CSRF — Missing Token on Money Transfer
AcmeBank's money-transfer form has no CSRF token. Pretend to be the attacker — submit a forged request and grab the flag.
Easy Broken Access Control OWASP 20 min
v1.0 · 20 labs live
The cybersecurity training platform that actually runs in your browser.
Hands-on labs for OWASP Top 10, network security, SOC analysis and cert prep — plus instructor-led real-vendor environments by the slot. No Burp Suite. No Kali install. No AttackBox queue.
20Labs ready
5Cert tracks
7Vendors
₹0To start
trusted vendor platforms we cover
// How it works
Three steps from idle browser tab to 20/20 certified.
1
Pick a lab
Filter by track — CCNA, VAPT, SOC, PCNSE, OWASP — and difficulty. Each lab maps to a real cert objective.
2
Solve in the browser
Sandboxed iframe, hex dumps, real vendor scenarios. Three progressive hints if stuck — each one costs you 10 points.
3
Submit your flag
Server-side hash verify. Cross-linked to exam.techclick.in for the matching cert paper. Cert auto-issues at 10/10.
// Why Techclick
Built by someone who runs batches every week — not someone selling a SaaS.
Browser-only
No VM downloads. No AttackBox queues. Open a tab, solve a lab. Works on 3G.
Cert-mapped
Every lab tagged to PCNSA, PCNSE, CCNA 200-301, SC-200, NSE 4-7, CCSA objectives.
Hindi-friendly UX
Founder voice. Clear instructions. WhatsApp on +91 92772 29456 when you're stuck.
Real certificate
Complete the pack and the cert auto-issues via Brevo — referenceable on LinkedIn.
// Featured this week
Start with one of these.
EasyVAPT
CVSS v3.1 — Score a Real CVE
Read a CVE description. Build the CVSS v3.1 vector and submit the resulting Base Score.
Vulnerability Management15 min
MediumSOC
Email Header Forensics — Catch the Spoof
A raw email header from a 'CEO wire-transfer' message. Find the SPF result that proves it's spoofed.
Phishing25 min
EasyCCNA
Routing Table — Pick the Next-Hop
Given a routing table and a destination IP, pick the next-hop that the router would choose under longest-prefix match.
Networking15 min
20+
Hands-on labs
7
Vendor platforms
37+
Cert exam papers
100%
Browser-based
// From the batch
What students are saying.
"
The only place I could practice SQLi without setting up Kali. The flag verify is satisfying — feels like a real CTF, not just a quiz.
"
The PCNSE topology lab let me run scenarios I'd have paid $50/day for on a public cloud. ₹20K for 8 hours with instructor on WhatsApp is a steal.
"
Network labs in Hindi-friendly English. The Snort rule writing one is mapped exactly to what NSE 5 asks. Cleared NSE 5 in two months.
// Full catalog
20 of 20 labs · filter to find yours.
track
category
difficulty
CVSS v3.1 — Score a Real CVE
Read a CVE description. Build the CVSS v3.1 vector and submit the resulting Base Score.
Easy Vulnerability Management VAPT 15 min
DNS Reconnaissance — Find the Leaked Internal Endpoint
You're enumerating DNS for an external pentest. One record accidentally exposes the customer's internal mail server hostname. Find it.
Easy Reconnaissance VAPT 20 min
IDOR — Predictable Resource ID
Read another user's invoice by changing a number in the URL — the textbook IDOR.
Easy Broken Access Control 20 min
Nmap Output Interpretation — OS + Vuln Services
Read an Nmap -A -sV scan output. Identify the OS family and the three services with known CVEs.
Easy Reconnaissance VAPT 20 min
Reflected XSS — URL Parameter Echo
A search page that echoes your query without escaping. Pop an alert and steal the flag the page is hiding from you.
Easy Injection 15 min
Routing Table — Pick the Next-Hop
Given a routing table and a destination IP, pick the next-hop that the router would choose under longest-prefix match.
Easy Networking CCNA 15 min
SQL Injection — Login Bypass
Bypass a login form by injecting SQL into the password field — no Burp Suite needed, just the browser.
Easy Injection 20 min
VLSM Subnetting — Variable-Length Subnet Mask
Carve a /24 into 4 VLSM subnets sized for different host counts. The textbook CCNA exam question.
Easy Networking CCNA 15 min
Broken Authentication — Predictable Session Token
AcmePortal stores session tokens as base64(username:timestamp). Log in as a regular user, then forge the admin's session.
Medium Identification and Authentication Failures OWASP 25 min
Email Header Forensics — Catch the Spoof
A raw email header from a 'CEO wire-transfer' message. Find the SPF result that proves it's spoofed.
Medium Phishing SOC 25 min
Firewall ACL — Will the Packet Pass?
Read an ACL ruleset top-down. For 4 incoming packets, decide which the firewall PERMITS vs DROPS.
Medium Firewall PCNSE 25 min
HTTP Response Headers — Find What's Missing
Given a real HTTP response header dump, identify all 5 missing security headers. Match the OWASP ASVS 14 baseline.
Medium Web Defense SOC 25 min
MITRE ATT&CK — Map the Attack Chain
Read an incident timeline. Map each of the 5 attacker actions to the correct MITRE ATT&CK technique ID.
Medium Threat Intel SOC 30 min
Packet Capture — Identify the Protocol
One packet, in hex. Identify the application protocol and the source + destination port. Wireshark not allowed.
Medium Network Forensics SOC 30 min
Stored XSS — Comment Board
A comment board persists comments to localStorage and renders them with innerHTML. Plant a payload that pops the flag.
Medium Injection OWASP 25 min
TLS Cipher Audit — Find the Weak Suite
openssl s_client output for a target server. Identify the one weak/insecure cipher suite that fails PCI-DSS v4.0.
Medium TLS SOC 30 min
Wireshark Display Filter — Find the SQLi Attempts
Write the exact Wireshark display filter that isolates HTTP requests containing SQL-injection payloads in their URI.
Medium Network Forensics SOC 25 min
DNS Tunneling — Spot the C2 Channel
Pi-hole query log from one workstation. One of these domains is a DNS-tunneling C2 channel — which one?
Hard Network Forensics SOC 40 min
Snort Rule — Detect the SQLi Pattern
Write a Snort 3 rule that matches HTTP GET requests with a classic SQLi payload in the URI. Strict format required.
Hard IDS SOC 40 min