Professional-grade, hands-on, AI-augmented cybersecurity training built on open tools and community knowledge. Job-ready, not theory. Every track, every lab, forever free.
Every module runs the same rhythm — you're never just reading. The depth comes from the bridge, the lab, and the automation you build and own.
Original prose builds the mental model and the practitioner translation — then a curated, time-boxed Learn path to the best existing explanations. We curate the basics; we write the judgment.
A one-command environment — git clone + make up. Attack a real target, build a real detection, carve a real disk. Then Automate & own it: turn the manual work into a script you can reproduce by hand.
No paywalled exam — your portfolio is the credential. Each lab ends in an artifact you commit to your own repo, with a make check you run yourself to prove your fix works. Every track ends in a capstone worth showing.
Structured, hands-on paths from zero to job-ready. Every track uses the real tools you'll use on the job — open source first — with AI woven through as the force multiplier. All 13 tracks are live — 134 modules, every one with a validated lab environment.
Networking, Linux, scripting, crypto, web, and threat modeling — the bedrock.
Recon, exploitation, web attacks, post-exploitation, and reporting.
Telemetry, SIEM, detection-as-code, threat hunting, and incident response.
Disk, memory, and network forensics to a root-cause incident report.
Static and dynamic analysis to IOCs, ATT&CK, and validated detections.
IAM, posture, IaC, containers, and Kubernetes across AWS/GCP/Azure.
Attack the enterprise's backbone, then close the paths as code.
Harden Windows and Linux to CIS as code, with scoring and drift detection.
Applied crypto, TLS, PKI, secrets management, and email authentication.
Stop running tools and start writing them — and own the ones AI writes.
IaC, CI/CD security gates, SOAR, and detection-as-code pipelines.
Identity-aware access with no inbound ports — the perimeter is dead.
Local models, RAG, MCP copilots — then attack and harden the AI you built.
Built in public. Fork it, improve it, learn from it — together.