Academy Basic
Intermediate Academy modules — Basic tier required (₹499/month)
Module 4 · MITRE ATT&CK in Operations
ATT&CK taxonomy, tactics and sub-techniques, Navigator for coverage mapping, detection-as-technique, D3FEND.
AcademyModule 2 · Initial Access — Phishing & Beyond
Phishing infrastructure, HTML smuggling, password spray, OAuth consent, and exposed-service exploitation.
AcademyModule 2 · SAST, DAST & SCA in CI
What each scanner class detects, tool selection for 2026, CI integration patterns, false-positive tuning, triage workflow.
AcademyModule 3 · Infrastructure-as-Code Security
Checkov, Trivy, kube-score. Terraform issue categories, Kubernetes hardening, Dockerfile patterns, Kyverno/OPA policies.
AcademyModule 4 · CI/CD Pipeline Hardening
Pipeline attack surface: config injection, pwn-requests, unpinned actions, OIDC trust policies, ephemeral runners, signing.
AcademyModule 5 · Supply Chain Security (SBOM, SLSA, Signing)
SBOM generation with Syft, SLSA provenance levels, Cosign keyless signing, dependency pinning, and 2026 regulatory crib sheet.
AcademyModule 2 · Android Pentesting with Objection & Frida
Hands-on Android pentest workflow: Frida server, Objection REPL, SSL pinning bypass, local storage, runtime hooking.
AcademyModule 3 · iOS Pentesting Fundamentals
iOS device options (jailbreak, Corellium), pulling decrypted IPAs, class-dump, keychain inspection, URL schemes, pinning bypass.
AcademyModule 4 · Mobile Backend API Testing
Why mobile APIs are weaker, device registration abuse, auth patterns, business logic, client-side validation bypasses.
AcademyModule 5 · Bypassing Mobile Hardening & Exploit Chaining
Root/jailbreak detection bypass, anti-debug, RASP defeat, and chaining findings into a business-impact exploit.