Interactive offensive security training courses built around real open-source GitHub projects. Each course is a deep-dive into the internals of a specific tool or technique — how it works, why it works, and how defenders detect it.
Built for learning, not for deployment.
Hosted on GitHub Pages: Self-Taught Course Dashboard
- 18 Courses across syscalls, injection, evasion, encryption, rootkits, and more
- 147 Modules of structured content
- 3 Difficulty Tiers — Beginner, Intermediate, Advanced
| Course | Topic | Language | Modules |
|---|---|---|---|
| AceLdr | Reflective DLL loading, sleep masking, FOLIAGE | C / ASM | 9 |
| Stardust | PIC C++20 implant template, PEB walking | C++20 / NASM | 10 |
| FunctionPeekaboo | LLVM per-function self-masking XOR | C++ / LLVM | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| Hell's Gate | Dynamic SSN resolution & direct syscalls | C / x64 ASM | 8 |
| LayeredSyscall | VEH-based indirect syscalls, HW breakpoints | C++ / x64 | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| Ekko | Timer-based sleep obfuscation, ROP + RC4 | C / x64 | 8 |
| ShellcodeFluctuation | XOR encrypt/decrypt memory on sleep cycles | C++ / x64 | 8 |
| ShellGhost | Single-instruction VEH execution via INT3 | C / x64 | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| PoolParty | 8-variant thread pool injection | C++ / x64 | 8 |
| ThreadlessInject | Threadless injection via remote function hooking | C++ / x64 | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| SilentMoonwalk | Dynamic call stack spoofing & desynchronization | C++ / x64 | 8 |
| Draugr | Synthetic call stack frames, BOFs, JMP RBX gadgets | C++ / ASM / BOF | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| Donut | PE/DLL/.NET-to-shellcode conversion | C / x86/x64 | 8 |
| Shoggoth | Polymorphic shellcode engine with asmjit | C++ / x86/x64 | 8 |
| Hooka | Shellcode loader generator, AMSI/ETW patching | Go / Windows | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| ProcessGhosting | Ghost process from delete-pending files | C++ / x64 | 8 |
| COFFLoader | Beacon Object File loader outside Cobalt Strike | C / x64 | 8 |
| Course | Topic | Language | Modules |
|---|---|---|---|
| Nidhogg | Windows kernel rootkit — DKOM, ETW, callbacks | C/C++ / Kernel | 8 |
index.html Main dashboard (18 courses)
assets/
course.css Shared module styles
course.js Quiz grading, mobile nav, scroll animations
Project/
<CourseName>/
<CourseName>_index.html Course landing page with module grid
modules/
module1.html ... module8.html Individual teaching modules
Every module is a self-contained HTML page with:
- Sidebar navigation linking all modules in the course
- Difficulty badges (Beginner / Intermediate / Advanced)
- Code blocks with language tags and syntax highlighting
- Flow diagrams built from CSS (no images needed)
- Interactive quizzes graded client-side via
gradeQuiz() - Prev/Next navigation at the bottom
Modules share assets/course.css and assets/course.js. Each course sets its own accent colors via CSS custom properties:
:root {
--accent: #e11d48;
--accent2: #be123c;
--gradient: linear-gradient(135deg, #e11d48, #be123c);
}Clone and open any HTML file directly in your browser — no build step, no server, no dependencies:
git clone https://github.com/yourusername/Self-Taught-Course.git
# Open index.html in your browserThis content is strictly for educational and authorized security research purposes. Every technique covered here has documented defensive countermeasures. Understanding how attacks work is essential for building effective defenses.
Do not use any of this material against systems you do not own or have explicit authorization to test.
- End-of-course exams
- Hands-on assignments
- Consolidated references file
- Search functionality across all courses