Changelog
Follow up on the latest improvements and updates.
RSS
new
Enterprise
Offensive
Sharpen covert red teaming skills with the Ifrit Professional Lab scenario
Ifrit simulates a real-world Active Directory environment where your goal is to operate under the radar. With 7 flags and 10 machines, this scenario challenges you to evade detection while exploiting AD systems, testing your ability to balance stealth and impact in complex environments.
You’ll gain the skills to:
- Enumerate and exploit Active Directory networks and services
- Perform lateral movement across multiple forests
- Bypass EDR solutions and detection mechanisms
- Execute relay attacks and covert operations

This hands-on, 6-module path takes you from Android fundamentals through static, dynamic, and malware analysis. You’ll develop the knowledge and practical skills needed to identify vulnerabilities, mitigate risks, and perform forensic investigations on Android devices.
By completing the path, you’ll be able to:
- Understand Android OS architecture, app components, and the mobile security model
- Detect, analyze, and reverse-engineer malicious Android applications
- Automate pentesting workflows with tools like MobSF, Frida, Objection, ALEAPP, and Autopsy
- Recover and interpret data from Android devices using professional forensic techniques

new
Academy
Enterprise
Analyze Android artifacts with a new Academy Module
The newly released Android Forensics module dives into Android forensics, equipping you with the techniques and tools needed to investigate compromised devices and recover critical data. From uncovering hidden artifacts to reconstructing user activity, you’ll build the expertise required for professional forensic investigations.
By the end of the module, you'll be able to:
- Set up and operate a secure Android forensic environment
- Recover and interpret backup files to reconstruct user data, system settings, and device usage patterns
- Apply rooting techniques and manage root access with tools like SuperSU and Magisk
- Perform data carving, timeline analysis, and recover deleted files

new
Labs
Enterprise
Offensive
Pre-Wanderer Qualification path now live
We’ve just released a brand-new curated path designed to get you fully prepared for the Wanderer Professional Lab scenario. This path includes 9 machines and will guide you through essential techniques including:
- Mobile Exploitation
- Advanced SQL Injection
- Filter Evasion
- Wi-Fi Attacks
- VoIP Hacking
Beyond scenario prep, this path is also ideal for intermediate red teamers looking to strengthen their enumeration, lateral movement, and attack chain building skills in a realistic, hands-on environment. By the end, you’ll have the well-rounded offensive toolkit needed to navigate Wanderer, and similar complex engagements, with confidence.

new
Enterprise
Offensive
New exclusive content available on Dedicated Labs
Two new exclusive releases are now live on Dedicated Labs, covering firewall exploitation, privilege escalation in Linux, and critical PAN-OS vulnerabilities!
SUS | Exclusive Machine
Explore an Easy Linux machine showcasing two privilege escalation CVEs in openSUSE Leap 15.6. Move from unprivileged user to root by abusing PAM configuration and libblockdev through udisks, and learn how misconfigurations can lead to full system compromise.

PwnOS | Exclusive Machine
Get hands-on with CVE-2024-9474 in Palo Alto Networks PAN-OS. Exploit a command injection in the management web interface to escalate to root privileges, reinforcing the need to secure and update network security appliances.

new
Enterprise
Defensive
Uncover PAN-OS exploitation tactics in a new Exclusive Sherlock
Step into the shoes of an attacker targeting a Palo Alto Networks PAN-OS firewall in Panos, our newest Exclusive Sherlock. In this scenario, multiple known CVEs are chained together to bypass authentication on the web-based management console and escalate to root-level access.
You’ll trace how the compromise unfolds, uncover the tactics that make firewall exploits so dangerous, and see firsthand why unpatched vulnerabilities on internet-facing systems pose such a critical risk. This Exclusive Sherlock challenges you to think like an adversary while reinforcing the importance of timely patching and proactive monitoring.

new
Capture The Flag
Sharpen your web exploitation skills with 2 new CTF packs
Two new CTF packs are now live, designed to build practical expertise in exploiting WordPress environments and mastering the OWASP Top 10 through realistic, hands-on scenarios.
This pack takes you from basic enumeration of versions, plugins, and themes to uncovering exposed backups and directory listings, brute-forcing weak credentials, and exploiting critical flaws like authentication bypass, SQL injection, and Server-Side Template Injection. Using tools such as WPScan, SQLMap, and Metasploit, participants will develop a strong foundation in WordPress exploitation and gain practical knowledge of common attack surfaces.
Dive into 10 story-driven challenges showcasing the most critical web application vulnerabilities seen in the wild. Practice everything from bypassing business logic checks and leaking environment files to chaining SQL injection and IDOR, abusing SSRF to compromise internal databases, and weaponizing file uploads for remote code execution. This pack is a must for anyone looking to strengthen their offensive web security skills against today’s most prevalent threats.

new
Academy
Enterprise
Offensive
Advance your offensive AI skills with a new Academy Module
Part of the AI Red Teamer path, the Attacking AI – Application and System module examines security vulnerabilities across two critical layers of AI deployments: the application and the system.
You’ll learn how flaws in these components can compromise the overall security of an AI environment, then shift focus to the Model Context Protocol (MCP), its purpose, how it functions, and the risks it introduces when misconfigured or exploited by malicious servers.
You’ll gain the skills to:
- Detect vulnerabilities in AI application and system components
- Explain how MCP operates and where security weaknesses can arise
- Assess the risks of MCP servers, including threats from malicious instances
- Apply offensive testing techniques to evaluate and strengthen AI deployments

improved
Enterprise
Features
Create Teams in bulk from User Management
Admins can now create multiple teams at once directly from the User Management page, making it easier than ever to:
- Quickly set up teams for new hires or projects
- Organize users into the right groups in one go
- Save time by skipping repetitive manual setup
Just select your users, choose Create Team from the bulk actions menu, and you’re ready to go.

new
Enterprise
Features
Modify user seats directly in User Management
Admins can now update which seats (licenses or spaces) a user has all from the User Management page, now allowing them to:
- Quickly assign or un-assign seats for individual users
- Easily manage access and expiration at the user level
- Scale with consistency as teams grow
Just click the three-dot menu next to any user to add or remove seats and set custom expiration dates.

Load More
→