Purple Hackademy


CTF Career Path

CTF - Capture the Flag

Capture the Flag, is an exercise in which a team of programmers attempt to find and steal a flag from another team of programmers (or the organizers). It can be played competitively or for educational purposes. Competitors steal flags either from other competitors (attack or defence-style CTFs) or from the organizers (jeopardy-style challenges). Various variations exist, including hiding flags on hardware devices, online or in-person competitions, and entry-level or advanced levels.

Our CTFs are gamified competitive cybersecurity events that are based on different challenges or aspects of information security. They are excellent for both beginners and experienced hackers looking to develop, test, and prove their skills because they gamify hacking concepts. We’re big believers in the power of gamification here at Purple Hackademy.


This course is designed to help the participants learn more about Web Security, providing them with the needed knowledge and background that enables them to get started in this field. Through this training attendees will learn about what Web Security is, why it’s important and critical to the world today and how it can be used for malicious purposes. The topics covered include different aspects of Web Security including web application attacks, malware and phishing attacks as well as securing your Android device. There will be practical live examples on how to solve some issues in a real attack scenario in this category. The training will include theory and practical hands-on experience in our lab setup.

What you will learning in this Career Path?

Introduction to Penetration Testing

  • Lap Setup
  • Penetration Testing Methodology
  • Kali Basics

Information Gathering

  • Active Information Gathering
  • Passive Information Gathering
  • OSINT framework

Network Forensics

  • Network Fundamentals
  • Network Tools
  • Network Forensics

Web Security

  • Intro to Web Security
  • Confidentiality and integrity
  • Directory brute-force
  • OWASP TOP 10
  • XSS
  • Directory Traversal
  • Sensitive data exposure
  • Burp Suite
  • Injection

Server-Side Attacks

  • SSRF
  • RCE
  • XXE
  • File Inclusion
  • Sql Injection
  • Insecure Deserialization
  • IDOR

Digital Forensics

  • Intro to Digital Forensics
  • Analysis Tools
  • Steganography
  • Network Tools
  • Memory Forensics

Python for Pentester

  • Basic Core Python
  • Python Advanced
  • Python in Cryptography
  • Python for Network Packet

Client-Side Attacks

  • Cross-Site Scripting
  • CSRF
  • Exploitation Tools
  • Exploitation Database


  • Intro to Cryptography
  • Classic Cryptography
  • Modern Cryptography

Digital Forensics Intro

  • Introduction to Digital Forensics
  • Steganography
  • Virtual Machines

Vulnerability Assessment

  • VAPT
  • Nessus
  • Reporting

Post Exploitation

  • Cracking
  • File Transfer
  • Privilege Escalation
  • Wifi Cracking

What Required to start your Learning?

  • Security is one of the most important requirements for businesses, if your website is not secure, not only will your company be a target but your customers could become victims as well.
  • Invest in a proven solution, with the assurance of on-going support to keep your organization protected.
  • Penetration testing is used to determine whether a company’s security practices are truly effective. They act as a kind of fire drill for businesses.
  • Basic overview needed in Computer Network, Linux and Website testing. And ready to learn new things