Learning Academy

Learn How This
Actually Works.

These rooms cover the tools and concepts I use at work. Built for people who want to understand what's happening under the hood — not just pass an exam.

ROOM_01

📊

SIEM & Detection Engineering

How to build a detection pipeline that actually catches things. Full Wazuh + Elastic setup, detection logic from scratch.

Installing and configuring Wazuh + Elastic
Writing detection rules and Sigma rules
Log correlation and alert logic
Triage workflow from alert to incident
Threat hunting inside your own data

● Live Enter Room →

ROOM_02

🪟

Windows for Cybersecurity

Windows is the dominant target in most environments. This room covers the internals you need to understand to defend it.

Windows event log deep-dive
Active Directory attack paths
Group Policy security hardening
PowerShell for forensic analysis
Understanding Defender and AMSI

● Live Enter Room →

ROOM_03

🐧

Linux for Cybersecurity

Servers run Linux. Attacker tooling runs on Linux. Most detection gaps I've seen are on systems people assumed were safe.

File system layout and permissions
SUID, GUID, and privilege escalation paths
Bash scripting for security automation
Firewall configuration with iptables/nftables
Log monitoring with auditd and rsyslog

◐ Beta Enter Room →

ROOM_04

🌐

Networking for Security

Most attacks move over a network. If you don't understand the protocols, you'll miss the indicators.

TCP/IP, UDP, and reading packet captures
How DNS, HTTP, and TLS get abused
Network segmentation and VLAN strategy
Wireshark for practical traffic analysis
Firewall rules, IDS, and IPS concepts

○ Coming Soon Notify Me

Learn How ThisActually Works.

SIEM & Detection Engineering

Windows for Cybersecurity

Linux for Cybersecurity

Networking for Security

Learn How This
Actually Works.