The Basic Computer Network Exploitation course introduces foundational offensive security concepts and techniques through hands-on exploitation of Windows and Linux systems in controlled environments. Students learn how attackers perform reconnaissance, gain initial access, escalate privileges, maintain persistence, and move within a network. The course emphasizes command-line proficiency, structured tradecraft, and repeatable workflows rather than advanced exploitation or custom tooling. Students conclude with a Culmination Exercise (CULEX) that requires executing a basic end-to-end exploitation workflow across multiple hosts.

Intended Audience: Individuals new to offensive security, junior cyber operators, and security practitioners seeking foundational hands-on experience with exploitation techniques. Students should have basic familiarity with computer systems but do not need prior penetration testing or red team experience.

CNE Fundamentals and Offensive OSINT introduces students to foundational computer network exploitation concepts with a strong emphasis on offensive open-source intelligence (OSINT) and target development. The course teaches students how attackers collect, analyze, and operationalize publicly available information to support reconnaissance, targeting, and exploitation activities. Students progress from OSINT tradecraft and intelligence development to basic scanning, payload generation, and exploitation frameworks, emphasizing how intelligence-driven targeting informs early-stage access and client-side attack techniques. The course emphasizes structured workflows, ethical constraints, and repeatable methodologies rather than advanced exploitation or custom tooling. Students conclude with a Culmination Exercise (CULEX) integrating OSINT-driven targeting and basic exploitation techniques.

Intended Audience: Individuals new to offensive security and cyber operations, including junior cyber operators, analysts, and security practitioners seeking foundational experience in OSINT, reconnaissance, and early-stage exploitation workflows. No prior exploitation experience is required, but basic familiarity with networking and operating systems is beneficial.

The Basic Cyber Exploitation Analysis course provides foundational pipeline training for personnel entering an exploitation analyst work role. The course emphasizes structured operational processes, mission analysis, information gathering, target profiling, and exploitation support activities. Students learn how exploitation operations are planned, supported, executed, and documented within a governed cyber operations environment. Instruction blends conceptual understanding with hands-on application through checks on learning (COLAs), labs, and a midterm knowledge assessment. Students progress from understanding the exploitation analyst role and operational environment to supporting mission planning, executing guided exploitation workflows, and producing mission artifacts. The course culminates in a Culmination Exercise (CULEX) requiring students to support and execute a basic exploitation operation in accordance with defined processes and constraints.

Intended Audience: Entry-level cyber personnel, junior analysts, and pipeline students preparing to support or perform duties within an exploitation analyst work role. This course is designed for individuals new to cyber operations who require structured, role-specific training rather than broad multi-role exposure.

The Intermediate Penetration Testing course focuses on the methodologies and tradecraft used by professional penetration testers operating within legal and ethical boundaries. The course is built around attacker behaviors and techniques while maintaining a strong emphasis on professional testing standards, rules of engagement, and reporting. Students progress through the penetration testing lifecycle, including information gathering, scanning and service enumeration, vulnerability mapping, exploitation of perimeter and internal systems, post-exploitation, and reporting. The course culminates in a six-hour Culmination Exercise (CULEX) requiring students to gain initial access to a target network and maneuver through multiple systems to achieve defined objectives.

Intended Audience: Cyber operators, penetration testers, and security practitioners who possess foundational networking and security knowledge and are ready to develop structured penetration testing skills. This course is intended for students seeking hands-on experience with common tools, methodologies, and workflows used during real-world penetration testing engagements.

PowerShell for Red Teaming teaches practical PowerShell skills tailored to offensive operations and operational tradecraft, with strong emphasis on detection awareness. Students move from core PowerShell constructs to intermediate scripting, remote execution, persistence patterns, and tooling used in modern engagements. The course balances technique with detection/defense considerations so learners understand both execution and observability. The week culminates with a PowerShell-only Capture-the-Flag (CTF) style Culmination Exercise (CULEX) that validates scripting, automation, remote execution, and reporting skills in a controlled environment.

Intended Audience: Cyber operators, red team personnel, and penetration testers who require practical PowerShell proficiency for offensive operations in Windows environments. Students should already be comfortable with basic PowerShell usage and Windows internals and be prepared to apply scripting techniques in detection-aware, operational scenarios.

