Internet security,
taught the way it should be.
A practical curriculum. Nine sequential tracks — networking fundamentals through anonymity engineering and into operational deployment. Built from real engagements, taught in plain English by working engineers.
Already past basics? Schedule a network review →
IPv4 addressing and subnetting deep dive
IPv4 from first principles: CIDR, prefix math, route aggregation, RFC 1918, VLSM, and the subnetting mistakes operators keep repeating.
Read the lesson22 min read · TRANSCRIPT INCLUDEDNine tracks. One coherent picture.
Each track is sequenced. Tracks 1–6 are the theory curriculum; tracks 7–9 are practical playbooks. Free to read end-to-end — create an account if you want progress tracking.
Networking Fundamentals
From bits and signals to TCP, DNS, TLS 1.3, QUIC, and NAT — read packet captures, debug routing, write transports from scratch.
Cryptography Foundations
AES, ChaCha20, AEAD, Curve25519, Ed25519, Noise, HKDF, post-quantum hybrid — the math you need to read RFC 8446 without flinching.
Encrypted Transport
IPsec, OpenVPN, WireGuard, Tor, sing-box / Xray, Tailscale mesh, mTLS / zero-trust — protocol designer's view, not user's.
Anonymity Engineering
Threat models, traffic analysis, padding, mix networks, browser fingerprinting, OS / TCP fingerprints, steganographic channels.
Detection
How adversaries actually classify traffic — DPI, active probing, TLS fingerprinting, ML classification, side channels, BGP-level analysis.
Evasion
The countermeasure side. obfs lineage, domain fronting, Reality / Hysteria, decoy routing, traffic shaping for camouflage. Cat and mouse.
Self-Host Build Path
End-to-end build playbook for your own privacy infrastructure. Endpoint hardening, firewalls, leak prevention, OPSEC sign-off — every step after the VPS is provisioned.
Multi-Node & Team Privacy
Mesh networks, identity-aware access, and self-hosted control planes for distributed teams. The architecture once your privacy stack outgrows one endpoint.
Field Tactics & Buying Guides
Tactical field guides and head-to-head buying decisions. VPS routing, protocol selection, browser hardening, residential egress, and the trade-offs behind each.
Try the posture model on your own network.
An 8-control walkthrough lifted from the curriculum. Educational only — your network isn't being scanned. A real assessment requires credentialed access.
Baseline controls
Written by engineers who still do the work.
We're a small consulting firm first, a publisher second. Every lesson is drawn from a real engagement, anonymized, and reviewed by the engineer who solved it.
From real engagements
Every example is a redacted version of something we found in the field. No invented threat models, no marketing fiction.
Six minutes, on average
Long enough to teach one idea well. Short enough that your team will actually finish the track instead of bookmarking it.
No fearmongering
We won't tell you the sky is falling to sell a course. The risks are real enough; the goal is competence, not anxiety.
When you need engineers, not lessons.
If you'd rather have us do the hardening with your IT lead, we run four-week engagements alongside the curriculum — same methodology, applied to your network.