Cybersecurity, learned like a practitioner.

Ethical Hacking Tools Advanced Members

Mimikatz — Credential Extraction

Mimikatz is the tool that defined modern Windows credential attacks. Benjamin Delpy’s 2011 research paper accompanying it single-handedly changed how the security community thinks about Windows auth. This module covers what Mimikatz does, how defenders catch it, and why Credential Guard matters. What it extracts Mimikatz reads credentials from process memory (primarily LSASS — Local […]

Apr 19, 2026 120 min Open

Ethical Hacking Tools Advanced Members

Hashcat — Password Cracking

Hashcat is the world’s fastest and most widely-used password cracking tool. GPU-accelerated, supporting 300+ hash algorithms, it’s what every serious pen-tester and every serious attacker uses after recovering password hashes. When you use Hashcat Pen-test: you extracted NTLM hashes from an AD dump (DCSync, ntds.dit). Crack to recover passwords. Pen-test: you recovered /etc/shadow. Crack SHA-512 […]

Apr 19, 2026 120 min Open

Ethical Hacking Tools Intermediate Members

Metasploit Framework Basics

Metasploit Framework (MSF) is the world’s most widely-used exploitation platform. It bundles thousands of exploits, payloads, post-exploitation modules, and auxiliary tools under one console. This module gets you comfortable launching your first authorised exploit and understanding what MSF is doing behind the scenes. Core concepts Exploit — code that takes advantage of a vulnerability Payload […]

Apr 19, 2026 90 min Open

Ethical Hacking Tools Intermediate Free

Burp Suite — Web Application Testing

Burp Suite is the web security practitioner’s daily driver. If you test web applications, you use Burp. This module gets you from install → first intercepted request → basic testing flow, without the 300-page manual. What Burp Suite is A web application security testing platform. At its core: an intercepting proxy that sits between your […]

Apr 19, 2026 90 min Open

Ethical Hacking Tools Beginner Free

Nmap — Network Discovery and Port Scanning

Nmap is the first tool every security practitioner reaches for. Pen-tester? You’re using nmap. Defender auditing your attack surface? Nmap. Discovered a new subnet you need to profile? Nmap. This module takes you from “I’ve typed nmap once” to “I can scan intelligently, interpret results, and avoid triggering every IDS in the building.” What nmap […]

Apr 19, 2026 60 min Open

Cloud Security Practitioner Advanced Members

Kubernetes Attack Surface

Kubernetes is where 2024-2026 cloud security action is happening. Every Indian fintech, every serious SaaS, and most mature enterprises now run workloads on Kubernetes. And Kubernetes, by design, has the most complex security surface of any modern platform. The control plane, the worker nodes, the network fabric, the service mesh, the supply chain, the secrets, […]

Apr 19, 2026 120 min Open

Cloud Security Practitioner Intermediate Members

S3 Security and Misconfigurations

Amazon S3 is the single cloud service that has caused more publicly-disclosed breaches than any other — by a wide margin. Hundreds of millions of records from financial institutions, healthcare organisations, government agencies, and consumer apps have leaked from misconfigured S3 buckets. Every single incident was preventable with settings available in the AWS console. This […]

Apr 19, 2026 60 min Open

Cloud Security Practitioner Intermediate Free

AWS IAM Deep Dive

AWS IAM is the single largest source of cloud misconfigurations. It’s also AWS’s most powerful feature. Master it and you can architect least-privilege cleanly; fumble it and you ship the kind of blast radius that makes every new access key a production-impacting event. This module is the concrete IAM practitioner’s guide. You’ve seen the mental […]

Apr 19, 2026 90 min Open

Cloud Security Practitioner Beginner Members

Cloud Security Mental Models

Cloud security is often taught as a taxonomy — “AWS IAM works like this, GCP IAM works like this, Azure is different.” That’s how you end up memorising 300 service-specific checkboxes without ever understanding what matters. This module inverts the usual approach: we give you the mental models that apply across AWS, Azure, GCP, and […]

Apr 19, 2026 60 min Open

Active Directory Security Advanced Free

BloodHound for Attack Paths

Individual AD misconfigurations look innocuous on their own. A group with a few extra members. A computer with delegation enabled. A user with GenericWrite on a colleague’s account. In isolation, each is a “maybe low risk.” When graph-analysed together, they form attack paths — concrete, stepwise routes from any foothold to Domain Admin. BloodHound is […]

Apr 19, 2026 90 min Open