SkillUp

Build cybersecurity skills that hold up in the real world.

A structured upskilling track that pairs guided learning with hands-on labs, real-world simulations, and career-grade credentials — built for individual learners and the teams that defend modern enterprises.

Talk to our team

Cyberyami / SOC Analyst track

Live

Detect, triage, and respond to live security incidents.

Modules

Foundations of SOC operations
Log analysis & SIEM playbooks
Threat hunting fundamentalsIn progress
Incident response capstone

Active lab

Sandboxed

› siemctl tail --filter "auth.failed" --since 5m

Paths
Labs
Assessments
Simulations
Certification

How it works

From first lesson to live credential

One loop, repeated across every track. Learn the concept, apply it in a lab, prove the skill, take the credential.

01
Pick a Course
Choose a track aligned to your role and current level.
02
Train in labs
Apply each concept in a hands-on lab the same day you learn it.
03
Validate skills
Pass assessments and live simulations that prove the skill is real.
04
Earn credentials
Walk away with a certificate your team and hiring managers recognise.

Capabilities

What makes SkillUp different

Five capabilities that turn cybersecurity learning into measurable, defensible skill — for the individual and the enterprise.

Custom Training Plans
Adaptive roadmaps that re-route based on what your team already knows and where the skill gaps actually are.
Real-World Simulations
Sandboxed attack and defense scenarios drawn from incidents that have actually happened in the wild.
Corporate Learning Orchestration
Roll out paths across your workforce, manage seats, and route the right course to the right team.
Hands-on Virtual Labs
Per-user isolated VMs with snapshot reset and no external egress. Lab safety, by default.
Structured Skill Development
Skills laid out as a tree, not a list — each module builds on the last and feeds the next.

Catalog

Browse the catalog

Filter by track, narrow by category, or search by skill. Every course pairs with a hands-on lab.

Real World Data Security & Threat Mitigation

What you'll learn

Enhanced Incident Response Skills
Proficiency in Ransomware Mitigation
Insider Threat Detection Expertise
Zero Trust Architecture Implementation
Advanced Data Privacy Techniques

Real World Data Security & Threat Mitigation

Server-Side Request Forgery

What you'll learn

Identify SSRF vulnerabilities: Recognize patterns within applications that signal potential SSRF flaws.
Execute SSRF exploits: Understand and practically apply techniques used to exploit SSRF vulnerabilities.
Assess SSRF impact: Grasp the potential consequences of successful SSRF attacks.
Implement SSRF defenses: Learn effective mitigation strategies to protect web applications.

intermediateLearn

Server-Side Request Forgery

Understanding Insecure Direct Object References (IDOR)

What you'll learn

Vulnerability Spotting: Hone your ability to pinpoint IDOR weaknesses in web applications.
Exploitation Know-How: Execute controlled IDOR attacks to grasp their true impact.
Proactive Mitigation: Implement effective countermeasures to neutralize IDOR risks.
Tool Mastery: Become proficient in the tools used for assessing and exploiting IDOR flaws.
Ethical Considerations: Adhere to responsible and legal practices in IDOR exploration.
Communication Expertise: Articulate your IDOR findings with clarity to both technical and non-technical audiences.

Understanding Insecure Direct Object References (IDOR)

Jeopardy CTF Challenges

What you'll learn

Forensic Analysis: Extract and analyze digital evidence from various sources.
Cryptography: Decrypt messages, break ciphers, and understand cryptographic algorithms.
Steganography: Discover hidden data concealed within images, audio files, and other media.
Problem-Solving: Develop critical thinking and problem-solving skills essential for CTF success.
CTF Strategies: Refine your approach to Jeopardy-style CTF challenges.

Jeopardy CTF Challenges

Git Guru Gathering

What you'll learn

Git Internals: Deepen your understanding of how Git structures and stores project data.
.git Directory Exploitation: Exploit accidental .git directory exposures to recover source code and history.
Reconstructing History: Piece together a project's timeline by analyzing commits, diffs, and branches.
Secret Hunting: Uncover leaked credentials, API keys, and other sensitive data buried within the repository.
Vulnerability Analysis: Identify potential security weaknesses introduced throughout the development history.

