Courses to Read Along
The complete theory and all exercises of our Lab courses – free to read, no sign-up. To practice hands-on on a real Linux VM, a free account is all you need.
SSH Hardening
You harden your server VM's SSH configuration against the most common attack vectors — disable root login, switch off password auth, limit login attempts, close idle sessions. 7 tasks, about 60 minutes.
Duration: 60 minLevel: BeginnerView course →Hello World
First touch of the validator. Demonstrates the 4 check types: file_content, command_output, service_status, lynis_diff.
Duration: 10 minLevel: BeginnerView course →Deploy a live website with HTTPS
Within an hour you'll get your own website online — with a valid HTTPS certificate from Let's Encrypt, your own subdomain, and real nginx. You'll edit HTML, check nginx config, and trigger certbot. At the end you can share the link — it stays live as long as the lab session runs (max. 60 minutes).
Duration: 30 minLevel: BeginnerView course →UFW + fail2ban
You set up a basic server firewall with UFW (default deny + whitelist) and protect SSH against brute-force attempts using fail2ban. 6 tasks, about 55 minutes.
Duration: 55 minLevel: BeginnerView course →nginx TLS Hardening
You harden nginx from an insecure default state (self-signed snakeoil cert + TLSv1 enabled + permissive ciphers + no security headers) into a modern TLS configuration. 7 tasks, about 60 minutes. Note: We use a self-signed certificate — browser warnings are expected here (in production you'd use Let's Encrypt, that's a separate module).
Duration: 60 minLevel: IntermediateView course →Linux Users and Permissions
You learn the Linux user and permission system: create users and groups, grant sudo access, set file ownership and access rights, and understand SUID risks. Essential for every server admin and a mandatory IHK exam topic. 5 tasks, about 60 minutes.
Duration: 60 minLevel: BeginnerView course →Linux Console
First steps with the Linux shell. Create files, move them, write content. 5 tasks.
Duration: 20 minLevel: BeginnerView course →nginx as a reverse proxy
You put nginx in front of a python3 backend that only listens on 127.0.0.1:9000. Classic web stack: backend produces content, nginx handles port 80, caching, logs and SSL. Four tasks, around 40 minutes. Prequel to the deploy-and-tls module (that's this architecture + Let's Encrypt).
Duration: 40 minLevel: BeginnerView course →HTML Basics
Build your very first webpage. 5 short tasks — tags, headings, paragraph, link, image. No prior knowledge needed.
Duration: 25 minLevel: BeginnerView course →Pentest Basics: SSH Brute Force
First offensive module: you attack a deliberately weak SSH instance. You'll learn nmap, hydra, and see live why the hardening rules from the SSH-Hardening module are not a toy. Everything happens on YOUR own lab VM (loopback) — no external target.
Duration: 45 minLevel: IntermediateView course →Linux Firewall with nftables
You learn nftables — the modern successor to iptables, now the default on 75% of Linux servers. You build a production-grade firewall step by step: create tables and chains, allow SSH and HTTP/S, block everything else, and persist your rules. 6 tasks, about 75 minutes.
Duration: 75 minLevel: IntermediateView course →Log Analysis: spot SSH attacks in auth.log
The defender side of the pentest lesson: your VM has 200 synthetic SSH brute-force entries in /var/log/auth.log. With grep, awk and sort you filter out how many failed login attempts there were, which IP is the dominant attacker and how many unique source IPs tried. Four tasks, around 30 minutes. Pure defense — these skills you need every day once a server is live.
Duration: 30 minLevel: IntermediateView course →Secure Docker Containers
You harden a Docker installation following the CIS Docker Benchmark: eliminate root containers, restrict capabilities, enable read-only filesystems, configure network isolation, and secure the Docker daemon. Prerequisite: docker-basics module. 6 tasks, about 90 minutes.
Duration: 90 minLevel: AdvancedView course →Docker Basics: your first container
You learn the building blocks of Docker on your lab VM: pulling images, running containers, port mapping, container lifecycle. Four tasks, all on your own VM — no external setup, no cloud account. At the end an nginx container runs behind port 8080 and you understand why docker is the default deploy tool for modern web apps.
Duration: 30 minLevel: BeginnerView course →Incident Response with journald
A server has been compromised. You investigate the incident systematically: filter journald logs, identify suspicious logins and processes, reconstruct a timeline, isolate compromised services, and write an incident report. University level — SOC analyst workflow in practice. 5 tasks, about 90 minutes.
Duration: 90 minLevel: AdvancedView course →