Practice Labs
Curated hands-on labs matched to each course track. Practice the concepts you learn — for free on TryHackMe.
Labs hosted on TryHackMe
All labs link to TryHackMe — the industry-standard hands-on platform. Free rooms need only a free account. Premium rooms require a TryHackMe subscription (~$14/mo).
Filter by Topic
Cybersecurity Fundamentals
4 free · 4 total
Pre-Security
Start from zero — networking, web, Linux, and Windows fundamentals before touching cybersecurity.
Introduction to Cyber Security
Career paths, offensive vs defensive security, and hands-on intro tasks covering the core domains.
Cybersecurity 101
Foundational room covering CIA triad, threats, attacks, and cryptography basics.
Linux Fundamentals (3-part)
Master Linux from the terminal up — file permissions, processes, services, and scripting.
SOC & Blue Team
1 free · 5 total
SOC Level 1
Complete analyst learning path — phishing, network security monitoring, SIEM fundamentals, and more.
SOC Level 2
Intermediate blue team path covering threat intelligence, endpoint security, and incident response.
Splunk: Basics
Hands-on Splunk SIEM — ingesting logs, SPL queries, dashboards, and basic alert tuning.
Investigating with Splunk
Real-world investigation scenario using Splunk to hunt for an intruder in web server logs.
Sigma Rules
Write detection rules in Sigma — the universal SIEM query language for threat detection.
Penetration Testing
4 free · 6 total
Jr Penetration Tester
Complete intro to offensive security — recon, exploitation, web attacks, and reporting.
OWASP Top 10
Hands-on rooms for each OWASP Top 10 vulnerability — injection, broken auth, XSS, and more.
Metasploit: Introduction
Learn Metasploit from modules to meterpreter — practical exploitation framework fundamentals.
Nmap
Master network scanning with Nmap — host discovery, port scanning, service detection, and NSE.
Web Fundamentals Path
Full web hacking learning path covering HTTP, Burp Suite, authentication, XSS, SQLi, and SSRF.
Active Directory Basics
Understand and attack AD environments — users, groups, Kerberos, and common misconfigurations.
Python for Security
2 free · 3 total
Python Basics
Foundations of Python programming — variables, loops, functions, and file I/O through interactive tasks.
Python for Pentesters
Use Python to build scanners, exploit scripts, and automation tools for offensive security.
Scripting for Beginners
Write bash and Python scripts to automate common security tasks and system administration.
Cloud Security
2 free · 3 total
AWS Basics
Get started with AWS — EC2, S3, IAM, and core services through guided hands-on tasks.
Cloud Security Basics
Core cloud security concepts — shared responsibility model, IAM misconfigs, and cloud-native threats.
S3 — Buckets of Fun
Find and exploit misconfigured S3 buckets — a real-world class of cloud vulnerability.
Malware Analysis
0 free · 3 total
Malware Introductory
Static and dynamic analysis fundamentals — strings, imports, sandboxing, and common malware families.
Basic Dynamic Analysis
Analyse malware behaviour in a controlled sandbox — process monitoring, network calls, and registry changes.
REMnux — Getting Started
Set up and use the REMnux Linux distro for malware reverse engineering tasks.
AI & Security
1 free · 2 total
Prompt Injection
Understand and exploit prompt injection vulnerabilities in LLM-powered applications.
AI Security Intro
Survey of AI-specific attack surfaces — model poisoning, adversarial inputs, and AI-assisted threats.
Ready for harder challenges?
Once you're comfortable with guided rooms, try HackTheBox — retired machines, ProLabs, and realistic enterprise environments.