Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

24
Learning paths
398+
Live modules
0
You've completed
Free
Your tier
Browse the academy

Intermediate · modules

Modules tagged Intermediate. Use the sidebar to narrow by track or topic.

273 results · Page 7/28
Filtering: Level: Intermediate × Clear all →
Attacker Mindset — Active Directory Intermediate Free

Why Passwords Persist 5+ Years

Service-account password rotation breaks services. Documentation incomplete. Owner unknown. Last person who knew has left. Result: passwords from 2018 still active. This is the structural reason Kerberoasting works at every internal pentest. The mindset: gMSA (Group Managed Service Account) where possible — Windows manages rotation. Where not possible, ≥25-char passwords (cracking economically unfeasible).

Apr 27, 2026 15 min Open
Attacker Mindset — Active Directory Intermediate Free

Defenders’ Worst Assumption

Defenders frequently believe their AD is too complex, too custom, too unique for attackers to navigate. Attackers run BloodHound in 90 minutes. Get a complete map. Find the shortest path to DA. The complexity defenders rely on is a 30-second query for the attacker. The mindset: assume the attacker maps AD better than you do. […]

Apr 27, 2026 15 min Open
Attacker Mindset — Network Intermediate Free

Connection Lifecycles and Where They Leak

Connections have states: SYN_SENT, ESTABLISHED, FIN_WAIT, TIME_WAIT, CLOSE_WAIT. Each has duration; each leaks information. SYN scans use the half-open state. CLOSE_WAIT exhaustion is a DoS. TIME_WAIT-buildup limits concurrency. Connection-level information leaks: working set of source ports reveals scan patterns. RTT distribution reveals geographic location. Header field defaults reveal OS. The mindset: connection-state telemetry is forensic […]

Apr 27, 2026 15 min Open
Attacker Mindset — Cloud Intermediate Free

The Shared-Responsibility Asymmetry

AWS shared-responsibility model: AWS handles “security of the cloud.” You handle “security in the cloud.” Clear chart. What’s missing: the gap. You assume AWS handles X. AWS assumes you handle X. X is unhandled. Examples: instance metadata visible to anyone on the VM. AWS made it work; you must restrict it. The mindset: read both […]

Apr 27, 2026 15 min Open
Attacker Mindset — Network Intermediate Free

Networks Fail Differently

Networks fail in five ways: complete outage, partial outage, latency increase, packet loss, partial reachability. Each masks security signals. “Latency spike for one user” might be QoS issue or might be MITM. “Partial reachability between subnets” might be misconfig or attacker-installed firewall rule. Defender must rule out malicious cause. The mindset: every “network issue” should […]

Apr 27, 2026 15 min Open
Attacker Mindset — Cloud Intermediate Free

Every Cloud Service Has an IAM Trap

AWS has 300+ services. Each has actions. Combinations create privilege escalation. iam:PassRole + ec2:RunInstances + the right role = root access. “Innocent” permissions combine into catastrophic ones. Tools like Cloudsplaining map them. The mindset: never grant broad permissions. Grant specific actions on specific resources. Audit combinations periodically.

Apr 27, 2026 15 min Open
Attacker Mindset — Network Intermediate Free

DNS Is Half of Every Attack

Almost no internet attack avoids DNS. C2 beacons resolve domains. Phishing links resolve domains. Exfiltration via DNS tunneling. Malware periodically refreshes domain blocks. DNS visibility = visibility into the kill chain. Yet most SOCs underuse DNS logs. The mindset: every DNS query is a behavioural signal. Detection coverage starts here.

Apr 27, 2026 15 min Open
Attacker Mindset — Cloud Intermediate Free

Region Isolation Is a Trust Decision

AWS regions are physically separate data centres. But your IAM is global. A user with ec2:* permission has it in every region. Attackers spin up instances in regions you don’t monitor. Crypto mining in ap-east-1 while you watch us-east-1. The mindset: enabled regions = monitored regions. Org policy: SCP that denies actions in unused regions.

Apr 27, 2026 15 min Open
Attacker Mindset — Network Intermediate Free

Encrypted But Visible

“It’s TLS; we can’t see anything.” False. TLS reveals SNI (the host being visited). JA3 fingerprints the client. Packet sizes and timing leak content type. Connection counts reveal user behaviour. Encrypted DNS (DoH/DoT) hides query content but reveals user uses encrypted DNS. That itself is a signal. The mindset: encryption hides content, not behaviour. Detection […]

Apr 27, 2026 15 min Open
Attacker Mindset — Cloud Intermediate Free

Console vs API Visibility Gap

AWS console shows curated views. Some resources only visible via API. Some metadata not in console. Attackers operate via API. They see what console hides. Defender visibility gap. The mindset: audit via Config Rules / Cloud Asset Inventory, not console clicks. The console is for humans; the API is for completeness.

Apr 27, 2026 15 min Open
02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Why learn here

01

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

02

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

03

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

04

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules View skill map