Git Guru Gathering

Mastering Vim

What you'll learn

Vim Fundamentals: Establish a strong foundation in Vim's modal editing, navigation, and core commands.
Efficient Text Manipulation: Learn to manipulate text with precision, speed, and ease.
Advanced Vim Techniques: Explore powerful features like macros, search and replace, and text objects to perform complex edits.
Customization: Adapt Vim to your preferences with themes, plugins, and personalized settings for optimal workflow.
Practical Applications: Apply Vim skills to real-world scenarios, including code editing and system configuration.

intermediateLearn

Mastering Vim

Entity Injection Intensive

What you'll learn

XML Fundamentals: Solidify your knowledge of XML syntax and document structures.
Vulnerability Detection: Learn to recognize the telltale signs of XXE susceptibilities.
Exploitation Strategies: Master various XXE attack methods, including file retrieval, SSRF, and advanced techniques.
Hands-On Exploitation: Practice exploiting XXE flaws in purpose-built vulnerable labs.
Defensive Measures: Discover robust mitigation strategies to safeguard applications against XXE attacks.
Responsible Disclosure: Practice ethical reporting and coordination with affected parties.

intermediatesolve

Entity Injection Intensive

SubDomain Enumeration

What you'll learn

Enumeration Fundamentals: Solidify your knowledge of subdomain structures and the importance of enumeration in cybersecurity.
Passive Enumeration Techniques: Learn to utilize publicly available resources and third-party tools for subdomain discovery without direct interaction with the target.
Active Enumeration Techniques: Master the use of direct queries and tools to actively discover subdomains, including DNS zone transfers and brute force methods.
Wildcard Domain Strategies: Understand the challenges and techniques for dealing with wildcard domains in enumeration processes.
Vulnerability Identification: Learn to recognize potential vulnerabilities associated with discovered subdomains.
Network Security: Discover strategies to secure networks by addressing subdomain-related vulnerabilities.

intermediatepractice

SubDomain Enumeration

Gobuster

What you'll learn

Comprehensive understanding of GOBUSTER and its functionalities
Ability to troubleshoot common installation issues and configure for optimal performance
Practical experience in applying GOBUSTER for directory/file brute-forcing and DNS subdomain enumeration
Familiarity with advanced techniques and strategies for complex environments
Ability to analyze and interpret GOBUSTER results accurately

beginnerpractice

Gobuster

Dirbuster

What you'll learn

Comprehensive understanding of DIRBUSTER and its functionalities
Skills to install and configure DIRBUSTER
Ability to effectively use DIRBUSTER for directory and file brute-forcing
Knowledge of common use cases and scenarios for DIRBUSTER application
Practical experience in performing web application assessments with DIRBUSTER
Familiarity with advanced DIRBUSTER techniques for complex environments
Ability to analyze and interpret DIRBUSTER results accurately
Application of DIRBUSTER to enhance the security posture of web applications

beginnerpractice

Dirbuster

Command Injection

What you'll learn

Introduction To Command Injection
Identifying Command Injection Vulnerabilities
Exploitation of Command Injection
Preventing OS Command Injection
Legal and Ethical Considerations in Preventing OS Command Injection

Command Injection

Hacking with the Powershell

What you'll learn

PowerShell Fundamentals: Solidify your understanding of PowerShell scripting and its capabilities in a cybersecurity context.
Reconnaissance Techniques: Learn to use PowerShell for gathering information about targets, including network scanning and enumeration.
Exploitation Techniques: Master the use of PowerShell to exploit vulnerabilities and gain access to systems.
Post-Exploitation Techniques: Understand how to use PowerShell for maintaining access, data exfiltration, and lateral movement.
Ethical Considerations: Learn the importance of ethical hacking practices and the legal implications of using PowerShell in assessments.
Automation: Discover how to automate repetitive tasks and streamline your cybersecurity workflows using PowerShell.
Tool Utilization: Get hands-on experience with PowerShell tools and scripts commonly used in penetration testing.

