Linux CNE develops advanced operator proficiency in host-centric reconnaissance, exploitation, persistence, lateral movement, and evasion within Linux-based enterprise environments. The course emphasizes realistic, detection-aware tradecraft modeled after modern adversary workflows, requiring learners to navigate defended systems, containerized services, and web-exposed applications under operational constraints. Students progress from initial access and host-level situational awareness to advanced privilege escalation, covert tunneling, container escapes, and remote exploitation of Linux services. Instruction blends conceptual tradecraft with repeatable, operator-ready workflows. Students conclude with a mission-driven Culmination Exercise (CULEX) that integrates the week's techniques in a timed operational scenario.
Intended Audience: Advanced cyber operators, red team personnel, and CNE/CNO practitioners who require deep, hands-on capability in Linux host exploitation, persistence, privilege escalation, lateral movement, and web/container-based attack workflows. Participants should have prior experience with Linux command-line operations and offensive security fundamentals.