Home
Dashboard
Glossary
📢 Notice
Announcement: Accessibility and lighting settings are currently being worked on and periodically rolled out for all current labs and educational pages.
Announcement: Accessibility and lighting settings are currently being worked on and periodically rolled out for all current labs and educational pages.
Announcement: Accessibility and lighting settings are currently being worked on and periodically rolled out for all current labs and educational pages.
Announcement: Accessibility and lighting settings are currently being worked on and periodically rolled out for all current labs and educational pages.
Lucent Grid Security Lab

Learn Cyber­security.
Actually hands-on.

Browser-based labs, structured learning paths, and a glossary built for practitioners. No virtual machines, no lengthy setup — open a lab and start working in seconds.

Start Learning Free → Explore Red Team Labs
lucent-grid — terminal
$whoami
analyst@lucent-grid
$ls ./learning-paths/
incident-response/
digital-forensics/
penetration-testing/
threat-intelligence/
malware-analysis/
network-security/
$cat mission.txt
Structured security education,
built by practitioners.
$
9+
Learning Paths
49+
Labs Available
Free
Core Access
0
VMs Required
Hands-On Labs

Pick your side. Both matter.

Effective security practitioners understand both how attacks work and how to defend against them. Our labs are organised into two tracks — work through one, the other, or both.

🛡️ Blue Team
Incident Response & Defence

Learn to detect, investigate, and contain real-world threats. Work through SIEM analysis, digital forensics, log triage, network traffic analysis, and cloud IR scenarios across AWS and Azure environments.

IR & DFIR SIEM Threat Intel GRC Cloud Security Network Defence
20 labs · Easy → Expert Enter Blue Team →
🗡️ Red Team
Penetration Testing & Offence

Master offensive techniques from the ground up. Reconnaissance, exploitation, OSINT, web application attacks, post-exploitation, and network attack scenarios against controlled lab targets.

Pentest OSINT Web App Attacks Network Attacks Malware Analysis AppSec
29 labs · Easy → Expert Enter Red Team →
Structured Learning

Go deep on what matters to you.

Each learning path takes you from foundational concepts through to advanced practitioner-level techniques, with every topic sequenced to build on the last.

🔍
Blue Team
Incident Response & DFIR

End-to-end IR process, evidence collection, timeline reconstruction, and malware triage on live artifacts.

IRForensicsSIEM
📡
Blue Team
Threat Intelligence & SOC Ops

Structured threat intel collection, IOC analysis, MITRE ATT&CK mapping, and SOC analyst workflows.

CTIATT&CKSecOps
☁️
Blue Team
Cloud Security

AWS and Azure security fundamentals, misconfiguration detection, cloud-native IR, and IAM analysis.

AWSAzureCloud IR
🎯
Red Team
Penetration Testing

Systematic recon, scanning, exploitation, and reporting across network, web, and application targets.

ReconExploitReporting
🦠
Red Team
Malware Analysis

Static and dynamic analysis of real malware samples. Unpacking, behavioural analysis, and IOC extraction across two full volumes.

StaticDynamicReverse Eng.
🌐
Red Team
Application Security

OWASP Top 10, injection flaws, authentication bypasses, IDOR, and secure code review against real app environments.

OWASPWeb AppAppSec
Platform

How Lucent Grid works.

Everything runs in the browser. No downloads, no VMs, no environment issues — just structured content you can work through anywhere.

01
📚
Choose a Path

Pick a learning path that matches your goals — Blue Team defence or Red Team offence — and start at any difficulty level.

02
🔬
Work the Lab

Each lab is a self-contained scenario with background reading, objectives, and hands-on tasks. Everything runs in your browser.

03
📖
Build Knowledge

Use the integrated glossary of 200+ security terms to look up concepts as you go. Labs and definitions are cross-referenced.

04
📈
Track Progress

Your dashboard tracks completed labs, XP, and streaks so you can see growth over time and know exactly where to return.

Updates & Mission
What's New on Lucent Grid Updated May 2025
Path Application Security learning path added — OWASP Top 10, injection, authentication, and IDOR labs May 2026
Path Network Attacks path live — scanning, exploitation, lateral movement, and traffic analysis scenarios May 2026
New Malware Analysis Vol. 2 published — 12 chapters covering advanced static and dynamic analysis techniques May 2026
New Malware Analysis Vol. 1 launched — 15-chapter introduction to static analysis, PE structure, and behavioural analysis May 2026
Path GRC, Cloud Security, and Networking learning paths added to the Blue Team track May 2026
New Platform launched — IR, DFIR, SecOps, and Penetration Testing paths go live with 49+ labs April 2026
Who Built This

Built by a practitioner, for practitioners.

Lucent Grid was built to fill a gap: structured, accessible cybersecurity education that respects your time and assumes you want depth, not just theory. Every lab, path, and piece of content is designed with real-world applicability in mind.

The platform is built and maintained by a single security professional with an MSc in Cybersecurity and active industry certifications across offensive and defensive domains.

