Simulation labs

offensive Web Guided exercise Beginner Free

Web OSINT Footprint With Amass

Map public-facing web assets with passive OSINT output.

Amass / OSINT Open

offensive Web Guided exercise Beginner Free

Subdomain Triage With Subfinder

Practice passive subdomain discovery and triage.

Subfinder / OSINT Open

offensive Network Guided exercise Intermediate Premium

Shodan Exposed Service Review

Review simulated internet-exposure results.

Shodan / OSINT Open

offensive Web Guided exercise Intermediate Premium

Web Proxy Intercept With Burp Suite

Simulate intercepting and reviewing a login request.

Burp Suite / Web Hacking Open

offensive Web Guided exercise Beginner Free

OWASP ZAP Baseline Review

Practice reading a safe baseline scan summary.

OWASP ZAP / Web Hacking Open

defensive Web Guided exercise Intermediate Premium

Nuclei Template Signal Triage

Simulate template-driven web vulnerability triage.

Nuclei / Vulnerability Management Open

offensive App Guided exercise Intermediate Free

API Token Leakage Review

Find simulated secrets in source code output.

Semgrep / Application Security Open

offensive App Guided exercise Intermediate Premium

Mobile APK Static Review With MobSF

Simulate mobile app static-analysis triage.

MobSF / Application Security Open

offensive App Guided exercise Advanced Premium

Frida Runtime Observation Lab

Practice interpreting dynamic instrumentation output.

Frida / Application Security Open

offensive Network Guided exercise Beginner Free

Network Scan To Service Map

Build a network service map from simulated scan output.

Nmap / Reconnaissance Open

offensive Network Guided exercise Advanced Premium

SMB Enumeration With Impacket

Simulate SMB share enumeration and evidence collection.

Impacket / Network Exploitation Open

offensive Network Guided exercise Advanced Premium

Metasploit Handler Workflow

Practice handler setup without launching payloads.

Metasploit / Network Exploitation Open