Cybersecurity, learned like a practitioner.
24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.
Red Team Operations · modules
Adversary simulation: initial access, C2, lateral movement, and defeating modern EDR.
Module 12 · Data Exfiltration Techniques
Data exfiltration is the goal of most non-ransomware attacks. Network defenders should know patterns. Common channels HTTPS to attacker domain — most common; blends with legit traffic HTTPS to cloud storage — Dropbox, Google Drive, AWS S3 (attacker bucket); user-agents look legitimate DNS tunneling — covered Module 9 Networking ICMP tunneling — niche but possible; […]
Module 13 · Red Team Reporting
The report is the deliverable. A great engagement with poor reporting fails to drive change. Three audiences Executives — what could happen; what was the impact; what investment justified Security team — TTPs used, detection gaps, recommended controls Engineering / IT — specific configurations to change, code to fix Structure Executive summary (1-2 pages) Engagement […]
Module 14 · Red-to-Purple Handoff
One-shot red team engagement: report → file in drawer. Purple-team handoff: report → workshop → detections built. The latter is what produces lasting improvement. The handoff workshop Red team walks through engagement chronologically For each step: blue team confirms what (if any) signal fired Where signal fired but ignored — investigate why Where no signal […]
Module 15 · Red Team Engagement Management
Red team is high-risk consulting. A bad engagement can crash production, leak data, breach contracts. Discipline matters. Rules of Engagement (ROE) Authorized targets and out-of-scope assets Authorized techniques and prohibited (e.g., DoS, social engineering of HR) Engagement window Stop conditions Deconfliction contacts (real production incidents vs red team) Get-out-of-jail letter Communication Trusted Agent (TA) on […]
Module 3 · Command & Control Frameworks
Cobalt Strike, Sliver, Havoc, Mythic compared. Beacon anatomy, transports, malleable profiles, redirector architecture.
Module 4 · Lateral Movement & Persistence
Pass-the-hash/ticket, WMI/WinRM, scheduled tasks, WMI subscriptions, AD golden/silver tickets, cloud persistence.
Module 5 · Evading Modern EDR
AMSI bypass, ETW blinding, direct syscalls, unhooking, module stomping, and the attacker-defender arms race in 2026.
Module 1 · Red Team Operations Fundamentals
Red team vs pentest, engagement types, objectives, rules of engagement, and what a good red team report looks like.
Module 2 · Initial Access — Phishing & Beyond
Phishing infrastructure, HTML smuggling, password spray, OAuth consent, and exposed-service exploitation.
Practitioners who've
shipped the controls.
Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.
Why learn here
Practitioner-written.
Each lesson is authored by someone who has shipped the control or run the engagement in production.
Quiz after every module.
20+ questions with explanations. 70%+ to mark complete. Unlimited retries.
Progress tracked.
Completions, scores and streaks saved automatically. Resume exactly where you left off.
India-priced.
Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.