKID, rogue 802.1X, BLE. $40 of hardware extends the perimeter past the building.

Apr 22, 2026 90 min Open

Attacker Mindset — Network Advanced Members

Why Kerberos Keeps Producing Attacks

Kerberoasting, AS-REP, Golden Tickets, Silver Tickets, delegation abuse. Not bugs — design features in a new threat model.

Apr 22, 2026 90 min Open

Attacker Mindset — Web Advanced Members

Business Logic — Where Scanners Fail

Business logic bugs are legal sequences of actions producing illegal outcomes. Understand the product to find them.

Apr 22, 2026 90 min Open

Attacker Mindset — Web Advanced Members

Why SSRF Is Still Critical in 2026

Every URL parameter where the server fetches. Cloud metadata turned SSRF from inconvenience to catastrophe.

Apr 22, 2026 90 min Open

Attacker Mindset — Web Advanced Members

Why XSS Persists — Context Is Everything

Framework defaults cover one HTML context. Every other context — URL, CSS, JSON-in-script — is fresh attack surface.

Apr 22, 2026 90 min Open

02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules → View skill map

Advanced · modules

Kerberos Delegation Abuse

SSH, RDP, SMB, WinRM — The Lateral Movement Highway

VPN Appliances — The Crown Jewel

BGP, DNS, CAs — Internet-Scale Trust Failures

OT / ICS at the Network Layer

Wireless — The Perimeter That Moves

Why Kerberos Keeps Producing Attacks

Business Logic — Where Scanners Fail

Why SSRF Is Still Critical in 2026

Why XSS Persists — Context Is Everything

Practitioners who'veshipped the controls.

Why learn here

Practitioner-written.

Quiz after every module.

Progress tracked.

India-priced.

Pick a path, get to work.

Practitioners who've
shipped the controls.