Train Across the
Entire Attack Chain.
Browser-based offensive and defensive missions built around real adversary behavior. Investigate evidence, operate tools, submit findings, and develop measurable security skills.
[operator@kc-lab ~]$ nmap -sV 10.0.1.44
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.9
80/tcp open http Apache 2.4.54
443/tcp open ssl/http Apache 2.4.54
3306/tcp open mysql MySQL 5.7.40
Active Mission
SQL Injection Discovery
Identify and exploit SQL injection vectors
00:47:23
Evidence Locker
2 of 4 artifacts collected
Operator | 1,740 pts
Kill Chain Progress
The Cyber Kill Chain
Seven phases of adversary operations. Every mission maps to at least one.
Reconnaissance
Phase 1 of 7Map the target attack surface and gather intelligence
Detect enumeration and scanning activity
Reconnaissance
Phase 1 of 7Map the target attack surface and gather intelligence
Detect enumeration and scanning activity
Choose Your Difficulty
Every mission is designed around a specific skill level, from guided introductions to open-ended investigations.
Recruit
Guided workflow with structured hints, clear objectives, and introductory tools. Learn the fundamentals of each domain.
- Guided step-by-step objectives
- Structured hint ladder
- Single-phase focus
Operator
Multi-stage investigations requiring evidence analysis, terminal work, and cross-phase thinking. Reduced guidance.
- Multi-step evidence collection
- Limited hint availability
- Cross-domain scenarios
Elite
Minimal guidance, multiple attack paths, advanced reporting requirements, and higher evidence thresholds.
- No hints available
- Multiple valid solutions
- Full kill chain traversal
Your Entire Lab Runs in the Browser
No disconnected worksheets. No passive video completion. Every mission requires evidence, decisions, and execution.
MISSION BRIEFING
SQL Injection Discovery
Identify injection vectors in the target web application and extract the database schema.
[operator@kc-lab]$ sqlmap -u "http://10.0.1.44/search?q=test" --dbs
[*] fetching database names
available databases [3]:
[*] information_schema
[*] target_app
[*] mysql
EVIDENCE LOCKER
- Service enumeration complete
- SQL injection vector identified
- Database schema extracted
- Flag retrieved
CHECKPOINT
2 of 4 completed
HINTS
1 used · 2 remaining
−25% per hint
Train for Your Role
Structured progression through domains and kill chain phases aligned to real security roles.
Offensive Operator
Web exploitation, network attacks, privilege escalation
Start with web vulnerability discovery
Explore PathDefensive Analyst
Threat detection, log analysis, incident triage
Start with network traffic analysis
Explore PathCloud Defender
Cloud misconfiguration, IAM abuse, container security
Start with IAM policy review
Explore PathMalware Analyst
Static and dynamic analysis, reverse engineering
Start with basic PE analysis
Explore PathWeb Security Operator
OWASP Top 10, API security, client-side attacks
Start with XSS discovery
Explore PathThreat Hunter
Proactive threat detection, hypothesis-driven investigation
Start with OSINT correlation
Explore PathTrack Every Skill You Build
Your operator profile reflects real evidence from completed missions — not hours watched.
12
Missions
4
Domains
5
Phases
SQL Injection Discovery
Web Application Security
Network Recon Basics
Network Attack/Defense
Next Rank: Specialist at 3,500 pts
1,760 points remaining to level up.
* Sample operator profile. Your actual progression is updated instantly as you submit verified evidence in missions.
Four Steps. Real Evidence.
Every mission follows the same loop. The browser lab is the center of the experience.
Receive the Mission
Read the briefing, understand the target environment, and review your objectives before you begin.
Each mission maps to a Kill Chain phase and security domain.
Launch the Environment
Your isolated lab environment starts in the browser. No local configuration needed for browser-based missions.
Environments include terminals, web targets, and analysis tools.
Investigate and Submit
Run commands, analyze evidence, and submit findings through flag submission or evidence collection.
Hints are available at a point cost. Each hint reduces your score by 25%.
Review the Debrief
Review the mission debrief showing the intended approach, alternative methods, and defensive countermeasures.
Points are awarded, your rank updates, and the next mission is recommended.
Receive the Mission
Read the briefing, understand the target environment, and review your objectives before you begin.
Each mission maps to a Kill Chain phase and security domain.
Launch the Environment
Your isolated lab environment starts in the browser. No local configuration needed for browser-based missions.
Environments include terminals, web targets, and analysis tools.
Investigate and Submit
Run commands, analyze evidence, and submit findings through flag submission or evidence collection.
Hints are available at a point cost. Each hint reduces your score by 25%.
Review the Debrief
Review the mission debrief showing the intended approach, alternative methods, and defensive countermeasures.
Points are awarded, your rank updates, and the next mission is recommended.
Field Intelligence
Tactical knowledge organized by domain, phase, and role. Every resource connects to the training you do.
Field Intelligence content expands as the mission library grows. Resources are linked directly to specific missions, domains, and phases.
Critical Threat Landscapes
Targeted training across 7 specialized threat environments, scaled from Novice to Elite.
Your First Mission Is Ready.
Establish your operator identity, complete Mission 0, and begin building evidence-backed security skills in isolated lab environments.







