In this module, we will take on the GoldenEye vulnerable VM to strengthen your offensive security skills. You'll work through advanced enumeration techniques across web and email services to uncover credentials and vulnerable software. From initial access to full root shell, this module builds your skillset for real-world penetration testing scenarios.

In this module, we will target the vulnerable Bob VM to walk through the process of system compromise. You’ll analyze web application behavior, test for injection flaws, and exploit vulnerabilities to gain shell access. Then, through creative privilege escalation, you’ll achieve root access—using both standard and alternate methods for maximum learning.

In this module, we will transition from exploitation to exploit development. You’ll learn how to build exploits from scratch by fuzzing for vulnerabilities, manipulating buffer offsets, and avoiding bad characters. The journey concludes with the development of a custom shellcode to gain remote access, reinforcing your understanding of memory manipulation and code execution.

In this module, we will navigate the misdirection-filled terrain of a specially crafted VM. You’ll enhance your reconnaissance and enumeration skills while exploring multiple web apps and navigating false leads. After gaining access, you'll apply privilege escalation methods and look for alternate paths to root access, mimicking a thorough real-world assessment.

In this module, we will take on a dual-VM challenge involving Straylight and Neuromancer. You’ll perform advanced enumeration, exploit LFI and email servers, and then pivot through port forwarding to access and compromise a second system. You'll wrap up with privilege escalation techniques, learning to chain attacks across multiple targets.

In this module, we will focus on Windows environments—particularly Active Directory systems. You’ll scan networks, exploit weak configurations, and access services such as MS-SQL using compromised credentials. This section strengthens your understanding of Windows privilege escalation and post-exploitation tactics.

In this module, we will tackle the FunBox2 VM to showcase real-world exploitation techniques. You’ll use enumeration skills to uncover a weak password, escape from a jailed shell, and then escalate privileges by uncovering sensitive information. The module offers a practical look into the nuances of post-exploitation.