Browse the Full Catalog
Cybrary’s comprehensive, framework-aligned catalog has been reorganized to provide you with an intentional, guided learning experience. Advance your career, prep for certifications, and build your skills whenever, wherever.
The content and tools you need to build real-world skills
Rapidly develop your skills via an integrated and engaging learning
experience on the Cybrary platform.
Bite-sized Video Training
Manageable instruction from industry experts
Hands-On Learning
Put your skills to the test in virtual labs, challenges, and simulated environments
Practice Exams
Prepare for industry certifications with insider tips and practice exams
Earn Industry Badges
Complete coursework to earn industry-recognized badges via Credly
CompTIA CySA+ Certification Training (CS0-002)
CompTIA IT Fundamentals Certification Training
CertNexus Cybersec First Responder Certification Prep
CertNexus’s CyberSec First Responder certification is designed for individuals on the front line of cybersecurity at their organizations, required to protect critical information systems before, during, and after an incident which may be a cybersecurity attack. This certification prep path is designed to provide you with a comprehensive overview of the concepts and skills you will need to pass the certification exam.
CISM Certification Course & Training
Our CISM certification course and training for the CISM certification to show you have an all-around technical competence and an understanding of the business objectives around data security. Our CISM training helps you understand the core concepts required of a security manager, and prepare you for the CISM exam. There are no prereqs for this course, but the exam requires five years of experience.
AZ 900 Azure Fundamentals
This Microsoft Azure Fundamentals (AZ-900) course is designed to prepare non-technical professionals to use cloud-based solutions and services such as computing, storage, networking and security to power their organization’s processes. This AZ-900 course is an excellent way to prepare for the AZ-900 certification exam. No prerequisites required!
AZ-305 Designing Microsoft Azure Infrastructure Solutions Certification Prep
AZ-500 Microsoft Azure Certification Training
CompTIA CASP+ Certification Prep
CISSP Certification Prep
Our CISSP certification course and training for the CISSP certification, essential for cybersecurity professionals aiming to move up in their career. This course will cover all aspects of security, risk management, and architecture to help you prepare for the CISSP exam. Learn from experienced professionals and gain the knowledge needed to become a certified security expert.
OWASP Top 10 - A08:2021 - Software and Data Integrity Failures
OWASP Top 10 - A04:2021 - Insecure Design
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
OWASP Top 10 - A05:2021 - Security Misconfiguration
OWASP Top 10 - A02:2021 - Cryptographic Failures
OWASP Top 10 - A07:2021 - Identification and Authentication Failures
OWASP Top 10 - A06:2021 - Vulnerable and Outdated Components
OWASP Top 10 - A03:2021 - Injection
OWASP Top 10 - A01:2021 - Broken Access Control
OWASP Top 10 - A04:2017 - XML External Entities
Protocol Tunneling
Exfiltration Over Alternative Protocol: Asymmetric Encrypted Non-C2 Protocol
SSH Authorized Keys
CVE Series: OpenSSL Infinite Loop (CVE-2022-0778)
Lateral Movement: Windows Remote Management
Persistence via Windows Services
System Binary Proxy Execution and a Spearphish Payload
Server Software Component: Web Shell
Scheduled Task
Registry Run Keys
CRISC Certification Prep
AWS Solutions Architect Certification Training (SAA-C03)
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
How to Use Ophcrack (BSWR)
Introduction to Java
Secure Coding Fundamentals
Wireless Network Fundamentals for Security Practitioners
Fundamental Cryptography: Data Protection
Networking Fundamentals for Security Practitioners
Mobile Security Fundamentals
Malware Fundamentals
Fundamentals of Risk Policies and Security Controls
Kerberoasting and Domain Accounts
Match Legitimate Name or Location and Data Encrypted for Impact
Application Shimming and Data from Local System
Spearphishing Attachment and PowerShell
Exfiltration to Cloud Storage
Non-Standard Port
Remote System Discovery and Remote Desktop Protocol
CompTIA Network+ Certification Training (N10-008)
Scanning & Enumeration
OWASP Top 10 - A05:2021 - Security Misconfiguration
OWASP Top 10 - A02:2021 - Cryptographic Failures
Cybrary Challenge: Motor Mayhem
Challenge: Memory Mysteries
Challenge: Between Two Numbers
Challenge: Saving A Fellow Spy
Challenge: Space Mission
Challenge: A Message Within A Message
Challenge: Don't Believe What You Hear
Challenge: Chatting with ChatGPT
Challenge: Saving a Fellow Monster
Challenge: Gobble Gobble Conceal & Deceive
Challenge: For the Rebellion or the Empire
Challenge: Update B4 It's 2Late
Challenge: MFA ... All Day Every Day
Challenge: Password123
Challenge: Teach a Person to Phish
Challenge: Episode II - Attack of the Encoders
Challenge: The Base(64)ics
Challenge: Spiny Shell
CVE Series: Jenkins Arbitrary File Leak Vulnerability (CVE-2024-23897)
CVE-2024-23897 is a critical security flaw affecting Jenkins, a Java-based open-source automation server widely used for application building, testing, and deployment. It allows unauthorized access to files through the Jenkins integrated command line interface (CLI), potentially leading to remote code execution (RCE).