Credentials
MSc Cybersecurity
CompTIA SecurityX (CASP+)
CompTIA CySA+ · PenTest+ · Security+ · Network+
Linux Foundations · ITIL 4 Foundations
🔓
Unlock the Full Lab Library
One payment unlocks Hard & Expert tiers across both paths — forever. No subscription.
$19.99
One-time · Both paths · All future labs
Already paid? Log in →
Home Blue Team Labs Switch to Red Team →
Blue Team Labs
Incident response, forensics, detection, and security operations — 20 labs across four difficulty tiers
Blue Team
Cybersecurity & Incident Response

Develop the defensive skills that keep organisations secure. Triage real-world alerts, investigate incidents, and write the reports that close cases.

CompTIA Security+ CompTIA CySA+ SOC Analyst Ready
Easy⭐⭐Free
01
IR01 Phishing Triage
Analyse email headers and attachments, extract IOCs, classify the phishing attempt, write the IR report
EasyIR · Phishing
Complete
02
IR02 Malware Endpoint
Triage a malware alert — investigate process trees, network connections, and persistence mechanisms
EasyIR · Endpoint
Complete
03
IR03 Suspicious Login
Identify credential stuffing in Azure AD auth logs, check MFA status, contain the account
EasyIR · IAM
Complete
04
IR04 USB Insertion
Read Windows Event Viewer logs to identify an unauthorised USB device and DLP violations
EasyIR · DLP
Complete
05
IR05 Privilege Escalation
Hunt Event ID 4728 to identify an unauthorised Domain Admin change and recommend remediation
EasyIR · IAM
Complete
06
IR06 Brute Force SSH
Analyse Linux auth.log to identify a brute force attack, determine if login succeeded, add firewall block
EasyIR · Network
Complete
Medium⭐⭐⭐Free
07
Firewall Rule Analysis
Audit a firewall ruleset to identify overly permissive rules, rule shadowing, and missing egress controls
MediumNetwork · Defence
Complete
08
IDS IPS Triage
Prioritise a queue of Snort IDS alerts — separate true positives from noise and document your analysis
MediumSOC · Triage
Complete
09
IR07 Web Server Compromise
Correlate web server access logs and system events to identify the attack vector and scope the breach
MediumIR · Web
Complete
10
IR08 Ransomware Response
Identify patient zero, determine blast radius, and execute a ransomware recovery playbook
MediumIR · Ransomware
Complete
11
IR09 Insider Threat
Correlate UEBA alerts, access logs, and data movement to build a case around a suspected insider threat
MediumIR · Insider
Complete
12
Wireshark
Dissect a PCAP capture to identify suspicious traffic patterns, extract credentials, and pull network-based IOCs
MediumNetwork · PCAP
Complete
Hard⭐⭐⭐⭐Unlock Required
13
Memory Forensics
Hard · Forensics
Complete
14
Email Header Analysis
Hard · Phishing
Complete
15
SIEM Dashboard & Alert Correlation
Hard · SIEM
Complete
16
Log Analysis & Threat Hunting
Hard · Hunting
Complete
🔒
Hard Labs Locked
One-time payment unlocks Hard & Expert across both paths
Expert⭐⭐⭐⭐⭐Unlock Required
17
Cloud IR
Expert · Cloud
Complete
18
Network Forensics
Expert · Forensics
Complete
19
AD Defence & Detection
Expert · AD
Complete
20
Malware Triage
Expert · Malware
Complete
🔒
Expert Labs Locked
Included with the one-time unlock alongside all Hard labs
🐛  Problem with a lab? Report it here
Found a bug or broken lab? Let us know and we'll fix it.
🔓
Unlock the Full Lab Library
One payment unlocks Hard & Expert tiers across both paths — forever. No subscription.
$19.99
One-time · Both paths · All future labs
Already paid? Log in →
Home Red Team Labs Switch to Blue Team →
Red Team Labs
Penetration testing, exploitation, OSINT, and offensive security — 29 labs across four difficulty tiers
Red Team
Penetration Testing

Learn offensive security methodology from reconnaissance through exploitation and reporting. Simulated targets, real techniques, professional deliverables.

