Cybersecurity, learned like a practitioner.

System Security Advanced Members

Memory Forensics

Memory forensics is the discipline of examining volatile memory (RAM) to find evidence that disk-only forensics miss. Credentials cached in memory, in-memory malware, injected code, encrypted traffic plaintext — all live only in RAM. This module covers the tooling and workflow. Why memory forensics Traditional disk forensics recovers files, logs, persistence. Memory adds: Process list […]

Apr 19, 2026 120 min Open

Cloud Security Practitioner Advanced Members

Cloud Incident Response

Cloud incidents move fast. An attacker with a leaked access key can enumerate the account in minutes and begin exfiltration. Response time matters. This module covers a practitioner-grade cloud IR workflow — what to do in the first 30 minutes, 2 hours, and 24 hours after suspecting compromise. The cloud-specific challenges Speed — API-based actions […]

Apr 19, 2026 120 min Open

Cloud Security Practitioner Advanced Members

Cross-Account Attacks in AWS

Multi-account AWS (or multi-subscription Azure / multi-project GCP) is the norm. Production in one account, staging in another, security tooling in a third, sometimes dozens of accounts across business units. Each cross-account boundary is a potential attack surface — and when misconfigured, a path from one compromised account to many. Why multi-account Blast-radius limitation — […]

Apr 19, 2026 90 min Open

Cloud Security Practitioner Intermediate Members

Secrets Management

Every application has secrets — database passwords, API keys, TLS certs, encryption keys, third-party tokens. Where you store them determines whether a compromise is contained or catastrophic. This module covers secrets-management patterns for modern cloud applications. The problem Secrets historically lived in: environment variables, config files, source code, shared spreadsheets, Slack messages, CI/CD logs. Each […]

Apr 19, 2026 90 min Open

Web Application Penetration Testing Advanced Free

JWT Attacks

JSON Web Tokens (JWT) have become the default authentication token format in modern APIs. They’re compact, stateless, and when implemented correctly, secure. When implemented poorly, they’re a source of authentication bypass and privilege escalation. This module covers JWT structure, common attacks, and the concrete defences. JWT structure header.payload.signature # Base64-decoded example: Header: {"alg":"HS256","typ":"JWT"} Payload: {"sub":"priya","role":"admin","exp":1700000000} […]

Apr 19, 2026 90 min Open

Web Application Penetration Testing Intermediate Members

File Upload Vulnerabilities

File upload features are everywhere — profile pictures, document uploads, attachments, imports. They’re also one of the most frequently-exploited vulnerability classes, capable of escalating from “user” to “RCE” in one click. This module covers the attack patterns and the layered defences. The attack surface Attacker uploads a file (malicious) Server saves file to disk Server […]

Apr 19, 2026 60 min Open

Web Application Penetration Testing Intermediate Members

Cross-Site Request Forgery Deep Dive

Cross-Site Request Forgery (CSRF) tricks a user’s browser into submitting authenticated actions to a trusted site. Once ubiquitous, modern browsers and frameworks have made the baseline defence far stronger. But CSRF still appears — especially in legacy APIs and apps that mishandle authentication state. The core attack User is logged into bank.com (browser holds session […]

Apr 19, 2026 60 min Open

Web Application Penetration Testing Advanced Free

XML External Entity Injection (XXE)

XML External Entity (XXE) injection exploits XML parsers that process references to external entities. A classic vulnerability in XML-consuming applications — SOAP services, document upload features, SAML, configuration parsers. Can lead to file disclosure, SSRF, DoS, and RCE. How XXE works XML supports external entities — references to external resources. When a parser fetches the […]

Apr 19, 2026 90 min Open

Web Application Penetration Testing Advanced Free

Server-Side Request Forgery (SSRF)

Server-Side Request Forgery (SSRF) is a vulnerability where an attacker tricks a server into making HTTP requests on their behalf. In a cloud environment, SSRF frequently escalates from “interesting” to “full account compromise” via metadata service abuse. The core vulnerability An application takes a URL parameter, fetches it, and returns the response. Classic example: “Enter […]

Apr 19, 2026 90 min Open

Active Directory Security Advanced Members

Active Directory Certificate Services Attacks

Active Directory Certificate Services (ADCS) is how Windows issues certificates — for user authentication, computer authentication, web services, VPN, code signing. It’s also, since SpecterOps’s 2021 “Certified Pre-Owned” research, one of the fastest paths from user to Domain Admin. This module covers the attack classes (ESC1-ESC8+) and defences. ADCS primer Certification Authority (CA) — issues […]

Apr 19, 2026 90 min Open