CVE Series: Authentication Bypass Leading to Remote Code Execution (RCE) in JetBrains TeamCity (CVE-2024-27198)
CVE-2024-27198 is a critical vulnerability in JetBrains TeamCity, a Java-based open-source automation server used for application building. This flaw allows remote, unauthorized attackers to circumvent authentication, thereby gaining admin control over the server. All versions of TeamCity On-Premises up to 2023.11.3 are affected.
CVE Series: “Leaky Vessels” Container Breakout (CVE-2024-21626)
CVE-2024-21626 is a severe vulnerability affecting all versions of runc up to 1.1.11, a critical component utilized by Docker and other containerization technologies like Kubernetes. This vulnerability enables an attacker to escape from a container to the underlying host operating system. Put on your red team hat to exploit this vulnerability.
CVE Series: Authentication Bypass in Apache Superset (CVE-2023-27524)
CVE-2023-27524 is a critical vulnerability in Apache Superset, affecting versions up to 2.0.1. It enables attackers to bypass authentication by exploiting weak or default SECRET_KEY values. Attackers can forge session cookies to gain admin access, leading to potential remote code execution and unauthorized data access.
CVE Series: Confluence Authentication Vulnerability (CVE-2023-22515)
Confluence suffers from a Broken Access Control vulnerability that affects Data Center and Server versions 8.0.0 to 8.3.2, 8.4.0 to 8.4.2, and 8.5.0 to 8.5.1. Threat actors exploit this vulnerability to obtain administrator access to Confluence servers. Put on your Red Team hat to create your own malicious admin account leveraging this CVE!
CVE Series: Openfire (CVE-2023-32315)
CVE Series: Dirty Pipe (CVE-2022-0847)
CVE Series: noPac (CVE-2021-42278 and CVE-2021-42287)
CVE Series: Polkit (CVE-2021-4034)
CVE Series: Log4J (CVE-2021-44228)
CVE Series: InstallerFileTakeOver (CVE-2021-41379)
CVE Series: MSHTML Vulnerability (CVE-2021-40444)
CVE Series: HiveNightmare (CVE-2021-36934)
CVE Series: PrintNightmare (CVE-2021-1675 and CVE-2021-34527)
CVE Series: Ghostcat (CVE-2020-1938)
CVE Series: F5 BIG-IP (CVE-2022-1388)
CVE Series: Atlassian Bitbucket Command Injection (CVE-2022-36804)
CVE Series: Grafana Directory Traversal (CVE-2021-43798)
CVE Series: Blind NoSQL Injection (CVE-2021-22911)
CVE Series: Apache HTTPD (CVE-2021-42013)
CVE Series: Apache Spark (CVE-2022-33891)
CVE Series: Django (CVE-2022-34265)
CVE Series: Follina (CVE-2022-30190)
CVE Series: Confluence RCE (CVE-2022-26134)
CVE Series: OpenSSL Infinite Loop (CVE-2022-0778)
CVE Series: Redis (CVE-2022-0543)
CVE Series: Spring4Shell (CVE-2022-22965)
Royal Ransomware Group
Raspberry Robin
Double Trouble with Double Dragon
Weak Link in the Supply Chain
Spinning a Web Shell for Initial Access
Exfiltration and Extortion
Ransomware for Financial Gain
Our Instructors
Industry seasoned. Cybrary trained.
Our instructors are current cybersecurity professionals trained by Cybrary to deliver engaging, consistent, quality content.