trinetra.
concept tutorials
learn mode · before you spawn the lab

Every lab starts with a concept.

Animated 5-beat tutorials in the sizzle-reel visual language — 10 hands-on labs plus 6 Model reels on machine learning and prompt engineering. Pick a discipline, watch the system flow, then press Spawn lab when you're ready to break it for real.

16
modules
10labs
+ 6 model reels
6
disciplines
Beg→ adv
difficulty arc
tracks Code Info Recon Defend Web ARYA Model difficulty easy · med · hard
01
Code · Beginnereasy

Linux Terminal Basics

Hunt for a hidden flag using ls, find, grep, and cat in a minimal Ubuntu shell.

100 XP~20 min
02
Info · Beginnereasy

Networking & Packet Analysis

Inspect a captured pcap to identify the attacker's IP and the port used for a reverse shell.

200 XP~30 min
03
Recon · Beginnereasy

DNS TXT Chain Reconnaissance

Follow a base64-encoded TXT-record chain across an internal zone to recover the flag.

150 XP~20 min
04
Defend · Beginnereasy

Classic SQL Injection: Login Bypass

Bypass authentication on a naive PHP/SQLite form via tautology-based SQL injection.

200 XP~25 min
05
Web · Intermediatemedium

Stored XSS Cookie Theft

Exploit a stored XSS bug to steal the admin session cookie — the cookie value is the flag.

250 XP~45 min
06
Defend · Beginnereasy

Password Cracking Fundamentals

Identify and crack three password hashes (MD5, SHA-1, bcrypt) using john and hashcat.

200 XP~60 min
07
Code · Intermediatemedium

Burp Suite Cookie Tampering

Use Burp's intercepting proxy in a noVNC desktop to tamper a base64 role cookie.

350 XP~60 min
08
Recon · Intermediatemedium

Web Recon: Hidden Assets

Enumerate a misconfigured web server: backups, leaked config, and a dev vhost ending in dotenv disclosure.

300 XP~45 min
09
Info · Intermediatemedium

SOC Log Triage & Intrusion Timeline

Pivot across four log sources to reconstruct an end-to-end intrusion: brute force, login, data read, exfil.

275 XP~45 min
10
ARYA · Advancedhard

AI Prompt Injection

Attack a FastAPI chatbot told never to reveal a secret. Probe for OWASP LLM01 vulnerabilities.

400 XP~60 min
M1
Model · Beginnereasy

ML 101 · Train Your First Classifier

Watch a no-code trainer turn labelled rows into a model, then grade it server-side against held-out answers it never sees.

Model reel5 beats
M2
Model · Beginnereasy

Classify the Malicious Sessions

Binary classification on network sessions: four features per row — pkt_rate, bytes, failed logins, entropy — to flag benign vs. malicious.

Model reel5 beats
M3
Model · Intermediatemedium

Triage Vulnerabilities by Severity

Step up from binary to multiclass: low / medium / high. See why one global accuracy can hide the class your model keeps missing.

Model reel5 beats
M4
Model · Intermediatemedium

Forecast Resolution Time

Swap classification for regression: predict the hours to clear a support backlog on a continuous scale, graded by RMSE.

Model reel5 beats
M5
Model · Beginnereasy

Prompt Engineering Foundations

Turn a fuzzy language model into a reliable component. Write a prompt, then watch an LLM judge grade it against a hidden rubric.

Model reel5 beats
M6
Model · Intermediatemedium

Prompt Engineering · Reliable JSON

Pull a name and email out of free text and return strict JSON. The reliability lives in the constraints — make every one explicit.

Model reel5 beats