CompTIA PenTest+ OSCP Prep eJPT Aligned
Easy⭐⭐Free
01
Dir Traversal
Exploit path traversal vulnerabilities to access files outside the web root
EasyWeb
Complete
02
HTTP Pentest
Probe HTTP methods, headers, and responses to identify web server weaknesses
EasyWeb
Complete
03
Hydra
Conduct online password attacks against login services using wordlists
EasyCredentials
Complete
04
John The Ripper
Crack hashed credentials offline using wordlists and rule-based attacks
EasyCredentials
Complete
05
Netcat
Use the Swiss Army knife of networking for banner grabbing, file transfer, and shells
EasyRecon
Complete
06
Nmap Port Scanning
Enumerate open ports, detect services, and fingerprint OS versions on a simulated target
EasyRecon
Complete
07
Recon Exploit
Chain reconnaissance findings into a simulated exploitation workflow
EasyRecon
Complete
08
Telnet Sniffing
Capture and analyse unencrypted Telnet traffic to extract credentials
EasyNetwork
Complete
Medium⭐⭐⭐Free
09
Burp Suite
Intercept and manipulate HTTP requests to uncover injection points and logic flaws
MediumWeb
Complete
10
CSRF
Identify missing CSRF protections, craft a proof-of-concept, document the finding
MediumWeb · OWASP
Complete
11
Maltego OSINT
Map relationships between domains, emails, and infrastructure using OSINT graph methodology
MediumOSINT
Complete
12
Nikto
Scan a web server for known vulnerabilities, dangerous files, and outdated software
MediumWeb
Complete
13
OSINT
Enumerate a target organisation's public footprint across DNS, job postings, and cert transparency
MediumOSINT
Complete
14
Privesc Linux
Identify SUID binaries, misconfigured sudo rules, and writable cron jobs to escalate to root
MediumPrivEsc
Complete
15
SQLi
UNION-based SQL injection — enumerate tables, extract credentials, retrieve the flag
MediumWeb · OWASP
Complete
16
WiFi Cracking
Capture a WPA2 handshake and run a dictionary attack against the passphrase
MediumWireless
Complete
Hard⭐⭐⭐⭐Unlock Required
17
Active Directory Attacks
Hard · AD
Complete
18
CSRF Hard
Hard · OWASP
Complete
19
Security Misconfiguration
Hard · OWASP
Complete
20
Mimikatz & Credential Dumping
Hard · AD
Complete
21
Dir & Resource Brute Forcing
Hard · Recon
Complete
22
Hashcat GPU Cracking
Hard · Cracking
Complete
23
John the Ripper — Advanced
Hard · Cracking
Complete
24
Metasploit Framework
Hard · Exploitation
Complete
25
OSINT & SE Threat Assessment
Hard · OSINT
Complete
26
SQL Injection — Hard
Hard · Web
Complete
🔒
Hard Labs Locked
One-time payment unlocks Hard & Expert across both paths
Expert⭐⭐⭐⭐⭐Unlock Required
27
Meterpreter
Expert · Exploitation
Complete
28
Pentest Report Writing & Vuln Chaining
Expert · Reporting
Complete
29
OSINT & Social Engineering
Expert · OSINT
Complete
🔒
Expert Labs Locked
Included with the one-time unlock alongside all Hard labs
🐛  Problem with a lab? Report it here
Found a bug or broken lab? Let us know and we'll fix it.
Learning Paths
Curated career tracks — guided labs, theory, and a badge on completion
🔵
Blue Team Analyst Active
Full blue team curriculum — IR01 through forensics and threat hunting
58%
14 / 24 labs
🔵
SOC Analyst Level 1
Alerting, triage, and IR fundamentals · 12 labs
✓ Complete
🔴
Junior Penetration Tester
Recon through post-exploitation · 18 labs
Not started
🟣
Threat Intelligence Analyst
TTPs, ATT&CK, hunting, and reporting · 16 labs
Not started
🟠
Cloud Security Engineer New
AWS/Azure security and cloud IR · 14 labs
Not started
Malware Analyst
Static, dynamic, and memory forensics · 14 labs
Not started
Community
Discuss labs, share writeups, and connect with other learners
💬
Discord
Real-time help, study groups, announcements
📝
Writeups
Submit and read community lab writeups
🏆
Leaderboard
Top earners this month
Q&A Forum
Ask questions, get answers by topic
Recent Discussions
How do I identify DNS tunnelling in the Wireshark lab?
14 replies
Weekly Challenge hint thread — PCAP forensics May 2026
31 replies
Writeup: IR08 Ransomware — how I found patient zero
8 replies
What certs pair well with the Blue Team Analyst path?
22 replies
?
Stats
Labs Completed
Challenges Done
Paths Completed
Total XP Earned
Daily Streak
Day Streak 🔥
M
T
W
T
F
S
S
Recently Completed
Loading...
Recommended Next
Where You Left Off — Learning
Loading…
Completed Learning Material
Loading…
Active Path
Blue Team Analyst
— of 13 complete
IR01 Phishing Triage
IR02 Malware Endpoint
SIEM Correlation
Network Forensics
IR07 Web Server
Memory Forensics
Threat Hunting
Badges
🩸
First Blood
🛡️
Blue Warden
🔥
On Fire
📊
SOC-1
👁️
No Hints
👻
Ghost
4 earned · 2 locked
Malware Analysis
📘
Volume 1
Foundations & Behavioural
Triage · Static & dynamic analysis · Memory forensics · YARA · Detection engineering
📗
Volume 2
Reverse Engineering
Assembly · Ghidra · Unpacking · Anti-analysis · Rootkits · C2 protocol RE