Projects

Practice and develop your coding skills by building real live interactive autograded projects with solutions and video tutorials

2hrs average

Intercepting traffic and cryptographic failures

Learn to intercept unencrypted HTTP traffic, identify information leaks, and access FTP services using hashes and decoding techniques.

Intermediate

2hrs average

Explore a corporate Windows server, identify poor security practices, and perform brute force attacks to access a privileged user and escalate to administrator.

Intermediate

2hrs average

Investigate a web application vulnerable to SQL Injection, access internal data from the Alabama Suites hotel system, and uncover who is sabotaging Diego by analyzing user panels.

Intermediate

2hrs average

Explore a web application to detect hidden routes and broken access control. Crack MD5 passwords and simulate logins to retrieve sensitive information.

Intermediate

1hrs average

This project guides students through a practical digital forensic analysis using a segmented .E01 forensic image and Autopsy. The objective is to investigate possible data exfiltration by analyzing file manipulation, compression, suspicious browsing, and evidence deletion, and to document findings in a structured technical report.

Beginner

2hrs average

In this lab, you'll analyze a website for poor development practices, discover exposed credentials, and access via SSH to retrieve a flag.

Intermediate

2hrs average

Learn to exploit a vulnerable file upload form to deploy a reverse shell, gain control of the server, and capture a flag. This lab provides a realistic simulation of a common initial access technique used by attackers and highlights the importance of implementing proper security controls on file upload features.

Intermediate

2hrs average

Explore a realistic vulnerability in a WordPress site by identifying and analyzing the vulnerable TimThumb script. Learn to recognize suspicious paths and formulate attack hypotheses.

Intermediate

2hrs average

Access a corporate Linux system and use brute force and privilege escalation techniques to become root and retrieve a protected flag.

Intermediate

2hrs average

Gain Administrator access to a Windows machine using an NTLM hash exposed in a public SMB share. Learn to exploit insecure configurations and perform Pass-the-Hash authentication.

Intermediate

2hrs average

Exploit a SQL Injection vulnerability in a dating app to access as admin, retrieve credentials, uncover hidden secrets, and escalate privileges to gain root access.

Intermediate

2hrs average

Learn to create a comprehensive implementation plan to guide your AI coding partner in building any project you can imagine!

Beginner

1hrs average

A Capture The Flag (CTF) project designed to solidify your understanding of core HTTP concepts. By solving a series of challenges.

Beginner

2hrs average

Learn how to identify a vulnerable Linux kernel and exploit the Dirty Cow vulnerability (CVE-2016-5195) to escalate privileges in a realistic lab environment.

Intermediate

2hrs average

Explore a Windows server hosting a WordPress site and vulnerable SMB shares. Enumerate users, build custom dictionaries, and use discovered credentials to capture a flag.

Intermediate

2hrs average

Analyze a casino web app and exploit a Local File Inclusion (LFI) vulnerability to access sensitive server content.

Intermediate

2hrs average

Analyze a Windows 7 system vulnerable to EternalBlue, exploit the flaw using Metasploit, and remotely access the system to retrieve a flag from the user's desktop.

Intermediate

2hrs average

Learn to perform brute force attacks and privilege escalation in a controlled environment using tools like Hydra and password dictionaries.

Intermediate

2hrs average

Learn to customize Cursor settings, create powerful custom rules, and use advanced features like MCPs to build a personalized AI-assisted workflow that boosts your development productivity.

Beginner

3hrs average

This project aims to guide students in developing a ransomware incident response plan using the NIST cybersecurity framework. The exercise focuses on a case study of a fictitious company named TechCo, exploring the areas of identification, protection, detection, response, and recovery in the event of a ransomware attack.

Beginner

Load more...