Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Expert · modules
Modules tagged Expert. Use the sidebar to narrow by track or topic.
EDR Evasion in 2026
The EDR detection stack User-mode hooks: EDR hooks key API calls (CreateRemoteThread, NtMapViewOfSection, etc.) to inspect arguments. Kernel-mode callbacks: PsSetCreateProcessNotifyRoutine, PsSetCreateThreadNotifyRoutine notify EDR of process / thread events. ETW (Event Tracing for Windows): provides telemetry stream EDR consumes. AMSI: Antimalware Scan Interface; PowerShell / WSH content sent to AV for inspection. File-based scanning: classic signature […]
Advanced JWT Attacks — Beyond Algorithm Confusion
Beyond alg=none and HS256 confusion Module SC-4 covered the classic algorithm-confusion attacks. This module covers the advanced variants. KID header injection # JWT header { "alg": "HS256", "typ": "JWT", "kid": "../../../etc/passwd" } # Application uses kid to look up the signing key. # If kid is unchecked, attacker can: # - Path-traverse to read arbitrary […]
Anti-Analysis Techniques and How to Defeat Them
Why this module exists. A sandbox report that shows “did nothing” or a debugger that crashes when you single-step are not bugs in your tooling — they are the malware authors’ deliberate design. Knowing the catalogue of anti-analysis techniques lets you recognise them and respond appropriately. The four classes of anti-analysis Anti-VM / sandbox detection. […]
DCShadow — Stealth Domain Replication Abuse
Why this module exists. DCShadow is the textbook example of “stealth persistence”. An attacker with sufficient privileges does not need to keep dropping files, scheduling tasks, or modifying registry keys — they push the change into the directory itself via the replication protocol, and the change is now part of the canonical AD state. Defender […]
SID History Abuse & Cross-Forest Trust Attacks
Why this module exists. Forest trusts were Microsoft’s promise that the forest boundary was a hard security boundary. SID Filtering — enabled by default on external trusts since Windows Server 2003 — was the control that made the promise real. But every year, a new variation on SID-History abuse shows it is not as hard […]
Building a Quantum Threat Model — STRIDE-Q, Data Classification, and the Indian Regulatory Frame
STRIDE-Q extends classical threat modeling with the time dimension (store-now-decrypt-later) and quantum-specific vectors. Framework for documenting quantum risk posture, audit-friendly artifact for board and Indian regulators. Module 20.
Quantum Reservoir Computing for SOC Anomaly Detection — Practical 2026 Pilots
Quantum Reservoir Computing (QRC) is the most-likely-to-ship quantum-ML technique for cybersecurity this decade. Hybrid classical-quantum anomaly detection, what works, what doesnt, deployment patterns. Module 19.
Quantum + AI Threat Models — Where Quantum Computing and Machine Learning Actually Meet
Quantum AI threats: cryptanalysis acceleration, ML model extraction, defensive applications. Separating credible threat from research speculation. The realistic 2026-2030 capability landscape. Module 18.
Isogeny-Based Cryptography — SIKE’s Death, CSIDH and SQISign Future, and the Lessons for PQ Migration
SIKE was a NIST PQ finalist broken in 2022 by Castryck-Decru — the cleanest cautionary tale in modern cryptography. Post-mortem, the surviving isogeny schemes (CSIDH, SQISign), and what to monitor going forward. Module 17.
Lattice Cryptanalysis — LLL, BKZ, Sieving, and the Best Attacks on ML-KEM and ML-DSA
Lattice cryptanalysis is what determines our long-term confidence in ML-KEM and ML-DSA. LLL polynomial-time approximation, BKZ block reduction, sieving algorithms, quantum lattice attacks. Where research could change the calculus. Module 16.
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.