Projects
Practice and develop your coding skills by building real live interactive autograded projects with solutions and video tutorials
2hrs average
Insider Threats: The Impostor
Face an internal sabotage that has taken down the main web service. Investigate, escalate privileges, and unmask the imposter to restore operability.
Intermediate
1hrs average
OSINT Tracing: The Police
A police officer went missing while investigating a trafficking network in Eastern Europe. It is believed he managed to leave a hidden clue on a web server. Your mission is to trace his exact location using analytical thinking, logical deduction, and OSINT techniques. If you identify the correct city, you will be rewarded with a flag.
Intermediate
3hrs average
Final project - Live Incident Response
In this final cybersecurity project, students must take immediate action to identify, contain, and remediate a live cyberattack on a compromised Linux server. Acting as cybersecurity analysts, they will investigate malicious processes, identify persistence mechanisms, remove backdoors, and restore system integrity.
Intermediate
2hrs average
Intercepting traffic and cryptographic failures
Learn to intercept unencrypted HTTP traffic, identify information leaks, and access FTP services using hashes and decoding techniques.
Intermediate
2hrs average
Elevation 2 - Hidden Privileges in Windows
Explore a corporate Windows server, identify poor security practices, and perform brute force attacks to access a privileged user and escalate to administrator.
Intermediate
2hrs average
Gossip Lab- SQL injection
Investigate a web application vulnerable to SQL Injection, access internal data from the Alabama Suites hotel system, and uncover who is sabotaging Diego by analyzing user panels.
Intermediate
2hrs average
Customer Service - Broken access control and Password Cracking
Explore a web application to detect hidden routes and broken access control. Crack MD5 passwords and simulate logins to retrieve sensitive information.
Intermediate
1hrs average
Detect the XSS Vulnerability
Analyze a vulnerable form in a fictional licensing site, identify the XSS vulnerability, and validate your finding with a script.
Beginner
1hrs average
Blue Code - Sabotaged Password Recovery
Analyze and repair a Python script sabotaged by an internal attacker to recover the original password. Once fixed, validate it and decode a flag using CyberChef.
Easy
2hrs average
Alternative time series project
Use ARIMA model to forecast sales using time series analysis to estimate future sales rate.
Beginner
2hrs average
Cheers! - Remote Vulnerability Analysis in WordPress
Explore a realistic vulnerability in a WordPress site by identifying and analyzing the vulnerable TimThumb script. Learn to recognize suspicious paths and formulate attack hypotheses.
Intermediate
2hrs average
Elevation - Escalating from Common to Root
Access a corporate Linux system and use brute force and privilege escalation techniques to become root and retrieve a protected flag.
Intermediate
2hrs average
Capture Flag Ntlm Hash Attack Lab
Gain Administrator access to a Windows machine using an NTLM hash exposed in a public SMB share. Learn to exploit insecure configurations and perform Pass-the-Hash authentication.
Intermediate
2hrs average
The lovers - SQL injection y and escalate privileges
Exploit a SQL Injection vulnerability in a dating app to access as admin, retrieve credentials, uncover hidden secrets, and escalate privileges to gain root access.
Intermediate
1hrs average
Pwned! - Find the Backdoor
Investigate a compromised website to detect a hidden reverse shell. Find the backdoor and validate your discovery.
Beginner
1hrs average
Criminal Name - Hunt and Decode
Analyze a suspicious script, deduce the criminal's name from clues, and decode a flag using CyberChef.
Beginner
2hrs average
Final boss Red Team - The Final Corporate Challenge
Analyze a web server full of decoys, discover an exposed backup file, and exploit a misconfigured scheduled task to escalate privileges in a Windows system.
Intermediate
2hrs average
Capture Flag Enumeration And Access To Exposed Credentials Lab
Explore a Windows server hosting a WordPress site and vulnerable SMB shares. Enumerate users, build custom dictionaries, and use discovered credentials to capture a flag.
Intermediate
2hrs average
Casino LFI - Dangerous File Inclusion on Casino Server
Analyze a casino web app and exploit a Local File Inclusion (LFI) vulnerability to access sensitive server content.
Intermediate
2hrs average
Eternal blue - Remote Access on Windows 7
Analyze a Windows 7 system vulnerable to EternalBlue, exploit the flaw using Metasploit, and remotely access the system to retrieve a flag from the user's desktop.
Intermediate