Buffer Overflow Lab — Stack Smashing 101
Hands-on lab with 10 progressive vulnerable binaries: from basic stack overflow to ret2libc. Includes detailed writeups.
Arsenal
Professional offensive security tools & exploit frameworks
120
Tools
12
Categories
Active Directory Attack Path Lab
Virtualized environment with 5 Windows machines + DC for practicing AD attacks: Kerberoasting, AS-REP roasting, DCSync, Golden Ticket.
Web Application Hacking Challenges Pack
25 progressive web challenges: SQLi, XSS, SSTI, SSRF, deserialization, auth bypass. Each with Docker app + writeup.
Malware Analysis Masterclass Workbook
Workbook with 15 real malware samples (disarmed) for analysis: static analysis, dynamic analysis, unpacking, C2 extraction.
Red Team Operations Playbook
Complete Red Team operations playbook: planning, infrastructure setup, initial access, post-exploitation, reporting. With real templates.
Privilege Escalation Challenge Box (Linux)
VM with 20 configured Linux privilege escalation vectors: SUID, capabilities, cron, sudo misconfig, kernel exploits, Docker escape.
Cloud Penetration Testing Workshop
Hands-on cloud pentesting workshop for AWS/Azure/GCP: IAM abuse, metadata exploitation, serverless attacks, cross-account pivoting.
Exploit Development from Scratch
Complete exploit development course: from fuzzing to working exploit. Covers x86, x64, Windows, and Linux. 30 hands-on exercises.
OSCP-Style Practice Exam
OSCP-style simulated exam: 5 machines (2 Linux, 2 Windows, 1 AD set) with 24h time limit. Includes report template and solutions.
Advanced Threat Emulation Scenarios
5 real APT threat emulation scenarios: APT29, FIN7, Lazarus, APT28, Conti. Includes TTPs, IOCs, and detection rules.