Hacking with the Powershell

DVWA

What you'll learn

DVWA Fundamentals: Gain a solid understanding of what DVWA is, its purpose, and how it is used in cybersecurity training.
Installation on Linux: Learn step-by-step instructions for installing and configuring DVWA on Linux systems.
Installation on Windows: Master the process of setting up DVWA on Windows machines, including required dependencies.
Practical Uses of DVWA: Explore how to use DVWA to practice and enhance your web application security testing skills.
Walkthroughs: Engage in guided walkthroughs of various DVWA challenges, learning to identify and exploit vulnerabilities such as SQL injection, XSS, CSRF, and more.
Vulnerability Assessment: Learn to conduct thorough vulnerability assessments using DVWA to simulate real-world scenarios.
Ethical Hacking: Understand the ethical considerations and legal implications of using DVWA for security testing.
Reporting and Documentation: Develop skills to document your findings and create comprehensive reports based on DVWA exercises.

DVWA

Shodan.io

What you'll learn

Shodan Fundamentals: Gain a solid understanding of what Shodan is and how it works, including its interface and core features.
Advanced Search Techniques: Learn to construct advanced queries to filter and find specific types of devices, services, and vulnerabilities.
Practical Applications: Master the practical uses of Shodan for threat intelligence, vulnerability assessment, and network monitoring.
Reconnaissance Techniques: Discover how to use Shodan for internet-wide reconnaissance and asset discovery.
Vulnerability Identification: Learn to identify and assess vulnerabilities in internet-facing systems using Shodan.
Ethical Considerations: Understand the ethical and legal implications of using Shodan in cybersecurity assessments.
Integration with Other Tools: Learn how to integrate Shodan with other cybersecurity tools to enhance your threat intelligence capabilities.

Shodan.io

Upload Vulnerability

What you'll learn

Upload Vulnerabilities Fundamentals: Gain a solid understanding of what upload vulnerabilities are, their impact on web application security, and common attack vectors.
Detection Techniques: Learn to identify upload vulnerabilities using manual testing methods and automated tools.
Mitigation Strategies: Master various techniques to secure file upload functionality, including input validation, file type verification, and storage considerations.
Practical Demonstrations: Engage in live demonstrations of exploiting and mitigating upload vulnerabilities in web applications.
Tool Utilization: Discover tools and resources for detecting and addressing upload vulnerabilities, such as Burp Suite, OWASP ZAP, and custom scripts.
Secure Coding Practices: Learn best practices for developing secure file upload features in web applications.

Upload Vulnerability

Code Review

What you'll learn

Code Review Fundamentals: Solidify your knowledge of secure coding practices and code review processes.
Vulnerability Detection: Learn to recognize the telltale signs of common security vulnerabilities in code.
Exploitation Awareness: Understand how vulnerabilities can be exploited and the potential impact on applications.
Hands-On Review Techniques: Practice reviewing code in purpose-built vulnerable labs to identify and address security flaws.
Defensive Measures: Discover robust mitigation strategies to safeguard code against a wide range of vulnerabilities.
Tool Utilization: Master the use of Snyk for automated code review and vulnerability detection.
Responsible Disclosure: Practice ethical reporting and coordination with affected parties.

Code Review

Essentials of Authentication Bypass Techniques

What you'll learn

Vulnerability Identification: Develop an eye for spotting weaknesses in authentication protocols and implementations.
Exploitation Techniques: Execute realistic attacks like brute-force, credential stuffing, session hijacking, and more.
Mitigation Strategies: Design and apply countermeasures to defend against authentication bypass attempts.
Tool Proficiency: Master essential tools used for authentication testing and exploitation.
Legal and Ethical Awareness: Conduct security activities within responsible and lawful boundaries.
Continuous Learning: Embrace a mindset of ongoing cybersecurity education and evolution.

