Defensive-Security Store/PurpleLabs VPN Access - 90 days
Buy now

  • €349

PurpleLabs VPN Access - 90 days

This 90-day PurpleLabs VPN access package is dedicated to hands-on exercises with the Linux Attack, Detection, and Live Forensics course and EDRmetry Matrix. After the purchase, you can start your VPN access at a convenient time.

PurpleLABS is a dedicated Cyber Range infrastructure for running detection and analysis of attackers' behaviors in terms of used techniques, tactics, procedures, and offensive tools. The environment has been created to constantly improve competencies in the field of Linux/Network threat hunting and learning about current trends of offensive actions vs direct detection and live forensics.

Buy 90 Days of PurpleLabs VPN Access

30% OFF DISCOUNT OCTOBER 2025

Use the promo code ID822Q4-PROMO30 to get 30% OFF. The coupon is valid until 2nd November 2025.

Cyber Range Playground with Hands-On Labs

Use PurpleLABS as a Cyber Range advanced R&D environment for your own red/blue security research needs or as a part of a training course, where you will study hands-on labs that we have carefully prepared. You have access to a set of private VMS:

  • TARGET_X (Alma Linux 9)

  • DEVEL_X (Alma Linux 9

  • PRD_X (CentOS 7)

  • DEV_X (CentOS 8)

  • FUBU_X (Ubuntu 21.04)

  • KALI_X (Kali Linux)

  • C2_X (Kali Linux with Public IP)

Learn more about PurpleLabs

EDRmetry Playbook included

The EDRmetry Playbook is your greatest, central knowledge base about the offensive Linux threat ecosystem. We decided to include it within 90 days of PurpleLabs VPN Access, allowing for wider adoption and gaining valuable hands-on experiences. Execute single attack techniques or create your own attack paths.

PurpleLabs Cyber Range Key Values

By providing high-quality Cyber Range environment we want to enable businesses to improve the detection capacity of their SOC teams and achieve better visibility and resistance to attacks.

Full Host/Network Visibility

Deep network and host visibility in hunting friendly environment allows you to easily get on the right track to find even the most sophisticated symptoms of chained tactics, techniques, and procedures of modern attackers.

Real Security Events

Generate real symptoms of different attack phases including C2 channels, persistence, defense evasion, data exfiltration, tunneling, and pivoting between critical network segments and run host/network detections.

Dedicated Installations

Cost-effective virtual infrastructure hosted on the pre-configured dedicated servers eliminates the need to deploy and maintain Cyber Range internal components.

Continouos Knowledge Transfer

Deliver a periodic knowledge transfer and systematic expansion of team competencies in the field of Red + Blue = Purple teaming

Hunting Dashboard

KEY VALUES

  • Execute in the lab the newest Linux attack paths and hiding techniques vs proactive detection

  • Learn current trends, techniques, and offensive tools for Discovery, C2, Lateral Movement, Persistence, Evasion, Exfiltration, Execution, and Credential Access against Linux machines ← Matrix ATT&Ck Framework

  • Learn ways to improve detection and sharpen your event correlation skills across many different Linux/network data sources

  • Get to know visibility/detection methods and capabilities of well-recognized Hunting and Detection tools, including Elastic Security, Velociraptor, Splunk, Sysmon, Falco, Tracee, Kunai, Tetragon, Moloch/Arkime, OSquery, Wazuh, and Sandfly Security

  • Generate & find the corresponding malicious Linux activities and identify threat details on the network

  • Prepare your SOC team for fast filtering out Linux network noise that allows for better incident response handling

  • Find out how Detection / DFIR Open Source Software can support your SOC infrastructure

  • Understand the values of proactive Linux forensics scans vs manual and automated approaches to simulate attackers and generate anomalies

  • Identify Linux configuration blind spots in your network security posture

  • Understand the value of the purple teaming approach, where you hands-on hunt for yourself and your teammates

Benefits

SOC/CSIRT Skills Development

Develop the team's analytical skills required to work in the Security Operation Center environment. 

Attack Paths

Learn how to create attack paths and generate chains of security events by combining attackers’ techniques, tactics, and procedures (Chain Attack Scenarios). 

Assume Breach

Understand the value of the Assume Breach approach and simulation of threats after early access (C2, post-exploitation, Lateral Movement, Persistence, Evasion).

Threat Hunting

Understand what threat hunting is and why it is important. Feel the power of data sources you have and learn how to distinguish between normal vs malicious behaviors. 

Detection As Code

Understand the power of Sigma rules/Protections Artifacts and their values ​​for SIEM solutions and DFIR needs.

Security Validation

Run a validation of the current security status of the organization's network and the understand risks.

Open Source SOC

Obtain knowledge on creating a complete SOC environment using Open Source software components.

Live Forensics

Learn how to run live forensics inspections at scale for Windows and Linux including Velociraptor, Volatility Framework, and more.

Incident Response

Create and understand incident response playbooks, quarantine default actions and more

Target Audience

  • CSIRT / Incident Response Specialists
  • Red and Blue team members
  • Penetration testers
  • Threat Hunters
  • Security / Data Analytics
  • IT Security Professionals, Experts & Consultants
  • SOC Analysts and SIEM Engineers
  • AI / Machine Learning Developers
  • Open Source Security Enthusiasts

Prerequisite Knowledge

  • The general initial skill level needed for a lab is intermediate - challenge yourself and grab a hands-on Attack/Detection experience!
  • An intermediate level of command-line syntax experience using Linux.
  • Fundament knowledge of TCP/IP network protocols.
  • Penetration testing experience performing enumeration, exploiting, and lateral movement is beneficial, but not required.
  • Having basic programming skills is a plus, but not essential.
  • Recommended reading material:
    • Adversarial Tradecraft in Cybersecurity
    • Privilege Escalation Techniques
    • Linux System Programming
    • Practical Threat Intelligence and Data-Driven Threat Hunting
    • Transmetropolitan ;-)

  • €399

Linux Attack, Detection and Live Forensics v1.0 - MATERIALS ONLY - Lifetime Access

  • Course
  • 263 Lessons

Dedicated, step-by-step hands-on material including rootkits, process injection types, C2 Frameworks, and more. Don't mind asking for a discount!

Buy nowLearn more

Frequently Asked Questions

Just a bunch of questions and answers. Hope you will find them helpful. If not, send me a DM.

HOW IS ACCESS TO PURPLELABS PROVIDED?

  • We are using the simplest solution based on Wireguard VPN. All you have to do is install the VPN client and import one configuration file.

WHEN WILL I GET ACCESS TO PURPLELABS?

  • You will get PurpleLabs VPN access credentials within 2-4 days after you make a payment via email.

WHAT DOES THE ACCESS INCLUDING?

  • Within 2-4 days after your payment, you will get a dedicated set of VPN credentials to PurpleLabs Cyber Range for 90 days.

  • For every student, we deliver a set of seven exclusive Linux machines (TARGET_X, DEVEL_X, PRD_X, KALI_X, DEV_X, FUBU_X, and C2_X) that, at the same time, are a part of the shared detection/hunting playground.

CAN I GET AN INVOICE?

Of course.

WHAT LANGUAGE ARE THE MATERIALS IN?

All materials and lab instructions are in English. For live/online sessions you can choose between Polish and English.

IS VIDEO CONTENT INCLUDED IN THE COURSE?

  • No, and it has never been a priority.
  • Hands-on lab instructions and the Cyber Range environment have been built in such a way that you can easily repeat the steps in the step by step style.