← Back to main site
← Learning

Hands-on Security Lab Pack

Practice real-world security scenarios in a safe, guided environment. Web security, API testing, Linux hardening, and cloud security—with exercises you can run locally or in a VM.

What you will learn

By the end of the pack you will have hands-on experience with common security tasks and tooling used in app sec and cloud security roles.

  • Web security: authentication, authorization, injection, and common OWASP issues
  • API security testing with realistic targets and tooling
  • Linux security: permissions, logging, and hardening
  • Cloud security scenarios (misconfigurations, IAM, exposure)
  • Python automation for scanning, parsing, and triage

Lab categories

Labs are grouped by topic so you can focus on web, API, Linux, or cloud depending on your goals.

Web security labs

Auth, session handling, access control, XSS, and injection in a safe lab environment.

API testing exercises

REST and GraphQL API security: BOLA, auth, rate limiting, and input validation.

Linux security analysis

File permissions, audit logs, user and privilege management, and hardening checks.

Cloud security scenarios

AWS-style misconfigurations, IAM, S3, and network exposure with guided fixes.

Preview labs

Try these three labs for free. Each links to the GitHub folder with instructions and starter code.

Lab 01 – Port Scanner

Build a simple port scanner in Python to discover open ports on a target host. Learn network basics and socket programming.

Beginner30–45 min
Start lab

Lab 04 – File Permission Audit

Audit file and directory permissions on a Linux system. Identify overly permissive files and harden configurations.

Beginner45–60 min
Start lab

Lab 07 – IDOR Demo

Hands-on demonstration of Insecure Direct Object Reference (IDOR). Find and exploit IDOR in a sample web app.

Intermediate45–60 min
Start lab

Full curriculum

The full pack adds more labs, cloud scenarios, and automation scripts in a structured sequence.

Foundations

  • Environment setup
  • Tooling overview
  • Lab 01–03: Network & scripting

Linux & systems

  • Lab 04–06: Permissions, logging, hardening

Web & API

  • Lab 07–09: IDOR, auth, injection
  • API testing labs

Cloud & automation

  • Cloud security scenarios
  • Python automation scripts
  • Wrap-up and next steps

What's included

Everything you need to run the labs on your own machine or in a cloud VM.

  • All lab instructions and starter code in a private GitHub repo or download
  • Sample vulnerable apps and targets for web and API labs
  • Cloud security scenario configs and fix checklists
  • Python automation scripts for scanning and triage
  • Email support for setup and clarification during the lab period

Who this is for

The lab pack is designed for people who learn by doing and want to build a practical security skillset.

  • Students and career switchers building a security portfolio
  • Junior developers or DevOps engineers moving into security
  • Anyone who learns best by doing and wants guided, practical labs

Pricing

€49

One-time access to the full lab pack, materials, and support during the lab period.

Get the lab pack

Ready to practice real-world security?

Start with the free preview labs above. When you want the full set and support, get the Hands-on Security Lab Pack or reach out with questions.

Try preview labsContact for the full pack

Support my work

If my articles, case studies, or security resources helped you, you can support my work. Your support helps me maintain free content and keep publishing practical security guides.

Revolut

Quick support in seconds.

Buy me a spritz

Bank transfer (EUR)

If you prefer a traditional bank transfer, request IBAN and bank details via the contact form

Request bank details

Support is optional. For consulting or security work, please use the Services or Contact pages.