Wireless Computer Network Exploitation provides a structured exploration of modern wireless technologies and their security implications. This course equips students with the knowledge and skills needed to evaluate, test, and exploit wireless technologies in support of cyber operations. Over five days, students examine the foundations of RF communication, dissect 802.11 protocols, and assess weaknesses in Wi-Fi security standards. The course emphasizes applied analysis and exploitation of wireless devices and access points, including IoT systems. Students finish with a comprehensive Culmination Exercise that validates their ability to conduct reconnaissance, execute attacks, and assess risk in wireless environments.

Intended Audience: Cyber operators, penetration testers, and red team personnel who require foundational-to-intermediate proficiency in wireless reconnaissance, exploitation, and credential capture. Participants should have a basic understanding of networking concepts and offensive security fundamentals and be prepared to apply wireless attack techniques in controlled lab environments.

Penetration Testing Active Directory prepares students to enumerate, analyze, exploit, and dominate Windows enterprise domains using modern red-team and penetration testing techniques throughout an Active Directory forest containing seven domains. Students progress through the full Active Directory attack lifecycle: directory structure analysis, LDAP-based queries and enumeration, credential extraction, Kerberos manipulation, lateral movement across domain trusts, privilege escalation, and domain compromise. The course emphasizes operational tradecraft using tools such as PowerShell, Impacket, Mimikatz, BloodHound, Rubeus, and advanced Windows exploitation frameworks. Students conclude with a Culmination Exercise (CULEX) requiring real-time offensive operations and documentation in a multi-domain enterprise scenario.

Intended Audience: Cyber operators, penetration testers, red team members, and enterprise security professionals who require structured tradecraft for enumerating and exploiting Windows Active Directory environments.

The Penetration Testing with Enterprise Tools course focuses on the methodologies and tradecraft used by professional penetration testers operating within legal and ethical boundaries. The course is built around attacker behaviors and techniques while maintaining a strong emphasis on professional testing standards, rules of engagement, and reporting. Students progress through the penetration testing lifecycle, including information gathering, scanning and service enumeration, vulnerability mapping, exploitation of perimeter and internal systems, post-exploitation, and reporting. The course culminates in a six-hour Culmination Exercise (CULEX) requiring students to gain initial access to a target network and maneuver through multiple systems to achieve defined objectives.

Intended Audience: Cyber operators, penetration testers, and security practitioners who possess foundational networking and security knowledge and are ready to develop structured penetration testing skills. This course is intended for students seeking hands-on experience with common tools, methodologies, and workflows used during real-world penetration testing engagements.

Linux CNE develops advanced operator proficiency in host-centric reconnaissance, exploitation, persistence, lateral movement, and evasion within Linux-based enterprise environments. The course emphasizes realistic, detection-aware tradecraft modeled after modern adversary workflows, requiring learners to navigate defended systems, containerized services, and web-exposed applications under operational constraints. Students progress from initial access and host-level situational awareness to advanced privilege escalation, covert tunneling, container escapes, and remote exploitation of Linux services. Instruction blends conceptual tradecraft with repeatable, operator-ready workflows. Students conclude with a mission-driven Culmination Exercise (CULEX) that integrates the week's techniques in a timed operational scenario.

Intended Audience: Advanced cyber operators, red team personnel, and CNE/CNO practitioners who require deep, hands-on capability in Linux host exploitation, persistence, privilege escalation, lateral movement, and web/container-based attack workflows. Participants should have prior experience with Linux command-line operations and offensive security fundamentals.

Windows CNE develops advanced operator skills for conducting targeted Windows host reconnaissance, persistence, privilege escalation, lateral movement, and remote exploitation within controlled environments. The course emphasizes detectable tradecraft, evasion techniques, and defensive considerations so participants learn both offensive techniques and how they appear from a detection standpoint. Instruction balances conceptual tradecraft with repeatable procedures and lab exercises; learners finish the week by demonstrating integrated capability in a timed Culmination Exercise (CULEX).

Intended Audience: Personnel performing Computer Network Exploitation (CNE), red team operations, or adversary emulation who require advanced host-level skills for reconnaissance, persistence, escalation, and movement within Windows environments.