Essentials of Authentication Bypass Techniques

Foundations of Digital Forensics

What you'll learn

Understand Digital Forensics Principles – Learn the forensic investigation process, legal aspects, and best practices. Perform Disk Imaging & Data Acquisition – Create and analyze forensic disk images while ensuring data integrity. Analyze File Systems – Recover deleted files and understand how data is stored across different file systems. Extract & Analyze Metadata – Identify hidden information in files and verify authenticity using file signatures. Investigate Windows Registry Artifacts – Extract forensic evidence from registry keys related to user activity and system changes. Conduct Basic Log Analysis – Interpret system logs to detect potential security incidents and suspicious behaviors.

Foundations of Digital Forensics

Deep Dive into Forensic Techniques

What you'll learn

Conduct Memory Forensics – Extract and analyze volatile memory to detect malicious processes and cyber threats. Investigate Emails & Documents – Analyze email headers, metadata, and document properties to uncover fraud, phishing, and data leaks. Track Internet Activity – Retrieve and examine browser history, cookies, and downloads to reconstruct online behavior. Analyze USB & External Storage – Detect unauthorized data transfers and recover hidden or deleted files from removable storage devices. Detect Hidden Data & Steganography – Identify and extract concealed information hidden in images, audio, and other digital files. Perform Network Traffic Analysis – Capture and analyze network packets to detect intrusions, cyber threats, and forensic evidence of attacks.

intermediateLearn

Deep Dive into Forensic Techniques

Real World Investigations & Threat Attribution in Forensics

What you'll learn

Analyze & Reverse Engineer Malware – Detect, analyze, and dismantle malicious software to understand its impact and purpose. Conduct Mobile Device Forensics – Extract and examine digital evidence from smartphones and tablets while preserving forensic integrity. Investigate Cloud-Based Evidence – Perform forensic investigations on cloud services, ensuring compliance with legal frameworks. Analyze IoT Forensic Data – Recover and analyze data from smart devices to identify security incidents and digital traces. Trace Dark Web & Cryptocurrency Transactions – Track illicit activities, analyze blockchain transactions, and investigate cryptocurrency-based cybercrimes. Respond to Cyber Incidents & Attribute Threats – Develop effective incident response strategies and use forensic intelligence to identify cybercriminals.

Real World Investigations & Threat Attribution in Forensics

Advanced Data Protection and Compliance

What you'll learn

Enhanced Secure Communication Skills
Improved Database Security and Hardening Techniques
Proficiency in Data Anonymization and Tokenization
Strong Compliance and Governance Implementation Skills
Advanced Threat Detection and Incident Response Abilities

intermediatepractice

Advanced Data Protection and Compliance

Red Teaming & Real-World Scenarios - Application

What you'll learn

Execute advanced web exploitation techniques including RCE and SSRF.
Escalate privileges on Linux and Windows systems using post-exploitation tools.
Compromise Active Directory environments using modern attack vectors.
Secure and assess CI/CD pipelines and IaC templates in DevSecOps ecosystems.
Analyze and exploit vulnerabilities in IoT and SCADA devices.

Red Teaming & Real-World Scenarios - Application

Vulnerability Identification & Exploitation - Application

What you'll learn

Identify and exploit common vulnerabilities in web and API environments.
Perform security assessments on cloud services, containers, and IoT devices.
Use specialized tools like SQLmap, Postman, ScoutSuite, and DockerBench.
Simulate real-world attack scenarios such as session hijacking and privilege abuse.
Generate actionable vulnerability reports and remediation strategies.

