Cybersecurity, learned like a practitioner.

Active Directory Security Advanced Members

Golden and Silver Tickets

Forged Kerberos tickets are the ultimate AD compromise. A Golden Ticket grants domain-wide impersonation for 10 years. A Silver Ticket grants service-specific impersonation without ever touching the DC. Understanding both is essential for any practitioner serious about AD. Kerberos ticket refresher Two ticket types in a Kerberos flow: TGT (Ticket Granting Ticket) — issued by […]

Apr 19, 2026 90 min Open

Active Directory Security Advanced Members

NTLM Relay Attacks

NTLM Relay is one of the most effective attacks against modern Windows environments — and it works even on fully-patched systems if defenders haven’t enabled specific hardening. This module covers how relay works, common exploit chains, and the defences that actually block it. How NTLM authentication works NTLM is a challenge-response protocol. Client sends NTLM_NEGOTIATE; […]

Apr 19, 2026 90 min Open

Networking Advanced Members

IPv6 Security — Why You Already Have IPv6 Even If You Did Not Notice

IPv6 is on by default in every modern operating system. If you only configured IPv4 ACLs, half your network is unprotected. This module covers IPv6 addressing (link-local, ULA, GUA), Stateless Address Auto-Configuration (SLAAC), Neighbor Discovery (the ARP replacement and its att

Apr 19, 2026 90 min Open

Networking Intermediate Members

VPN Fundamentals — IPsec, OpenVPN, WireGuard and the Math That Makes Them Work

A VPN tunnels Layer 3 (or Layer 2) traffic over an untrusted network, with confidentiality, integrity, and authentication. The three protocols you need to know are IPsec (the enterprise default), OpenVPN (the legacy SSL VPN), and WireGuard (the modern lightweight default). This m

Apr 19, 2026 90 min Open

Networking Intermediate Members

Firewall and ACL Design — Stateless, Stateful, NGFW, and the Rules That Survive 5 Years

A firewall is just a structured list of "allow / deny" rules applied to traffic. Stateless ACLs filter packet by packet; stateful firewalls track connections; NGFWs add Layer 7 inspection. The trick to firewall design is not picking the product — it is designing rules that are ex

Apr 19, 2026 90 min Open

System Security Advanced Members

Privilege Escalation Defence

Root escalation — getting from “regular user” to “root” or SYSTEM — is how most breaches turn catastrophic. A foothold becomes domain compromise via privilege escalation. This module covers the technique classes, the defences, and what a practitioner should be able to recognise on both the offensive and defensive sides. The privesc landscape Privilege escalation […]

Apr 19, 2026 120 min Open

System Security Intermediate Free

Container Security Deep Dive

Containers are everywhere in 2026. Docker, Kubernetes, serverless platforms that are containers underneath. This module covers the security concerns specific to the container layer — separate from the Kubernetes module (Cloud Security M4) which focused on orchestration. Here: image supply chain, runtime isolation, secrets, and container escape. What a container is (and isn’t) A container […]

Apr 19, 2026 90 min Open

System Security Intermediate Members

System Auditing and Logging

Detection requires visibility. Visibility requires logs. If your systems fall silent, you cannot investigate, cannot alert, cannot prove compliance. This module is about what to log, where to send it, and how to get real signal out of raw events. The logging stack Generation — the system produces events (auth, syscalls, application logs) Collection — […]

Apr 19, 2026 90 min Open

System Security Beginner Members

Windows Security Fundamentals

Windows hardening looks different from Linux. Different tools, different attacker tradecraft, different audit surface. This module covers the baseline every production Windows server and Windows 10/11 workstation should have — without drowning you in 500 pages of MS docs. The hardening stack Authentication — MFA, account policies, Credential Guard Network — firewall, SMB, RDP Endpoint […]

Apr 19, 2026 60 min Open

System Security Beginner Free

Linux Hardening Fundamentals

You get root on a fresh Linux server. Now what? Default installs — whether Ubuntu, RHEL, Amazon Linux — are not hardened out of the box. This module is your opinionated checklist: the baseline controls every production Linux server should have before it sees traffic. The hardening stack Network — firewall, SSH, services Users & […]

Apr 19, 2026 60 min Open