Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Red Team Operations · modules
Adversary simulation: initial access, C2, lateral movement, and defeating modern EDR.
Module 20 · Initial Access — Modern Techniques in 2026
The initial-access categories Phishing: targeted email with malicious link or attachment. Valid accounts: stolen / purchased credentials; password spray. Exposed services: VPN, RDP, web-app vulnerabilities. Supply chain: compromise a vendor; reach the target. Drive-by compromise: malicious website; user visits and is compromised. Removable media: USB drops, infected media. Modern phishing — beyond Office macros Microsoft […]
Module 19 · Living-off-the-Land Binaries (LOLBins) Mastery
Why LOLBins matter Binary is signed by Microsoft — passes signature checks. Binary is present on every Windows host — no payload to drop. Binary’s normal use is legitimate — context-aware detection required. Operators chain LOLBins to perform attacker workflows entirely with native tools. The LOLBAS project LOLBAS (lolbas-project.github.io) is the community-maintained catalogue of LOLBins, […]
Module 17 · Beyond Cobalt Strike — Sliver, Mythic, Brute Ratel, Havoc
The C2 landscape Framework Licence Notes Cobalt Strike Commercial (Fortra) Industry standard; highly detected Sliver Open-source (Bishop Fox) Go-based; mTLS / DNS / WireGuard transport Mythic Open-source Modular agent framework; multiple agents Brute Ratel Commercial Newer; modern evasion features Empire / Starkiller Open-source PowerShell-centric; widely detected Havoc Open-source Modern; community-active Why teams move beyond Cobalt […]
Module 16 · Adversary Emulation Plans — TTPs from Threat Intel to Engagement
Why emulate vs. just pentest Generic pentests find generic findings. Adversary emulation tests whether you can withstand the specific groups that target your industry / geography: APT29 / Cozy Bear for government / defence. FIN7 / FIN8 for retail / hospitality. APT41 for telecom and travel. Specific groups targeting Indian financial sector. The sources MITRE […]
Module 8 · Persistence Techniques
MITRE ATT&CK lists 30+ persistence techniques. The 10 most-used cover 80% of real-world cases. Top techniques Run keys — HKCU/HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services — create new service or hijack existing Scheduled tasks — schtasks; survives reboot WMI event subscription — fires on conditions COM hijacking — replace InProcServer32 entries Office Test path — DLLs loaded by Office […]
Module 10 · Red Team in AD
The complete red-team AD chain. Modules 8-17 in AD track covered individual techniques; this is operator playbook. Path planning Initial access (phish, web exploit, valid creds) Local recon (BloodHound from compromised host) Identify shortest path to DA Choose technique per step (Kerberoast → DCSync, or RBCD → ticket forge) Execute with OPSEC (silent EDR-evasive techniques) […]
Module 11 · Red Team in Cloud
Cloud red teaming is different from AD. No NT hashes; tokens. No Kerberos; OAuth/STS. Different tools, different OPSEC. The cloud kill chain Initial credential acquisition (phishing dev for AWS keys, or compromise endpoint with cached cli credentials) Discovery — what services, what permissions Privilege escalation — IAM-misconfig paths (covered Cloud Module 8-9) Lateral movement — […]
Module 12 · Data Exfiltration Techniques
Data exfiltration is the goal of most non-ransomware attacks. Network defenders should know patterns. Common channels HTTPS to attacker domain — most common; blends with legit traffic HTTPS to cloud storage — Dropbox, Google Drive, AWS S3 (attacker bucket); user-agents look legitimate DNS tunneling — covered Module 9 Networking ICMP tunneling — niche but possible; […]
Module 7 · Red Team Payload Development
Defender perspective on red-team payload development. Modern AV/EDR catches commodity payloads; serious red teams build custom. Layers of evasion Loader — small program that decrypts/decompresses real payload Shellcode encoding — XOR, custom crypto, polymorphism API resolution at runtime — don’t import suspicious functions in IAT Sleep + jitter — long sleeps between actions to defeat […]
Module 3 · Command & Control Frameworks
Cobalt Strike, Sliver, Havoc, Mythic compared. Beacon anatomy, transports, malleable profiles, redirector architecture.
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.