Technical Lab Library

24 hands-on technical labs mapped to the 4-track, 24-week curriculum. Each lab is a self-contained exercise you can run in a home lab or virtual environment — no paid tools required.

100% Free 24 Labs Beginner to Advanced

Track 1 — Foundations

Weeks 1–6. Core IT, networking, and operating system fundamentals every technical lab builds on.

LAB 01Beginner

Build Your Home Lab

Install a hypervisor and stand up your first two virtual machines — a Linux box and a Windows box — that you'll reuse for every lab in this course.

VirtualBoxUbuntuWindows 10
LAB 02Beginner

Linux Command Line Survival Kit

Navigate the filesystem, manage users and permissions, and chain commands together to automate a basic system audit.

BashLinux
LAB 03Beginner

Networking Fundamentals Lab

Subnet a network by hand, configure static IPs across your VMs, and use ping/traceroute to map the path between hosts.

Wiresharkipconfigtraceroute
LAB 04Beginner

Packet Capture 101

Capture live traffic on your lab network and identify protocols, source/destination pairs, and plaintext credentials in unencrypted traffic.

Wiresharktcpdump
LAB 05Intermediate

Windows & Linux Hardening Basics

Apply baseline security settings to both VMs — disable unused services, enforce password policy, and configure host firewalls.

Group PolicyUFW
LAB 06Intermediate

Active Directory Mini-Domain

Stand up a Windows Server domain controller, join a client, and create your first organizational units, users, and group policies.

Windows ServerActive Directory

Track 2 — Threats & Attacks

Weeks 7–12. Offensive security fundamentals — reconnaissance, exploitation, and social engineering, all in a legal lab environment.

LAB 07Intermediate

Reconnaissance & Footprinting

Use passive and active recon techniques against a lab target to build a profile of open ports, services, and software versions.

NmapShodan
LAB 08Intermediate

Vulnerability Scanning

Run an authenticated vulnerability scan against your lab network and triage the results into a prioritized remediation list.

NessusOpenVAS
LAB 09Advanced

Exploiting a Vulnerable VM

Compromise an intentionally vulnerable machine end-to-end — initial access, privilege escalation, and a documented proof of compromise.

MetasploitMetasploitable
LAB 10Intermediate

Web Application Attacks

Identify and exploit SQL injection and cross-site scripting in a deliberately vulnerable web app, then write up the findings.

DVWABurp Suite
LAB 11Beginner

Phishing Simulation

Build a simulated phishing campaign and landing page in a closed lab environment to study how social engineering attacks are constructed.

GoPhish
LAB 12Advanced

Malware Behavior Analysis

Detonate a sample in an isolated sandbox VM and analyze its network calls, persistence mechanisms, and file system changes.

Cuckoo SandboxProcess Monitor

Track 3 — Defense & Cryptography

Weeks 13–18. Blue team skills — detection, monitoring, incident response, and the cryptography that underpins secure systems.

LAB 13Intermediate

Build a Home SOC with Wazuh

Deploy a free SIEM, forward logs from your lab VMs, and write your first detection rule for a brute-force login attempt.

WazuhElastic
LAB 14Intermediate

Intrusion Detection with Snort

Configure an open-source IDS to alert on suspicious traffic patterns you generate yourself from an attacker VM.

SnortWireshark
LAB 15Advanced

Incident Response Tabletop

Walk through a simulated breach end-to-end — containment, eradication, recovery — and produce a written incident report.

NIST 800-61
LAB 16Beginner

Symmetric & Asymmetric Encryption

Encrypt and decrypt files using both AES and RSA from the command line, and explain when each approach is the right choice.

OpenSSL
LAB 17Intermediate

PKI & Certificate Management

Stand up your own certificate authority, issue a server certificate, and configure HTTPS on a lab web server.

OpenSSLApache
LAB 18Intermediate

File Integrity & Hashing

Use hashing to verify file integrity, then demonstrate how a single changed byte breaks the hash — the basis for tamper detection.

sha256sumHashCalc

Track 4 — Governance & Cert Prep

Weeks 19–24. Risk, compliance, and applied review labs that tie the whole curriculum together ahead of the Security+ exam.

LAB 19Beginner

Risk Assessment Workshop

Score a set of sample assets against likelihood and impact to produce a basic risk register and prioritized treatment plan.

Risk Matrix
LAB 20Beginner

Security Policy Drafting

Write an acceptable use policy and a password policy for a fictional small business, aligned to common compliance frameworks.

NIST CSF
LAB 21Intermediate

Backup & Disaster Recovery Drill

Configure automated backups for a lab VM, then simulate a full failure and execute your own recovery runbook.

Veeamrsync
LAB 22Intermediate

Identity & Access Management

Implement role-based access control and multi-factor authentication across your lab domain, then audit who can access what.

Active DirectoryMFA
LAB 23Advanced

Capture the Flag Review

A mixed-skills CTF pulling together recon, exploitation, log analysis, and cryptography from every earlier track in one challenge.

TryHackMeKali Linux
LAB 24Beginner

Security+ Exam Simulation

Sit a full-length timed practice exam mapped to the SY0-701 domains, then review every missed question against the relevant lab.

Security+ SY0-701

Ready to start lab 01?

All 24 labs are free, self-paced, and designed to be done in order alongside the 24-week curriculum.

Enroll Now — It's Free