Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Networking · modules
OSI layers, TCP/IP, subnetting, packet analysis — the foundation of every security skill.
Module 21 · DNS Security — DoH, DoT, DNSSEC, Sinkholing
The classic DNS problems Plaintext queries visible to network observers. Response forgery / cache poisoning. No cryptographic authenticity. DNS used for data exfiltration. DGA and fast-flux evading blocklists. DoH and DoT Protocol Port Defender visibility DoT 853/TCP Recognisable at the network layer DoH 443/TCP mixed with HTTPS Hidden in HTTPS; hard to distinguish DoQ 443/UDP […]
TLS 1.3 — Inside the Handshake, Byte by Byte
TLS 1.3 (RFC 8446) is the modern transport-security protocol every browser, API, and increasingly every database now speaks. Compared to TLS 1.2 it cuts handshake round-trips, removes broken cryptography, and provides forward secrecy by default. This module walks the handshake —
DNS — From Resolution to Tunneling, Cache Poisoning, and DoH-Driven Bypass
DNS is unauthenticated, mostly unencrypted, and the precondition for every connection on the Internet. This module walks through how a query actually resolves (recursive vs authoritative), the attack catalogue (cache poisoning, hijack, tunnelling, NXDOMAIN exfil), and the modern
MPLS, SD-WAN, and the Indian Enterprise WAN
MPLS is the legacy carrier-grade WAN — expensive, predictable, low-jitter, with operator-managed L3 VPNs. SD-WAN overlays multiple cheaper transports (broadband, LTE, 5G, MPLS) with software-defined policy, dynamic path selection, and integrated security. The Indian enterprise WA
Zero Trust Network Access vs Traditional VPN — The Replacement Pattern That Is Now Default
Traditional VPN puts users on the corporate network — once authenticated, broad reachability. ZTNA does the opposite — explicit per-application authorisation, no network-level access, continuous verification. ZTNA is the modern remote-access pattern; VPN remains for site-to-site.
CDN and DDoS Defence — Cloudflare, Akamai, Anti-Bot in 2026
A CDN serves your content from edge nodes near users — fast, reliable, and incidentally an extraordinary DDoS shield. This module covers what a CDN actually does (caching, anycast, TLS termination), how DDoS attacks have evolved (volumetric, protocol, application, bot-driven), an
Network Telemetry — NetFlow, sFlow, IPFIX, and What a SOC Actually Watches
Network telemetry is the per-flow metadata your routers and switches export — who talked to whom, when, how much, on what ports. NetFlow (Cisco), sFlow (broadcom/multivendor), IPFIX (the IETF standard) are the three protocols you will meet. PCAP captures everything; telemetry cap
Load Balancers, Reverse Proxies, and the L7 Stack
A load balancer distributes traffic across backend servers. A reverse proxy sits in front of backend servers, terminating client connections, often inspecting and rewriting traffic. In modern architectures, the line is blurred: nginx, HAProxy, Envoy, AWS ALB, Cloudflare all do bo
Network Segmentation — VLANs, VRFs, Microsegmentation, and the Tiers Auditors Actually Look For
Segmentation is splitting your network into zones with controlled traffic between them. Done well it slows lateral movement, reduces blast radius, and is the single control RBI/SEBI/IRDAI auditors quote most often. This module covers VLAN segmentation (the campus baseline), VRF f
Wireless Security and Wi-Fi Attacks — WEP to WPA3, and Why Captive Portals Lie
Wi-Fi has gone through five generations of security: WEP (broken, do not deploy), WPA/WPA2 (still common, still attackable via offline cracking and KRACK), WPA3 (the modern default with SAE replacing PSK), and 802.1X / WPA3-Enterprise for managed environments. This module covers
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.