The Windows API Monitoring and Hooking module teaches practical monitoring, hooking, and logging techniques used in debugging, reverse engineering, malware analysis, and EDR development all with hands-on labs and a Splunk skills assessment.

Key outcomes include:

What began as a global gaming craze has turned into something much darker. Millions rushed to adopt AI monster companions, but the lines between play and reality are blurring fast. Malfunctions, outages, even market chaos—the world is starting to feel the bite.

Over the next 13 weeks, face all-new Machines and:

Want to learn more about Seasons? Check out our blog post for all the details.

The first Machine will be released on September 20th.

We’ve added a brand-new Secure Coding challenge category which includes 6 hands-on challenges focused on real-world secure coding practices, ranging from easy to medium difficulty.

Designed for software engineers, AppSec professionals, and security engineers, these challenges help users:

Two new time-efficient Professional Lab scenarios are now live: and .

Both scenarios deliver compact, high-intensity Active Directory challenges designed for penetration testers and red teamers who want realistic practice in modern enterprise environments. With three machines each and layered attack paths, these scenarios take you through a full red-team workflow and put the spotlight on real-world missteps as well as how defenders can spot and stop them.

Here’s what you’ll gain:

Ifrit simulates a real-world Active Directory environment where your goal is to operate under the radar. With 7 flags and 10 machines, this scenario challenges you to evade detection while exploiting AD systems, testing your ability to balance stealth and impact in complex environments.

You’ll gain the skills to:

This hands-on, 6-module path takes you from Android fundamentals through static, dynamic, and malware analysis. You’ll develop the knowledge and practical skills needed to identify vulnerabilities, mitigate risks, and perform forensic investigations on Android devices.

By completing the path, you’ll be able to:

The modules included in the path are:

The newly released Android Forensics module dives into Android forensics, equipping you with the techniques and tools needed to investigate compromised devices and recover critical data. From uncovering hidden artifacts to reconstructing user activity, you’ll build the expertise required for professional forensic investigations.

By the end of the module, you'll be able to:

We’ve just released a brand-new curated path designed to get you fully prepared for the Wanderer Professional Lab scenario. This path includes 9 machines and will guide you through essential techniques including:

Beyond scenario prep, this path is also ideal for intermediate red teamers looking to strengthen their enumeration, lateral movement, and attack chain building skills in a realistic, hands-on environment. By the end, you’ll have the well-rounded offensive toolkit needed to navigate Wanderer, and similar complex engagements, with confidence.

Two new exclusive releases are now live on Dedicated Labs, covering firewall exploitation, privilege escalation in Linux, and critical PAN-OS vulnerabilities!

Explore an Easy Linux machine showcasing two privilege escalation CVEs in openSUSE Leap 15.6. Move from unprivileged user to root by abusing PAM configuration and libblockdev through udisks, and learn how misconfigurations can lead to full system compromise.

Get hands-on with CVE-2024-9474 in Palo Alto Networks PAN-OS. Exploit a command injection in the management web interface to escalate to root privileges, reinforcing the need to secure and update network security appliances.

Step into the shoes of an attacker targeting a Palo Alto Networks PAN-OS firewall in Panos, our newest Exclusive Sherlock. In this scenario, multiple known CVEs are chained together to bypass authentication on the web-based management console and escalate to root-level access.

You’ll trace how the compromise unfolds, uncover the tactics that make firewall exploits so dangerous, and see firsthand why unpatched vulnerabilities on internet-facing systems pose such a critical risk. This Exclusive Sherlock challenges you to think like an adversary while reinforcing the importance of timely patching and proactive monitoring.