Vulnerability Identification & Exploitation - Application

Foundations of Threat Hunting and Detection

What you'll learn

Foundational Understanding of Threat Hunting and Adversary Behavior
Hands-on Skills in Security Information and Event Management (SIEM)
Proficiency in Network Traffic Analysis
Endpoint Detection and Threat Hunting with EDR Tools
Building and Integrating Threat Intelligence Workflows

Foundations of Threat Hunting and Detection

Proactive Threat Hunting and Investigation

What you'll learn

Ability to detect and investigate persistence mechanisms across Windows and Linux systems.
Skills in performing memory forensics to uncover in-memory malware and attack traces.
Proficiency in hunting advanced Active Directory attacks like Pass-the-Hash and Kerberoasting.
Competence in cloud threat hunting across AWS, Azure, and GCP environments.
Expertise in detecting stealthy attacks using PowerShell abuse, LOLBAS techniques, and insider threat behavior analytics.

intermediateLearn

Proactive Threat Hunting and Investigation

Real World Attack Simulations and Incident Response

What you'll learn

Ability to write and implement custom SIEM correlation rules to detect advanced persistent threats (APTs).
Skills in using YARA and Sigma rules to detect malware patterns and enhance threat hunting efforts.
Proficiency in analyzing and responding to real-world ransomware attacks using sandboxing techniques.
Hands-on experience with incident response processes, including timeline reconstruction and attack tree analysis.
Knowledge of detecting cyber threats in industrial control systems (ICS) and understanding the unique challenges of OT networks.

Real World Attack Simulations and Incident Response

Network Foundations & Security Basics

What you'll learn

Configure IP addressing schemes, VLANs, and basic routing for secure network segmentation.
Deploy and manage firewall solutions using iptables, pfSense, and Cisco ASA devices.
Capture and analyze network traffic with Wireshark to detect suspicious activities and protocol anomalies.
Set up and fine-tune intrusion detection systems like Snort and Suricata for threat monitoring.
Harden network devices and VPNs by applying secure authentication, encryption, and remote management best practices.

Network Foundations & Security Basics

Hands-on Security & Administration

What you'll learn

Configure and secure Active Directory and LDAP with policy management and hardening techniques.
Deploy and manage IDS/IPS systems using custom rules and log correlation for intrusion detection.
Analyze and secure wireless networks against common attacks using industry-standard tools.
Apply network and system hardening practices including NAC, secure configs, and logging.
Perform penetration testing and implement Zero Trust strategies for advanced network security.

Hands-on Security & Administration

Enterprise Security & Real-World Attacks

What you'll learn

Implement SIEM solutions for centralized log management, threat detection, and alerting.
Conduct network forensics to trace attacks, preserve evidence, and maintain chain of custody.
Secure remote access using VPNs, MFA, identity-based controls, and software-defined perimeter concepts.
Configure and secure cloud network environments across AWS, Azure, and GCP platforms.
Perform red/blue team simulations, detect and mitigate DDoS attacks, and execute full incident response cycles.

Enterprise Security & Real-World Attacks

Fundamentals of Secure Coding

What you'll learn

Develop a strong grasp of common web security flaws and their real-world implications
Build the ability to analyze, exploit, and fix insecure code
Apply secure-by-design principles to their own development practices
Utilize modern tools to detect and mitigate vulnerabilities early in the SDLC
Lay the groundwork for advanced topics like API security, SSRF, DevSecOps, and secure cloud development

Fundamentals of Secure Coding

Programming Language-Specific Security

What you'll learn

Identify and remediate language-specific vulnerabilities such as injection, buffer overflows, and insecure deserialization.
Apply secure coding principles using tools like Bandit, SpotBugs, Valgrind, Helmet.js, and MobSF.
Implement proper input validation, output encoding, and secure session handling practices.
Secure APIs and mobile apps by addressing platform-specific threats and applying encryption techniques.
Strengthen application resilience through practical use of static and dynamic analysis tools.

intermediateLearn

Programming Language-Specific Security

SNORT Tool Bootcamp

What you'll learn

Increased proficiency in configuring and managing Snort
Improved ability to detect and prevent network-based attacks using Snort
A stronger understanding of network security concepts and techniques
Enhanced skills related to network security
Perform intrusion detection.

