Explore Labs

Dive into our interactive, real-world defensive cybersecurity labs. Gain hands-on experience with open-source tools, investigate real malware PCAPs, and level up your blue-team skills.

Master the Tools of the Trade

From Suricata and Zeek to advanced DFIR suites like Velociraptor and SIFT, we provide a safe environment to sharpen your incident response and threat-hunting skills.

Suricata Lab

Suricata Deep Dive

Learn to deploy, configure, and interpret network alerts with Suricata. Analyze real network traffic and detect advanced threats.

Launch Lab
Zeek with ELK

Zeek with ELK Stack

Combine Zeek logs with Elasticsearch, Logstash, and Kibana. Hunt through large datasets and visualize attack patterns.

Launch Lab
RITA Lab

RITA for Threat Hunting

Leverage RITA’s capabilities to detect beaconing and lateral movement. Practice analyzing suspicious connections in real-world pcaps.

Launch Lab
Elastic Endpoint

Elastic Endpoint Protection

Deploy Elastic’s endpoint agent to detect and contain malicious behavior on Windows or Linux hosts.

Launch Lab
DFIR Tools

DFIR with Velociraptor & SIFT

Investigate compromised systems using Velociraptor, SIFT, and additional forensic scripts to uncover attacker artifacts.

Launch Lab
Memory Forensics

Volatility & MemProcFS

Analyze live memory captures to detect hidden malware, advanced rootkits, and threat actor TTPs using Volatility and MemProcFS.

Launch Lab
Malware PCAP Analysis

Real Malware PCAP Analysis

Dissect actual malicious traffic captures to identify exploit attempts, command-and-control patterns, and attacker behaviors.

Launch Lab