security education, no paywalls

Learn security
in the open.
All of it.

Professional-grade, hands-on, AI-augmented cybersecurity training built on open tools and community knowledge. Job-ready, not theory. Every track, every lab, forever free.

Penetration TestingDetection EngineeringDigital ForensicsMalware AnalysisCloud SecurityThreat HuntingAI-Augmented DefenseIncident Response
How it works

Read. Do. Keep.

Every module runs the same rhythm — you're never just reading. The depth comes from the bridge, the lab, and the automation you build and own.

STEP_01

Read the bridge

Original prose builds the mental model and the practitioner translation — then a curated, time-boxed Learn path to the best existing explanations. We curate the basics; we write the judgment.

STEP_02

Do the lab

A one-command environment — git clone + make up. Attack a real target, build a real detection, carve a real disk. Then Automate & own it: turn the manual work into a script you can reproduce by hand.

STEP_03

Keep the artifact

No paywalled exam — your portfolio is the credential. Each lab ends in an artifact you commit to your own repo, with a make check you run yourself to prove your fix works. Every track ends in a capstone worth showing.

Learning Tracks

Pick your path.
Own the domain.

Structured, hands-on paths from zero to job-ready. Every track uses the real tools you'll use on the job — open source first — with AI woven through as the force multiplier. All 13 tracks are live — 134 modules, every one with a validated lab environment.

TRACK_00 · 12 modules live

Foundations

Networking, Linux, scripting, crypto, web, and threat modeling — the bedrock.

tcpdumpopensslpythonbash
View curriculum →
TRACK_01 · 17 modules live
🔴

Offensive Security

Recon, exploitation, web attacks, post-exploitation, and reporting.

nmapmetasploitburpsuitesqlmap
View curriculum →
TRACK_02 · 16 modules live
🔵

Defensive Operations

Telemetry, SIEM, detection-as-code, threat hunting, and incident response.

elasticzeeksuricatawazuh
View curriculum →
TRACK_03 · 14 modules live
🟣

Digital Forensics & IR

Disk, memory, and network forensics to a root-cause incident report.

volatility3sleuthkitplasovelociraptor
View curriculum →
TRACK_04 · 13 modules live
🟡

Malware Analysis

Static and dynamic analysis to IOCs, ATT&CK, and validated detections.

ghidracapayaraoletools
View curriculum →
TRACK_05 · 17 modules live
🟠

Cloud & Container Security

IAM, posture, IaC, containers, and Kubernetes across AWS/GCP/Azure.

prowlertrivyfalcostratus-red-team
View curriculum →
TRACK_06 · 11 modules live
🪟

Active Directory & Windows

Attack the enterprise's backbone, then close the paths as code.

BloodHoundimpacketcrackmapexec
View curriculum →
TRACK_07 · 10 modules live
🛡️

Endpoint & Host Hardening

Harden Windows and Linux to CIS as code, with scoring and drift detection.

ansibleOpenSCAPosquerywazuh
View curriculum →
TRACK_08 · 10 modules live
🔑

Cryptography, PKI & Secrets

Applied crypto, TLS, PKI, secrets management, and email authentication.

opensslvaultstep-catestssl.sh
View curriculum →
TRACK_09 · 10 modules live
🐍

Python for Security

Stop running tools and start writing them — and own the ones AI writes.

pythonrequestsscapyfastmcp
View curriculum →
TRACK_10 · 10 modules live
⚙️

Security Automation

IaC, CI/CD security gates, SOAR, and detection-as-code pipelines.

opentofuansiblecheckovn8n
View curriculum →
TRACK_11 · 9 modules live
🔒

Zero Trust Network Access

Identity-aware access with no inbound ports — the perimeter is dead.

pomeriumOPAkeycloakcilium
View curriculum →
TRACK_12 · 10 modules live
🤖

AI-Augmented Security Ops

Local models, RAG, MCP copilots — then attack and harden the AI you built.

ollamachromadbfastmcpgarak
View curriculum →

Be first in.
No cost. Ever.

Built in public. Fork it, improve it, learn from it — together.