SNORT Tool Bootcamp

Bash Scripting Bootcamp

What you'll learn

Write basic Bash scripts
Use variables, loops, and conditional statements
Process data with Bash
Manage files with Bash
Interact with other programs with Bash

Bash Scripting Bootcamp

Data Recovery Bootcamp Windows

What you'll learn

Be able to recover data in windows
Be efficient in using tools like Recuva, FTK Imager, and more
Understanding of windows File systems
Conduct full recovery of data on any drive

Data Recovery Bootcamp Windows

Introduction to Digital Forensics

What you'll learn

Understand what are the roles of forensics investigator
Understand the tools used in the process
Get hands-on practical knowledge
Perform forensic activities on live evidence
Know tools like netcat, FTKimager, volatile, etc
Be able to crack beginner forensics interviews

Introduction to Digital Forensics

Vulnerability Scanning Bootcamp

What you'll learn

Learn about CVE, CWE & NVD
Learn about Nessus
Learn about OpenVas
Learn about GFI LanGaurd, Acunetix
Learn about WPScan
Perform all these activities in real-world

Vulnerability Scanning Bootcamp

Nmap Master Bootcamp

What you'll learn

Understand why Nmap is important
Understand how Nmap works
Perform Nmap Scans with ease
Custom-build your commands
Understand how the NSE engine works
Launch a full-fledged scan in real world

Nmap Master Bootcamp

Hash And Password Cracking Bootcamp

What you'll learn

Learn all about Hashes
Learn about Cracking Techniques
Get thorough in retrieving hashed passwords
Be industry ready with AD cracking methodologies
Perform dictionary attacks without any flaws
Crack every possible hash/password with ease

intermediateLearn

Hash And Password Cracking Bootcamp

Data Recovery Bootcamp Linux

What you'll learn

Be able to recover data
Know about how disk partitioning
Be efficient in using tools like dc3dd
Understanding of Linux File systems
Understand how Disk Naming is done
Conduct disk analysis on Linux

Data Recovery Bootcamp Linux

Burpsuite Bootcamp

What you'll learn

Understanding of Burpsuite
Know the tools offered by the burp suite
Use burp suite with ease in your testing
Know the difference between the pro & free edition
Perform full-fledged WAPT using only BurpSuite
Learn Real-world techniques

Burpsuite Bootcamp

Containerization & Its Security

What you'll learn

Understanding of Containers
Using Docker engine
Spinning up your own Containers
Being able to look into the security of these containers
Become well-equipped for real-world
Get hands-on experience

Containerization & Its Security

Wireless Security

What you'll learn

Understand Wireless Network
Understand the Encryption Standards
Implement security best practices
Know industry standards and regulations

Wireless Security

Getting Access with Shell

What you'll learn

Understand what is a shell
Get Hands-On with shell
Learn concepts of remote shells
Learn how to connect via remote shells
Get a brief intro to Metasploit shell

Getting Access with Shell

OWASP ZAP

What you'll learn

Knowledge of web application security
OWASP ZAP Proficiency
Career Advancement
Understand Security Testing Methodologies

OWASP ZAP

Intro to Git

What you'll learn

Understand Git
Get Hands-on knowledge of Git
Set up and use Git with ease
Understand Version Control System

Intro to Git

WireShark Bootcamp

What you'll learn

Installation and Configuring Wireshark
Capture Network Traffic
Analyze Packets
Network Troubleshooting
Security Analysis

WireShark Bootcamp

Network Fundamental Bootcamp

What you'll learn

You wil llearn network FUnadamental

Network Fundamental Bootcamp

Python Programming

What you'll learn

Increased proficiency in Python programming
A Stronger understanding of OOPS concepts and principles
Enhanced technical skills related to programming, problem-solving, and debugging.
Potential for professional advancement

Python Programming

Basic Cyber Security

What you'll learn

Wireless Security
Hands On Practical
HTTP Packet Analysis

GeneralbeginnerLearn

Basic Cyber Security

WebSec Explorer

What you'll learn

Web Enumeration
Source Code Analysis
Directory Bruteforce
Web CTF
Gobuster

WebSec Explorer

OWASP Top 10

What you'll learn

Understand OWASP Top 10 and its importance.
Identify common web app vulnerabilities and their impact.
Learn techniques to mitigate security risks.
Prepare for deeper exploration in web app security.

