ＨｉｄｅＺｅｒｏＯｎｅ

This is a large, hands-on IoT security course that takes you across the entire connected-device stack and then teaches you how to defend it. It mirrors its title: a hacking half that goes on the offensive across hardware, firmware, networks, radio, mobile apps, and the cloud, followed by a hardening half that maps a concrete defense back to every attack you learn.

Tired of theoretical phishing courses? This is the definitive, hands-on training for penetration testers and red team operators who need to move beyond theory and execute realistic, effective phishing campaigns against modern, hardened targets. In this course, you won’t just learn about phishing—you’ll build, launch, and manage full-scale campaigns using industry-standard tools like GoPhish and the powerful Evilginx framework, learning to bypass Multi-Factor Authentication (MFA) and common email defenses.

The cloud is the new network. Modern enterprises are running on Amazon Web Services (AWS), and security professionals need to master the unique attack surface it presents. If you’re a pentester, bug bounty hunter, or security engineer ready to conquer the cloud, this course is for you. This course is a comprehensive, hands-on journey into the world of AWS penetration testing. You’ll move past theory to build, configure, and exploit real-world cloud vulnerabilities in a safe, controlled lab environment using industry-standard tools like Pacu and CloudGoat.

A professional, lab-driven training program that moves you from fundamentals to full-scale C2 operations — with hosted labs, instructor demos, real-world workflows, quizzes, and a capstone that proves you can execute the entire attack lifecycle. This course is geared towards beginners who are interested in working with their first C2. If you already have experience with Sliver C2, you likely will not find this course beneficial.

API hacking expert, Dr. Katie Paxton-Fear AKA InsiderPhD, takes you far beyond her Free Upskill Challenges on the basics of APIs to be your personal guide on learning the hands-on skills needed in today’s competitive job market. This fully interactive course is the ultimate guide to hacking APIs! From discovering API endpoints to using Burp and Postman, Katie covers the entire OWASP API Top 10 from entry point to exploit.

Attacking Active Directory with Linux (LinuxAD) is a training environment and playground. Students get access to a dedicated lab setup (not shared with other students). The lab contains a Linux-based machine to execute attacks and a target AD setup. The target AD is a fully patched AD environment with all Server 2019 machines.