Threat Emulation

The best way to understand how attackers work is to get hands-on experience with their techniques.

Emulation is the act of imitating or mimicking a person. Defenders can imitate, or emulate, an adversarial threat against the security stack in place. With this process, defenders can measure the security stack's effectiveness and close any gaps in coverage.

Attacktive Directory

99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?

Attacking Kerberos

Learn how to abuse the Kerberos Ticket Granting Service inside of a Windows Domain Controller

Need to know

Security Operations & Monitoring

Learn how to configure and utilise tooling to ensure that suspicious activity is quickly identified and dealt within your environment.

Next steps

Incident Response and Forensics

Incidents are inevitable. Learn how to identify and respond to them.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Advent of Cyber 2025

Threat Emulation

Attacktive Directory

Attacking Kerberos