OWASP Top 10

DNS in detail

What you'll learn

Understand DNS and its importance.
Learn DNS translation to IP addresses.
Explore DNS hierarchy for name resolution.
Know types of DNS records and their functions.
Develop DNS management and troubleshooting skills.

DNS in detail

Sky Blue

What you'll learn

Recon
Windows Exploit
Metasploit
RDP

Sky Blue

RootRover

What you'll learn

Service Enumeration
Scanning
Exploitation
Privilege Escalation

RootRover

Introduction to Metasploit

What you'll learn

Understand penetration testing fundamentals.
Gain familiarity with the Metasploit framework.
Develop skills in vulnerability scanning and exploitation.
Learn ethical and responsible use of penetration testing tools.
Enhance cybersecurity awareness and defense capabilities.

Introduction to Metasploit

Google Dorking

What you'll learn

Master Google search operators for precise results.
Identify vulnerabilities and data leaks with Google Dork Hacking.
Extract insights from large datasets using data mining techniques.
Learn cybersecurity fundamentals for digital security.
Safeguard personal data online with information privacy measures.

Google Dorking

Mastering Hydra

What you'll learn

Use OSINT for efficient password-cracking reconnaissance.
Learn brute-force, dictionary, and hybrid attacks for password cracking.
Master Hydra's method for exhaustive password testing.

Mastering Hydra

NetShare XploitBox

What you'll learn

Mastering port scanning techniques
Understanding the significance of SMB (Server Message Block) protocol
Enumerating SMB services using various tools
Performing brute-force attacks with Hydra
Identifying vulnerabilities, including SSH private key leaks
Executing successful exploits
Exploiting misconfigurations for privilege escalation

intermediatesolve

NetShare XploitBox

Basic Room

What you'll learn

Test web apps for SQL injection, XSS, and directory traversal vulnerabilities.
Explore Linux, mastering essential commands and techniques.
Identify and exploit CMS vulnerabilities in WordPress, Joomla, Drupal.
Understand privilege escalation and exploit misconfigured user privileges.

Generalintermediatesolve

Basic Room

Mastering SQLMap

What you'll learn

SQL Injection Fundamentals: Solidify your grasp of the theory and techniques behind SQL injection attacks.
SQLMap Mastery: Learn how to wield SQLMap effectively, from reconnaissance to data exfiltration.
Advanced Exploitation: Execute complex SQL injection attacks, including blind and time-based techniques.
Evasion Tactics: Bypass common web application firewalls (WAFs) and intrusion detection systems (IDSs).
Mitigation Strategies: Understand how to defend against SQL injections and secure web applications.

Mastering SQLMap

OSINT

What you'll learn

Use internet-based techniques and tools for information gathering.
Perfect user profiling to reveal digital details about individuals.
Gain expertise in website analysis for revealing hidden information and vulnerabilities.

intermediatesolve

OSINT

Outcomes

From first lesson to security leader

A career progression you can actually plan against. Roles get harder, the stakes get higher, and SkillUp tracks adapt to where you’re heading.

Stage 01
Learner
Building foundations across networks, OS, and security primitives.
- Curious technologist
- Career switcher
Stage 02
Practitioner
Working a defined role with day-to-day technical responsibility.
- SOC Analyst
- Jr. Pentester
- Cloud Security Engineer
Stage 03
Specialist
Deep expertise in a focused domain, leading technical work.
- Threat Hunter
- Red Team Operator
- DevSecOps Lead
Stage 04
Lead
Setting strategy, building teams, and owning org-wide security outcomes.
- Security Architect
- Head of AppSec
- CISO track

Start your 7 days free trial

Discover SkillUp courses for free with a 7-day trial. Access a variety of courses to enhance your skills and knowledge.

Start Free Trial

Start

Start your upskilling track today

Pick a course, train in real labs, and walk away with skills your team can put to work on day one.

Talk to our team