Academy Basic
Intermediate Academy modules — Basic tier required (₹499/month)
Module 5 · Why SSRF Is Still Critical in 2026
Every URL parameter where the server fetches. Cloud metadata turned SSRF from inconvenience to catastrophe.
AcademyModule 2 · Why Injection Still Happens — A Grammar Problem
Injection isn't about bad input. It's attackers smuggling tokens into an interpreter's grammar.
AcademyModule 3 · Why Auth Checks Fail — Missing Gates Everywhere
Authentication is one gate. Authorization is every gate after. Most breaches live in the latter.
AcademyModule 4 · Business Logic — Where Scanners Fail
Business logic bugs are legal sequences of actions producing illegal outcomes. Understand the product to find them.
AcademyModule 1 · Microsoft Entra ID Security
Roles, attack patterns (token theft, AitM, consent phishing), Conditional Access, PIM, hybrid AD considerations.
AcademyModule 2 · Azure Resource Hardening
RBAC hierarchy, network security, Storage/SQL/KeyVault hardening, Defender for Cloud, common misconfigurations.
AcademyModule 3 · Microsoft 365 Security
Exchange + SharePoint + Teams + Power Platform hardening, Defender stack, Purview, IR in M365.
AcademyModule 1 · Google Cloud Platform Security
Resource hierarchy, IAM, service accounts, network, GCS/SQL/GKE/KMS hardening, Security Command Center.
AcademyModule 2 · GCP Advanced — VPC-SC, WIF, Confidential Computing
VPC Service Controls, Workload Identity Federation, BeyondCorp, Confidential VMs, Assured Workloads, EKM.
AcademyModule 2 · ISO 27001:2022 Implementation
Required documents, the SoA, 2022 control structure, implementation timeline, common gaps for Indian implementations.