Lesson
The following lessons explain different programming concepts and have been published by our members. Search for a particular lesson using the filters
prompt engineering
AI
Applied AI concepts
Understand what Applied AI is and how you can use it in your work. Explore the most common AI concepts
Read lessondata-recovery
digital investigation
cybersecurity
Recovering the Irrecoverable
This challenge puts you face to face with one of the most painful scenarios in cybersecurity: database corruption. You'll learn practical techniques to recover information from damaged SQLite files using command-line tools, Python scripts, and forensic approaches. Here, it's not just about data, but about resilience and analysis under adverse conditions. A first step toward recovering what seemed lost.
Read lessonJavascript
web security
xss
The Invisible Window - Uncovering the XSS Vulnerability
In this article, you will explore the world of Cross-Site Scripting (XSS), a vulnerability that turns the browser into an attack field without the user noticing. You will learn how JavaScript can be used both to create rich experiences and to inject malicious code. You will discover practical examples, understand the types of XSS, and develop a critical eye to identify vulnerable code. Because in web defense, the enemy often hides in what seems innocent.
Read lessonPython
cybersecurity
blue-team
Rewriting the Truth - Understanding Code as Defense
In this article, you dive into the art of reading code as a tool for cyber defense. It's not just about finding errors, but about detecting subtle alterations that could indicate an attack. You will learn the fundamentals of Python, understand how attackers manipulate scripts, and train your mind to restore the original intent of the code. This is an exercise in analysis, logic, and active listening: code also speaks, if you know how to read it.
Read lessonburp suite
decoding
cyberchef
The Invisible Interception
This lesson introduces you to the art of intercepting and analyzing data in transit. Learn to use Burp Suite to capture HTTP requests, identify encoded information, decode it with CyberChef, and apply cracking techniques to reveal passwords and secrets hidden in plain sight.
Read lessonPHP
ethical-hacking
reverse-shell
Reverse Shells and Arbitrary Uploads
Learn how a simple, poorly protected file upload function can open the door to a reverse shell. This lesson explores common PHP vulnerabilities, from arbitrary uploads to remote code execution, and shows you how to establish reverse shells from compromised servers.
Read lessoncybersecurity
sql-injection
ethical-hacking
SQL Injection and Password Cracking - Technical and Ethical Guide
Sometimes, a single quote is enough to bring down a system. In this practical and responsible guide, you'll learn how SQL injection is exploited and how to crack passwords via hashes, using tools like SQLMap, John the Ripper, and Hashcat. Because understanding vulnerabilities is the first step to protecting them.
Read lessonprompt engineering
AI
Course Overview
Overview: What to Expect in This Course
Get ready to dive into the world of Prompt Engineering and discover how to communicate effectively with AI
Read lessonlinux
blue-team
cron-jobs
In Search of the Impostor - Navigating an Ubuntu Server
This article immerses you in an Ubuntu server where nothing is as it seems. Your mission is to identify a malicious user acting from within, manipulating scheduled tasks and leaving traces in the system. You'll learn to navigate the file system, inspect processes, review firewall rules, and analyze cron jobs for suspicious activity. An experience that challenges both your technical knowledge and your deductive skills.
Read lessonPython
blue-team
osint
Echoes of a Call - Finding the Lost Agent
This article immerses you in a cyber defense challenge with a deeply human focus: rescuing a lost agent through clues hidden in code. You'll learn to deduce geographic information with Python, generate custom dictionaries, use Hydra to automate controlled attacks, and decode base64 messages. More than a technical exercise, it's a lesson in how cybersecurity also involves empathy, ingenuity, and commitment to those who trust us to protect them.
Read lessonresilience
motivation,
personal growth,
Halfway There — Fire in the Soul
A letter to remind you that you are not alone in this transformation. Today you are right in the middle of this challenge, and I want you
Read lessonexposed backup
scheduled tasks
evil-winrm
The Grand Finale — Unraveling the Umbrella Corporation
Face the course's most complex challenge. Learn to identify exposed backups, access with Evil-WinRM, abuse scheduled tasks to escalate privileges in Windows, and decode the final flag in Base64. This challenge tests your observation, creativity, and everything learned in previous days.
Read lessonwindows
ethical-hacking
privilege-escalation
Elevation 2 - Windows, Cracks Beneath the Surface
Windows may seem solid, but beneath its surface lie misconfigured services, vulnerable scheduled tasks, and forgotten credentials waiting to be exploited. This lesson teaches you how to escalate privileges in a corporate environment, using techniques like service abuse, unprotected binaries, and specialized tools such as WinPEAS and PowerUp.
Read lessoncybersecurity
pentesting
Comprehensive Guide to IPTables
Master IPTables and Protect Your Network with Advanced Firewall Techniques
Read lessononline investigation
open sources
username
John Click's Digital Trail
John Click made a mistake: he talked too much, left traces… and now it's your turn to find them. In this OSINT challenge, you'll use real tools to track a username across multiple platforms. Your goal is clear: obtain John's personal email and close the digital loop of his identity. This challenge will teach you to think like an investigator and act like an analyst.
Read lessoncode analysis,
cybersecurity
ethical-hacking
In the Shadow of Code - Hunting the Reverse Shell
In this challenge, you'll put your analytical skills and keen eye to the test to detect hidden threats. You'll explore a seemingly innocent PHP site that conceals a reverse shell payload. Your mission: discover its exact location and understand how this technique is used by attackers to gain covert remote access.
Read lessonPython
blue-team
digital investigation
The Trail Between the Letters: Finding the Impostor
This article takes you on a digital hunting mission where there is no malware or clear alerts, only subtle clues hidden in the data. You will learn to use Python to filter names, identify patterns, and apply conditional logic like a true forensic analyst. The goal: find an impostor among a list of identities, and decode a hidden base64 message. A lesson on how defense can also be an active search for the truth.
Read lessonwordpress
ethical-hacking
reverse-shell
Beer, Plugins, and Backdoors
Learn how a vulnerable WordPress installation with the RevSlider plugin can be the perfect entry point for a reverse shell. This challenge explores the use of Metasploit, exploiting outdated plugin versions, and the offensive mindset that turns an innocent blog into an opportunity.
Read lessonwordpress
ethical-hacking
smb
WordPress, SMB and the Art of Thinking Like an Attacker
This exercise is not just about tools, but about observation and deduction. Learn to exploit services like WordPress and SMB using lateral thinking. Discover how public information can become an attack dictionary, and how enum4linux can help you open hidden doors.
Read lessonlinux
ethical-hacking
suid
Elevation - Rising from the Mud
Gaining access to a system is just the beginning. The real conquest starts with privilege escalation. In this lesson, you'll learn to identify misconfigurations, abuse SUID binaries and poorly configured sudo, and how to move laterally between users to dominate the system.
Read lesson